Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Makrovirus "Berger Antriebstechnik"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.01.2016, 16:59   #1
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Hallo Helfer,

am 19.12.15 habe ich eine mail mit dem Betreff "Bestellung" von der Firma Berges Antriebstechnik erhalten. Im Anhang befand sich ein word-Dokument, welches ich dummerweise geöffnet habe (ohne Textinhalt).Im Anschluß email gelöscht und Rechner Neustart.
Habe dann erst zwei tage später erfahren dass ev. ein Makrovirus im Anhang beigefügt war.
Habe in dieser Zeit öfters mal mit Word gearbeitet und einmal auch onlinebanking getätigt.
einziges problem Adobe Reader hat nicht mehr funktioniert.
ev wegen update da es nach Neustart wieder gut war
weitere Probleme sind keine aufgetaucht
bin dann nach langer suche ohne brauchbare Ergebnisse glücklicher weise auf euer Board gestoße.

Jürgen , deeprybka

hatte am 23.12.2015 die gleiche Anfrage und da sie auch für mich als Laie gut beschrieben waren bin ich den Anweisungen von ihm gefolgt.

meinen Virenscanner (Avira free antivirus Produktversion 15.0.15.129 03.12.2015)
Spybot zusätzlich überprüft.
FRST 64bit erzeugt
Adw Cleaner Protokoll
Adw Cleaner ausgeführt
TDSSKiller + Protokoll
Anti-Malware
ESTE Onlinescanner

Problem: Wie kann ich sicher sein, dass ich mir keine Schadsoftware eingefangen habe?
Welchen Schaden kann ein möglicher Trojaner anrichten?
Könnte es beim Online-banking gefährlich werden?habe es ja benutzt (1-2 Tage danach)
Sollte ich den Zugang von meiner Bank sperren lassen.

Wäre über eine helfende Hand dankbar
Mit freundlichen Grüßen
Andreas

Im Absatz
FRST (die Erste)
Addition ( die Erste)


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
durchgeführt von Andreas (Administrator) auf OLIVER (04-01-2016 17:12:16)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================


(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
() C:\Program Files (x86)\Weka\WEKA Launcher\launcherservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] ()
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe [960688 2015-02-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: [] 
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {B42DCA7D-7E55-4A79-85A0-AF94DD339325} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^U3&apn_dtid=^OSJ000^YY^DE&apn_uid=BE0EFC29-92E5-4442-96C9-0FD1F9FC59C0&apn_sauid=5E7F585B-735A-4CF9-A53E-9AC092CDBF73
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default
FF NewTab: hxxps://www.google.de/
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( )
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\askcom.xml [2013-02-08]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22]
FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17]
FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31]
FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-01] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 launcherservice; C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe [140288 2010-03-03] () [Datei ist nicht signiert]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 17:12 - 2016-01-04 17:12 - 00028010 _____ C:\Users\Andreas\Downloads\FRST.txt
2016-01-04 17:11 - 2016-01-04 17:12 - 00000000 ____D C:\FRST
2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2016-01-04 17:04 - 2016-01-04 17:04 - 00000000 ____D C:\AdwCleaner
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2016-01-04 16:39 - 2016-01-04 16:45 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien
2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf
2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf
2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf
2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf
2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf
2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf
2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf
2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf
2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe
2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft
2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe
2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java
2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt
2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game
2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime
2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf
2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf
2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf
2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile
2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf
2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf
2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf
2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf
2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf
2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf
2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf
2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf
2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf
2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf
2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf
2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf
2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf
2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf
2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf
2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf
2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf
2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf
2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf
2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf
2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf
2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf
2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf
2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf
2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf
2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf
2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf
2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf
2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf
2015-12-09 11:54 - 2015-12-09 11:54 - 00224529 _____ C:\Users\Andreas\Downloads\illbruck_de-de-tp652-.ab.01.10.15-web(1).pdf
2015-12-09 09:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 09:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 09:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 09:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 09:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 09:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 09:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 09:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 09:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 09:08 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 09:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 09:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 09:08 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 09:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 09:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 09:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 09:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 09:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 09:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 09:08 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 09:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 09:08 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 09:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 09:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 09:08 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 09:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 09:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 09:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 09:08 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 09:07 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 09:07 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 09:07 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 09:07 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 09:07 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 09:07 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 09:07 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 09:07 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 09:07 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 09:07 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 09:07 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 09:07 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 09:07 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 09:07 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 09:07 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 09:07 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 09:07 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 09:07 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 09:07 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 09:07 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 09:07 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 09:07 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 09:07 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 09:07 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-09 09:07 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 09:07 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 09:07 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 09:07 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 09:07 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-09 09:07 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 09:07 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-08 13:29 - 2015-12-08 13:29 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile.pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 02303160 _____ C:\Users\Andreas\Downloads\akf_724_s_13-08-2015(3).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 01215831 _____ C:\Users\Andreas\Downloads\7._akf_kopplungen_03-08-2015(2).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00891194 _____ C:\Users\Andreas\Downloads\8._akf_verbreiterungen_03-08-2015(1).pdf
2015-12-08 11:57 - 2015-12-08 11:57 - 00882530 _____ C:\Users\Andreas\Downloads\6._akf_anschluesse_03-08-2015(2).pdf
2015-12-08 10:54 - 2015-12-08 10:54 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015(1).pdf
2015-12-08 10:27 - 2015-12-08 10:27 - 05234506 _____ C:\Users\Andreas\Downloads\ggt-preisliste-web(1).pdf
2015-12-08 10:04 - 2015-12-08 10:04 - 00948210 _____ C:\Users\Andreas\Downloads\PREISLISTE 2015(1).pdf
2015-12-08 10:01 - 2015-12-08 10:01 - 00799222 _____ C:\Users\Andreas\Downloads\produktbersicht 2014.pdf
2015-12-08 09:58 - 2015-12-08 09:58 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(2).pdf
2015-12-08 08:52 - 2015-12-08 08:52 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-07 12:06 - 2015-12-07 12:06 - 00599138 _____ C:\Users\Andreas\Downloads\op2015(1).pdf
2015-12-07 12:04 - 2015-12-07 12:04 - 00659654 _____ C:\Users\Andreas\Downloads\Frühlingspost 2015.pdf
2015-12-07 12:03 - 2015-12-07 12:03 - 00806638 _____ C:\Users\Andreas\Downloads\Newsletter Oktober 2015(1).pdf
2015-12-07 12:02 - 2015-12-07 12:02 - 00599138 _____ C:\Users\Andreas\Downloads\op2015.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 01553776 _____ C:\Users\Andreas\Downloads\Matrix_Essstörungen1.pdf
2015-12-07 11:27 - 2015-12-07 11:27 - 00028416 _____ C:\Users\Andreas\Downloads\Leitfaden HA.pdf
2015-12-07 11:08 - 2015-12-07 11:08 - 00304596 _____ C:\Users\Andreas\Downloads\Hausarbeit FERTIG.pdf
2015-12-07 11:00 - 2015-12-07 11:00 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010(1).pdf
2015-12-07 10:59 - 2015-12-07 10:59 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012(1).pdf
2015-12-07 10:57 - 2015-12-07 10:57 - 02629019 _____ C:\Users\Andreas\Downloads\Wißmann2010.pdf
2015-12-07 10:54 - 2015-12-07 10:55 - 06132873 _____ C:\Users\Andreas\Downloads\Michell-Auli2011.pdf
2015-12-07 10:50 - 2015-12-07 10:50 - 00490323 _____ C:\Users\Andreas\Downloads\demenz_bausteine_14-2012.pdf
2015-12-07 10:46 - 2015-12-07 10:46 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-04 17:11 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-04 16:11 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-04 16:11 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-04 15:59 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-04 11:16 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-01 13:14 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-01 13:14 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-01 13:14 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-31 11:05 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db
2015-12-28 10:36 - 2012-11-29 12:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003
2015-12-28 10:12 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon
2015-12-28 10:09 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-28 10:09 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2015-12-28 10:08 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas
2015-12-26 15:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-25 10:40 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS
2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT
2015-12-11 11:05 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db
2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-11 09:49 - 2013-08-22 15:44 - 05429400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 09:35 - 2014-08-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 09:35 - 2013-01-01 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 09:32 - 2013-09-16 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 09:26 - 2012-12-17 19:31 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-07 09:29 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip
2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml
2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt
2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg
2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-28 10:36

==================== Ende von FRST.txt ============================
         


Addition




Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-12-2015
durchgeführt von Andreas (2016-01-04 17:13:04)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.3 (x86 de)) (Version: 43.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.3.5835 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MyFreeCodec (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MyFreeCodec) (Version:  - )
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version:  - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version:  - Nordic Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version:  - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version:  - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version:  - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports  (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {4BBDF6D8-ED26-4E8F-B6A1-99762E238F32} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {5384A262-92B6-48EC-AF30-C5A370864CE8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {8C6FBA75-C331-4694-B87A-BC734E21936F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreas-woelfle@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {EFA6F466-F044-40BE-BBD3-A23D567E8AE7} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-01-15 16:47 - 2010-03-03 15:03 - 00140288 _____ () C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Tools\Media\Notepad++\NppShell_05.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2016-01-04 17:01 - 2016-01-04 17:01 - 01745920 _____ () C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
2015-01-15 16:47 - 2015-01-15 16:47 - 00109056 _____ () C:\Program Files (x86)\Weka\WEKA Launcher\.install4j\i4jinst.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

31-12-2015 11:16:39 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/31/2015 12:34:44 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (12/31/2015 12:29:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x7e8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5

Error: (12/31/2015 11:22:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (12/28/2015 11:42:49 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (12/28/2015 10:37:28 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (12/28/2015 10:12:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5

Error: (12/28/2015 10:08:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.1.0.0, Zeitstempel: 0x521e80f5
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.1.0.0, Zeitstempel: 0x521e7ff7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026570
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (12/28/2015 10:07:52 AM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (12/25/2015 02:05:35 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (01/01/2016 01:12:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (01/01/2016 01:11:44 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (01/01/2016 01:11:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (12/28/2015 10:12:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/26/2015 03:31:05 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (12/26/2015 03:31:27 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎26.‎12.‎2015 um 00:10:29 unerwartet heruntergefahren.

Error: (12/25/2015 10:40:31 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (12/23/2015 03:06:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.

Error: (12/23/2015 09:37:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/23/2015 09:35:46 AM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 4048.39 MB
Summe virtueller Speicher: 10383.39 MB
Verfügbarer virtueller Speicher: 5523.41 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:378.94 GB) (Free:147.67 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 08.01.2016, 10:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Die aktuellen Schädlinge in Word-Dateien sind Erpresser (ransoms) die deine Daten verschlüsseln siehe Gefährliches Duo: Erpressungstrojaner kommt mit Word-Datei | heise Security

Sind deine Daten zerstört/verschlüsselt?
__________________

__________________

Alt 08.01.2016, 14:51   #3
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Hallo,
Habe mir gerade den link angeschaut und das viedeo dazu
das ganze macht mir nun doch große Sorgen und Angst

habe einige verschiedene Dateien angeschaut
weder zerstört noch verschlüssel

wie schon erwähnt war nur im ersten moment der Adobe Reader der nicht funktioniert hat
Tags darauf nach neustart war er wieder ok
Sollte ich möglichst bald einen Backab auf eine externe Festplatte machen oder besteht die gefahr das schadhafte Dateien die festplatt befallen?
Kann man davon ausgehen daß ich mir mit dem öffnen dieser dok datei (geöffnet und nach ca 3-4 sekunden wieder geschlossen) automatisch ein Makrovirus geholt habe?

Kann ein Helfer aus den verschiedenen Protokollen die ich aus den folgenden Scannern habe herausfinden ob da überhaupt was auf dem Rechner ist
FRST 64bit erzeugt
Adw Cleaner Protokoll
Adw Cleaner ausgeführt
TDSSKiller + Protokoll
Anti-Malware
ESTE Onlinescanner

Protokolle würde ich reinstellen wenn sich einer meldet

mit freundlichen Grüßen
Andreas
__________________

Alt 08.01.2016, 15:08   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Ja, poste bitte alle Logs

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.01.2016, 19:20   #5
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Hallo,
erst mal ein Dankeschön das hier einer ist der mir weiterhelfen kann
Habe mir eben noch eine Backup-Platte besorgt
So ich habe jetzt alle Protokolle zusammen und werde sie nacheinander posten
Es kann recht viel werden da ich manche scanns habe 2x laufen lassen
Ich hoffe ihr habt da den Durchblick da ich mit den Produkollen rein garnichts anfangen kann
Ich nehme auch an daß da hir und da noch rest Mülldateien vorhanden sind
Aber bei email anhängen habe ich bis dato eigentlich nie etwas fragwürdiges geöffnet
Also erstes FRST+Addition schon gepostet im ersten beitrag

Code:
ATTFilter
# AdwCleaner v5.027 - Bericht erstellt am 04/01/2016 um 17:04:22
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center  (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

Ordner Gefunden : C:\Program Files (x86)\myfree codec
Ordner Gefunden : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gefunden : C:\ProgramData\Ask
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gefunden : C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers

***** [ Dateien ] *****

Datei Gefunden : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml
Datei Gefunden : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml

***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Myfree Codec
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Description
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B42DCA7D-7E55-4A79-85A0-AF94DD339325}

***** [ Internetbrowser ] *****

[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("browser.search.order.1", "Ask.com");
[C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "");

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2956 Bytes] ##########
         
Code:
ATTFilter
# AdwCleaner v5.027 - Bericht erstellt am 04/01/2016 um 17:52:03
# Aktualisiert am 30/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center  (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\AdwCleaner_5.027.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec
[-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[-] Ordner Gelöscht : C:\ProgramData\Ask
[-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Ordner Gelöscht : C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers

***** [ Dateien ] *****

[-] Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml
[-] Datei Gelöscht : C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKCU\Software\Conduit
[-] Schlüssel Gelöscht : HKCU\Software\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Description
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B42DCA7D-7E55-4A79-85A0-AF94DD339325}

***** [ Internetbrowser ] *****

[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.order.1", "Ask.com");
[-] [C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "");

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3310 Bytes] ##########
         
Code:
ATTFilter
C:\Program Files (x86)\myfree codec\1.0b beta\avcodec-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avcodec-52.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avcore-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avcore-0.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avformat-52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avformat-52.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\avutil-50.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\avutil-50.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.DLL->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.DLL.vir
C:\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.INI->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\FF_MPEG.INI.vir
C:\Program Files (x86)\myfree codec\1.0b beta\MyFree.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\MyFree.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\pthreadGC2.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\pthreadGC2.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\swscale-0.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\swscale-0.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_EVRC.DLL->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_EVRC.DLL.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_MMX.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_MMX.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_QCELP.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_QCELP.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_VRESIZE.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_VRESIZE.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\TG_WMVP.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\TG_WMVP.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\uninstall.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\uninstall.exe.vir
C:\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvid.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvid.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvidcore.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\XVID-CORE\xvidcore.dll.vir
C:\Program Files (x86)\myfree codec\1.0b beta\AC-3\ac3dx.ax->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\AC-3\ac3dx.ax.vir
C:\Program Files (x86)\myfree codec\1.0b beta\AC-3\liba52.dll->C:\AdwCleaner\Quarantine\C\Program Files (x86)\myfree codec\1.0b beta\AC-3\liba52.dll.vir
C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe->C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec\1.0b beta\Uninstall.lnk->C:\AdwCleaner\Quarantine\C\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec\1.0b beta\Uninstall.lnk.vir
C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm.vir
C:\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeytvdownloader.htm->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\dvdvideosoftiehelpers\freeytvdownloader.htm.vir
C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\11-suche.xml.vir
C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml->C:\AdwCleaner\Quarantine\C\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\Askcom.xml.vir
         
TDSSKiller erstes Protokoll
[CODE]17:26:43.0373 0x1f5c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:26:43.0373 0x1f5c UEFI system
17:27:23.0367 0x1f5c ============================================================
17:27:23.0367 0x1f5c Current date / time: 2016/01/04 17:27:23.0367
17:27:23.0367 0x1f5c SystemInfo:
17:27:23.0367 0x1f5c
17:27:23.0367 0x1f5c OS Version: 6.3.9600 ServicePack: 0.0
17:27:23.0367 0x1f5c Product type: Workstation
17:27:23.0367 0x1f5c ComputerName: OLIVER
17:27:23.0367 0x1f5c UserName: Andreas
17:27:23.0367 0x1f5c Windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c System windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c Running under WOW64
17:27:23.0367 0x1f5c Processor architecture: Intel x64
17:27:23.0367 0x1f5c Number of processors: 4
17:27:23.0367 0x1f5c Page size: 0x1000
17:27:23.0367 0x1f5c Boot type: Normal boot
17:27:23.0367 0x1f5c ============================================================
17:27:23.0951 0x1f5c KLMD registered as C:\WINDOWS\system32\drivers\37226856.sys
17:27:24.0466 0x1f5c System UUID: {14213991-BD6C-C597-0C07-B5A934EF09F8}
17:27:25.0533 0x1f5c Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:25.0579 0x1f5c ============================================================
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0:
17:27:25.0579 0x1f5c GPT partitions:
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D2EE9E62-8450-43C6-9E1F-5D8E7CB4241A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {959B4564-8338-47E7-9CBC-6FB02C36D795}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {26EEE887-6542-41EC-8FC6-A0772B36D6AF}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C457E945-495B-40A8-921C-BC3B1A18CD6E}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x2F5E0001
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80DA5BB7-84DA-4C1C-A36B-011C102EB589}, Name: , StartLBA 0x2F7B1000, BlocksNum 0xAF000
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {514DEC35-ABFC-450A-BE91-7DC537C7C79F}, Name: Basic data partition, StartLBA 0x2F860000, BlocksNum 0x249EF800
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7D1520F-5523-4CBA-89AF-4B2375ACEF5C}, Name: Basic data partition, StartLBA 0x5424F801, BlocksNum 0x30F6800
17:27:25.0579 0x1f5c \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0D1B812C-3112-484F-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346001, BlocksNum 0x200000
17:27:25.0579 0x1f5c MBR partitions:
17:27:25.0579 0x1f5c ============================================================
17:27:25.0611 0x1f5c C: <-> \Device\Harddisk0\DR0\Partition4
17:27:25.0642 0x1f5c D: <-> \Device\Harddisk0\DR0\Partition6
17:27:25.0642 0x1f5c ============================================================
17:27:25.0642 0x1f5c Initialize success
17:27:25.0642 0x1f5c ============================================================
17:27:38.0361 0x1f6c ============================================================
17:27:38.0361 0x1f6c Scan started
17:27:38.0361 0x1f6c Mode: Manual;
17:27:38.0361 0x1f6c ============================================================
17:27:38.0361 0x1f6c KSN ping started
17:27:40.0748 0x1f6c KSN ping finished: true
17:27:43.0151 0x1f6c ================ Scan system memory ========================
17:27:43.0151 0x1f6c System memory - ok
17:27:43.0151 0x1f6c ================ Scan services =============================
17:27:43.0338 0x1f6c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
17:27:43.0338 0x1f6c 1394ohci - ok
17:27:43.0354 0x1f6c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
17:27:43.0354 0x1f6c 3ware - ok
17:27:43.0385 0x1f6c [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
17:27:43.0385 0x1f6c acedrv11 - ok
17:27:43.0428 0x1f6c [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
17:27:43.0428 0x1f6c ACPI - ok
17:27:43.0444 0x1f6c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
17:27:43.0444 0x1f6c acpiex - ok
17:27:43.0475 0x1f6c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
17:27:43.0475 0x1f6c acpipagr - ok
17:27:43.0507 0x1f6c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
17:27:43.0507 0x1f6c AcpiPmi - ok
17:27:43.0507 0x1f6c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
17:27:43.0522 0x1f6c acpitime - ok
17:27:43.0596 0x1f6c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:43.0596 0x1f6c AdobeARMservice - ok
17:27:43.0736 0x1f6c [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:43.0752 0x1f6c AdobeFlashPlayerUpdateSvc - ok
17:27:43.0814 0x1f6c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:27:43.0846 0x1f6c ADP80XX - ok
17:27:43.0877 0x1f6c [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
17:27:43.0877 0x1f6c AeLookupSvc - ok
17:27:43.0924 0x1f6c [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
17:27:43.0939 0x1f6c AFD - ok
17:27:43.0955 0x1f6c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
17:27:43.0955 0x1f6c agp440 - ok
17:27:44.0002 0x1f6c [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:27:44.0002 0x1f6c ahcache - ok
17:27:44.0049 0x1f6c [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
17:27:44.0049 0x1f6c ALG - ok
17:27:44.0080 0x1f6c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
17:27:44.0096 0x1f6c AmdK8 - ok
17:27:44.0111 0x1f6c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
17:27:44.0111 0x1f6c AmdPPM - ok
17:27:44.0142 0x1f6c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
17:27:44.0142 0x1f6c amdsata - ok
17:27:44.0174 0x1f6c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
17:27:44.0174 0x1f6c amdsbs - ok
17:27:44.0189 0x1f6c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
17:27:44.0189 0x1f6c amdxata - ok
17:27:44.0221 0x1f6c [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL C:\WINDOWS\System32\drivers\AMPPAL.sys
17:27:44.0221 0x1f6c AMPPAL - ok
17:27:44.0299 0x1f6c [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:27:44.0314 0x1f6c AMPPALR3 - ok
17:27:44.0408 0x1f6c [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:27:44.0424 0x1f6c AntiVirMailService - ok
17:27:44.0465 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:27:44.0465 0x1f6c AntiVirSchedulerService - ok
17:27:44.0481 0x1f6c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:27:44.0497 0x1f6c AntiVirService - ok
17:27:44.0544 0x1f6c [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:27:44.0559 0x1f6c AntiVirWebService - ok
17:27:44.0596 0x1f6c [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
17:27:44.0596 0x1f6c AppID - ok
17:27:44.0627 0x1f6c [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
17:27:44.0627 0x1f6c AppIDSvc - ok
17:27:44.0674 0x1f6c [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
17:27:44.0674 0x1f6c Appinfo - ok
17:27:44.0721 0x1f6c [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
17:27:44.0721 0x1f6c AppMgmt - ok
17:27:44.0768 0x1f6c [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
17:27:44.0799 0x1f6c AppReadiness - ok
17:27:44.0846 0x1f6c [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
17:27:44.0862 0x1f6c AppXSvc - ok
17:27:44.0909 0x1f6c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
17:27:44.0909 0x1f6c arcsas - ok
17:27:44.0924 0x1f6c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
17:27:44.0924 0x1f6c atapi - ok
17:27:44.0971 0x1f6c [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:27:44.0971 0x1f6c AudioEndpointBuilder - ok
17:27:45.0034 0x1f6c [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
17:27:45.0049 0x1f6c Audiosrv - ok
17:27:45.0112 0x1f6c [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
17:27:45.0112 0x1f6c Autodesk Content Service - ok
17:27:45.0174 0x1f6c [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:27:45.0190 0x1f6c Autodesk Licensing Service - ok
17:27:45.0221 0x1f6c [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:27:45.0221 0x1f6c avgntflt - ok
17:27:45.0252 0x1f6c [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:27:45.0268 0x1f6c avipbb - ok
17:27:45.0299 0x1f6c [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:27:45.0315 0x1f6c Avira.ServiceHost - ok
17:27:45.0331 0x1f6c [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:27:45.0331 0x1f6c avkmgr - ok
17:27:45.0362 0x1f6c [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:27:45.0362 0x1f6c avnetflt - ok
17:27:45.0393 0x1f6c [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
17:27:45.0393 0x1f6c AxInstSV - ok
17:27:45.0440 0x1f6c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
17:27:45.0440 0x1f6c b06bdrv - ok
17:27:45.0456 0x1f6c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:27:45.0456 0x1f6c BasicDisplay - ok
17:27:45.0500 0x1f6c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
17:27:45.0500 0x1f6c BasicRender - ok
17:27:45.0515 0x1f6c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
17:27:45.0515 0x1f6c bcmfn2 - ok
17:27:45.0546 0x1f6c [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
17:27:45.0562 0x1f6c BDESVC - ok
17:27:45.0578 0x1f6c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
17:27:45.0578 0x1f6c Beep - ok
17:27:45.0634 0x1f6c [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
17:27:45.0634 0x1f6c BFE - ok
17:27:45.0697 0x1f6c [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
17:27:45.0712 0x1f6c BITS - ok
17:27:45.0822 0x1f6c [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:27:45.0853 0x1f6c Bluetooth Device Monitor - ok
17:27:45.0884 0x1f6c [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:27:45.0900 0x1f6c Bluetooth OBEX Service - ok
17:27:45.0931 0x1f6c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
17:27:45.0931 0x1f6c bowser - ok
17:27:45.0978 0x1f6c [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:27:45.0994 0x1f6c BrokerInfrastructure - ok
17:27:46.0025 0x1f6c [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
17:27:46.0040 0x1f6c Browser - ok
17:27:46.0072 0x1f6c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:27:46.0087 0x1f6c BthAvrcpTg - ok
17:27:46.0134 0x1f6c [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
17:27:46.0134 0x1f6c BthEnum - ok
17:27:46.0165 0x1f6c [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
17:27:46.0181 0x1f6c BthHFEnum - ok
17:27:46.0181 0x1f6c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
17:27:46.0181 0x1f6c bthhfhid - ok
17:27:46.0244 0x1f6c [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
17:27:46.0244 0x1f6c BthHFSrv - ok
17:27:46.0306 0x1f6c [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:27:46.0306 0x1f6c BthLEEnum - ok
17:27:46.0337 0x1f6c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
17:27:46.0353 0x1f6c BTHMODEM - ok
17:27:46.0384 0x1f6c [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
17:27:46.0384 0x1f6c BthPan - ok
17:27:46.0462 0x1f6c [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
17:27:46.0478 0x1f6c BTHPORT - ok
17:27:46.0526 0x1f6c [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
17:27:46.0528 0x1f6c bthserv - ok
17:27:46.0541 0x1f6c [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:27:46.0541 0x1f6c BTHSSecurityMgr - ok
17:27:46.0588 0x1f6c [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:27:46.0603 0x1f6c BTHUSB - ok
17:27:46.0640 0x1f6c [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\WINDOWS\system32\DRIVERS\btmaux.sys
17:27:46.0643 0x1f6c btmaux - ok
17:27:46.0665 0x1f6c [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
17:27:46.0696 0x1f6c btmhsf - ok
17:27:46.0712 0x1f6c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:27:46.0712 0x1f6c cdfs - ok
17:27:46.0728 0x1f6c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
17:27:46.0743 0x1f6c cdrom - ok
17:27:46.0759 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
17:27:46.0759 0x1f6c CertPropSvc - ok
17:27:46.0790 0x1f6c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
17:27:46.0790 0x1f6c circlass - ok
17:27:46.0853 0x1f6c [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
17:27:46.0853 0x1f6c CLFS - ok
17:27:46.0900 0x1f6c [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:27:46.0900 0x1f6c CLVirtualDrive - ok
17:27:46.0931 0x1f6c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
17:27:46.0946 0x1f6c CmBatt - ok
17:27:46.0978 0x1f6c [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
17:27:46.0993 0x1f6c CNG - ok
17:27:47.0009 0x1f6c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
17:27:47.0009 0x1f6c CompositeBus - ok
17:27:47.0009 0x1f6c COMSysApp - ok
17:27:47.0025 0x1f6c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
17:27:47.0025 0x1f6c condrv - ok
17:27:47.0040 0x1dac Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:27:47.0118 0x1f6c [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:27:47.0118 0x1f6c cphs - ok
17:27:47.0150 0x1f6c [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
17:27:47.0150 0x1f6c CryptSvc - ok
17:27:47.0196 0x1f6c [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\WINDOWS\system32\drivers\csc.sys
17:27:47.0196 0x1f6c CSC - ok
17:27:47.0228 0x1f6c [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\WINDOWS\System32\cscsvc.dll
17:27:47.0243 0x1f6c CscService - ok
17:27:47.0275 0x1f6c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
17:27:47.0275 0x1f6c dam - ok
17:27:47.0353 0x1f6c [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
17:27:47.0353 0x1f6c DBService - ok
17:27:47.0431 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
17:27:47.0447 0x1f6c DcomLaunch - ok
17:27:47.0493 0x1f6c [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
17:27:47.0493 0x1f6c defragsvc - ok
17:27:47.0540 0x1f6c [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:27:47.0556 0x1f6c DeviceAssociationService - ok
17:27:47.0593 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
17:27:47.0593 0x1f6c DeviceInstall - ok
17:27:47.0609 0x1f6c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
17:27:47.0609 0x1f6c Dfsc - ok
17:27:47.0640 0x1f6c [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:27:47.0640 0x1f6c dg_ssudbus - ok
17:27:47.0697 0x1f6c [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
17:27:47.0713 0x1f6c Dhcp - ok
17:27:47.0775 0x1f6c [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
17:27:47.0791 0x1f6c DiagTrack - ok
17:27:47.0838 0x1f6c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
17:27:47.0838 0x1f6c disk - ok
17:27:47.0885 0x1f6c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
17:27:47.0885 0x1f6c dmvsc - ok
17:27:47.0932 0x1f6c [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
17:27:47.0932 0x1f6c Dnscache - ok
17:27:47.0963 0x1f6c [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
17:27:47.0979 0x1f6c dot3svc - ok
17:27:48.0010 0x1f6c [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
17:27:48.0010 0x1f6c DPS - ok
17:27:48.0041 0x1f6c [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
17:27:48.0041 0x1f6c drmkaud - ok
17:27:48.0072 0x1f6c [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
17:27:48.0088 0x1f6c DsmSvc - ok
17:27:48.0135 0x1f6c [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:27:48.0166 0x1f6c DXGKrnl - ok
17:27:48.0182 0x1f6c [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
17:27:48.0182 0x1f6c Eaphost - ok
17:27:48.0307 0x1f6c [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
17:27:48.0322 0x0db4 Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
17:27:48.0338 0x1f6c Easy Launcher - ok
17:27:48.0447 0x1f6c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
17:27:48.0494 0x1f6c ebdrv - ok
17:27:48.0526 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
17:27:48.0526 0x1f6c EFS - ok
17:27:48.0630 0x1f6c [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
17:27:48.0646 0x1f6c ehRecvr - ok
17:27:48.0662 0x1f6c [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched C:\WINDOWS\ehome\ehsched.exe
17:27:48.0662 0x1f6c ehSched - ok
17:27:48.0693 0x1f6c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
17:27:48.0693 0x1f6c EhStorClass - ok
17:27:48.0709 0x1f6c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:27:48.0709 0x1f6c EhStorTcgDrv - ok
17:27:48.0724 0x1f6c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
17:27:48.0724 0x1f6c ErrDev - ok
17:27:48.0773 0x1f6c [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
17:27:48.0789 0x1f6c EventSystem - ok
17:27:48.0867 0x1f6c [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:27:48.0867 0x1f6c EvtEng - ok
17:27:48.0914 0x1f6c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
17:27:48.0914 0x1f6c exfat - ok
17:27:48.0929 0x1f6c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
17:27:48.0929 0x1f6c fastfat - ok
17:27:49.0054 0x1f6c [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
17:27:49.0054 0x1f6c Fax - ok
17:27:49.0070 0x1f6c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
17:27:49.0070 0x1f6c fdc - ok
17:27:49.0101 0x1f6c [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
17:27:49.0101 0x1f6c fdPHost - ok
17:27:49.0132 0x1f6c [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
17:27:49.0132 0x1f6c FDResPub - ok
17:27:49.0164 0x1f6c [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
17:27:49.0164 0x1f6c fhsvc - ok
17:27:49.0210 0x1f6c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
17:27:49.0210 0x1f6c FileInfo - ok
17:27:49.0257 0x1f6c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
17:27:49.0257 0x1f6c Filetrace - ok
17:27:49.0367 0x1f6c [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:27:49.0382 0x1f6c FLEXnet Licensing Service 64 - ok
17:27:49.0398 0x1f6c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
17:27:49.0398 0x1f6c flpydisk - ok
17:27:49.0429 0x1f6c [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
17:27:49.0445 0x1f6c FltMgr - ok
17:27:49.0507 0x1f6c [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\WINDOWS\system32\FntCache.dll
17:27:49.0539 0x1dac Object send P2P result: true
17:27:49.0539 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:27:49.0539 0x1f6c FontCache - ok
17:27:49.0668 0x1f6c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:49.0668 0x1f6c FontCache3.0.0.0 - ok
17:27:49.0699 0x1f6c [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
17:27:49.0715 0x1f6c FsDepends - ok
17:27:49.0748 0x1f6c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:27:49.0750 0x1f6c Fs_Rec - ok
17:27:49.0772 0x1f6c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:27:49.0788 0x1f6c fvevol - ok
17:27:49.0803 0x1f6c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
17:27:49.0803 0x1f6c FxPPM - ok
17:27:49.0835 0x1f6c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
17:27:49.0835 0x1f6c gagp30kx - ok
17:27:49.0866 0x1f6c [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
17:27:49.0882 0x1f6c Garmin Core Update Service - ok
17:27:49.0913 0x1f6c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
17:27:49.0913 0x1f6c gencounter - ok
17:27:49.0944 0x1f6c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:27:49.0944 0x1f6c GPIOClx0101 - ok
17:27:50.0007 0x1f6c [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
17:27:50.0022 0x1f6c gpsvc - ok
17:27:50.0069 0x1f6c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
17:27:50.0069 0x1f6c HDAudBus - ok
17:27:50.0100 0x1f6c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
17:27:50.0100 0x1f6c HidBatt - ok
17:27:50.0147 0x1f6c [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
17:27:50.0147 0x1f6c HidBth - ok
17:27:50.0163 0x1f6c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
17:27:50.0178 0x1f6c hidi2c - ok
17:27:50.0210 0x1f6c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
17:27:50.0210 0x1f6c HidIr - ok
17:27:50.0241 0x1f6c [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
17:27:50.0257 0x1f6c hidserv - ok
17:27:50.0272 0x1f6c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
17:27:50.0272 0x1f6c HidUsb - ok
17:27:50.0319 0x1f6c [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
17:27:50.0319 0x1f6c hkmsvc - ok
17:27:50.0350 0x1f6c [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:27:50.0366 0x1f6c HomeGroupListener - ok
17:27:50.0413 0x1f6c [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:27:50.0413 0x1f6c HomeGroupProvider - ok
17:27:50.0444 0x1f6c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
17:27:50.0444 0x1f6c HpSAMD - ok
17:27:50.0507 0x1f6c [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
17:27:50.0538 0x1f6c HTTP - ok
17:27:50.0569 0x1f6c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
17:27:50.0569 0x1f6c hwpolicy - ok
17:27:50.0632 0x1f6c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
17:27:50.0632 0x1f6c hyperkbd - ok
17:27:50.0647 0x1f6c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:27:50.0647 0x1f6c HyperVideo - ok
17:27:50.0690 0x1f6c [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
17:27:50.0690 0x1f6c i8042prt - ok
17:27:50.0706 0x1f6c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:27:50.0706 0x1f6c iaLPSSi_GPIO - ok
17:27:50.0737 0x1f6c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:27:50.0737 0x1f6c iaLPSSi_I2C - ok
17:27:50.0768 0x0db4 Object send P2P result: true
17:27:50.0768 0x0db4 Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
17:27:50.0809 0x1f6c [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
17:27:50.0825 0x1f6c iaStorA - ok
17:27:50.0856 0x1f6c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
17:27:50.0872 0x1f6c iaStorAV - ok
17:27:50.0919 0x1f6c [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:27:50.0919 0x1f6c IAStorDataMgrSvc - ok
17:27:50.0950 0x1f6c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
17:27:50.0966 0x1f6c iaStorV - ok
17:27:50.0997 0x1f6c [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
17:27:50.0997 0x1f6c iBtFltCoex - ok
17:27:50.0997 0x1f6c IEEtwCollectorService - ok
17:27:51.0138 0x1f6c [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:27:51.0200 0x1f6c igfx - ok
17:27:51.0231 0x1f6c [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:27:51.0231 0x1f6c IJPLMSVC - ok
17:27:51.0278 0x1f6c [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
17:27:51.0294 0x1f6c IKEEXT - ok
17:27:51.0325 0x1f6c [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:27:51.0325 0x1f6c intaud_WaveExtensible - ok
17:27:51.0466 0x1f6c [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:27:51.0528 0x1f6c IntcAzAudAddService - ok
17:27:51.0575 0x1f6c [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:27:51.0575 0x1f6c IntcDAud - ok
17:27:51.0622 0x1f6c [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:27:51.0638 0x1f6c Intel(R) Capability Licensing Service Interface - ok
17:27:51.0684 0x1f6c [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:27:51.0716 0x1f6c Intel(R) Capability Licensing Service TCP IP Interface - ok
17:27:51.0774 0x1f6c [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
17:27:51.0789 0x1f6c Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
17:27:51.0831 0x1f6c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
17:27:51.0831 0x1f6c intelide - ok
17:27:51.0862 0x1f6c [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
17:27:51.0862 0x1f6c IntelliMemory - ok
17:27:51.0894 0x1f6c [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
17:27:51.0894 0x1f6c intelpep - ok
17:27:51.0925 0x1f6c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
17:27:51.0925 0x1f6c intelppm - ok
17:27:51.0925 0x1f6c [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs C:\WINDOWS\system32\DRIVERS\intmfs.sys
17:27:51.0925 0x1f6c intmfs - ok
17:27:51.0941 0x1f6c [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd C:\WINDOWS\system32\DRIVERS\intmsd.sys
17:27:51.0941 0x1f6c intmsd - ok
17:27:51.0972 0x1f6c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:27:51.0972 0x1f6c IpFilterDriver - ok
17:27:52.0003 0x1dac Object send P2P result: true
17:27:52.0003 0x1dac Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:27:52.0019 0x1f6c [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
17:27:52.0034 0x1f6c iphlpsvc - ok
17:27:52.0081 0x1f6c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:27:52.0081 0x1f6c IPMIDRV - ok
17:27:52.0144 0x1f6c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
17:27:52.0159 0x1f6c IPNAT - ok
17:27:52.0175 0x1f6c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
17:27:52.0175 0x1f6c IRENUM - ok
17:27:52.0237 0x1f6c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
17:27:52.0237 0x1f6c isapnp - ok
17:27:52.0284 0x1f6c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
17:27:52.0284 0x1f6c iScsiPrt - ok
17:27:52.0378 0x1f6c [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
17:27:52.0394 0x1f6c iumsvc - ok
17:27:52.0425 0x1f6c [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
17:27:52.0425 0x1f6c iwdbus - ok
17:27:52.0472 0x1f6c [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:27:52.0472 0x1f6c jhi_service - ok
17:27:52.0487 0x1f6c [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
17:27:52.0487 0x1f6c kbdclass - ok
17:27:52.0519 0x1f6c [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
17:27:52.0534 0x1f6c kbdhid - ok
17:27:52.0550 0x1f6c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
17:27:52.0550 0x1f6c kbldfltr - ok
17:27:52.0581 0x1f6c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:27:52.0581 0x1f6c kdnic - ok
17:27:52.0597 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
17:27:52.0597 0x1f6c KeyIso - ok
17:27:52.0644 0x1f6c [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
17:27:52.0644 0x1f6c KSecDD - ok
17:27:52.0691 0x1f6c [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:27:52.0691 0x1f6c KSecPkg - ok
17:27:52.0706 0x1f6c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
17:27:52.0706 0x1f6c ksthunk - ok
17:27:52.0737 0x1f6c [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
17:27:52.0737 0x1f6c KtmRm - ok
17:27:52.0796 0x1f6c [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
17:27:52.0796 0x1f6c LanmanServer - ok
17:27:52.0843 0x1f6c [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:27:52.0861 0x1f6c LanmanWorkstation - ok
17:27:52.0917 0x1f6c [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
17:27:52.0917 0x1f6c launcherservice - ok
17:27:52.0963 0x1f6c [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
17:27:52.0963 0x1f6c lfsvc - ok
17:27:52.0995 0x1f6c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:27:52.0995 0x1f6c lltdio - ok
17:27:53.0026 0x1f6c [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
17:27:53.0026 0x1f6c lltdsvc - ok
17:27:53.0073 0x1f6c [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
17:27:53.0073 0x1f6c lmhosts - ok
17:27:53.0120 0x1f6c [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:27:53.0135 0x1f6c LMS - ok
17:27:53.0167 0x1f6c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
17:27:53.0167 0x1f6c LSI_SAS - ok
17:27:53.0182 0x1f6c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:27:53.0198 0x1f6c LSI_SAS2 - ok
17:27:53.0213 0x0db4 Object send P2P result: true
17:27:53.0213 0x0db4 Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
17:27:53.0213 0x1f6c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:27:53.0213 0x1f6c LSI_SAS3 - ok
17:27:53.0229 0x1f6c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
17:27:53.0229 0x1f6c LSI_SSS - ok
17:27:53.0292 0x1f6c [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
17:27:53.0307 0x1f6c LSM - ok
17:27:53.0338 0x1f6c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
17:27:53.0338 0x1f6c luafv - ok
17:27:53.0370 0x1f6c [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
17:27:53.0370 0x1f6c Mcx2Svc - ok
17:27:53.0417 0x1f6c [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:27:53.0432 0x1f6c MDM - ok
17:27:53.0463 0x1f6c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
17:27:53.0479 0x1f6c megasas - ok
17:27:53.0495 0x1f6c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
17:27:53.0510 0x1f6c megasr - ok
17:27:53.0526 0x1f6c [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:27:53.0526 0x1f6c MEIx64 - ok
17:27:53.0557 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
17:27:53.0557 0x1f6c MMCSS - ok
17:27:53.0588 0x1f6c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
17:27:53.0588 0x1f6c Modem - ok
17:27:53.0604 0x1f6c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
17:27:53.0604 0x1f6c monitor - ok
17:27:53.0620 0x1f6c [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
17:27:53.0620 0x1f6c mouclass - ok
17:27:53.0635 0x1f6c [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
17:27:53.0651 0x1f6c mouhid - ok
17:27:53.0682 0x1f6c [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
17:27:53.0682 0x1f6c mountmgr - ok
17:27:53.0729 0x1f6c [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:53.0745 0x1f6c MozillaMaintenance - ok
17:27:53.0776 0x1f6c [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
17:27:53.0776 0x1f6c mpsdrv - ok
17:27:53.0862 0x1f6c [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
17:27:53.0878 0x1f6c MpsSvc - ok
17:27:53.0903 0x1f6c [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
17:27:53.0903 0x1f6c MRxDAV - ok
17:27:53.0950 0x1f6c [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:27:53.0966 0x1f6c mrxsmb - ok
17:27:53.0997 0x1f6c [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:27:54.0013 0x1f6c mrxsmb10 - ok
17:27:54.0029 0x1f6c [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:27:54.0029 0x1f6c mrxsmb20 - ok
17:27:54.0060 0x1f6c [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
17:27:54.0060 0x1f6c MsBridge - ok
17:27:54.0107 0x1f6c [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
17:27:54.0107 0x1f6c MSDTC - ok
17:27:54.0154 0x1f6c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
17:27:54.0154 0x1f6c Msfs - ok
17:27:54.0185 0x1f6c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:27:54.0200 0x1f6c msgpiowin32 - ok
17:27:54.0216 0x1f6c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:27:54.0216 0x1f6c mshidkmdf - ok
17:27:54.0232 0x1f6c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
17:27:54.0232 0x1f6c mshidumdf - ok
17:27:54.0247 0x1f6c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
17:27:54.0247 0x1f6c msisadrv - ok
17:27:54.0279 0x1f6c [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
17:27:54.0279 0x1f6c MSiSCSI - ok
17:27:54.0294 0x1f6c msiserver - ok
17:27:54.0325 0x1f6c [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:27:54.0325 0x1f6c MsKeyboardFilter - ok
17:27:54.0357 0x1f6c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:27:54.0357 0x1f6c MSKSSRV - ok
17:27:54.0388 0x1f6c [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:27:54.0388 0x1f6c MsLldp - ok
17:27:54.0419 0x1f6c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:27:54.0419 0x1f6c MSPCLOCK - ok
17:27:54.0435 0x1dac Object send P2P result: true
17:27:54.0450 0x1dac Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
17:27:54.0450 0x1f6c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
17:27:54.0450 0x1f6c MSPQM - ok
17:27:54.0482 0x1f6c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
17:27:54.0497 0x1f6c MsRPC - ok
17:27:54.0529 0x1f6c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
17:27:54.0529 0x1f6c mssmbios - ok
17:27:54.0591 0x1f6c [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
17:27:54.0607 0x1f6c MSSQL$SQLEXPRESS - ok
17:27:54.0622 0x1f6c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
17:27:54.0622 0x1f6c MSTEE - ok
17:27:54.0638 0x1f6c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
17:27:54.0638 0x1f6c MTConfig - ok
17:27:54.0669 0x1f6c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
17:27:54.0685 0x1f6c Mup - ok
17:27:54.0716 0x1f6c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
17:27:54.0716 0x1f6c mvumis - ok
17:27:54.0763 0x1f6c [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:27:54.0779 0x1f6c MyWiFiDHCPDNS - ok
17:27:54.0831 0x1f6c [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
17:27:54.0839 0x1f6c napagent - ok
17:27:54.0902 0x1f6c [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:27:54.0918 0x1f6c NativeWifiP - ok
17:27:54.0959 0x1f6c [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
17:27:54.0975 0x1f6c NAUpdate - ok
17:27:55.0006 0x1f6c [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
17:27:55.0022 0x1f6c NcaSvc - ok
17:27:55.0053 0x1f6c [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
17:27:55.0053 0x1f6c NcbService - ok
17:27:55.0069 0x1f6c [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
17:27:55.0084 0x1f6c NcdAutoSetup - ok
17:27:55.0147 0x1f6c [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
17:27:55.0178 0x1f6c NDIS - ok
17:27:55.0209 0x1f6c [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:27:55.0209 0x1f6c NdisCap - ok
17:27:55.0241 0x1f6c [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:27:55.0241 0x1f6c NdisImPlatform - ok
17:27:55.0256 0x1f6c [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:27:55.0256 0x1f6c NdisTapi - ok
17:27:55.0288 0x1f6c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:27:55.0303 0x1f6c Ndisuio - ok
17:27:55.0319 0x1f6c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:27:55.0319 0x1f6c NdisVirtualBus - ok
17:27:55.0334 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0350 0x1f6c NdisWan - ok
17:27:55.0366 0x1f6c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0366 0x1f6c NdisWanLegacy - ok
17:27:55.0397 0x1f6c [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
17:27:55.0397 0x1f6c NDProxy - ok
17:27:55.0444 0x1f6c [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
17:27:55.0444 0x1f6c Ndu - ok
17:27:55.0491 0x1f6c [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
17:27:55.0491 0x1f6c NetBIOS - ok
17:27:55.0538 0x1f6c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
17:27:55.0553 0x1f6c NetBT - ok
17:27:55.0553 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
17:27:55.0569 0x1f6c Netlogon - ok
17:27:55.0600 0x1f6c [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
17:27:55.0616 0x1f6c Netman - ok
17:27:55.0647 0x0db4 Object send P2P result: true
17:27:55.0663 0x1f6c [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
17:27:55.0663 0x1f6c netprofm - ok
17:27:55.0725 0x1f6c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:55.0725 0x1f6c NetTcpPortSharing - ok
17:27:55.0772 0x1f6c [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
17:27:55.0772 0x1f6c netvsc - ok
17:27:55.0910 0x1f6c [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64 C:\WINDOWS\system32\DRIVERS\Netwew00.sys
17:27:55.0957 0x1f6c NETwNe64 - ok
17:27:55.0988 0x1f6c [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
17:27:56.0003 0x1f6c NlaSvc - ok
17:27:56.0092 0x1f6c [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
17:27:56.0107 0x1f6c NMIndexingService - ok
17:27:56.0139 0x1f6c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
17:27:56.0139 0x1f6c Npfs - ok
17:27:56.0170 0x1f6c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
17:27:56.0170 0x1f6c npsvctrig - ok
17:27:56.0201 0x1f6c [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
17:27:56.0201 0x1f6c nsi - ok
17:27:56.0217 0x1f6c [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
17:27:56.0217 0x1f6c nsiproxy - ok
17:27:56.0295 0x1f6c [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
17:27:56.0342 0x1f6c Ntfs - ok
17:27:56.0373 0x1f6c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
17:27:56.0373 0x1f6c Null - ok
17:27:56.0654 0x1f6c [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:27:56.0810 0x1f6c nvlddmkm - ok
17:27:56.0873 0x1f6c [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:27:56.0873 0x1f6c nvpciflt - ok
17:27:56.0908 0x1dac Object send P2P result: true
17:27:56.0914 0x1f6c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
17:27:56.0930 0x1f6c nvraid - ok
17:27:56.0946 0x1f6c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
17:27:56.0946 0x1f6c nvstor - ok
17:27:56.0977 0x1f6c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
17:27:56.0977 0x1f6c nv_agp - ok
17:27:57.0049 0x1f6c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:27:57.0065 0x1f6c odserv - ok
17:27:57.0174 0x1f6c [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:27:57.0190 0x1f6c Origin Client Service - ok
17:27:57.0221 0x1f6c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:57.0221 0x1f6c ose - ok
17:27:57.0268 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
17:27:57.0268 0x1f6c p2pimsvc - ok
17:27:57.0315 0x1f6c [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
17:27:57.0331 0x1f6c p2psvc - ok
17:27:57.0346 0x1f6c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
17:27:57.0346 0x1f6c Parport - ok
17:27:57.0378 0x1f6c [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
17:27:57.0378 0x1f6c partmgr - ok
17:27:57.0424 0x1f6c [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
17:27:57.0440 0x1f6c PcaSvc - ok
17:27:57.0471 0x1f6c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
17:27:57.0471 0x1f6c pci - ok
17:27:57.0487 0x1f6c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
17:27:57.0487 0x1f6c pciide - ok
17:27:57.0503 0x1f6c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
17:27:57.0503 0x1f6c pcmcia - ok
17:27:57.0503 0x1f6c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
17:27:57.0518 0x1f6c pcw - ok
17:27:57.0549 0x1f6c [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
17:27:57.0549 0x1f6c pdc - ok
17:27:57.0565 0x1f6c [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc C:\WINDOWS\system32\drivers\pe3ah4nc.sys
17:27:57.0565 0x1f6c pe3ah4nc - ok
17:27:57.0612 0x1f6c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
17:27:57.0628 0x1f6c PEAUTH - ok
17:27:57.0721 0x1f6c [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
17:27:57.0753 0x1f6c PeerDistSvc - ok
17:27:57.0878 0x1f6c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
17:27:57.0878 0x1f6c PerfHost - ok
17:27:57.0965 0x1f6c [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
17:27:57.0981 0x1f6c pla - ok
17:27:58.0012 0x1f6c [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
17:27:58.0028 0x1f6c PlugPlay - ok
17:27:58.0059 0x1f6c [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
17:27:58.0059 0x1f6c PNRPAutoReg - ok
17:27:58.0093 0x1f6c [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
17:27:58.0100 0x1f6c PNRPsvc - ok
17:27:58.0132 0x1f6c [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
17:27:58.0132 0x1f6c PolicyAgent - ok
17:27:58.0179 0x1f6c [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
17:27:58.0179 0x1f6c Power - ok
17:27:58.0195 0x1f6c pr2ah4nc - ok
17:27:58.0382 0x1f6c [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:27:58.0413 0x1f6c PrintNotify - ok
17:27:58.0476 0x1f6c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
17:27:58.0476 0x1f6c Processor - ok
17:27:58.0523 0x1f6c [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
17:27:58.0523 0x1f6c ProfSvc - ok
17:27:58.0554 0x1f6c [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc C:\WINDOWS\system32\drivers\ps6ah4nc.sys
17:27:58.0554 0x1f6c ps6ah4nc - ok
17:27:58.0601 0x1f6c [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
17:27:58.0601 0x1f6c Psched - ok
17:27:58.0632 0x1f6c [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
17:27:58.0648 0x1f6c QWAVE - ok
17:27:58.0663 0x1f6c [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
17:27:58.0663 0x1f6c QWAVEdrv - ok
17:27:58.0695 0x1f6c [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini C:\WINDOWS\System32\drivers\RadioHIDMini.sys
17:27:58.0695 0x1f6c RadioHIDMini - ok
17:27:58.0710 0x1f6c [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:27:58.0710 0x1f6c RasAcd - ok
17:27:58.0741 0x1f6c [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
17:27:58.0757 0x1f6c RasAuto - ok
17:27:58.0804 0x1f6c [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
17:27:58.0804 0x1f6c RasMan - ok
17:27:58.0851 0x1f6c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:27:58.0851 0x1f6c RasPppoe - ok
17:27:58.0882 0x1f6c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:27:58.0882 0x1f6c rdbss - ok
17:27:58.0913 0x1f6c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
17:27:58.0913 0x1f6c rdpbus - ok
17:27:58.0945 0x1f6c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
17:27:58.0945 0x1f6c RDPDR - ok
17:27:58.0976 0x1f6c [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:27:58.0976 0x1f6c RdpVideoMiniport - ok
17:27:59.0008 0x1f6c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
17:27:59.0008 0x1f6c rdyboost - ok
17:27:59.0054 0x1f6c [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
17:27:59.0070 0x1f6c ReFS - ok
17:27:59.0175 0x1f6c [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:27:59.0175 0x1f6c RegSrvc - ok
17:27:59.0221 0x1f6c [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
17:27:59.0237 0x1f6c RemoteAccess - ok
17:27:59.0268 0x1f6c [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
17:27:59.0268 0x1f6c RemoteRegistry - ok
17:27:59.0315 0x1f6c [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
17:27:59.0315 0x1f6c RFCOMM - ok
17:27:59.0362 0x1f6c [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
17:27:59.0362 0x1f6c RpcEptMapper - ok
17:27:59.0393 0x1f6c [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
17:27:59.0409 0x1f6c RpcLocator - ok
17:27:59.0503 0x1f6c [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
17:27:59.0503 0x1f6c RpcSs - ok
17:27:59.0550 0x1f6c [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200 C:\WINDOWS\system32\DRIVERS\RsFx0200.sys
17:27:59.0550 0x1f6c RsFx0200 - ok
17:27:59.0581 0x1f6c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:27:59.0581 0x1f6c rspndr - ok
17:27:59.0612 0x1f6c [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:27:59.0628 0x1f6c RTL8168 - ok
17:27:59.0643 0x1f6c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
17:27:59.0643 0x1f6c s3cap - ok
17:27:59.0675 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
17:27:59.0675 0x1f6c SamSs - ok
17:27:59.0800 0x1f6c SBIOSIO - ok
17:27:59.0831 0x1f6c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
17:27:59.0831 0x1f6c sbp2port - ok
17:27:59.0862 0x1f6c [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
17:27:59.0878 0x1f6c SCardSvr - ok
17:27:59.0909 0x1f6c [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
17:27:59.0909 0x1f6c ScDeviceEnum - ok
17:27:59.0956 0x1f6c [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:27:59.0956 0x1f6c scfilter - ok
17:28:00.0003 0x1f6c [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
17:28:00.0026 0x1f6c Schedule - ok
17:28:00.0042 0x1f6c [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
17:28:00.0058 0x1f6c SCPolicySvc - ok
17:28:00.0073 0x1f6c [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
17:28:00.0089 0x1f6c sdbus - ok
17:28:00.0193 0x1f6c [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
17:28:00.0224 0x1f6c SDScannerService - ok
17:28:00.0255 0x1f6c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
17:28:00.0255 0x1f6c sdstor - ok
17:28:00.0365 0x1f6c [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:28:00.0380 0x1f6c SDUpdateService - ok
17:28:00.0412 0x1f6c [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:28:00.0412 0x1f6c SDWSCService - ok
17:28:00.0443 0x1f6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
17:28:00.0443 0x1f6c secdrv - ok
17:28:00.0474 0x1f6c [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
17:28:00.0474 0x1f6c seclogon - ok
17:28:00.0505 0x1f6c [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
17:28:00.0505 0x1f6c SENS - ok
17:28:00.0552 0x1f6c [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
17:28:00.0552 0x1f6c SensrSvc - ok
17:28:00.0584 0x1f6c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
17:28:00.0584 0x1f6c SerCx - ok
17:28:00.0615 0x1f6c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
17:28:00.0630 0x1f6c SerCx2 - ok
17:28:00.0646 0x1f6c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
17:28:00.0646 0x1f6c Serenum - ok
17:28:00.0662 0x1f6c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
17:28:00.0662 0x1f6c Serial - ok
17:28:00.0693 0x1f6c [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
17:28:00.0693 0x1f6c sermouse - ok
17:28:00.0740 0x1f6c [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
17:28:00.0756 0x1f6c SessionEnv - ok
17:28:00.0802 0x1f6c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
17:28:00.0802 0x1f6c sfloppy - ok
17:28:00.0834 0x1f6c [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
17:28:00.0834 0x1f6c SharedAccess - ok
17:28:00.0881 0x1f6c [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:28:00.0881 0x1f6c ShellHWDetection - ok
17:28:00.0912 0x1f6c [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm C:\WINDOWS\system32\DRIVERS\silabenm.sys
17:28:00.0912 0x1f6c silabenm - ok
17:28:00.0927 0x1f6c [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser C:\WINDOWS\system32\DRIVERS\silabser.sys
17:28:00.0943 0x1f6c silabser - ok
17:28:00.0959 0x1f6c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:28:00.0959 0x1f6c SiSRaid2 - ok
17:28:00.0974 0x1f6c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
17:28:00.0974 0x1f6c SiSRaid4 - ok
17:28:01.0006 0x1f6c [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
17:28:01.0021 0x1f6c smphost - ok
17:28:01.0037 0x1f6c [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
17:28:01.0037 0x1f6c SNMPTRAP - ok
17:28:01.0079 0x1f6c [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
17:28:01.0095 0x1f6c spaceport - ok
17:28:01.0110 0x1f6c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
17:28:01.0110 0x1f6c SpbCx - ok
17:28:01.0183 0x1f6c [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
17:28:01.0183 0x1f6c Spooler - ok
17:28:01.0371 0x1f6c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
17:28:01.0464 0x1f6c sppsvc - ok
17:28:01.0574 0x1f6c [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:28:01.0574 0x1f6c SQLAgent$SQLEXPRESS - ok
17:28:01.0668 0x1f6c [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:28:01.0668 0x1f6c SQLBrowser - ok
17:28:01.0683 0x1f6c [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:28:01.0683 0x1f6c SQLWriter - ok
17:28:01.0730 0x1f6c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
17:28:01.0746 0x1f6c srv - ok
17:28:01.0777 0x1f6c [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
17:28:01.0793 0x1f6c srv2 - ok
17:28:01.0808 0x1f6c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:28:01.0808 0x1f6c srvnet - ok
17:28:01.0839 0x1f6c [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
17:28:01.0855 0x1f6c SSDPSRV - ok
17:28:01.0886 0x1f6c [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
17:28:01.0902 0x1f6c SstpSvc - ok
17:28:01.0918 0x1f6c [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:28:01.0918 0x1f6c ssudmdm - ok
17:28:02.0043 0x1f6c [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:28:02.0058 0x1f6c ss_conn_service - ok
17:28:02.0095 0x1f6c [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver C:\WINDOWS\system32\DRIVERS\stdriverx64.sys
17:28:02.0096 0x1f6c stdriver - ok
17:28:02.0146 0x1f6c [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:28:02.0161 0x1f6c Steam Client Service - ok
17:28:02.0203 0x1f6c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
17:28:02.0203 0x1f6c stexstor - ok
17:28:02.0250 0x1f6c [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
17:28:02.0250 0x1f6c stisvc - ok
17:28:02.0266 0x1f6c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
17:28:02.0266 0x1f6c storahci - ok
17:28:02.0297 0x1f6c [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
17:28:02.0297 0x1f6c storflt - ok
17:28:02.0329 0x1f6c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
17:28:02.0329 0x1f6c stornvme - ok
17:28:02.0360 0x1f6c [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
17:28:02.0360 0x1f6c StorSvc - ok
17:28:02.0391 0x1f6c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
17:28:02.0407 0x1f6c storvsc - ok
17:28:02.0438 0x1f6c [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys
17:28:02.0438 0x1f6c storvsp - ok
17:28:02.0485 0x1f6c [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
17:28:02.0485 0x1f6c svsvc - ok
17:28:02.0532 0x1f6c [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
17:28:02.0532 0x1f6c swenum - ok
17:28:02.0672 0x1f6c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:28:02.0688 0x1f6c SwitchBoard - ok
17:28:02.0735 0x1f6c [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
17:28:02.0750 0x1f6c swprv - ok
17:28:02.0829 0x1f6c SWUpdateService - ok
17:28:02.0891 0x1f6c [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:28:02.0907 0x1f6c SynTP - ok
17:28:02.0969 0x1f6c [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
17:28:02.0985 0x1f6c SysMain - ok
17:28:03.0016 0x1f6c [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:28:03.0016 0x1f6c SystemEventsBroker - ok
17:28:03.0047 0x1f6c [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:28:03.0047 0x1f6c TabletInputService - ok
17:28:03.0079 0x1f6c [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
17:28:03.0094 0x1f6c TapiSrv - ok
17:28:03.0187 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
17:28:03.0218 0x1f6c Tcpip - ok
17:28:03.0384 0x1f6c [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:28:03.0415 0x1f6c TCPIP6 - ok
17:28:03.0431 0x1f6c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
17:28:03.0431 0x1f6c tcpipreg - ok
17:28:03.0478 0x1f6c [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
17:28:03.0478 0x1f6c tdx - ok
17:28:03.0509 0x1f6c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
17:28:03.0509 0x1f6c terminpt - ok
17:28:03.0572 0x1f6c [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
17:28:03.0587 0x1f6c TermService - ok
17:28:03.0619 0x1f6c [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
17:28:03.0634 0x1f6c Themes - ok
17:28:03.0650 0x1f6c [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
17:28:03.0650 0x1f6c THREADORDER - ok
17:28:03.0665 0x1f6c [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
17:28:03.0681 0x1f6c TimeBroker - ok
17:28:03.0712 0x1f6c [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
17:28:03.0712 0x1f6c TPM - ok
17:28:03.0744 0x1f6c [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
17:28:03.0744 0x1f6c TrkWks - ok
17:28:03.0806 0x1f6c [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:28:03.0822 0x1f6c TrustedInstaller - ok
17:28:03.0853 0x1f6c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
17:28:03.0853 0x1f6c TsUsbFlt - ok
17:28:03.0884 0x1f6c [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:28:03.0884 0x1f6c TsUsbGD - ok
17:28:03.0931 0x1f6c [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:28:03.0931 0x1f6c tunnel - ok
17:28:03.0962 0x1f6c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
17:28:03.0962 0x1f6c uagp35 - ok
17:28:03.0994 0x1f6c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
17:28:03.0994 0x1f6c UASPStor - ok
17:28:04.0041 0x1f6c [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
17:28:04.0056 0x1f6c UCX01000 - ok
17:28:04.0119 0x1f6c [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
17:28:04.0119 0x1f6c udfs - ok
17:28:04.0134 0x1f6c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
17:28:04.0134 0x1f6c UEFI - ok
17:28:04.0177 0x1f6c [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
17:28:04.0193 0x1f6c UI0Detect - ok
17:28:04.0208 0x1f6c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
17:28:04.0208 0x1f6c uliagpkx - ok
17:28:04.0240 0x1f6c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
17:28:04.0240 0x1f6c umbus - ok
17:28:04.0281 0x1f6c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
17:28:04.0281 0x1f6c UmPass - ok
17:28:04.0328 0x1f6c [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
17:28:04.0328 0x1f6c UmRdpService - ok
17:28:04.0375 0x1f6c [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
17:28:04.0391 0x1f6c upnphost - ok
17:28:04.0438 0x1f6c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
17:28:04.0438 0x1f6c usbccgp - ok
17:28:04.0484 0x1f6c [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
17:28:04.0484 0x1f6c usbcir - ok
17:28:04.0531 0x1f6c [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
17:28:04.0531 0x1f6c usbehci - ok
17:28:04.0578 0x1f6c [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
17:28:04.0594 0x1f6c usbhub - ok
17:28:04.0609 0x1f6c [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
17:28:04.0625 0x1f6c USBHUB3 - ok
17:28:04.0641 0x1f6c [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
17:28:04.0641 0x1f6c usbohci - ok
17:28:04.0672 0x1f6c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
17:28:04.0688 0x1f6c usbprint - ok
17:28:04.0719 0x1f6c [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
17:28:04.0719 0x1f6c usbscan - ok
17:28:04.0766 0x1f6c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:28:04.0766 0x1f6c USBSTOR - ok
17:28:04.0797 0x1f6c [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
17:28:04.0797 0x1f6c usbuhci - ok
17:28:04.0844 0x1f6c [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
17:28:04.0844 0x1f6c usbvideo - ok
17:28:04.0875 0x1f6c [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:28:04.0875 0x1f6c USBXHCI - ok
17:28:04.0922 0x1f6c [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
17:28:04.0922 0x1f6c VaultSvc - ok
17:28:04.0953 0x1f6c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
17:28:04.0953 0x1f6c vdrvroot - ok


Alt 08.01.2016, 19:25   #6
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Nochmals
TDSS Killer muß ihn Aufteilen
Code:
ATTFilter
17:26:43.0373 0x1f5c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:26:43.0373 0x1f5c  UEFI system
17:27:23.0367 0x1f5c  ============================================================
17:27:23.0367 0x1f5c  Current date / time: 2016/01/04 17:27:23.0367
17:27:23.0367 0x1f5c  SystemInfo:
17:27:23.0367 0x1f5c  
17:27:23.0367 0x1f5c  OS Version: 6.3.9600 ServicePack: 0.0
17:27:23.0367 0x1f5c  Product type: Workstation
17:27:23.0367 0x1f5c  ComputerName: OLIVER
17:27:23.0367 0x1f5c  UserName: Andreas
17:27:23.0367 0x1f5c  Windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c  System windows directory: C:\WINDOWS
17:27:23.0367 0x1f5c  Running under WOW64
17:27:23.0367 0x1f5c  Processor architecture: Intel x64
17:27:23.0367 0x1f5c  Number of processors: 4
17:27:23.0367 0x1f5c  Page size: 0x1000
17:27:23.0367 0x1f5c  Boot type: Normal boot
17:27:23.0367 0x1f5c  ============================================================
17:27:23.0951 0x1f5c  KLMD registered as C:\WINDOWS\system32\drivers\37226856.sys
17:27:24.0466 0x1f5c  System UUID: {14213991-BD6C-C597-0C07-B5A934EF09F8}
17:27:25.0533 0x1f5c  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:27:25.0579 0x1f5c  ============================================================
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0:
17:27:25.0579 0x1f5c  GPT partitions:
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D2EE9E62-8450-43C6-9E1F-5D8E7CB4241A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xFA000
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {959B4564-8338-47E7-9CBC-6FB02C36D795}, Name: EFI system partition, StartLBA 0xFA800, BlocksNum 0x96000
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {26EEE887-6542-41EC-8FC6-A0772B36D6AF}, Name: Microsoft reserved partition, StartLBA 0x190800, BlocksNum 0x40000
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C457E945-495B-40A8-921C-BC3B1A18CD6E}, Name: Basic data partition, StartLBA 0x1D0800, BlocksNum 0x2F5E0001
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {80DA5BB7-84DA-4C1C-A36B-011C102EB589}, Name: , StartLBA 0x2F7B1000, BlocksNum 0xAF000
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {514DEC35-ABFC-450A-BE91-7DC537C7C79F}, Name: Basic data partition, StartLBA 0x2F860000, BlocksNum 0x249EF800
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C7D1520F-5523-4CBA-89AF-4B2375ACEF5C}, Name: Basic data partition, StartLBA 0x5424F801, BlocksNum 0x30F6800
17:27:25.0579 0x1f5c  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0D1B812C-3112-484F-4173-636C65706975}, Name: Basic data partition, StartLBA 0x57346001, BlocksNum 0x200000
17:27:25.0579 0x1f5c  MBR partitions:
17:27:25.0579 0x1f5c  ============================================================
17:27:25.0611 0x1f5c  C: <-> \Device\Harddisk0\DR0\Partition4
17:27:25.0642 0x1f5c  D: <-> \Device\Harddisk0\DR0\Partition6
17:27:25.0642 0x1f5c  ============================================================
17:27:25.0642 0x1f5c  Initialize success
17:27:25.0642 0x1f5c  ============================================================
17:27:38.0361 0x1f6c  ============================================================
17:27:38.0361 0x1f6c  Scan started
17:27:38.0361 0x1f6c  Mode: Manual; 
17:27:38.0361 0x1f6c  ============================================================
17:27:38.0361 0x1f6c  KSN ping started
17:27:40.0748 0x1f6c  KSN ping finished: true
17:27:43.0151 0x1f6c  ================ Scan system memory ========================
17:27:43.0151 0x1f6c  System memory - ok
17:27:43.0151 0x1f6c  ================ Scan services =============================
17:27:43.0338 0x1f6c  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:27:43.0338 0x1f6c  1394ohci - ok
17:27:43.0354 0x1f6c  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:27:43.0354 0x1f6c  3ware - ok
17:27:43.0385 0x1f6c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\WINDOWS\system32\drivers\acedrv11.sys
17:27:43.0385 0x1f6c  acedrv11 - ok
17:27:43.0428 0x1f6c  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:27:43.0428 0x1f6c  ACPI - ok
17:27:43.0444 0x1f6c  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:27:43.0444 0x1f6c  acpiex - ok
17:27:43.0475 0x1f6c  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:27:43.0475 0x1f6c  acpipagr - ok
17:27:43.0507 0x1f6c  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:27:43.0507 0x1f6c  AcpiPmi - ok
17:27:43.0507 0x1f6c  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:27:43.0522 0x1f6c  acpitime - ok
17:27:43.0596 0x1f6c  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:27:43.0596 0x1f6c  AdobeARMservice - ok
17:27:43.0736 0x1f6c  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:43.0752 0x1f6c  AdobeFlashPlayerUpdateSvc - ok
17:27:43.0814 0x1f6c  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:27:43.0846 0x1f6c  ADP80XX - ok
17:27:43.0877 0x1f6c  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:27:43.0877 0x1f6c  AeLookupSvc - ok
17:27:43.0924 0x1f6c  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:27:43.0939 0x1f6c  AFD - ok
17:27:43.0955 0x1f6c  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:27:43.0955 0x1f6c  agp440 - ok
17:27:44.0002 0x1f6c  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:27:44.0002 0x1f6c  ahcache - ok
17:27:44.0049 0x1f6c  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
17:27:44.0049 0x1f6c  ALG - ok
17:27:44.0080 0x1f6c  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:27:44.0096 0x1f6c  AmdK8 - ok
17:27:44.0111 0x1f6c  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:27:44.0111 0x1f6c  AmdPPM - ok
17:27:44.0142 0x1f6c  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:27:44.0142 0x1f6c  amdsata - ok
17:27:44.0174 0x1f6c  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:27:44.0174 0x1f6c  amdsbs - ok
17:27:44.0189 0x1f6c  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:27:44.0189 0x1f6c  amdxata - ok
17:27:44.0221 0x1f6c  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
17:27:44.0221 0x1f6c  AMPPAL - ok
17:27:44.0299 0x1f6c  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:27:44.0314 0x1f6c  AMPPALR3 - ok
17:27:44.0408 0x1f6c  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:27:44.0424 0x1f6c  AntiVirMailService - ok
17:27:44.0465 0x1f6c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:27:44.0465 0x1f6c  AntiVirSchedulerService - ok
17:27:44.0481 0x1f6c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:27:44.0497 0x1f6c  AntiVirService - ok
17:27:44.0544 0x1f6c  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:27:44.0559 0x1f6c  AntiVirWebService - ok
17:27:44.0596 0x1f6c  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:27:44.0596 0x1f6c  AppID - ok
17:27:44.0627 0x1f6c  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:27:44.0627 0x1f6c  AppIDSvc - ok
17:27:44.0674 0x1f6c  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:27:44.0674 0x1f6c  Appinfo - ok
17:27:44.0721 0x1f6c  [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:27:44.0721 0x1f6c  AppMgmt - ok
17:27:44.0768 0x1f6c  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:27:44.0799 0x1f6c  AppReadiness - ok
17:27:44.0846 0x1f6c  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:27:44.0862 0x1f6c  AppXSvc - ok
17:27:44.0909 0x1f6c  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:27:44.0909 0x1f6c  arcsas - ok
17:27:44.0924 0x1f6c  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:27:44.0924 0x1f6c  atapi - ok
17:27:44.0971 0x1f6c  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:27:44.0971 0x1f6c  AudioEndpointBuilder - ok
17:27:45.0034 0x1f6c  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:27:45.0049 0x1f6c  Audiosrv - ok
17:27:45.0112 0x1f6c  [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
17:27:45.0112 0x1f6c  Autodesk Content Service - ok
17:27:45.0174 0x1f6c  [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:27:45.0190 0x1f6c  Autodesk Licensing Service - ok
17:27:45.0221 0x1f6c  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:27:45.0221 0x1f6c  avgntflt - ok
17:27:45.0252 0x1f6c  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:27:45.0268 0x1f6c  avipbb - ok
17:27:45.0299 0x1f6c  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:27:45.0315 0x1f6c  Avira.ServiceHost - ok
17:27:45.0331 0x1f6c  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:27:45.0331 0x1f6c  avkmgr - ok
17:27:45.0362 0x1f6c  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:27:45.0362 0x1f6c  avnetflt - ok
17:27:45.0393 0x1f6c  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:27:45.0393 0x1f6c  AxInstSV - ok
17:27:45.0440 0x1f6c  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:27:45.0440 0x1f6c  b06bdrv - ok
17:27:45.0456 0x1f6c  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:27:45.0456 0x1f6c  BasicDisplay - ok
17:27:45.0500 0x1f6c  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:27:45.0500 0x1f6c  BasicRender - ok
17:27:45.0515 0x1f6c  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:27:45.0515 0x1f6c  bcmfn2 - ok
17:27:45.0546 0x1f6c  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:27:45.0562 0x1f6c  BDESVC - ok
17:27:45.0578 0x1f6c  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:27:45.0578 0x1f6c  Beep - ok
17:27:45.0634 0x1f6c  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
17:27:45.0634 0x1f6c  BFE - ok
17:27:45.0697 0x1f6c  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:27:45.0712 0x1f6c  BITS - ok
17:27:45.0822 0x1f6c  [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:27:45.0853 0x1f6c  Bluetooth Device Monitor - ok
17:27:45.0884 0x1f6c  [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:27:45.0900 0x1f6c  Bluetooth OBEX Service - ok
17:27:45.0931 0x1f6c  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:27:45.0931 0x1f6c  bowser - ok
17:27:45.0978 0x1f6c  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:27:45.0994 0x1f6c  BrokerInfrastructure - ok
17:27:46.0025 0x1f6c  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
17:27:46.0040 0x1f6c  Browser - ok
17:27:46.0072 0x1f6c  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:27:46.0087 0x1f6c  BthAvrcpTg - ok
17:27:46.0134 0x1f6c  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:27:46.0134 0x1f6c  BthEnum - ok
17:27:46.0165 0x1f6c  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:27:46.0181 0x1f6c  BthHFEnum - ok
17:27:46.0181 0x1f6c  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:27:46.0181 0x1f6c  bthhfhid - ok
17:27:46.0244 0x1f6c  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:27:46.0244 0x1f6c  BthHFSrv - ok
17:27:46.0306 0x1f6c  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:27:46.0306 0x1f6c  BthLEEnum - ok
17:27:46.0337 0x1f6c  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:27:46.0353 0x1f6c  BTHMODEM - ok
17:27:46.0384 0x1f6c  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:27:46.0384 0x1f6c  BthPan - ok
17:27:46.0462 0x1f6c  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:27:46.0478 0x1f6c  BTHPORT - ok
17:27:46.0526 0x1f6c  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:27:46.0528 0x1f6c  bthserv - ok
17:27:46.0541 0x1f6c  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:27:46.0541 0x1f6c  BTHSSecurityMgr - ok
17:27:46.0588 0x1f6c  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:27:46.0603 0x1f6c  BTHUSB - ok
17:27:46.0640 0x1f6c  [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux          C:\WINDOWS\system32\DRIVERS\btmaux.sys
17:27:46.0643 0x1f6c  btmaux - ok
17:27:46.0665 0x1f6c  [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
17:27:46.0696 0x1f6c  btmhsf - ok
17:27:46.0712 0x1f6c  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:27:46.0712 0x1f6c  cdfs - ok
17:27:46.0728 0x1f6c  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:27:46.0743 0x1f6c  cdrom - ok
17:27:46.0759 0x1f6c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:27:46.0759 0x1f6c  CertPropSvc - ok
17:27:46.0790 0x1f6c  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:27:46.0790 0x1f6c  circlass - ok
17:27:46.0853 0x1f6c  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:27:46.0853 0x1f6c  CLFS - ok
17:27:46.0900 0x1f6c  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:27:46.0900 0x1f6c  CLVirtualDrive - ok
17:27:46.0931 0x1f6c  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:27:46.0946 0x1f6c  CmBatt - ok
17:27:46.0978 0x1f6c  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:27:46.0993 0x1f6c  CNG - ok
17:27:47.0009 0x1f6c  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:27:47.0009 0x1f6c  CompositeBus - ok
17:27:47.0009 0x1f6c  COMSysApp - ok
17:27:47.0025 0x1f6c  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:27:47.0025 0x1f6c  condrv - ok
17:27:47.0040 0x1dac  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:27:47.0118 0x1f6c  [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:27:47.0118 0x1f6c  cphs - ok
17:27:47.0150 0x1f6c  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:27:47.0150 0x1f6c  CryptSvc - ok
17:27:47.0196 0x1f6c  [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:27:47.0196 0x1f6c  CSC - ok
17:27:47.0228 0x1f6c  [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:27:47.0243 0x1f6c  CscService - ok
17:27:47.0275 0x1f6c  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:27:47.0275 0x1f6c  dam - ok
17:27:47.0353 0x1f6c  [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
17:27:47.0353 0x1f6c  DBService - ok
17:27:47.0431 0x1f6c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:27:47.0447 0x1f6c  DcomLaunch - ok
17:27:47.0493 0x1f6c  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:27:47.0493 0x1f6c  defragsvc - ok
17:27:47.0540 0x1f6c  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:27:47.0556 0x1f6c  DeviceAssociationService - ok
17:27:47.0593 0x1f6c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:27:47.0593 0x1f6c  DeviceInstall - ok
17:27:47.0609 0x1f6c  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:27:47.0609 0x1f6c  Dfsc - ok
17:27:47.0640 0x1f6c  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:27:47.0640 0x1f6c  dg_ssudbus - ok
17:27:47.0697 0x1f6c  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:27:47.0713 0x1f6c  Dhcp - ok
17:27:47.0775 0x1f6c  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:27:47.0791 0x1f6c  DiagTrack - ok
17:27:47.0838 0x1f6c  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:27:47.0838 0x1f6c  disk - ok
17:27:47.0885 0x1f6c  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:27:47.0885 0x1f6c  dmvsc - ok
17:27:47.0932 0x1f6c  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:27:47.0932 0x1f6c  Dnscache - ok
17:27:47.0963 0x1f6c  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:27:47.0979 0x1f6c  dot3svc - ok
17:27:48.0010 0x1f6c  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
17:27:48.0010 0x1f6c  DPS - ok
17:27:48.0041 0x1f6c  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:27:48.0041 0x1f6c  drmkaud - ok
17:27:48.0072 0x1f6c  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:27:48.0088 0x1f6c  DsmSvc - ok
17:27:48.0135 0x1f6c  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:27:48.0166 0x1f6c  DXGKrnl - ok
17:27:48.0182 0x1f6c  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:27:48.0182 0x1f6c  Eaphost - ok
17:27:48.0307 0x1f6c  [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
17:27:48.0322 0x0db4  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
17:27:48.0338 0x1f6c  Easy Launcher - ok
17:27:48.0447 0x1f6c  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:27:48.0494 0x1f6c  ebdrv - ok
17:27:48.0526 0x1f6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
17:27:48.0526 0x1f6c  EFS - ok
17:27:48.0630 0x1f6c  [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
17:27:48.0646 0x1f6c  ehRecvr - ok
17:27:48.0662 0x1f6c  [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched         C:\WINDOWS\ehome\ehsched.exe
17:27:48.0662 0x1f6c  ehSched - ok
17:27:48.0693 0x1f6c  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:27:48.0693 0x1f6c  EhStorClass - ok
17:27:48.0709 0x1f6c  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:27:48.0709 0x1f6c  EhStorTcgDrv - ok
17:27:48.0724 0x1f6c  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:27:48.0724 0x1f6c  ErrDev - ok
17:27:48.0773 0x1f6c  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
17:27:48.0789 0x1f6c  EventSystem - ok
17:27:48.0867 0x1f6c  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:27:48.0867 0x1f6c  EvtEng - ok
17:27:48.0914 0x1f6c  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:27:48.0914 0x1f6c  exfat - ok
17:27:48.0929 0x1f6c  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:27:48.0929 0x1f6c  fastfat - ok
17:27:49.0054 0x1f6c  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:27:49.0054 0x1f6c  Fax - ok
17:27:49.0070 0x1f6c  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:27:49.0070 0x1f6c  fdc - ok
17:27:49.0101 0x1f6c  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:27:49.0101 0x1f6c  fdPHost - ok
17:27:49.0132 0x1f6c  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:27:49.0132 0x1f6c  FDResPub - ok
17:27:49.0164 0x1f6c  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:27:49.0164 0x1f6c  fhsvc - ok
17:27:49.0210 0x1f6c  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:27:49.0210 0x1f6c  FileInfo - ok
17:27:49.0257 0x1f6c  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:27:49.0257 0x1f6c  Filetrace - ok
17:27:49.0367 0x1f6c  [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:27:49.0382 0x1f6c  FLEXnet Licensing Service 64 - ok
17:27:49.0398 0x1f6c  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:27:49.0398 0x1f6c  flpydisk - ok
17:27:49.0429 0x1f6c  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:27:49.0445 0x1f6c  FltMgr - ok
17:27:49.0507 0x1f6c  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:27:49.0539 0x1dac  Object send P2P result: true
17:27:49.0539 0x1dac  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:27:49.0539 0x1f6c  FontCache - ok
17:27:49.0668 0x1f6c  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:27:49.0668 0x1f6c  FontCache3.0.0.0 - ok
17:27:49.0699 0x1f6c  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:27:49.0715 0x1f6c  FsDepends - ok
17:27:49.0748 0x1f6c  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:27:49.0750 0x1f6c  Fs_Rec - ok
17:27:49.0772 0x1f6c  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:27:49.0788 0x1f6c  fvevol - ok
17:27:49.0803 0x1f6c  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:27:49.0803 0x1f6c  FxPPM - ok
17:27:49.0835 0x1f6c  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:27:49.0835 0x1f6c  gagp30kx - ok
17:27:49.0866 0x1f6c  [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
17:27:49.0882 0x1f6c  Garmin Core Update Service - ok
17:27:49.0913 0x1f6c  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:27:49.0913 0x1f6c  gencounter - ok
17:27:49.0944 0x1f6c  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:27:49.0944 0x1f6c  GPIOClx0101 - ok
17:27:50.0007 0x1f6c  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:27:50.0022 0x1f6c  gpsvc - ok
17:27:50.0069 0x1f6c  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:27:50.0069 0x1f6c  HDAudBus - ok
17:27:50.0100 0x1f6c  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:27:50.0100 0x1f6c  HidBatt - ok
17:27:50.0147 0x1f6c  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:27:50.0147 0x1f6c  HidBth - ok
17:27:50.0163 0x1f6c  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:27:50.0178 0x1f6c  hidi2c - ok
17:27:50.0210 0x1f6c  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:27:50.0210 0x1f6c  HidIr - ok
17:27:50.0241 0x1f6c  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:27:50.0257 0x1f6c  hidserv - ok
17:27:50.0272 0x1f6c  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:27:50.0272 0x1f6c  HidUsb - ok
17:27:50.0319 0x1f6c  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:27:50.0319 0x1f6c  hkmsvc - ok
17:27:50.0350 0x1f6c  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:27:50.0366 0x1f6c  HomeGroupListener - ok
17:27:50.0413 0x1f6c  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:27:50.0413 0x1f6c  HomeGroupProvider - ok
17:27:50.0444 0x1f6c  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:27:50.0444 0x1f6c  HpSAMD - ok
17:27:50.0507 0x1f6c  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:27:50.0538 0x1f6c  HTTP - ok
17:27:50.0569 0x1f6c  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:27:50.0569 0x1f6c  hwpolicy - ok
17:27:50.0632 0x1f6c  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:27:50.0632 0x1f6c  hyperkbd - ok
17:27:50.0647 0x1f6c  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:27:50.0647 0x1f6c  HyperVideo - ok
17:27:50.0690 0x1f6c  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:27:50.0690 0x1f6c  i8042prt - ok
17:27:50.0706 0x1f6c  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:27:50.0706 0x1f6c  iaLPSSi_GPIO - ok
17:27:50.0737 0x1f6c  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:27:50.0737 0x1f6c  iaLPSSi_I2C - ok
17:27:50.0768 0x0db4  Object send P2P result: true
17:27:50.0768 0x0db4  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
17:27:50.0809 0x1f6c  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:27:50.0825 0x1f6c  iaStorA - ok
17:27:50.0856 0x1f6c  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:27:50.0872 0x1f6c  iaStorAV - ok
17:27:50.0919 0x1f6c  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:27:50.0919 0x1f6c  IAStorDataMgrSvc - ok
17:27:50.0950 0x1f6c  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:27:50.0966 0x1f6c  iaStorV - ok
17:27:50.0997 0x1f6c  [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
17:27:50.0997 0x1f6c  iBtFltCoex - ok
17:27:50.0997 0x1f6c  IEEtwCollectorService - ok
17:27:51.0138 0x1f6c  [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:27:51.0200 0x1f6c  igfx - ok
17:27:51.0231 0x1f6c  [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:27:51.0231 0x1f6c  IJPLMSVC - ok
17:27:51.0278 0x1f6c  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:27:51.0294 0x1f6c  IKEEXT - ok
17:27:51.0325 0x1f6c  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:27:51.0325 0x1f6c  intaud_WaveExtensible - ok
17:27:51.0466 0x1f6c  [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:27:51.0528 0x1f6c  IntcAzAudAddService - ok
17:27:51.0575 0x1f6c  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:27:51.0575 0x1f6c  IntcDAud - ok
17:27:51.0622 0x1f6c  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:27:51.0638 0x1f6c  Intel(R) Capability Licensing Service Interface - ok
17:27:51.0684 0x1f6c  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:27:51.0716 0x1f6c  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:27:51.0774 0x1f6c  [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
17:27:51.0789 0x1f6c  Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
17:27:51.0831 0x1f6c  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:27:51.0831 0x1f6c  intelide - ok
17:27:51.0862 0x1f6c  [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory   C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
17:27:51.0862 0x1f6c  IntelliMemory - ok
17:27:51.0894 0x1f6c  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:27:51.0894 0x1f6c  intelpep - ok
17:27:51.0925 0x1f6c  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:27:51.0925 0x1f6c  intelppm - ok
17:27:51.0925 0x1f6c  [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs          C:\WINDOWS\system32\DRIVERS\intmfs.sys
17:27:51.0925 0x1f6c  intmfs - ok
17:27:51.0941 0x1f6c  [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd          C:\WINDOWS\system32\DRIVERS\intmsd.sys
17:27:51.0941 0x1f6c  intmsd - ok
17:27:51.0972 0x1f6c  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:27:51.0972 0x1f6c  IpFilterDriver - ok
17:27:52.0003 0x1dac  Object send P2P result: true
17:27:52.0003 0x1dac  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:27:52.0019 0x1f6c  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:27:52.0034 0x1f6c  iphlpsvc - ok
17:27:52.0081 0x1f6c  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:27:52.0081 0x1f6c  IPMIDRV - ok
17:27:52.0144 0x1f6c  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:27:52.0159 0x1f6c  IPNAT - ok
17:27:52.0175 0x1f6c  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:27:52.0175 0x1f6c  IRENUM - ok
17:27:52.0237 0x1f6c  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:27:52.0237 0x1f6c  isapnp - ok
17:27:52.0284 0x1f6c  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:27:52.0284 0x1f6c  iScsiPrt - ok
17:27:52.0378 0x1f6c  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
17:27:52.0394 0x1f6c  iumsvc - ok
17:27:52.0425 0x1f6c  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:27:52.0425 0x1f6c  iwdbus - ok
17:27:52.0472 0x1f6c  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:27:52.0472 0x1f6c  jhi_service - ok
17:27:52.0487 0x1f6c  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:27:52.0487 0x1f6c  kbdclass - ok
17:27:52.0519 0x1f6c  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:27:52.0534 0x1f6c  kbdhid - ok
17:27:52.0550 0x1f6c  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
17:27:52.0550 0x1f6c  kbldfltr - ok
17:27:52.0581 0x1f6c  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:27:52.0581 0x1f6c  kdnic - ok
17:27:52.0597 0x1f6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:27:52.0597 0x1f6c  KeyIso - ok
17:27:52.0644 0x1f6c  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:27:52.0644 0x1f6c  KSecDD - ok
17:27:52.0691 0x1f6c  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:27:52.0691 0x1f6c  KSecPkg - ok
17:27:52.0706 0x1f6c  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:27:52.0706 0x1f6c  ksthunk - ok
17:27:52.0737 0x1f6c  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:27:52.0737 0x1f6c  KtmRm - ok
17:27:52.0796 0x1f6c  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:27:52.0796 0x1f6c  LanmanServer - ok
17:27:52.0843 0x1f6c  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:27:52.0861 0x1f6c  LanmanWorkstation - ok
17:27:52.0917 0x1f6c  [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
17:27:52.0917 0x1f6c  launcherservice - ok
17:27:52.0963 0x1f6c  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:27:52.0963 0x1f6c  lfsvc - ok
17:27:52.0995 0x1f6c  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:27:52.0995 0x1f6c  lltdio - ok
17:27:53.0026 0x1f6c  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:27:53.0026 0x1f6c  lltdsvc - ok
17:27:53.0073 0x1f6c  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:27:53.0073 0x1f6c  lmhosts - ok
17:27:53.0120 0x1f6c  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:27:53.0135 0x1f6c  LMS - ok
17:27:53.0167 0x1f6c  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:27:53.0167 0x1f6c  LSI_SAS - ok
17:27:53.0182 0x1f6c  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:27:53.0198 0x1f6c  LSI_SAS2 - ok
17:27:53.0213 0x0db4  Object send P2P result: true
17:27:53.0213 0x0db4  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
17:27:53.0213 0x1f6c  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:27:53.0213 0x1f6c  LSI_SAS3 - ok
17:27:53.0229 0x1f6c  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:27:53.0229 0x1f6c  LSI_SSS - ok
17:27:53.0292 0x1f6c  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
17:27:53.0307 0x1f6c  LSM - ok
17:27:53.0338 0x1f6c  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:27:53.0338 0x1f6c  luafv - ok
17:27:53.0370 0x1f6c  [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
17:27:53.0370 0x1f6c  Mcx2Svc - ok
17:27:53.0417 0x1f6c  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:27:53.0432 0x1f6c  MDM - ok
17:27:53.0463 0x1f6c  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:27:53.0479 0x1f6c  megasas - ok
17:27:53.0495 0x1f6c  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:27:53.0510 0x1f6c  megasr - ok
17:27:53.0526 0x1f6c  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:27:53.0526 0x1f6c  MEIx64 - ok
17:27:53.0557 0x1f6c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:27:53.0557 0x1f6c  MMCSS - ok
17:27:53.0588 0x1f6c  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:27:53.0588 0x1f6c  Modem - ok
17:27:53.0604 0x1f6c  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:27:53.0604 0x1f6c  monitor - ok
17:27:53.0620 0x1f6c  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:27:53.0620 0x1f6c  mouclass - ok
17:27:53.0635 0x1f6c  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:27:53.0651 0x1f6c  mouhid - ok
17:27:53.0682 0x1f6c  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:27:53.0682 0x1f6c  mountmgr - ok
17:27:53.0729 0x1f6c  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:27:53.0745 0x1f6c  MozillaMaintenance - ok
17:27:53.0776 0x1f6c  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:27:53.0776 0x1f6c  mpsdrv - ok
17:27:53.0862 0x1f6c  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:27:53.0878 0x1f6c  MpsSvc - ok
17:27:53.0903 0x1f6c  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:27:53.0903 0x1f6c  MRxDAV - ok
17:27:53.0950 0x1f6c  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:27:53.0966 0x1f6c  mrxsmb - ok
17:27:53.0997 0x1f6c  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:27:54.0013 0x1f6c  mrxsmb10 - ok
17:27:54.0029 0x1f6c  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:27:54.0029 0x1f6c  mrxsmb20 - ok
17:27:54.0060 0x1f6c  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:27:54.0060 0x1f6c  MsBridge - ok
17:27:54.0107 0x1f6c  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:27:54.0107 0x1f6c  MSDTC - ok
17:27:54.0154 0x1f6c  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:27:54.0154 0x1f6c  Msfs - ok
17:27:54.0185 0x1f6c  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:27:54.0200 0x1f6c  msgpiowin32 - ok
17:27:54.0216 0x1f6c  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:27:54.0216 0x1f6c  mshidkmdf - ok
17:27:54.0232 0x1f6c  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:27:54.0232 0x1f6c  mshidumdf - ok
17:27:54.0247 0x1f6c  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:27:54.0247 0x1f6c  msisadrv - ok
17:27:54.0279 0x1f6c  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:27:54.0279 0x1f6c  MSiSCSI - ok
17:27:54.0294 0x1f6c  msiserver - ok
17:27:54.0325 0x1f6c  [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:27:54.0325 0x1f6c  MsKeyboardFilter - ok
17:27:54.0357 0x1f6c  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:27:54.0357 0x1f6c  MSKSSRV - ok
17:27:54.0388 0x1f6c  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:27:54.0388 0x1f6c  MsLldp - ok
17:27:54.0419 0x1f6c  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:27:54.0419 0x1f6c  MSPCLOCK - ok
17:27:54.0435 0x1dac  Object send P2P result: true
17:27:54.0450 0x1dac  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
17:27:54.0450 0x1f6c  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:27:54.0450 0x1f6c  MSPQM - ok
17:27:54.0482 0x1f6c  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:27:54.0497 0x1f6c  MsRPC - ok
17:27:54.0529 0x1f6c  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:27:54.0529 0x1f6c  mssmbios - ok
17:27:54.0591 0x1f6c  [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
17:27:54.0607 0x1f6c  MSSQL$SQLEXPRESS - ok
17:27:54.0622 0x1f6c  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:27:54.0622 0x1f6c  MSTEE - ok
17:27:54.0638 0x1f6c  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:27:54.0638 0x1f6c  MTConfig - ok
17:27:54.0669 0x1f6c  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:27:54.0685 0x1f6c  Mup - ok
17:27:54.0716 0x1f6c  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:27:54.0716 0x1f6c  mvumis - ok
17:27:54.0763 0x1f6c  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:27:54.0779 0x1f6c  MyWiFiDHCPDNS - ok
17:27:54.0831 0x1f6c  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:27:54.0839 0x1f6c  napagent - ok
17:27:54.0902 0x1f6c  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:27:54.0918 0x1f6c  NativeWifiP - ok
17:27:54.0959 0x1f6c  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:27:54.0975 0x1f6c  NAUpdate - ok
17:27:55.0006 0x1f6c  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:27:55.0022 0x1f6c  NcaSvc - ok
17:27:55.0053 0x1f6c  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:27:55.0053 0x1f6c  NcbService - ok
17:27:55.0069 0x1f6c  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:27:55.0084 0x1f6c  NcdAutoSetup - ok
17:27:55.0147 0x1f6c  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:27:55.0178 0x1f6c  NDIS - ok
17:27:55.0209 0x1f6c  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:27:55.0209 0x1f6c  NdisCap - ok
17:27:55.0241 0x1f6c  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:27:55.0241 0x1f6c  NdisImPlatform - ok
17:27:55.0256 0x1f6c  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:27:55.0256 0x1f6c  NdisTapi - ok
17:27:55.0288 0x1f6c  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:27:55.0303 0x1f6c  Ndisuio - ok
17:27:55.0319 0x1f6c  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:27:55.0319 0x1f6c  NdisVirtualBus - ok
17:27:55.0334 0x1f6c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0350 0x1f6c  NdisWan - ok
17:27:55.0366 0x1f6c  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:55.0366 0x1f6c  NdisWanLegacy - ok
17:27:55.0397 0x1f6c  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:27:55.0397 0x1f6c  NDProxy - ok
17:27:55.0444 0x1f6c  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:27:55.0444 0x1f6c  Ndu - ok
17:27:55.0491 0x1f6c  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:27:55.0491 0x1f6c  NetBIOS - ok
17:27:55.0538 0x1f6c  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:27:55.0553 0x1f6c  NetBT - ok
17:27:55.0553 0x1f6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:27:55.0569 0x1f6c  Netlogon - ok
17:27:55.0600 0x1f6c  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
17:27:55.0616 0x1f6c  Netman - ok
17:27:55.0647 0x0db4  Object send P2P result: true
17:27:55.0663 0x1f6c  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:27:55.0663 0x1f6c  netprofm - ok
17:27:55.0725 0x1f6c  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:27:55.0725 0x1f6c  NetTcpPortSharing - ok
17:27:55.0772 0x1f6c  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
17:27:55.0772 0x1f6c  netvsc - ok
17:27:55.0910 0x1f6c  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
17:27:55.0957 0x1f6c  NETwNe64 - ok
17:27:55.0988 0x1f6c  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:27:56.0003 0x1f6c  NlaSvc - ok
17:27:56.0092 0x1f6c  [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
17:27:56.0107 0x1f6c  NMIndexingService - ok
17:27:56.0139 0x1f6c  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:27:56.0139 0x1f6c  Npfs - ok
17:27:56.0170 0x1f6c  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:27:56.0170 0x1f6c  npsvctrig - ok
17:27:56.0201 0x1f6c  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:27:56.0201 0x1f6c  nsi - ok
17:27:56.0217 0x1f6c  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:27:56.0217 0x1f6c  nsiproxy - ok
17:27:56.0295 0x1f6c  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:27:56.0342 0x1f6c  Ntfs - ok
17:27:56.0373 0x1f6c  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:27:56.0373 0x1f6c  Null - ok
17:27:56.0654 0x1f6c  [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:27:56.0810 0x1f6c  nvlddmkm - ok
17:27:56.0873 0x1f6c  [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:27:56.0873 0x1f6c  nvpciflt - ok
17:27:56.0908 0x1dac  Object send P2P result: true
17:27:56.0914 0x1f6c  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:27:56.0930 0x1f6c  nvraid - ok
17:27:56.0946 0x1f6c  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:27:56.0946 0x1f6c  nvstor - ok
17:27:56.0977 0x1f6c  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:27:56.0977 0x1f6c  nv_agp - ok
17:27:57.0049 0x1f6c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:27:57.0065 0x1f6c  odserv - ok
17:27:57.0174 0x1f6c  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:27:57.0190 0x1f6c  Origin Client Service - ok
17:27:57.0221 0x1f6c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:57.0221 0x1f6c  ose - ok
17:27:57.0268 0x1f6c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:27:57.0268 0x1f6c  p2pimsvc - ok
17:27:57.0315 0x1f6c  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:27:57.0331 0x1f6c  p2psvc - ok
17:27:57.0346 0x1f6c  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:27:57.0346 0x1f6c  Parport - ok
17:27:57.0378 0x1f6c  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:27:57.0378 0x1f6c  partmgr - ok
17:27:57.0424 0x1f6c  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:27:57.0440 0x1f6c  PcaSvc - ok
17:27:57.0471 0x1f6c  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:27:57.0471 0x1f6c  pci - ok
17:27:57.0487 0x1f6c  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:27:57.0487 0x1f6c  pciide - ok
17:27:57.0503 0x1f6c  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:27:57.0503 0x1f6c  pcmcia - ok
17:27:57.0503 0x1f6c  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:27:57.0518 0x1f6c  pcw - ok
17:27:57.0549 0x1f6c  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:27:57.0549 0x1f6c  pdc - ok
17:27:57.0565 0x1f6c  [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc        C:\WINDOWS\system32\drivers\pe3ah4nc.sys
17:27:57.0565 0x1f6c  pe3ah4nc - ok
17:27:57.0612 0x1f6c  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:27:57.0628 0x1f6c  PEAUTH - ok
17:27:57.0721 0x1f6c  [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:27:57.0753 0x1f6c  PeerDistSvc - ok
17:27:57.0878 0x1f6c  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:27:57.0878 0x1f6c  PerfHost - ok
17:27:57.0965 0x1f6c  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
17:27:57.0981 0x1f6c  pla - ok
17:27:58.0012 0x1f6c  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:27:58.0028 0x1f6c  PlugPlay - ok
17:27:58.0059 0x1f6c  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:27:58.0059 0x1f6c  PNRPAutoReg - ok
17:27:58.0093 0x1f6c  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:27:58.0100 0x1f6c  PNRPsvc - ok
17:27:58.0132 0x1f6c  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:27:58.0132 0x1f6c  PolicyAgent - ok
17:27:58.0179 0x1f6c  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
17:27:58.0179 0x1f6c  Power - ok
17:27:58.0195 0x1f6c  pr2ah4nc - ok
17:27:58.0382 0x1f6c  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:27:58.0413 0x1f6c  PrintNotify - ok
17:27:58.0476 0x1f6c  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:27:58.0476 0x1f6c  Processor - ok
17:27:58.0523 0x1f6c  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:27:58.0523 0x1f6c  ProfSvc - ok
17:27:58.0554 0x1f6c  [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc        C:\WINDOWS\system32\drivers\ps6ah4nc.sys
17:27:58.0554 0x1f6c  ps6ah4nc - ok
17:27:58.0601 0x1f6c  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:27:58.0601 0x1f6c  Psched - ok
17:27:58.0632 0x1f6c  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:27:58.0648 0x1f6c  QWAVE - ok
17:27:58.0663 0x1f6c  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:27:58.0663 0x1f6c  QWAVEdrv - ok
17:27:58.0695 0x1f6c  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\WINDOWS\System32\drivers\RadioHIDMini.sys
17:27:58.0695 0x1f6c  RadioHIDMini - ok
17:27:58.0710 0x1f6c  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:27:58.0710 0x1f6c  RasAcd - ok
17:27:58.0741 0x1f6c  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:27:58.0757 0x1f6c  RasAuto - ok
17:27:58.0804 0x1f6c  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:27:58.0804 0x1f6c  RasMan - ok
17:27:58.0851 0x1f6c  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:27:58.0851 0x1f6c  RasPppoe - ok
17:27:58.0882 0x1f6c  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:27:58.0882 0x1f6c  rdbss - ok
17:27:58.0913 0x1f6c  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:27:58.0913 0x1f6c  rdpbus - ok
17:27:58.0945 0x1f6c  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:27:58.0945 0x1f6c  RDPDR - ok
17:27:58.0976 0x1f6c  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:27:58.0976 0x1f6c  RdpVideoMiniport - ok
17:27:59.0008 0x1f6c  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:27:59.0008 0x1f6c  rdyboost - ok
17:27:59.0054 0x1f6c  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:27:59.0070 0x1f6c  ReFS - ok
17:27:59.0175 0x1f6c  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:27:59.0175 0x1f6c  RegSrvc - ok
17:27:59.0221 0x1f6c  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:27:59.0237 0x1f6c  RemoteAccess - ok
17:27:59.0268 0x1f6c  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:27:59.0268 0x1f6c  RemoteRegistry - ok
17:27:59.0315 0x1f6c  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:27:59.0315 0x1f6c  RFCOMM - ok
17:27:59.0362 0x1f6c  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:27:59.0362 0x1f6c  RpcEptMapper - ok
17:27:59.0393 0x1f6c  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:27:59.0409 0x1f6c  RpcLocator - ok
17:27:59.0503 0x1f6c  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:27:59.0503 0x1f6c  RpcSs - ok
17:27:59.0550 0x1f6c  [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200        C:\WINDOWS\system32\DRIVERS\RsFx0200.sys
17:27:59.0550 0x1f6c  RsFx0200 - ok
17:27:59.0581 0x1f6c  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:27:59.0581 0x1f6c  rspndr - ok
17:27:59.0612 0x1f6c  [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:27:59.0628 0x1f6c  RTL8168 - ok
17:27:59.0643 0x1f6c  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:27:59.0643 0x1f6c  s3cap - ok
17:27:59.0675 0x1f6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
17:27:59.0675 0x1f6c  SamSs - ok
17:27:59.0800 0x1f6c  SBIOSIO - ok
17:27:59.0831 0x1f6c  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:27:59.0831 0x1f6c  sbp2port - ok
17:27:59.0862 0x1f6c  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:27:59.0878 0x1f6c  SCardSvr - ok
17:27:59.0909 0x1f6c  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:27:59.0909 0x1f6c  ScDeviceEnum - ok
17:27:59.0956 0x1f6c  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:27:59.0956 0x1f6c  scfilter - ok
17:28:00.0003 0x1f6c  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:28:00.0026 0x1f6c  Schedule - ok
17:28:00.0042 0x1f6c  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:28:00.0058 0x1f6c  SCPolicySvc - ok
17:28:00.0073 0x1f6c  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:28:00.0089 0x1f6c  sdbus - ok
17:28:00.0193 0x1f6c  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
17:28:00.0224 0x1f6c  SDScannerService - ok
17:28:00.0255 0x1f6c  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:28:00.0255 0x1f6c  sdstor - ok
17:28:00.0365 0x1f6c  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:28:00.0380 0x1f6c  SDUpdateService - ok
17:28:00.0412 0x1f6c  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:28:00.0412 0x1f6c  SDWSCService - ok
17:28:00.0443 0x1f6c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:28:00.0443 0x1f6c  secdrv - ok
17:28:00.0474 0x1f6c  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:28:00.0474 0x1f6c  seclogon - ok
17:28:00.0505 0x1f6c  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
17:28:00.0505 0x1f6c  SENS - ok
17:28:00.0552 0x1f6c  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:28:00.0552 0x1f6c  SensrSvc - ok
17:28:00.0584 0x1f6c  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:28:00.0584 0x1f6c  SerCx - ok
17:28:00.0615 0x1f6c  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:28:00.0630 0x1f6c  SerCx2 - ok
17:28:00.0646 0x1f6c  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:28:00.0646 0x1f6c  Serenum - ok
17:28:00.0662 0x1f6c  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:28:00.0662 0x1f6c  Serial - ok
17:28:00.0693 0x1f6c  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:28:00.0693 0x1f6c  sermouse - ok
17:28:00.0740 0x1f6c  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:28:00.0756 0x1f6c  SessionEnv - ok
17:28:00.0802 0x1f6c  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:28:00.0802 0x1f6c  sfloppy - ok
17:28:00.0834 0x1f6c  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:28:00.0834 0x1f6c  SharedAccess - ok
17:28:00.0881 0x1f6c  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:28:00.0881 0x1f6c  ShellHWDetection - ok
17:28:00.0912 0x1f6c  [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm        C:\WINDOWS\system32\DRIVERS\silabenm.sys
17:28:00.0912 0x1f6c  silabenm - ok
17:28:00.0927 0x1f6c  [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser        C:\WINDOWS\system32\DRIVERS\silabser.sys
17:28:00.0943 0x1f6c  silabser - ok
17:28:00.0959 0x1f6c  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:28:00.0959 0x1f6c  SiSRaid2 - ok
17:28:00.0974 0x1f6c  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:28:00.0974 0x1f6c  SiSRaid4 - ok
17:28:01.0006 0x1f6c  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
17:28:01.0021 0x1f6c  smphost - ok
17:28:01.0037 0x1f6c  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:28:01.0037 0x1f6c  SNMPTRAP - ok
17:28:01.0079 0x1f6c  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:28:01.0095 0x1f6c  spaceport - ok
17:28:01.0110 0x1f6c  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:28:01.0110 0x1f6c  SpbCx - ok
17:28:01.0183 0x1f6c  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:28:01.0183 0x1f6c  Spooler - ok
17:28:01.0371 0x1f6c  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:28:01.0464 0x1f6c  sppsvc - ok
17:28:01.0574 0x1f6c  [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:28:01.0574 0x1f6c  SQLAgent$SQLEXPRESS - ok
17:28:01.0668 0x1f6c  [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:28:01.0668 0x1f6c  SQLBrowser - ok
17:28:01.0683 0x1f6c  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:28:01.0683 0x1f6c  SQLWriter - ok
17:28:01.0730 0x1f6c  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:28:01.0746 0x1f6c  srv - ok
17:28:01.0777 0x1f6c  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:28:01.0793 0x1f6c  srv2 - ok
17:28:01.0808 0x1f6c  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:28:01.0808 0x1f6c  srvnet - ok
17:28:01.0839 0x1f6c  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:28:01.0855 0x1f6c  SSDPSRV - ok
17:28:01.0886 0x1f6c  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:28:01.0902 0x1f6c  SstpSvc - ok
17:28:01.0918 0x1f6c  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:28:01.0918 0x1f6c  ssudmdm - ok
17:28:02.0043 0x1f6c  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:28:02.0058 0x1f6c  ss_conn_service - ok
17:28:02.0095 0x1f6c  [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver        C:\WINDOWS\system32\DRIVERS\stdriverx64.sys
17:28:02.0096 0x1f6c  stdriver - ok
17:28:02.0146 0x1f6c  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:28:02.0161 0x1f6c  Steam Client Service - ok
17:28:02.0203 0x1f6c  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:28:02.0203 0x1f6c  stexstor - ok
17:28:02.0250 0x1f6c  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:28:02.0250 0x1f6c  stisvc - ok
17:28:02.0266 0x1f6c  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:28:02.0266 0x1f6c  storahci - ok
17:28:02.0297 0x1f6c  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:28:02.0297 0x1f6c  storflt - ok
17:28:02.0329 0x1f6c  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:28:02.0329 0x1f6c  stornvme - ok
17:28:02.0360 0x1f6c  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:28:02.0360 0x1f6c  StorSvc - ok
17:28:02.0391 0x1f6c  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:28:02.0407 0x1f6c  storvsc - ok
17:28:02.0438 0x1f6c  [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
17:28:02.0438 0x1f6c  storvsp - ok
17:28:02.0485 0x1f6c  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:28:02.0485 0x1f6c  svsvc - ok
17:28:02.0532 0x1f6c  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:28:02.0532 0x1f6c  swenum - ok
17:28:02.0672 0x1f6c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:28:02.0688 0x1f6c  SwitchBoard - ok
17:28:02.0735 0x1f6c  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
17:28:02.0750 0x1f6c  swprv - ok
17:28:02.0829 0x1f6c  SWUpdateService - ok
17:28:02.0891 0x1f6c  [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:28:02.0907 0x1f6c  SynTP - ok
17:28:02.0969 0x1f6c  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:28:02.0985 0x1f6c  SysMain - ok
17:28:03.0016 0x1f6c  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:28:03.0016 0x1f6c  SystemEventsBroker - ok
17:28:03.0047 0x1f6c  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:28:03.0047 0x1f6c  TabletInputService - ok
17:28:03.0079 0x1f6c  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:28:03.0094 0x1f6c  TapiSrv - ok
17:28:03.0187 0x1f6c  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:28:03.0218 0x1f6c  Tcpip - ok
17:28:03.0384 0x1f6c  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:28:03.0415 0x1f6c  TCPIP6 - ok
17:28:03.0431 0x1f6c  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:28:03.0431 0x1f6c  tcpipreg - ok
17:28:03.0478 0x1f6c  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:28:03.0478 0x1f6c  tdx - ok
17:28:03.0509 0x1f6c  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:28:03.0509 0x1f6c  terminpt - ok
17:28:03.0572 0x1f6c  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:28:03.0587 0x1f6c  TermService - ok
17:28:03.0619 0x1f6c  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
17:28:03.0634 0x1f6c  Themes - ok
17:28:03.0650 0x1f6c  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:28:03.0650 0x1f6c  THREADORDER - ok
17:28:03.0665 0x1f6c  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:28:03.0681 0x1f6c  TimeBroker - ok
17:28:03.0712 0x1f6c  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:28:03.0712 0x1f6c  TPM - ok
17:28:03.0744 0x1f6c  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:28:03.0744 0x1f6c  TrkWks - ok
17:28:03.0806 0x1f6c  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:28:03.0822 0x1f6c  TrustedInstaller - ok
17:28:03.0853 0x1f6c  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:28:03.0853 0x1f6c  TsUsbFlt - ok
17:28:03.0884 0x1f6c  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:28:03.0884 0x1f6c  TsUsbGD - ok
17:28:03.0931 0x1f6c  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:28:03.0931 0x1f6c  tunnel - ok
17:28:03.0962 0x1f6c  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:28:03.0962 0x1f6c  uagp35 - ok
17:28:03.0994 0x1f6c  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:28:03.0994 0x1f6c  UASPStor - ok
17:28:04.0041 0x1f6c  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:28:04.0056 0x1f6c  UCX01000 - ok
17:28:04.0119 0x1f6c  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:28:04.0119 0x1f6c  udfs - ok
17:28:04.0134 0x1f6c  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:28:04.0134 0x1f6c  UEFI - ok
17:28:04.0177 0x1f6c  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:28:04.0193 0x1f6c  UI0Detect - ok
17:28:04.0208 0x1f6c  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:28:04.0208 0x1f6c  uliagpkx - ok
17:28:04.0240 0x1f6c  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:28:04.0240 0x1f6c  umbus - ok
17:28:04.0281 0x1f6c  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:28:04.0281 0x1f6c  UmPass - ok
17:28:04.0328 0x1f6c  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:28:04.0328 0x1f6c  UmRdpService - ok
17:28:04.0375 0x1f6c  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:28:04.0391 0x1f6c  upnphost - ok
17:28:04.0438 0x1f6c  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:28:04.0438 0x1f6c  usbccgp - ok
17:28:04.0484 0x1f6c  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:28:04.0484 0x1f6c  usbcir - ok
17:28:04.0531 0x1f6c  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:28:04.0531 0x1f6c  usbehci - ok
17:28:04.0578 0x1f6c  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:28:04.0594 0x1f6c  usbhub - ok
17:28:04.0609 0x1f6c  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:28:04.0625 0x1f6c  USBHUB3 - ok
17:28:04.0641 0x1f6c  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:28:04.0641 0x1f6c  usbohci - ok
17:28:04.0672 0x1f6c  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:28:04.0688 0x1f6c  usbprint - ok
17:28:04.0719 0x1f6c  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\System32\drivers\usbscan.sys
17:28:04.0719 0x1f6c  usbscan - ok
17:28:04.0766 0x1f6c  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:28:04.0766 0x1f6c  USBSTOR - ok
17:28:04.0797 0x1f6c  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:28:04.0797 0x1f6c  usbuhci - ok
17:28:04.0844 0x1f6c  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:28:04.0844 0x1f6c  usbvideo - ok
17:28:04.0875 0x1f6c  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:28:04.0875 0x1f6c  USBXHCI - ok
17:28:04.0922 0x1f6c  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:28:04.0922 0x1f6c  VaultSvc - ok
17:28:04.0953 0x1f6c  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:28:04.0953 0x1f6c  vdrvroot - ok
         

Alt 08.01.2016, 19:29   #7
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Teil 2
Code:
ATTFilter
17:28:05.0000 0x1f6c  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
17:28:05.0031 0x1f6c  vds - ok
17:28:05.0047 0x1f6c  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:28:05.0063 0x1f6c  VerifierExt - ok
17:28:05.0094 0x1f6c  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:28:05.0109 0x1f6c  vhdmp - ok
17:28:05.0141 0x1f6c  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:28:05.0141 0x1f6c  viaide - ok
17:28:05.0156 0x1f6c  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
17:28:05.0156 0x1f6c  Vid - ok
17:28:05.0206 0x1f6c  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:28:05.0211 0x1f6c  vmbus - ok
17:28:05.0216 0x1f6c  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:28:05.0231 0x1f6c  VMBusHID - ok
17:28:05.0263 0x1f6c  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
17:28:05.0263 0x1f6c  vmbusr - ok
17:28:05.0320 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:28:05.0336 0x1f6c  vmicguestinterface - ok
17:28:05.0351 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:28:05.0367 0x1f6c  vmicheartbeat - ok
17:28:05.0382 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:28:05.0398 0x1f6c  vmickvpexchange - ok
17:28:05.0414 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:28:05.0414 0x1f6c  vmicrdv - ok
17:28:05.0429 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:28:05.0445 0x1f6c  vmicshutdown - ok
17:28:05.0445 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:28:05.0461 0x1f6c  vmictimesync - ok
17:28:05.0476 0x1f6c  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:28:05.0476 0x1f6c  vmicvss - ok
17:28:05.0508 0x1f6c  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:28:05.0508 0x1f6c  volmgr - ok
17:28:05.0523 0x1f6c  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:28:05.0523 0x1f6c  volmgrx - ok
17:28:05.0554 0x1f6c  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:28:05.0554 0x1f6c  volsnap - ok
17:28:05.0570 0x1f6c  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:28:05.0586 0x1f6c  vpci - ok
17:28:05.0617 0x1f6c  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
17:28:05.0617 0x1f6c  vpcivsp - ok
17:28:05.0664 0x1f6c  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:28:05.0664 0x1f6c  vsmraid - ok
17:28:05.0742 0x1f6c  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:28:05.0758 0x1f6c  VSS - ok
17:28:05.0789 0x1f6c  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:28:05.0789 0x1f6c  VSTXRAID - ok
17:28:05.0851 0x1f6c  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:28:05.0851 0x1f6c  vwifibus - ok
17:28:05.0898 0x1f6c  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:28:05.0898 0x1f6c  vwififlt - ok
17:28:05.0914 0x1f6c  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:28:05.0914 0x1f6c  vwifimp - ok
17:28:05.0961 0x1f6c  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
17:28:05.0976 0x1f6c  W32Time - ok
17:28:05.0992 0x1f6c  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:28:05.0992 0x1f6c  WacomPen - ok
17:28:06.0070 0x1f6c  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:28:06.0086 0x1f6c  wbengine - ok
17:28:06.0101 0x1f6c  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:28:06.0117 0x1f6c  WbioSrvc - ok
17:28:06.0164 0x1f6c  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:28:06.0164 0x1f6c  Wcmsvc - ok
17:28:06.0211 0x1f6c  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:28:06.0211 0x1f6c  wcncsvc - ok
17:28:06.0247 0x1f6c  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:28:06.0250 0x1f6c  WcsPlugInService - ok
17:28:06.0282 0x1f6c  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:28:06.0282 0x1f6c  WdBoot - ok
17:28:06.0329 0x1f6c  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:28:06.0329 0x1f6c  Wdf01000 - ok
17:28:06.0356 0x1f6c  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:28:06.0356 0x1f6c  WdFilter - ok
17:28:06.0387 0x1f6c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:28:06.0387 0x1f6c  WdiServiceHost - ok
17:28:06.0402 0x1f6c  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:28:06.0402 0x1f6c  WdiSystemHost - ok
17:28:06.0434 0x1f6c  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:28:06.0434 0x1f6c  WdNisDrv - ok
17:28:06.0465 0x1f6c  WdNisSvc - ok
17:28:06.0512 0x1f6c  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:28:06.0512 0x1f6c  WebClient - ok
17:28:06.0559 0x1f6c  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:28:06.0559 0x1f6c  Wecsvc - ok
17:28:06.0590 0x1f6c  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:28:06.0590 0x1f6c  WEPHOSTSVC - ok
17:28:06.0637 0x1f6c  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:28:06.0637 0x1f6c  wercplsupport - ok
17:28:06.0684 0x1f6c  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:28:06.0684 0x1f6c  WerSvc - ok
17:28:06.0731 0x1f6c  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:28:06.0731 0x1f6c  WFPLWFS - ok
17:28:06.0777 0x1f6c  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:28:06.0777 0x1f6c  WiaRpc - ok
17:28:06.0793 0x1f6c  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:28:06.0793 0x1f6c  WIMMount - ok
17:28:06.0793 0x1f6c  WinDefend - ok
17:28:06.0856 0x1f6c  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:28:06.0871 0x1f6c  WinHttpAutoProxySvc - ok
17:28:06.0934 0x1f6c  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:28:06.0949 0x1f6c  Winmgmt - ok
17:28:07.0059 0x1f6c  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:28:07.0090 0x1f6c  WinRM - ok
17:28:07.0137 0x1f6c  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
17:28:07.0137 0x1f6c  WinUsb - ok
17:28:07.0215 0x1f6c  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:28:07.0246 0x1f6c  WlanSvc - ok
17:28:07.0288 0x1f6c  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:28:07.0307 0x1f6c  wlidsvc - ok
17:28:07.0338 0x1f6c  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:28:07.0338 0x1f6c  WmiAcpi - ok
17:28:07.0395 0x1f6c  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:28:07.0395 0x1f6c  wmiApSrv - ok
17:28:07.0426 0x1f6c  WMPNetworkSvc - ok
17:28:07.0458 0x1f6c  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:28:07.0473 0x1f6c  Wof - ok
17:28:07.0567 0x1f6c  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:28:07.0583 0x1f6c  workfolderssvc - ok
17:28:07.0629 0x1f6c  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:28:07.0629 0x1f6c  wpcfltr - ok
17:28:07.0661 0x1f6c  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:28:07.0661 0x1f6c  WPCSvc - ok
17:28:07.0708 0x1f6c  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:28:07.0708 0x1f6c  WPDBusEnum - ok
17:28:07.0755 0x1f6c  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:28:07.0755 0x1f6c  WpdUpFltr - ok
17:28:07.0770 0x1f6c  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:28:07.0770 0x1f6c  ws2ifsl - ok
17:28:07.0817 0x1f6c  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:28:07.0817 0x1f6c  wscsvc - ok
17:28:07.0833 0x1f6c  WSearch - ok
17:28:07.0958 0x1f6c  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
17:28:08.0004 0x1f6c  WSService - ok
17:28:08.0145 0x1f6c  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:28:08.0192 0x1f6c  wuauserv - ok
17:28:08.0239 0x1f6c  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:28:08.0239 0x1f6c  WudfPf - ok
17:28:08.0255 0x1f6c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:28:08.0255 0x1f6c  WUDFRd - ok
17:28:08.0270 0x1f6c  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:28:08.0286 0x1f6c  wudfsvc - ok
17:28:08.0286 0x1f6c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
17:28:08.0286 0x1f6c  WUDFWpdFs - ok
17:28:08.0301 0x1f6c  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
17:28:08.0301 0x1f6c  WUDFWpdMtp - ok
17:28:08.0344 0x1f6c  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:28:08.0360 0x1f6c  WwanSvc - ok
17:28:08.0605 0x1f6c  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:28:08.0636 0x1f6c  ZeroConfigService - ok
17:28:08.0652 0x1f6c  ================ Scan global ===============================
17:28:08.0714 0x1f6c  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
17:28:08.0761 0x1f6c  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
17:28:08.0808 0x1f6c  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
17:28:08.0839 0x1f6c  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
17:28:08.0855 0x1f6c  [ Global ] - ok
17:28:08.0855 0x1f6c  ================ Scan MBR ==================================
17:28:08.0855 0x1f6c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:28:08.0870 0x1f6c  \Device\Harddisk0\DR0 - ok
17:28:08.0870 0x1f6c  ================ Scan VBR ==================================
17:28:08.0870 0x1f6c  [ 7591C3862CADEFC04C7FCFF91AA2C5C7 ] \Device\Harddisk0\DR0\Partition1
17:28:08.0870 0x1f6c  \Device\Harddisk0\DR0\Partition1 - ok
17:28:08.0886 0x1f6c  [ D66E2EC064BEFC56862FCB5063933E22 ] \Device\Harddisk0\DR0\Partition2
17:28:08.0902 0x1f6c  \Device\Harddisk0\DR0\Partition2 - ok
17:28:08.0917 0x1f6c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:28:08.0917 0x1f6c  \Device\Harddisk0\DR0\Partition3 - ok
17:28:08.0917 0x1f6c  [ 376F1F914B9D8318E56AB9C0C37963CE ] \Device\Harddisk0\DR0\Partition4
17:28:08.0933 0x1f6c  \Device\Harddisk0\DR0\Partition4 - ok
17:28:08.0949 0x1f6c  [ 11546C81A511B20E2D20AAA226B037E0 ] \Device\Harddisk0\DR0\Partition5
17:28:08.0964 0x1f6c  \Device\Harddisk0\DR0\Partition5 - ok
17:28:08.0980 0x1f6c  [ EF3872155CE4634557AEC8EA5A26773D ] \Device\Harddisk0\DR0\Partition6
17:28:08.0995 0x1f6c  \Device\Harddisk0\DR0\Partition6 - ok
17:28:09.0027 0x1f6c  [ 9101D1594FA0E7022403F0B7804242D6 ] \Device\Harddisk0\DR0\Partition7
17:28:09.0042 0x1f6c  \Device\Harddisk0\DR0\Partition7 - ok
17:28:09.0058 0x1f6c  [ 0A7DE69C0DC6CDE894E8366DF4E5352C ] \Device\Harddisk0\DR0\Partition8
17:28:09.0058 0x1f6c  \Device\Harddisk0\DR0\Partition8 - ok
17:28:09.0058 0x1f6c  ================ Scan generic autorun ======================
17:28:09.0105 0x1f6c  [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe
17:28:09.0105 0x1f6c  IgfxTray - ok
17:28:09.0136 0x1f6c  [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe
17:28:09.0152 0x1f6c  HotKeysCmds - ok
17:28:09.0167 0x1f6c  [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe
17:28:09.0183 0x1f6c  Persistence - ok
17:28:09.0308 0x1f6c  [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
17:28:09.0368 0x1f6c  CanonMyPrinter - ok
17:28:09.0415 0x1f6c  [ 605BB2B2A2171D3F5748F4919E80E6C7, 4EBAAE4E2122048603D058C83E32C56F64F8FB9E7B9BB2F83E659BFFD7CB12EE ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
17:28:09.0430 0x1f6c  CanonSolutionMenu - ok
17:28:09.0471 0x1f6c  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
17:28:09.0471 0x1f6c  AdobeAAMUpdater-1.0 - ok
17:28:09.0550 0x1f6c  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:28:09.0550 0x1f6c  IAStorIcon - ok
17:28:09.0925 0x1f6c  [ 3639BEC808929AA13974D420D4C609F8, 2BCAB4AC5F493D71B9CBADDA0DF8C018C526F06A956D4A140F7BD4531371290D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:28:10.0253 0x1f6c  RtHDVCpl - ok
17:28:10.0315 0x1f6c  [ 690051005AED736DA0F5DD40DA5937DB, FA3CD1CF50EFEE6AAFCAAC4D3FE6699ADB2BD7DCC497CA994AAABD8B45B157E0 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
17:28:10.0331 0x1f6c  Autodesk Sync - ok
17:28:10.0331 0x1f6c  SynTPEnh - ok
17:28:10.0398 0x1f6c  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
17:28:10.0401 0x1f6c  CLMLServer_For_P2G8 - ok
17:28:10.0419 0x1f6c  [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
17:28:10.0419 0x1f6c  CLVirtualDrive - ok
17:28:10.0465 0x1f6c  [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
17:28:10.0465 0x1f6c  RemoteControl10 - ok
17:28:10.0554 0x1f6c  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
17:28:10.0569 0x1f6c  Intel AppUp(SM) center - ok
17:28:10.0648 0x1f6c  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:28:10.0663 0x1f6c  avgnt - ok
17:28:10.0695 0x1f6c  [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:28:10.0695 0x1f6c  SunJavaUpdateSched - ok
17:28:10.0757 0x1f6c  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:28:10.0788 0x1f6c  SwitchBoard - ok
17:28:10.0866 0x1f6c  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
17:28:10.0882 0x1f6c  AdobeCS6ServiceManager - ok
17:28:10.0991 0x1f6c  [ E4EFC2CDC71E0698CB81A4D60C3FADFF, 0278452E7FE903053A470EFA0C7813E9C43517EC0C8C9E42C5A9A3C99146D06B ] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
17:28:11.0023 0x1f6c  IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
17:28:11.0179 0x1f6c  [ F6B7C701F4AA5F7BBEC8F4BEA47100E2, E04CA6F629693CFAA1632A7B7DD877BDF80133853DC7C9B40D5865B9C196B5E8 ] C:\Program Files (x86)\Origin\Origin.exe
17:28:11.0241 0x1f6c  EADM - ok
17:28:11.0351 0x1f6c  [ 564CB6EACE4064BB4C7815435D035D6A, 19438A697F589598AAF88D80CC7B51AC832FED9BD2088299C43FAF520854AA42 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
17:28:11.0382 0x1f6c  GarminExpressTrayApp - ok
17:28:11.0443 0x1f6c  [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
17:28:11.0443 0x1f6c  AutoStartNPSAgent - ok
17:28:11.0522 0x1f6c  [ F120335CFD86E98967AD5F77905E981D, B401356E48B649070E733F57CBF7092522D5ACE348856EFAE1AA92F7C11DADDB ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
17:28:11.0547 0x1f6c  KiesPreload - ok
17:28:11.0578 0x1f6c  [ B349B9F81A073CC3774CE2130310C477, 16DEC5F9D329E72BDB6CE704C3C81ADA7ABEE5BC72FE589F1BAAFD0B63D8AB3C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
17:28:11.0578 0x1f6c  phonostar-PlayerTimer - ok
17:28:11.0735 0x1f6c  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\Steam.exe
17:28:11.0782 0x1f6c  Steam - ok
17:28:11.0860 0x1f6c  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:28:11.0891 0x1f6c  SpybotPostWindows10UpgradeReInstall - ok
17:28:12.0063 0x1f6c  [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe
17:28:12.0110 0x1f6c  Spybot-S&D Cleaning - ok
17:28:12.0297 0x1f6c  [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe
17:28:12.0313 0x1f6c  FlashPlayerUpdate - ok
17:28:12.0313 0x1f6c  Waiting for KSN requests completion. In queue: 121
17:28:13.0335 0x1f6c  Waiting for KSN requests completion. In queue: 121
17:28:14.0343 0x1f6c  Waiting for KSN requests completion. In queue: 121
17:28:15.0363 0x1f6c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
17:28:15.0363 0x1f6c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
17:28:15.0363 0x1f6c  Win FW state via NFP2: enabled ( trusted )
17:28:17.0762 0x1f6c  ============================================================
17:28:17.0762 0x1f6c  Scan finished
17:28:17.0762 0x1f6c  ============================================================
17:28:17.0772 0x0e9c  Detected object count: 0
17:28:17.0772 0x0e9c  Actual detected object count: 0
17:30:11.0440 0x18dc  ============================================================
17:30:11.0440 0x18dc  Scan started
17:30:11.0440 0x18dc  Mode: Manual; SigCheck; TDLFS; 
17:30:11.0440 0x18dc  ============================================================
17:30:11.0440 0x18dc  KSN ping started
17:30:13.0782 0x18dc  KSN ping finished: true
17:30:14.0351 0x18dc  ================ Scan system memory ========================
17:30:14.0351 0x18dc  System memory - ok
17:30:14.0366 0x18dc  ================ Scan services =============================
17:30:14.0554 0x18dc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:30:14.0601 0x18dc  1394ohci - ok
17:30:14.0616 0x18dc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:30:14.0632 0x18dc  3ware - ok
17:30:14.0663 0x18dc  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\WINDOWS\system32\drivers\acedrv11.sys
17:30:14.0679 0x18dc  acedrv11 - ok
17:30:14.0726 0x18dc  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:30:14.0741 0x18dc  ACPI - ok
17:30:14.0741 0x18dc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:30:14.0757 0x18dc  acpiex - ok
17:30:14.0788 0x18dc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:30:14.0788 0x18dc  acpipagr - ok
17:30:14.0819 0x18dc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:30:14.0835 0x18dc  AcpiPmi - ok
17:30:14.0855 0x18dc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:30:14.0861 0x18dc  acpitime - ok
17:30:14.0940 0x18dc  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:30:14.0962 0x18dc  AdobeARMservice - ok
17:30:15.0091 0x18dc  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:30:15.0106 0x18dc  AdobeFlashPlayerUpdateSvc - ok
17:30:15.0184 0x18dc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:30:15.0200 0x18dc  ADP80XX - ok
17:30:15.0231 0x18dc  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:30:15.0262 0x18dc  AeLookupSvc - ok
17:30:15.0294 0x18dc  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:30:15.0325 0x18dc  AFD - ok
17:30:15.0341 0x18dc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:30:15.0356 0x18dc  agp440 - ok
17:30:15.0387 0x18dc  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:30:15.0387 0x18dc  ahcache - ok
17:30:15.0434 0x18dc  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
17:30:15.0434 0x18dc  ALG - ok
17:30:15.0466 0x18dc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:30:15.0481 0x18dc  AmdK8 - ok
17:30:15.0497 0x18dc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:30:15.0512 0x18dc  AmdPPM - ok
17:30:15.0528 0x18dc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:30:15.0528 0x18dc  amdsata - ok
17:30:15.0544 0x18dc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:30:15.0559 0x18dc  amdsbs - ok
17:30:15.0575 0x18dc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:30:15.0575 0x18dc  amdxata - ok
17:30:15.0622 0x18dc  [ FB88245C1815EB1588DBC364A8D24522, 8DF136DE523EB39199FC993C48D850AD5B57FD9808B778FEF77FDC737F1A0026 ] AMPPAL          C:\WINDOWS\System32\drivers\AMPPAL.sys
17:30:15.0622 0x18dc  AMPPAL - ok
17:30:15.0716 0x18dc  [ A73CEA1B1B0A4F6D10BFD3B9AD9DC5F9, A2A4C8FA566BE06A64A34DEBF2647AA40B31BEBA677D548CAE3100EF20632EB7 ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
17:30:15.0747 0x18dc  AMPPALR3 - ok
17:30:15.0856 0x18dc  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:30:15.0872 0x18dc  AntiVirMailService - ok
17:30:15.0872 0x18dc  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
17:30:18.0516 0x18dc  Object send P2P result: true
17:30:18.0594 0x18dc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:30:18.0609 0x18dc  AntiVirSchedulerService - ok
17:30:18.0609 0x18dc  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
17:30:21.0041 0x18dc  Object send P2P result: true
17:30:21.0099 0x18dc  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:30:21.0131 0x18dc  AntiVirService - ok
17:30:21.0131 0x18dc  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
17:30:23.0557 0x18dc  Object send P2P result: true
17:30:23.0651 0x18dc  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:30:23.0682 0x18dc  AntiVirWebService - ok
17:30:23.0682 0x18dc  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
17:30:26.0108 0x18dc  Object send P2P result: true
17:30:26.0171 0x18dc  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:30:26.0202 0x18dc  AppID - ok
17:30:26.0218 0x18dc  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:30:26.0249 0x18dc  AppIDSvc - ok
17:30:26.0289 0x18dc  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:30:26.0305 0x18dc  Appinfo - ok
17:30:26.0352 0x18dc  [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:30:26.0378 0x18dc  AppMgmt - ok
17:30:26.0394 0x18dc  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:30:26.0409 0x18dc  AppReadiness - ok
17:30:26.0472 0x18dc  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:30:26.0503 0x18dc  AppXSvc - ok
17:30:26.0550 0x18dc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:30:26.0550 0x18dc  arcsas - ok
17:30:26.0566 0x18dc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:30:26.0597 0x18dc  atapi - ok
17:30:26.0628 0x18dc  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:30:26.0644 0x18dc  AudioEndpointBuilder - ok
17:30:26.0706 0x18dc  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:30:26.0722 0x18dc  Audiosrv - ok
17:30:26.0784 0x18dc  [ F431DC5D94F4B2FDBC927655D8A9B10E, FA16A95E5B83D08F0FD76FDAB03FC7CD4B6917BFE15F2F1D9F3B781F6A1888D8 ] Autodesk Content Service C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
17:30:26.0800 0x18dc  Autodesk Content Service - ok
17:30:26.0862 0x18dc  [ EA2D28BBE98256654397CD1F6EAEBDD8, 97BBE5A2C9F2AE4675E6652AD79B1FCAEA76064FB37DBF238947ACA81D3017DF ] Autodesk Licensing Service C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
17:30:26.0878 0x18dc  Autodesk Licensing Service - ok
17:30:26.0909 0x18dc  [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
17:30:26.0925 0x18dc  avgntflt - ok
17:30:26.0956 0x18dc  [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
17:30:26.0972 0x18dc  avipbb - ok
17:30:26.0972 0x18dc  Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
17:30:29.0401 0x18dc  Object send P2P result: true
17:30:29.0448 0x18dc  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
17:30:29.0480 0x18dc  Avira.ServiceHost - ok
17:30:29.0480 0x18dc  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
17:30:31.0924 0x18dc  Object send P2P result: true
17:30:31.0971 0x18dc  [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
17:30:31.0986 0x18dc  avkmgr - ok
17:30:32.0018 0x18dc  [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
17:30:32.0033 0x18dc  avnetflt - ok
17:30:32.0033 0x18dc  Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
17:30:34.0484 0x18dc  Object send P2P result: true
17:30:34.0531 0x18dc  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:30:34.0562 0x18dc  AxInstSV - ok
17:30:34.0590 0x18dc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:30:34.0621 0x18dc  b06bdrv - ok
17:30:34.0637 0x18dc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:30:34.0637 0x18dc  BasicDisplay - ok
17:30:34.0678 0x18dc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:30:34.0693 0x18dc  BasicRender - ok
17:30:34.0693 0x18dc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:30:34.0709 0x18dc  bcmfn2 - ok
17:30:34.0740 0x18dc  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:30:34.0756 0x18dc  BDESVC - ok
17:30:34.0771 0x18dc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:30:34.0803 0x18dc  Beep - ok
17:30:34.0850 0x18dc  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
17:30:34.0881 0x18dc  BFE - ok
17:30:34.0959 0x18dc  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:30:34.0975 0x18dc  BITS - ok
17:30:35.0100 0x18dc  [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
17:30:35.0131 0x18dc  Bluetooth Device Monitor - ok
17:30:35.0162 0x18dc  [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
17:30:35.0193 0x18dc  Bluetooth OBEX Service - ok
17:30:35.0225 0x18dc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:30:35.0240 0x18dc  bowser - ok
17:30:35.0271 0x18dc  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:30:35.0303 0x18dc  BrokerInfrastructure - ok
17:30:35.0350 0x18dc  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
17:30:35.0381 0x18dc  Browser - ok
17:30:35.0396 0x18dc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:30:35.0412 0x18dc  BthAvrcpTg - ok
17:30:35.0459 0x18dc  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:30:35.0475 0x18dc  BthEnum - ok
17:30:35.0506 0x18dc  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:30:35.0506 0x18dc  BthHFEnum - ok
17:30:35.0537 0x18dc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:30:35.0553 0x18dc  bthhfhid - ok
17:30:35.0612 0x18dc  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:30:35.0643 0x18dc  BthHFSrv - ok
17:30:35.0690 0x18dc  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:30:35.0714 0x18dc  BthLEEnum - ok
17:30:35.0748 0x18dc  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:30:35.0748 0x18dc  BTHMODEM - ok
17:30:35.0779 0x18dc  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:30:35.0795 0x18dc  BthPan - ok
17:30:35.0858 0x18dc  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:30:35.0889 0x18dc  BTHPORT - ok
17:30:35.0920 0x18dc  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:30:35.0936 0x18dc  bthserv - ok
17:30:35.0951 0x18dc  [ 9310C81BE4D5EA33798A99355BB53E94, 127D1CC281996FD7B4359858A7B3EDB6FF4987EF463406259DA04D6F65DA1478 ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
17:30:35.0967 0x18dc  BTHSSecurityMgr - ok
17:30:36.0029 0x18dc  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:30:36.0045 0x18dc  BTHUSB - ok
17:30:36.0092 0x18dc  [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux          C:\WINDOWS\system32\DRIVERS\btmaux.sys
17:30:36.0108 0x18dc  btmaux - ok
17:30:36.0154 0x18dc  [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf          C:\WINDOWS\system32\DRIVERS\btmhsf.sys
17:30:36.0170 0x18dc  btmhsf - ok
17:30:36.0201 0x18dc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:30:36.0201 0x18dc  cdfs - ok
17:30:36.0233 0x18dc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:30:36.0233 0x18dc  cdrom - ok
17:30:36.0295 0x18dc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:30:36.0326 0x18dc  CertPropSvc - ok
17:30:36.0373 0x18dc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:30:36.0389 0x18dc  circlass - ok
17:30:36.0436 0x18dc  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:30:36.0451 0x18dc  CLFS - ok
17:30:36.0483 0x18dc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
17:30:36.0498 0x18dc  CLVirtualDrive - ok
17:30:36.0529 0x18dc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:30:36.0545 0x18dc  CmBatt - ok
17:30:36.0576 0x18dc  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:30:36.0608 0x18dc  CNG - ok
17:30:36.0623 0x18dc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:30:36.0641 0x18dc  CompositeBus - ok
17:30:36.0645 0x18dc  COMSysApp - ok
17:30:36.0651 0x18dc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:30:36.0667 0x18dc  condrv - ok
17:30:36.0849 0x18dc  [ 034643AFE2973A175E782AE530A0683C, C488572B971144D8A10F6EC8480175868913942896144D38BF49E3D8D1BC54F3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:30:36.0865 0x18dc  cphs - ok
17:30:36.0911 0x18dc  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:30:36.0927 0x18dc  CryptSvc - ok
17:30:36.0974 0x18dc  [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
17:30:37.0005 0x18dc  CSC - ok
17:30:37.0036 0x18dc  [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService      C:\WINDOWS\System32\cscsvc.dll
17:30:37.0068 0x18dc  CscService - ok
17:30:37.0115 0x18dc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:30:37.0130 0x18dc  dam - ok
17:30:37.0193 0x18dc  [ 5A639B2B630B572FFE9B72448A8A514D, C61C72BC85AD4E2A2AD12E1404601B5FFC26AABB0D9D9CDF48D926443FF91F50 ] DBService       C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
17:30:37.0224 0x18dc  DBService - ok
17:30:37.0302 0x18dc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:30:37.0318 0x18dc  DcomLaunch - ok
17:30:37.0365 0x18dc  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:30:37.0380 0x18dc  defragsvc - ok
17:30:37.0411 0x18dc  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:30:37.0427 0x18dc  DeviceAssociationService - ok
17:30:37.0458 0x18dc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:30:37.0474 0x18dc  DeviceInstall - ok
17:30:37.0490 0x18dc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:30:37.0505 0x18dc  Dfsc - ok
17:30:37.0536 0x18dc  [ 5492F6FB1F32E10AEF02679872AFD194, 470A0C39734E261DC7443C8E59ECE89A7E367ABCFC15AA325EB995452C3973AA ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
17:30:37.0552 0x18dc  dg_ssudbus - ok
17:30:37.0599 0x18dc  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:30:37.0646 0x18dc  Dhcp - ok
17:30:37.0703 0x18dc  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:30:37.0734 0x18dc  DiagTrack - ok
17:30:37.0786 0x18dc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:30:37.0791 0x18dc  disk - ok
17:30:37.0822 0x18dc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:30:37.0822 0x18dc  dmvsc - ok
17:30:37.0869 0x18dc  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:30:37.0885 0x18dc  Dnscache - ok
17:30:37.0916 0x18dc  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:30:37.0947 0x18dc  dot3svc - ok
17:30:37.0978 0x18dc  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
17:30:38.0010 0x18dc  DPS - ok
17:30:38.0041 0x18dc  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:30:38.0057 0x18dc  drmkaud - ok
17:30:38.0088 0x18dc  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:30:38.0119 0x18dc  DsmSvc - ok
17:30:38.0197 0x18dc  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:30:38.0244 0x18dc  DXGKrnl - ok
17:30:38.0260 0x18dc  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:30:38.0260 0x18dc  Eaphost - ok
17:30:38.0416 0x18dc  [ E8A3102296B412EBE14801733474816B, 5B88E0A8DE37D09E6A8E86347E7F69BACF9C87B2C053A92518DE60852728BDEC ] Easy Launcher   C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
17:30:38.0447 0x18dc  Easy Launcher - ok
17:30:38.0572 0x18dc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:30:38.0650 0x18dc  ebdrv - ok
17:30:38.0682 0x18dc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
17:30:38.0697 0x18dc  EFS - ok
17:30:38.0787 0x18dc  [ 44C5F3F4B70D1C8D21C90E724E249796, 49B31B9E7E45A2E42BDA803D9CDC3837E0CB73A1E1E6DA00CF4282573D60526F ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
17:30:38.0818 0x18dc  ehRecvr - ok
17:30:38.0828 0x18dc  [ 8EFB35A528A48D682C5322A5A07D4352, 5886991ECA449C48A89A3BB2950468EA7CCBD0998774C4C77A1194866827D267 ] ehSched         C:\WINDOWS\ehome\ehsched.exe
17:30:38.0828 0x18dc  ehSched - ok
17:30:38.0875 0x18dc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:30:38.0875 0x18dc  EhStorClass - ok
17:30:38.0891 0x18dc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:30:38.0906 0x18dc  EhStorTcgDrv - ok
17:30:38.0922 0x18dc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:30:38.0922 0x18dc  ErrDev - ok
17:30:38.0969 0x18dc  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
17:30:38.0984 0x18dc  EventSystem - ok
17:30:39.0109 0x18dc  [ 21FFB87A70019E9B39C5A8469695ACBA, B41BEDB737CFD33707181DA0B69FC47C01C897AF8B42211A46B54A9FDB2B9004 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
17:30:39.0141 0x18dc  EvtEng - ok
17:30:39.0188 0x18dc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:30:39.0219 0x18dc  exfat - ok
17:30:39.0250 0x18dc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:30:39.0266 0x18dc  fastfat - ok
17:30:39.0328 0x18dc  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:30:39.0344 0x18dc  Fax - ok
17:30:39.0359 0x18dc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:30:39.0375 0x18dc  fdc - ok
17:30:39.0406 0x18dc  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:30:39.0406 0x18dc  fdPHost - ok
17:30:39.0438 0x18dc  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:30:39.0438 0x18dc  FDResPub - ok
17:30:39.0484 0x18dc  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:30:39.0500 0x18dc  fhsvc - ok
17:30:39.0547 0x18dc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:30:39.0563 0x18dc  FileInfo - ok
17:30:39.0594 0x18dc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:30:39.0625 0x18dc  Filetrace - ok
17:30:39.0703 0x18dc  [ 64AB6F28047744B9B19C97459C2AB31B, B1F3FEE6DF1E72003DEAC8712C3E29D82DF67A095C4AC16A379BCD995C2F3833 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
17:30:39.0734 0x18dc  FLEXnet Licensing Service 64 - ok
17:30:39.0759 0x18dc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:30:39.0759 0x18dc  flpydisk - ok
17:30:39.0790 0x18dc  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:30:39.0806 0x18dc  FltMgr - ok
17:30:39.0879 0x18dc  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:30:39.0925 0x18dc  FontCache - ok
17:30:40.0050 0x18dc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:30:40.0066 0x18dc  FontCache3.0.0.0 - ok
17:30:40.0113 0x18dc  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:30:40.0129 0x18dc  FsDepends - ok
17:30:40.0160 0x18dc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:30:40.0175 0x18dc  Fs_Rec - ok
17:30:40.0191 0x18dc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:30:40.0222 0x18dc  fvevol - ok
17:30:40.0238 0x18dc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:30:40.0238 0x18dc  FxPPM - ok
17:30:40.0254 0x18dc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:30:40.0269 0x18dc  gagp30kx - ok
17:30:40.0316 0x18dc  [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
17:30:40.0332 0x18dc  Garmin Core Update Service - ok
17:30:40.0363 0x18dc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:30:40.0379 0x18dc  gencounter - ok
17:30:40.0410 0x18dc  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:30:40.0425 0x18dc  GPIOClx0101 - ok
17:30:40.0488 0x18dc  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:30:40.0519 0x18dc  gpsvc - ok
17:30:40.0550 0x18dc  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:30:40.0550 0x18dc  HDAudBus - ok
17:30:40.0582 0x18dc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:30:40.0597 0x18dc  HidBatt - ok
17:30:40.0629 0x18dc  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:30:40.0644 0x18dc  HidBth - ok
17:30:40.0660 0x18dc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:30:40.0660 0x18dc  hidi2c - ok
17:30:40.0691 0x18dc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:30:40.0707 0x18dc  HidIr - ok
17:30:40.0738 0x18dc  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:30:40.0738 0x18dc  hidserv - ok
17:30:40.0769 0x18dc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:30:40.0769 0x18dc  HidUsb - ok
17:30:40.0814 0x18dc  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:30:40.0830 0x18dc  hkmsvc - ok
17:30:40.0877 0x18dc  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:30:40.0894 0x18dc  HomeGroupListener - ok
17:30:40.0918 0x18dc  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:30:40.0934 0x18dc  HomeGroupProvider - ok
17:30:40.0965 0x18dc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:30:40.0981 0x18dc  HpSAMD - ok
17:30:41.0043 0x18dc  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:30:41.0059 0x18dc  HTTP - ok
17:30:41.0106 0x18dc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:30:41.0121 0x18dc  hwpolicy - ok
17:30:41.0153 0x18dc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:30:41.0153 0x18dc  hyperkbd - ok
17:30:41.0168 0x18dc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:30:41.0184 0x18dc  HyperVideo - ok
17:30:41.0200 0x18dc  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:30:41.0215 0x18dc  i8042prt - ok
17:30:41.0231 0x18dc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:30:41.0231 0x18dc  iaLPSSi_GPIO - ok
17:30:41.0246 0x18dc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:30:41.0262 0x18dc  iaLPSSi_I2C - ok
17:30:41.0293 0x18dc  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:30:41.0309 0x18dc  iaStorA - ok
17:30:41.0356 0x18dc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:30:41.0387 0x18dc  iaStorAV - ok
17:30:41.0434 0x18dc  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:30:41.0434 0x18dc  IAStorDataMgrSvc - ok
17:30:41.0465 0x18dc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:30:41.0496 0x18dc  iaStorV - ok
17:30:41.0528 0x18dc  [ 23E22B130EFE5A225E279467BE146317, 2302C119FE9C57F3A71DFE504489423B6F7140E2DFF5D501883AD971CB671CB4 ] iBtFltCoex      C:\WINDOWS\system32\DRIVERS\iBtFltCoex.sys
17:30:41.0528 0x18dc  iBtFltCoex - ok
17:30:41.0543 0x18dc  IEEtwCollectorService - ok
17:30:41.0684 0x18dc  [ 7A5A61997B5404C8EDDFCC62378164DC, C2BCA8A2AA2DFCCF3489FC7F0F366ABBDC8606CFC6397CD7B17C8CD4A28DD17F ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:30:41.0793 0x18dc  igfx - ok
17:30:41.0836 0x18dc  [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
17:30:41.0852 0x18dc  IJPLMSVC - ok
17:30:41.0941 0x18dc  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:30:41.0972 0x18dc  IKEEXT - ok
17:30:42.0003 0x18dc  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:30:42.0003 0x18dc  intaud_WaveExtensible - ok
17:30:42.0159 0x18dc  [ E3FEE528E5E232BB173E07E5AA29406A, AC0E6862CEC92933C64EA716D81598247A8BCDB346FCE3780C6083D80F07FA3F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
17:30:42.0238 0x18dc  IntcAzAudAddService - ok
17:30:42.0269 0x18dc  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
17:30:42.0284 0x18dc  IntcDAud - ok
17:30:42.0363 0x18dc  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:30:42.0378 0x18dc  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
17:30:42.0378 0x18dc  Detect skipped due to KSN trusted
17:30:42.0378 0x18dc  Intel(R) Capability Licensing Service Interface - ok
17:30:42.0409 0x18dc  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:30:42.0441 0x18dc  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:30:42.0519 0x18dc  [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
17:30:42.0534 0x18dc  Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
17:30:42.0566 0x18dc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:30:42.0581 0x18dc  intelide - ok
17:30:42.0628 0x18dc  [ A4DE7F75F20762A1C360E48B36F3B498, D194B7E16837E5AE7F0E3FC3B0F9A5CB2E1F7D4C2D5BDC6AC6D3DF09CE5334C1 ] IntelliMemory   C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
17:30:42.0628 0x18dc  IntelliMemory - ok
17:30:42.0659 0x18dc  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:30:42.0675 0x18dc  intelpep - ok
17:30:42.0706 0x18dc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:30:42.0722 0x18dc  intelppm - ok
17:30:42.0738 0x18dc  [ 188D1B5837948CE932353C1FB26BF301, 5E08144063D3AE3AD2D5285DA524BC862971303533BFA18ED6BC49476C029A28 ] intmfs          C:\WINDOWS\system32\DRIVERS\intmfs.sys
17:30:42.0738 0x18dc  intmfs - ok
17:30:42.0738 0x18dc  [ EB0169B38D94A4BC575724ABBA58DF36, F8FA133813595B48E220499C3841BD11E2127B3BEE52A0988EFD5502877AE0A2 ] intmsd          C:\WINDOWS\system32\DRIVERS\intmsd.sys
17:30:42.0753 0x18dc  intmsd - ok
17:30:42.0769 0x18dc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:30:42.0784 0x18dc  IpFilterDriver - ok
17:30:42.0847 0x18dc  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:30:42.0874 0x18dc  iphlpsvc - ok
17:30:42.0890 0x18dc  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:30:42.0890 0x18dc  IPMIDRV - ok
17:30:42.0921 0x18dc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:30:42.0937 0x18dc  IPNAT - ok
17:30:42.0952 0x18dc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:30:42.0974 0x18dc  IRENUM - ok
17:30:43.0009 0x18dc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:30:43.0041 0x18dc  isapnp - ok
17:30:43.0072 0x18dc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:30:43.0087 0x18dc  iScsiPrt - ok
17:30:43.0181 0x18dc  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
17:30:43.0228 0x18dc  iumsvc - ok
17:30:43.0259 0x18dc  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:30:43.0275 0x18dc  iwdbus - ok
17:30:43.0337 0x18dc  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:30:43.0353 0x18dc  jhi_service - ok
17:30:43.0369 0x18dc  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:30:43.0384 0x18dc  kbdclass - ok
17:30:43.0416 0x18dc  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:30:43.0431 0x18dc  kbdhid - ok
17:30:43.0447 0x18dc  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
17:30:43.0447 0x18dc  kbldfltr - ok
17:30:43.0494 0x18dc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:30:43.0509 0x18dc  kdnic - ok
17:30:43.0525 0x18dc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:30:43.0541 0x18dc  KeyIso - ok
17:30:43.0572 0x18dc  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:30:43.0587 0x18dc  KSecDD - ok
17:30:43.0634 0x18dc  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:30:43.0650 0x18dc  KSecPkg - ok
17:30:43.0650 0x18dc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:30:43.0666 0x18dc  ksthunk - ok
17:30:43.0681 0x18dc  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:30:43.0697 0x18dc  KtmRm - ok
17:30:43.0744 0x18dc  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:30:43.0759 0x18dc  LanmanServer - ok
17:30:43.0806 0x18dc  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:30:43.0822 0x18dc  LanmanWorkstation - ok
17:30:43.0884 0x18dc  [ 4B778E7F0389963BAE8A0AE0370496CC, 4E27D6E62B09B9D4A125545BC44A5124EBA49C6E5CA7A5E9392CE1220A57D59C ] launcherservice C:\Program Files (x86)\WEKA\WEKA Launcher\launcherservice.exe
17:30:43.0905 0x18dc  launcherservice - detected UnsignedFile.Multi.Generic ( 1 )
17:30:43.0971 0x18dc  launcherservice ( UnsignedFile.Multi.Generic ) - warning
17:30:43.0971 0x18dc  Force sending object to P2P due to detect: launcherservice
17:30:46.0435 0x18dc  Object send P2P result: true
17:30:48.0885 0x18dc  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:30:48.0916 0x18dc  lfsvc - ok
17:30:48.0948 0x18dc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:30:48.0963 0x18dc  lltdio - ok
17:30:49.0057 0x18dc  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:30:49.0090 0x18dc  lltdsvc - ok
17:30:49.0115 0x18dc  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:30:49.0115 0x18dc  lmhosts - ok
17:30:49.0162 0x18dc  [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:30:49.0177 0x18dc  LMS - ok
17:30:49.0219 0x18dc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:30:49.0219 0x18dc  LSI_SAS - ok
17:30:49.0234 0x18dc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:30:49.0250 0x18dc  LSI_SAS2 - ok
17:30:49.0266 0x18dc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:30:49.0266 0x18dc  LSI_SAS3 - ok
17:30:49.0281 0x18dc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:30:49.0297 0x18dc  LSI_SSS - ok
17:30:49.0344 0x18dc  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
17:30:49.0375 0x18dc  LSM - ok
17:30:49.0406 0x18dc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:30:49.0422 0x18dc  luafv - ok
17:30:49.0453 0x18dc  [ 9D2252224DF2213E1B44FA608E6A1D14, E2C644C5FDCCA7BD2547ADC110FDDB26EA91C734AB53CD4196266C746BFDFAA4 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
17:30:49.0453 0x18dc  Mcx2Svc - ok
17:30:49.0500 0x18dc  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
17:30:49.0516 0x18dc  MDM - detected UnsignedFile.Multi.Generic ( 1 )
17:30:49.0516 0x18dc  Detect skipped due to KSN trusted
17:30:49.0516 0x18dc  MDM - ok
17:30:49.0547 0x18dc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:30:49.0563 0x18dc  megasas - ok
17:30:49.0578 0x18dc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:30:49.0594 0x18dc  megasr - ok
17:30:49.0625 0x18dc  [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
17:30:49.0625 0x18dc  MEIx64 - ok
17:30:49.0656 0x18dc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:30:49.0672 0x18dc  MMCSS - ok
17:30:49.0703 0x18dc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:30:49.0734 0x18dc  Modem - ok
17:30:49.0750 0x18dc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:30:49.0766 0x18dc  monitor - ok
17:30:49.0781 0x18dc  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:30:49.0781 0x18dc  mouclass - ok
17:30:49.0797 0x18dc  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:30:49.0813 0x18dc  mouhid - ok
17:30:49.0844 0x18dc  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:30:49.0859 0x18dc  mountmgr - ok
17:30:49.0906 0x18dc  [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:30:49.0922 0x18dc  MozillaMaintenance - ok
17:30:49.0969 0x18dc  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:30:49.0984 0x18dc  mpsdrv - ok
         

Alt 08.01.2016, 19:47   #8
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Teil 3
Code:
ATTFilter
17:30:50.0047 0x18dc  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:30:50.0094 0x18dc  MpsSvc - ok
17:30:50.0132 0x18dc  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:30:50.0137 0x18dc  MRxDAV - ok
17:30:50.0184 0x18dc  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:30:50.0215 0x18dc  mrxsmb - ok
17:30:50.0256 0x18dc  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:30:50.0287 0x18dc  mrxsmb10 - ok
17:30:50.0302 0x18dc  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:30:50.0318 0x18dc  mrxsmb20 - ok
17:30:50.0334 0x18dc  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:30:50.0349 0x18dc  MsBridge - ok
17:30:50.0381 0x18dc  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:30:50.0396 0x18dc  MSDTC - ok
17:30:50.0443 0x18dc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:30:50.0474 0x18dc  Msfs - ok
17:30:50.0490 0x18dc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:30:50.0506 0x18dc  msgpiowin32 - ok
17:30:50.0521 0x18dc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:30:50.0537 0x18dc  mshidkmdf - ok
17:30:50.0553 0x18dc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:30:50.0568 0x18dc  mshidumdf - ok
17:30:50.0584 0x18dc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:30:50.0584 0x18dc  msisadrv - ok
17:30:50.0615 0x18dc  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:30:50.0631 0x18dc  MSiSCSI - ok
17:30:50.0646 0x18dc  msiserver - ok
17:30:50.0662 0x18dc  [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
17:30:50.0677 0x18dc  MsKeyboardFilter - ok
17:30:50.0709 0x18dc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:30:50.0724 0x18dc  MSKSSRV - ok
17:30:50.0740 0x18dc  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:30:50.0756 0x18dc  MsLldp - ok
17:30:50.0771 0x18dc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:30:50.0771 0x18dc  MSPCLOCK - ok
17:30:50.0787 0x18dc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:30:50.0787 0x18dc  MSPQM - ok
17:30:50.0818 0x18dc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:30:50.0834 0x18dc  MsRPC - ok
17:30:50.0834 0x18dc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:30:50.0849 0x18dc  mssmbios - ok
17:30:50.0928 0x18dc  [ 3AE13C9869B7CE1135BCF21C0AAA68ED, 3E917376199B13523DFB4FCC445583D9DF0606AD0A6A02B111D8A3EE6B71E117 ] MSSQL$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
17:30:50.0943 0x18dc  MSSQL$SQLEXPRESS - ok
17:30:50.0974 0x18dc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:30:50.0974 0x18dc  MSTEE - ok
17:30:50.0990 0x18dc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:30:50.0990 0x18dc  MTConfig - ok
17:30:51.0021 0x18dc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:30:51.0037 0x18dc  Mup - ok
17:30:51.0053 0x18dc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:30:51.0068 0x18dc  mvumis - ok
17:30:51.0099 0x18dc  [ 53EE034F83E9A7A8E421572E385F67CD, 29F718B95B9D6CBDA49D5DE14FEC46DA64D7977131D585C975B3D703559D0988 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
17:30:51.0099 0x18dc  MyWiFiDHCPDNS - ok
17:30:51.0146 0x18dc  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:30:51.0169 0x18dc  napagent - ok
17:30:51.0205 0x18dc  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:30:51.0221 0x18dc  NativeWifiP - ok
17:30:51.0277 0x18dc  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:30:51.0294 0x18dc  NAUpdate - ok
17:30:51.0325 0x18dc  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:30:51.0340 0x18dc  NcaSvc - ok
17:30:51.0372 0x18dc  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:30:51.0403 0x18dc  NcbService - ok
17:30:51.0419 0x18dc  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:30:51.0434 0x18dc  NcdAutoSetup - ok
17:30:51.0481 0x18dc  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:30:51.0512 0x18dc  NDIS - ok
17:30:51.0544 0x18dc  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:30:51.0559 0x18dc  NdisCap - ok
17:30:51.0591 0x18dc  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:30:51.0606 0x18dc  NdisImPlatform - ok
17:30:51.0637 0x18dc  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:30:51.0653 0x18dc  NdisTapi - ok
17:30:51.0684 0x18dc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:30:51.0716 0x18dc  Ndisuio - ok
17:30:51.0716 0x18dc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:30:51.0731 0x18dc  NdisVirtualBus - ok
17:30:51.0762 0x18dc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:51.0778 0x18dc  NdisWan - ok
17:30:51.0778 0x18dc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:30:51.0794 0x18dc  NdisWanLegacy - ok
17:30:51.0825 0x18dc  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:30:51.0841 0x18dc  NDProxy - ok
17:30:51.0872 0x18dc  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:30:51.0903 0x18dc  Ndu - ok
17:30:51.0934 0x18dc  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:30:51.0966 0x18dc  NetBIOS - ok
17:30:52.0012 0x18dc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:30:52.0028 0x18dc  NetBT - ok
17:30:52.0044 0x18dc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:30:52.0044 0x18dc  Netlogon - ok
17:30:52.0091 0x18dc  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
17:30:52.0106 0x18dc  Netman - ok
17:30:52.0153 0x18dc  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:30:52.0184 0x18dc  netprofm - ok
17:30:52.0245 0x18dc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:30:52.0245 0x18dc  NetTcpPortSharing - ok
17:30:52.0291 0x18dc  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
17:30:52.0291 0x18dc  netvsc - ok
17:30:52.0395 0x18dc  [ 75B9B86878CC159FBC40C4F9202ADBE3, 80D9176112BAFB42E6568E723781E5C03BD5472AB382496C1BD784DB9B2FB6E6 ] NETwNe64        C:\WINDOWS\system32\DRIVERS\Netwew00.sys
17:30:52.0442 0x18dc  NETwNe64 - ok
17:30:52.0489 0x18dc  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:30:52.0505 0x18dc  NlaSvc - ok
17:30:52.0583 0x18dc  [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
17:30:52.0599 0x18dc  NMIndexingService - ok
17:30:52.0645 0x18dc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:30:52.0661 0x18dc  Npfs - ok
17:30:52.0692 0x18dc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:30:52.0692 0x18dc  npsvctrig - ok
17:30:52.0739 0x18dc  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:30:52.0739 0x18dc  nsi - ok
17:30:52.0770 0x18dc  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:30:52.0786 0x18dc  nsiproxy - ok
17:30:52.0849 0x18dc  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:30:52.0895 0x18dc  Ntfs - ok
17:30:52.0942 0x18dc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:30:52.0942 0x18dc  Null - ok
17:30:53.0248 0x18dc  [ C769B999721DEF6E59FF579AEDFB2693, 05FC56F88515787533BC8E14A8556BDC3FE0B50AC9EB51C8C0A2187FA1761C89 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:30:53.0431 0x18dc  nvlddmkm - ok
17:30:53.0478 0x18dc  [ 1C7CF80FE7E4B18BC46EA5C7ADC7339C, 671D634E8AF33DAF8E926CDE0C54A10142A989D8358E2827A7EB78026D25763B ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:30:53.0478 0x18dc  nvpciflt - ok
17:30:53.0525 0x18dc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:30:53.0556 0x18dc  nvraid - ok
17:30:53.0572 0x18dc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:30:53.0572 0x18dc  nvstor - ok
17:30:53.0587 0x18dc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:30:53.0603 0x18dc  nv_agp - ok
17:30:53.0681 0x18dc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:30:53.0697 0x18dc  odserv - ok
17:30:53.0806 0x18dc  [ 880CD3C9ACE342F29AB2F90C751B91A4, 7882ED604EE443E182B323D9A38E35B49FD8C28EDC1196B65EDFABB22CBF6161 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:30:53.0853 0x18dc  Origin Client Service - ok
17:30:53.0884 0x18dc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:30:53.0900 0x18dc  ose - ok
17:30:53.0962 0x18dc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:30:53.0978 0x18dc  p2pimsvc - ok
17:30:54.0040 0x18dc  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:30:54.0056 0x18dc  p2psvc - ok
17:30:54.0072 0x18dc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:30:54.0087 0x18dc  Parport - ok
17:30:54.0119 0x18dc  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:30:54.0119 0x18dc  partmgr - ok
17:30:54.0165 0x18dc  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:30:54.0181 0x18dc  PcaSvc - ok
17:30:54.0212 0x18dc  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:30:54.0228 0x18dc  pci - ok
17:30:54.0244 0x18dc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:30:54.0244 0x18dc  pciide - ok
17:30:54.0275 0x18dc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:30:54.0288 0x18dc  pcmcia - ok
17:30:54.0304 0x18dc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:30:54.0320 0x18dc  pcw - ok
17:30:54.0335 0x18dc  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:30:54.0351 0x18dc  pdc - ok
17:30:54.0367 0x18dc  [ 958754A37C85E18EB53FA2139787113C, A58B39CFD7B0A36EA12965A24A384B7B1E2A980CA8D2F33B72FA72B00E68EC0C ] pe3ah4nc        C:\WINDOWS\system32\drivers\pe3ah4nc.sys
17:30:54.0367 0x18dc  pe3ah4nc - ok
17:30:54.0425 0x18dc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:30:54.0456 0x18dc  PEAUTH - ok
17:30:54.0550 0x18dc  [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
17:30:54.0596 0x18dc  PeerDistSvc - ok
17:30:54.0706 0x18dc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:30:54.0737 0x18dc  PerfHost - ok
17:30:54.0800 0x18dc  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
17:30:54.0846 0x18dc  pla - ok
17:30:54.0862 0x18dc  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:30:54.0878 0x18dc  PlugPlay - ok
17:30:54.0909 0x18dc  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:30:54.0925 0x18dc  PNRPAutoReg - ok
17:30:54.0940 0x18dc  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:30:54.0956 0x18dc  PNRPsvc - ok
17:30:55.0003 0x18dc  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:30:55.0034 0x18dc  PolicyAgent - ok
17:30:55.0081 0x18dc  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
17:30:55.0096 0x18dc  Power - ok
17:30:55.0112 0x18dc  pr2ah4nc - ok
17:30:55.0268 0x18dc  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:30:55.0387 0x18dc  PrintNotify - ok
17:30:55.0491 0x18dc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:30:55.0522 0x18dc  Processor - ok
17:30:55.0584 0x18dc  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:30:55.0600 0x18dc  ProfSvc - ok
17:30:55.0631 0x18dc  [ 0E998144E0C05AFFBB6CC66B5999958C, 6EED570FCBDD4FD9746C5E72AB83261D826CF68A54411FD82DF917DADAF23FD7 ] ps6ah4nc        C:\WINDOWS\system32\drivers\ps6ah4nc.sys
17:30:55.0631 0x18dc  ps6ah4nc - ok
17:30:55.0663 0x18dc  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:30:55.0678 0x18dc  Psched - ok
17:30:55.0725 0x18dc  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:30:55.0756 0x18dc  QWAVE - ok
17:30:55.0772 0x18dc  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:30:55.0788 0x18dc  QWAVEdrv - ok
17:30:55.0819 0x18dc  [ 194ED3C117525613E701FF257882303E, F9D771B573078C6335F352812E24918CB79529BAE2262117E8E0DD4C57AA64C1 ] RadioHIDMini    C:\WINDOWS\System32\drivers\RadioHIDMini.sys
17:30:55.0819 0x18dc  RadioHIDMini - ok
17:30:55.0834 0x18dc  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:30:55.0850 0x18dc  RasAcd - ok
17:30:55.0881 0x18dc  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:30:55.0897 0x18dc  RasAuto - ok
17:30:55.0928 0x18dc  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:30:55.0959 0x18dc  RasMan - ok
17:30:55.0991 0x18dc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:30:56.0006 0x18dc  RasPppoe - ok
17:30:56.0022 0x18dc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:30:56.0038 0x18dc  rdbss - ok
17:30:56.0084 0x18dc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:30:56.0084 0x18dc  rdpbus - ok
17:30:56.0100 0x18dc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:30:56.0116 0x18dc  RDPDR - ok
17:30:56.0147 0x18dc  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:30:56.0163 0x18dc  RdpVideoMiniport - ok
17:30:56.0194 0x18dc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:30:56.0225 0x18dc  rdyboost - ok
17:30:56.0272 0x18dc  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:30:56.0288 0x18dc  ReFS - ok
17:30:56.0390 0x18dc  [ 1791B1C8C72E13D193ADE659E7DB87C1, F0C1EA05283BB89ACBE721D0CDBB30FD8F1E75D5545158D29D6EC11E41B145BA ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
17:30:56.0405 0x18dc  RegSrvc - ok
17:30:56.0458 0x18dc  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:30:56.0478 0x18dc  RemoteAccess - ok
17:30:56.0509 0x18dc  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:30:56.0525 0x18dc  RemoteRegistry - ok
17:30:56.0572 0x18dc  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:30:56.0588 0x18dc  RFCOMM - ok
17:30:56.0619 0x18dc  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:30:56.0619 0x18dc  RpcEptMapper - ok
17:30:56.0666 0x18dc  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:30:56.0666 0x18dc  RpcLocator - ok
17:30:56.0744 0x18dc  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:30:56.0759 0x18dc  RpcSs - ok
17:30:56.0791 0x18dc  [ 5AA85332CB1694871B2F0704E0FC9113, 18E11C4E966DEE53FA0E482C55769A35C6C746EB3347DF171A1978D22BC7990B ] RsFx0200        C:\WINDOWS\system32\DRIVERS\RsFx0200.sys
17:30:56.0806 0x18dc  RsFx0200 - ok
17:30:56.0838 0x18dc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:30:56.0853 0x18dc  rspndr - ok
17:30:56.0900 0x18dc  [ 9F2A38C1170594CF493283CE0B987B70, 1CE15815DD54227C3C8ED4B2E4FA09EB3EB91D55379DC286AAC7A6001850CA98 ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
17:30:56.0931 0x18dc  RTL8168 - ok
17:30:56.0947 0x18dc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:30:56.0963 0x18dc  s3cap - ok
17:30:56.0994 0x18dc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
17:30:56.0994 0x18dc  SamSs - ok
17:30:57.0119 0x18dc  SBIOSIO - ok
17:30:57.0150 0x18dc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:30:57.0181 0x18dc  sbp2port - ok
17:30:57.0213 0x18dc  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:30:57.0244 0x18dc  SCardSvr - ok
17:30:57.0275 0x18dc  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:30:57.0291 0x18dc  ScDeviceEnum - ok
17:30:57.0322 0x18dc  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:30:57.0322 0x18dc  scfilter - ok
17:30:57.0369 0x18dc  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:30:57.0399 0x18dc  Schedule - ok
17:30:57.0430 0x18dc  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:30:57.0430 0x18dc  SCPolicySvc - ok
17:30:57.0461 0x18dc  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:30:57.0477 0x18dc  sdbus - ok
17:30:57.0597 0x18dc  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
17:30:57.0628 0x18dc  SDScannerService - ok
17:30:57.0675 0x18dc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:30:57.0675 0x18dc  sdstor - ok
17:30:57.0737 0x18dc  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
17:30:57.0784 0x18dc  SDUpdateService - ok
17:30:57.0800 0x18dc  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
17:30:57.0816 0x18dc  SDWSCService - ok
17:30:57.0847 0x18dc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:30:57.0847 0x18dc  secdrv - ok
17:30:57.0878 0x18dc  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:30:57.0894 0x18dc  seclogon - ok
17:30:57.0925 0x18dc  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
17:30:57.0941 0x18dc  SENS - ok
17:30:57.0972 0x18dc  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:30:58.0003 0x18dc  SensrSvc - ok
17:30:58.0034 0x18dc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:30:58.0050 0x18dc  SerCx - ok
17:30:58.0081 0x18dc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:30:58.0097 0x18dc  SerCx2 - ok
17:30:58.0112 0x18dc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:30:58.0128 0x18dc  Serenum - ok
17:30:58.0144 0x18dc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:30:58.0144 0x18dc  Serial - ok
17:30:58.0175 0x18dc  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:30:58.0191 0x18dc  sermouse - ok
17:30:58.0237 0x18dc  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:30:58.0269 0x18dc  SessionEnv - ok
17:30:58.0300 0x18dc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:30:58.0300 0x18dc  sfloppy - ok
17:30:58.0347 0x18dc  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:30:58.0362 0x18dc  SharedAccess - ok
17:30:58.0378 0x18dc  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:30:58.0409 0x18dc  ShellHWDetection - ok
17:30:58.0436 0x18dc  [ 8C61B219882C9C9ECA09BEDB82B0DDB1, 711681040D9CD93D603F55AB8D62371F5D51917C14818F27859E23E2D60EB18F ] silabenm        C:\WINDOWS\system32\DRIVERS\silabenm.sys
17:30:58.0452 0x18dc  silabenm - ok
17:30:58.0467 0x18dc  [ 2641655FAD6C1EA0F3677978E2BF28C1, E703CE74D09E901BF531589E181DCF95B9C63E09FE1B99E38DEA9EE47EE458BA ] silabser        C:\WINDOWS\system32\DRIVERS\silabser.sys
17:30:58.0483 0x18dc  silabser - ok
17:30:58.0514 0x18dc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:30:58.0539 0x18dc  SiSRaid2 - ok
17:30:58.0555 0x18dc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:30:58.0571 0x18dc  SiSRaid4 - ok
17:30:58.0618 0x18dc  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
17:30:58.0633 0x18dc  smphost - ok
17:30:58.0680 0x18dc  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:30:58.0696 0x18dc  SNMPTRAP - ok
17:30:58.0758 0x18dc  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:30:58.0774 0x18dc  spaceport - ok
17:30:58.0805 0x18dc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:30:58.0821 0x18dc  SpbCx - ok
17:30:58.0868 0x18dc  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:30:58.0914 0x18dc  Spooler - ok
17:30:59.0086 0x18dc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:30:59.0227 0x18dc  sppsvc - ok
17:30:59.0305 0x18dc  [ B70FAF0C7C5737AA6973E14B45477730, 48D835D64D36A46BD2ED6080A0D733B92960DA3EA459005F536587BB19B16A7E ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
17:30:59.0336 0x18dc  SQLAgent$SQLEXPRESS - ok
17:30:59.0399 0x18dc  [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
17:30:59.0414 0x18dc  SQLBrowser - ok
17:30:59.0430 0x18dc  [ EAD5300C93946B0250A309E2BF2BE4CF, 6B9131D94ED31F838B1820EE67F068C4741B69D5C655587C89C9477986BD270F ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
17:30:59.0446 0x18dc  SQLWriter - ok
17:30:59.0473 0x18dc  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:30:59.0488 0x18dc  srv - ok
17:30:59.0520 0x18dc  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:30:59.0551 0x18dc  srv2 - ok
17:30:59.0551 0x18dc  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:30:59.0574 0x18dc  srvnet - ok
17:30:59.0593 0x18dc  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:30:59.0608 0x18dc  SSDPSRV - ok
17:30:59.0640 0x18dc  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:30:59.0655 0x18dc  SstpSvc - ok
17:30:59.0686 0x18dc  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
17:30:59.0686 0x18dc  ssudmdm - ok
17:30:59.0796 0x18dc  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:30:59.0811 0x18dc  ss_conn_service - ok
17:30:59.0827 0x18dc  [ 30D7CE5C0B812BAF4F2FB5F47820C76A, 5C9D67637485F67A720D8582D54D880D8364108C593A020682D4695397284989 ] stdriver        C:\WINDOWS\system32\DRIVERS\stdriverx64.sys
17:30:59.0843 0x18dc  stdriver - ok
17:30:59.0890 0x18dc  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:30:59.0921 0x18dc  Steam Client Service - ok
17:30:59.0952 0x18dc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:30:59.0968 0x18dc  stexstor - ok
17:31:00.0015 0x18dc  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:31:00.0046 0x18dc  stisvc - ok
17:31:00.0061 0x18dc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:31:00.0061 0x18dc  storahci - ok
17:31:00.0093 0x18dc  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:31:00.0108 0x18dc  storflt - ok
17:31:00.0140 0x18dc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:31:00.0140 0x18dc  stornvme - ok
17:31:00.0171 0x18dc  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:31:00.0186 0x18dc  StorSvc - ok
17:31:00.0202 0x18dc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:31:00.0218 0x18dc  storvsc - ok
17:31:00.0249 0x18dc  [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
17:31:00.0249 0x18dc  storvsp - ok
17:31:00.0296 0x18dc  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:31:00.0296 0x18dc  svsvc - ok
17:31:00.0327 0x18dc  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:31:00.0343 0x18dc  swenum - ok
17:31:00.0421 0x18dc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:31:00.0452 0x18dc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
17:31:00.0452 0x18dc  Detect skipped due to KSN trusted
17:31:00.0452 0x18dc  SwitchBoard - ok
17:31:00.0504 0x18dc  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
17:31:00.0524 0x18dc  swprv - ok
17:31:00.0612 0x18dc  SWUpdateService - ok
17:31:00.0706 0x18dc  [ 092506B413EA5CCA425B31DCC776D2DC, D9DAB4299657BFD7F176C94F988FD8359E2CE62071457AF5F7EF3722FD3EC0A8 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:31:00.0738 0x18dc  SynTP - ok
17:31:00.0800 0x18dc  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:31:00.0831 0x18dc  SysMain - ok
17:31:00.0863 0x18dc  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:31:00.0878 0x18dc  SystemEventsBroker - ok
17:31:00.0894 0x18dc  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:31:00.0909 0x18dc  TabletInputService - ok
17:31:00.0941 0x18dc  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:31:00.0956 0x18dc  TapiSrv - ok
17:31:01.0034 0x18dc  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:31:01.0081 0x18dc  Tcpip - ok
17:31:01.0144 0x18dc  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:31:01.0222 0x18dc  TCPIP6 - ok
17:31:01.0238 0x18dc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:31:01.0253 0x18dc  tcpipreg - ok
17:31:01.0284 0x18dc  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:31:01.0300 0x18dc  tdx - ok
17:31:01.0331 0x18dc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:31:01.0331 0x18dc  terminpt - ok
17:31:01.0394 0x18dc  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:31:01.0409 0x18dc  TermService - ok
17:31:01.0441 0x18dc  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
17:31:01.0456 0x18dc  Themes - ok
17:31:01.0488 0x18dc  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:31:01.0488 0x18dc  THREADORDER - ok
17:31:01.0503 0x18dc  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:31:01.0519 0x18dc  TimeBroker - ok
17:31:01.0563 0x18dc  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:31:01.0563 0x18dc  TPM - ok
17:31:01.0594 0x18dc  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:31:01.0625 0x18dc  TrkWks - ok
17:31:01.0697 0x18dc  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:31:01.0713 0x18dc  TrustedInstaller - ok
17:31:01.0744 0x18dc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:31:01.0760 0x18dc  TsUsbFlt - ok
17:31:01.0791 0x18dc  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:31:01.0806 0x18dc  TsUsbGD - ok
17:31:01.0853 0x18dc  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:31:01.0869 0x18dc  tunnel - ok
17:31:01.0900 0x18dc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:31:01.0900 0x18dc  uagp35 - ok
17:31:01.0916 0x18dc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:31:01.0931 0x18dc  UASPStor - ok
17:31:01.0963 0x18dc  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:31:01.0978 0x18dc  UCX01000 - ok
17:31:02.0025 0x18dc  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:31:02.0041 0x18dc  udfs - ok
17:31:02.0056 0x18dc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:31:02.0072 0x18dc  UEFI - ok
17:31:02.0103 0x18dc  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:31:02.0119 0x18dc  UI0Detect - ok
17:31:02.0135 0x18dc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:31:02.0135 0x18dc  uliagpkx - ok
17:31:02.0150 0x18dc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:31:02.0166 0x18dc  umbus - ok
17:31:02.0197 0x18dc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:31:02.0197 0x18dc  UmPass - ok
17:31:02.0244 0x18dc  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:31:02.0244 0x18dc  UmRdpService - ok
17:31:02.0291 0x18dc  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:31:02.0306 0x18dc  upnphost - ok
17:31:02.0353 0x18dc  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:31:02.0353 0x18dc  usbccgp - ok
17:31:02.0400 0x18dc  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:31:02.0416 0x18dc  usbcir - ok
17:31:02.0463 0x18dc  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:31:02.0463 0x18dc  usbehci - ok
17:31:02.0494 0x18dc  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:31:02.0510 0x18dc  usbhub - ok
17:31:02.0541 0x18dc  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:31:02.0556 0x18dc  USBHUB3 - ok
17:31:02.0584 0x18dc  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:31:02.0584 0x18dc  usbohci - ok
17:31:02.0631 0x18dc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:31:02.0631 0x18dc  usbprint - ok
17:31:02.0662 0x18dc  [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan         C:\WINDOWS\System32\drivers\usbscan.sys
17:31:02.0688 0x18dc  usbscan - ok
17:31:02.0735 0x18dc  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:31:02.0735 0x18dc  USBSTOR - ok
17:31:02.0782 0x18dc  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:31:02.0782 0x18dc  usbuhci - ok
17:31:02.0829 0x18dc  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
17:31:02.0844 0x18dc  usbvideo - ok
17:31:02.0907 0x18dc  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:31:02.0923 0x18dc  USBXHCI - ok
17:31:02.0969 0x18dc  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:31:02.0969 0x18dc  VaultSvc - ok
17:31:03.0016 0x18dc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:31:03.0032 0x18dc  vdrvroot - ok
17:31:03.0094 0x18dc  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
17:31:03.0126 0x18dc  vds - ok
17:31:03.0173 0x18dc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:31:03.0173 0x18dc  VerifierExt - ok
17:31:03.0219 0x18dc  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:31:03.0235 0x18dc  vhdmp - ok
17:31:03.0266 0x18dc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:31:03.0282 0x18dc  viaide - ok
17:31:03.0282 0x18dc  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
17:31:03.0298 0x18dc  Vid - ok
17:31:03.0329 0x18dc  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:31:03.0344 0x18dc  vmbus - ok
17:31:03.0360 0x18dc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:31:03.0360 0x18dc  VMBusHID - ok
17:31:03.0391 0x18dc  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
17:31:03.0407 0x18dc  vmbusr - ok
17:31:03.0454 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:31:03.0469 0x18dc  vmicguestinterface - ok
17:31:03.0485 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:31:03.0579 0x18dc  vmicheartbeat - ok
17:31:03.0594 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:31:03.0615 0x18dc  vmickvpexchange - ok
17:31:03.0622 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:31:03.0638 0x18dc  vmicrdv - ok
17:31:03.0653 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:31:03.0669 0x18dc  vmicshutdown - ok
17:31:03.0685 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:31:03.0700 0x18dc  vmictimesync - ok
17:31:03.0721 0x18dc  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:31:03.0726 0x18dc  vmicvss - ok
17:31:03.0757 0x18dc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:31:03.0773 0x18dc  volmgr - ok
17:31:03.0788 0x18dc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:31:03.0804 0x18dc  volmgrx - ok
17:31:03.0820 0x18dc  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:31:03.0835 0x18dc  volsnap - ok
17:31:03.0851 0x18dc  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:31:03.0867 0x18dc  vpci - ok
17:31:03.0898 0x18dc  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
17:31:03.0913 0x18dc  vpcivsp - ok
17:31:03.0929 0x18dc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:31:03.0945 0x18dc  vsmraid - ok
17:31:04.0007 0x18dc  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:31:04.0054 0x18dc  VSS - ok
17:31:04.0070 0x18dc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:31:04.0085 0x18dc  VSTXRAID - ok
17:31:04.0148 0x18dc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:31:04.0163 0x18dc  vwifibus - ok
17:31:04.0210 0x18dc  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:31:04.0226 0x18dc  vwififlt - ok
17:31:04.0242 0x18dc  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:31:04.0257 0x18dc  vwifimp - ok
17:31:04.0304 0x18dc  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
17:31:04.0320 0x18dc  W32Time - ok
17:31:04.0335 0x18dc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:31:04.0335 0x18dc  WacomPen - ok
17:31:04.0429 0x18dc  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:31:04.0460 0x18dc  wbengine - ok
17:31:04.0492 0x18dc  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:31:04.0507 0x18dc  WbioSrvc - ok
17:31:04.0554 0x18dc  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:31:04.0570 0x18dc  Wcmsvc - ok
17:31:04.0601 0x18dc  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:31:04.0617 0x18dc  wcncsvc - ok
17:31:04.0655 0x18dc  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:31:04.0671 0x18dc  WcsPlugInService - ok
17:31:04.0702 0x18dc  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:31:04.0718 0x18dc  WdBoot - ok
17:31:04.0760 0x18dc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:31:04.0791 0x18dc  Wdf01000 - ok
17:31:04.0807 0x18dc  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:31:04.0822 0x18dc  WdFilter - ok
17:31:04.0854 0x18dc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:31:04.0869 0x18dc  WdiServiceHost - ok
17:31:04.0869 0x18dc  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:31:04.0885 0x18dc  WdiSystemHost - ok
17:31:04.0916 0x18dc  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:31:04.0916 0x18dc  WdNisDrv - ok
17:31:04.0947 0x18dc  WdNisSvc - ok
17:31:04.0994 0x18dc  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:31:05.0025 0x18dc  WebClient - ok
17:31:05.0057 0x18dc  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:31:05.0072 0x18dc  Wecsvc - ok
17:31:05.0104 0x18dc  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:31:05.0119 0x18dc  WEPHOSTSVC - ok
17:31:05.0150 0x18dc  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:31:05.0182 0x18dc  wercplsupport - ok
17:31:05.0197 0x18dc  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:31:05.0213 0x18dc  WerSvc - ok
17:31:05.0244 0x18dc  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:31:05.0260 0x18dc  WFPLWFS - ok
17:31:05.0291 0x18dc  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:31:05.0291 0x18dc  WiaRpc - ok
17:31:05.0322 0x18dc  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:31:05.0338 0x18dc  WIMMount - ok
17:31:05.0338 0x18dc  WinDefend - ok
17:31:05.0385 0x18dc  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:31:05.0792 0x18dc  WinHttpAutoProxySvc - ok
17:31:05.0924 0x18dc  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:31:06.0237 0x18dc  Winmgmt - ok
17:31:06.0502 0x18dc  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:31:06.0853 0x18dc  WinRM - ok
17:31:06.0900 0x18dc  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
17:31:07.0181 0x18dc  WinUsb - ok
17:31:07.0384 0x18dc  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:31:07.0665 0x18dc  WlanSvc - ok
17:31:07.0832 0x18dc  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:31:08.0187 0x18dc  wlidsvc - ok
17:31:08.0218 0x18dc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:31:08.0233 0x18dc  WmiAcpi - ok
17:31:08.0280 0x18dc  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:31:08.0296 0x18dc  wmiApSrv - ok
17:31:08.0312 0x18dc  WMPNetworkSvc - ok
17:31:08.0358 0x18dc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:31:08.0515 0x18dc  Wof - ok
17:31:08.0640 0x18dc  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:31:08.0671 0x18dc  workfolderssvc - ok
17:31:08.0733 0x18dc  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:31:08.0733 0x18dc  wpcfltr - ok
17:31:08.0765 0x18dc  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:31:08.0780 0x18dc  WPCSvc - ok
17:31:08.0804 0x18dc  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:31:08.0820 0x18dc  WPDBusEnum - ok
17:31:08.0866 0x18dc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:31:08.0882 0x18dc  WpdUpFltr - ok
17:31:08.0905 0x18dc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:31:08.0909 0x18dc  ws2ifsl - ok
17:31:08.0956 0x18dc  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:31:08.0971 0x18dc  wscsvc - ok
17:31:08.0971 0x18dc  WSearch - ok
17:31:09.0096 0x18dc  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
17:31:09.0174 0x18dc  WSService - ok
17:31:09.0284 0x18dc  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:31:09.0362 0x18dc  wuauserv - ok
17:31:09.0409 0x18dc  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:31:09.0424 0x18dc  WudfPf - ok
17:31:09.0440 0x18dc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:31:09.0456 0x18dc  WUDFRd - ok
17:31:09.0487 0x18dc  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:31:09.0503 0x18dc  wudfsvc - ok
17:31:09.0503 0x18dc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
17:31:09.0518 0x18dc  WUDFWpdFs - ok
17:31:09.0518 0x18dc  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
17:31:09.0534 0x18dc  WUDFWpdMtp - ok
17:31:09.0565 0x18dc  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:31:09.0581 0x18dc  WwanSvc - ok
17:31:09.0784 0x18dc  [ 2AC426C57AC3D6A226D66E5A03223C90, 45AD44153D280E4066BA62260CE7733AC3DC23D59951BBCC0F8D4F5226F97203 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
17:31:09.0844 0x18dc  ZeroConfigService - ok
17:31:09.0859 0x18dc  ================ Scan global ===============================
17:31:09.0891 0x18dc  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
17:31:09.0922 0x18dc  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
17:31:09.0963 0x18dc  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
17:31:09.0979 0x18dc  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
17:31:09.0979 0x18dc  [ Global ] - ok
17:31:09.0979 0x18dc  ================ Scan MBR ==================================
17:31:09.0994 0x18dc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:31:10.0073 0x18dc  \Device\Harddisk0\DR0 - ok
17:31:10.0088 0x18dc  ================ Scan VBR ==================================
17:31:10.0104 0x18dc  [ 7591C3862CADEFC04C7FCFF91AA2C5C7 ] \Device\Harddisk0\DR0\Partition1
17:31:10.0119 0x18dc  \Device\Harddisk0\DR0\Partition1 - ok
17:31:10.0135 0x18dc  [ D66E2EC064BEFC56862FCB5063933E22 ] \Device\Harddisk0\DR0\Partition2
17:31:10.0151 0x18dc  \Device\Harddisk0\DR0\Partition2 - ok
17:31:10.0166 0x18dc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:31:10.0166 0x18dc  \Device\Harddisk0\DR0\Partition3 - ok
17:31:10.0166 0x18dc  [ 376F1F914B9D8318E56AB9C0C37963CE ] \Device\Harddisk0\DR0\Partition4
17:31:10.0182 0x18dc  \Device\Harddisk0\DR0\Partition4 - ok
17:31:10.0213 0x18dc  [ 11546C81A511B20E2D20AAA226B037E0 ] \Device\Harddisk0\DR0\Partition5
17:31:10.0229 0x18dc  \Device\Harddisk0\DR0\Partition5 - ok
17:31:10.0229 0x18dc  [ EF3872155CE4634557AEC8EA5A26773D ] \Device\Harddisk0\DR0\Partition6
17:31:10.0244 0x18dc  \Device\Harddisk0\DR0\Partition6 - ok
17:31:10.0276 0x18dc  [ 9101D1594FA0E7022403F0B7804242D6 ] \Device\Harddisk0\DR0\Partition7
17:31:10.0307 0x18dc  \Device\Harddisk0\DR0\Partition7 - ok
17:31:10.0338 0x18dc  [ 0A7DE69C0DC6CDE894E8366DF4E5352C ] \Device\Harddisk0\DR0\Partition8
17:31:10.0338 0x18dc  \Device\Harddisk0\DR0\Partition8 - ok
17:31:10.0338 0x18dc  ================ Scan generic autorun ======================
17:31:10.0432 0x18dc  [ 51F358BE1583FB3246020E36DEEB3E0F, 23E096D57FF2D45168FF5AFF48C10A2E0A144708CD046B1C4F3897205CC8A147 ] C:\WINDOWS\system32\igfxtray.exe
17:31:10.0448 0x18dc  IgfxTray - ok
17:31:10.0557 0x18dc  [ 1218C5653632440C18ECEA89D1CA4575, AF0E7AA60890C52A257D3501FFE652E95F095407A7C6F6F4F00162A9F7DE7C2D ] C:\WINDOWS\system32\hkcmd.exe
17:31:10.0573 0x18dc  HotKeysCmds - ok
17:31:10.0744 0x18dc  [ CC8EB098AEDF4BC97D3004A182099EED, 6ADFB7CB5047C47D86C769F21191B12D2F3FD3BC96665B4CCFD8C8DA44C64ED9 ] C:\WINDOWS\system32\igfxpers.exe
17:31:10.0776 0x18dc  Persistence - ok
17:31:11.0078 0x18dc  [ E9D228970356F01DB68E531A0F173FB8, B23032DFEA446CF4D5E75D6CC3F049314EC9EB2D4E9BEB1883D4AC4BC2631A6B ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
17:31:11.0125 0x18dc  CanonMyPrinter - ok
17:31:11.0297 0x18dc  [ 605BB2B2A2171D3F5748F4919E80E6C7, 4EBAAE4E2122048603D058C83E32C56F64F8FB9E7B9BB2F83E659BFFD7CB12EE ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
17:31:11.0313 0x18dc  CanonSolutionMenu - ok
17:31:11.0438 0x18dc  [ 1315C5C5C54CE2AA37A155F97027DB59, 70CDA6AE7FF4FD08FAD931477C524957952EDC89985696FD988B9786A349C565 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
17:31:11.0453 0x18dc  AdobeAAMUpdater-1.0 - ok
17:31:11.0500 0x18dc  [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:31:11.0516 0x18dc  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
17:31:11.0516 0x18dc  Detect skipped due to KSN trusted
17:31:11.0516 0x18dc  IAStorIcon - ok
17:31:12.0146 0x18dc  [ 3639BEC808929AA13974D420D4C609F8, 2BCAB4AC5F493D71B9CBADDA0DF8C018C526F06A956D4A140F7BD4531371290D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:31:12.0365 0x18dc  RtHDVCpl - ok
17:31:12.0459 0x18dc  [ 690051005AED736DA0F5DD40DA5937DB, FA3CD1CF50EFEE6AAFCAAC4D3FE6699ADB2BD7DCC497CA994AAABD8B45B157E0 ] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
17:31:12.0474 0x18dc  Autodesk Sync - ok
17:31:12.0474 0x18dc  SynTPEnh - ok
17:31:12.0537 0x18dc  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
17:31:12.0552 0x18dc  CLMLServer_For_P2G8 - ok
17:31:12.0584 0x18dc  [ 44C5C8A5DF192FDC4D530F57612FA49C, DD8D69698361CBD042AEB69BC040DAD92BB642429B68A9169247E1A8A96D391D ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
17:31:12.0599 0x18dc  CLVirtualDrive - ok
17:31:12.0646 0x18dc  [ AE29724E282EDBE7D0F49E9982642EFD, E7637C08A35F1D7AF810500804FAC45557C5598FA887BE26484B50D305213658 ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
17:31:12.0646 0x18dc  RemoteControl10 - ok
17:31:12.0740 0x18dc  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
17:31:12.0755 0x18dc  Intel AppUp(SM) center - ok
17:31:12.0818 0x18dc  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:31:12.0849 0x18dc  avgnt - ok
17:31:12.0880 0x18dc  [ 12916E0642E92561C98B18A2A2D01B14, 4C28478CFE25E1F29AEF8BA6F2FAF3E6C2B34BF18CA77052813903E10ADDCCD5 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:31:12.0896 0x18dc  SunJavaUpdateSched - ok
17:31:12.0968 0x18dc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:31:12.0999 0x18dc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
17:31:12.0999 0x18dc  Detect skipped due to KSN trusted
17:31:12.0999 0x18dc  SwitchBoard - ok
17:31:13.0150 0x18dc  [ 8FE651ACBA3344E645CFEB6286FFF6B8, ECE4DFFEB7EB0B19B6790FD0F619A5C4B23CA0BA9CC3F25924925F8EA07264B6 ] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
17:31:13.0182 0x18dc  AdobeCS6ServiceManager - ok
17:31:13.0291 0x18dc  [ E4EFC2CDC71E0698CB81A4D60C3FADFF, 0278452E7FE903053A470EFA0C7813E9C43517EC0C8C9E42C5A9A3C99146D06B ] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
17:31:13.0322 0x18dc  IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
17:31:13.0463 0x18dc  [ F6B7C701F4AA5F7BBEC8F4BEA47100E2, E04CA6F629693CFAA1632A7B7DD877BDF80133853DC7C9B40D5865B9C196B5E8 ] C:\Program Files (x86)\Origin\Origin.exe
17:31:13.0525 0x18dc  EADM - ok
17:31:13.0603 0x18dc  [ 564CB6EACE4064BB4C7815435D035D6A, 19438A697F589598AAF88D80CC7B51AC832FED9BD2088299C43FAF520854AA42 ] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
17:31:13.0635 0x18dc  GarminExpressTrayApp - ok
17:31:13.0697 0x18dc  [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
17:31:13.0713 0x18dc  AutoStartNPSAgent - ok
17:31:13.0791 0x18dc  [ F120335CFD86E98967AD5F77905E981D, B401356E48B649070E733F57CBF7092522D5ACE348856EFAE1AA92F7C11DADDB ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
17:31:13.0822 0x18dc  KiesPreload - ok
17:31:13.0854 0x18dc  [ B349B9F81A073CC3774CE2130310C477, 16DEC5F9D329E72BDB6CE704C3C81ADA7ABEE5BC72FE589F1BAAFD0B63D8AB3C ] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
17:31:13.0854 0x18dc  phonostar-PlayerTimer - detected UnsignedFile.Multi.Generic ( 1 )
17:31:13.0854 0x18dc  Detect skipped due to KSN trusted
17:31:13.0854 0x18dc  phonostar-PlayerTimer - ok
17:31:13.0992 0x18dc  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] C:\Program Files (x86)\Steam\Steam.exe
17:31:14.0039 0x18dc  Steam - ok
17:31:14.0159 0x18dc  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
17:31:14.0174 0x18dc  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
17:31:14.0174 0x18dc  Detect skipped due to KSN trusted
17:31:14.0174 0x18dc  SpybotPostWindows10UpgradeReInstall - ok
17:31:14.0346 0x18dc  [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe
17:31:14.0424 0x18dc  Spybot-S&D Cleaning - ok
17:31:14.0612 0x18dc  [ 2EC58592401DF51E46BF79523A5E35F2, 2B3CFC4FD12D2C1DF33E7F815F4453FDBDF4C6672BFE32D038CED0F16398EB46 ] C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_16_0_0_305_Plugin.exe
17:31:14.0627 0x18dc  FlashPlayerUpdate - ok
17:31:14.0627 0x18dc  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
17:31:14.0627 0x18dc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
17:31:14.0627 0x18dc  Win FW state via NFP2: enabled ( trusted )
17:31:17.0014 0x18dc  ============================================================
17:31:17.0014 0x18dc  Scan finished
17:31:17.0014 0x18dc  ============================================================
17:31:17.0014 0x1ba4  Detected object count: 1
17:31:17.0014 0x1ba4  Actual detected object count: 1
17:33:06.0041 0x1ba4  launcherservice ( UnsignedFile.Multi.Generic ) - skipped by user
17:33:06.0041 0x1ba4  launcherservice ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Habe nach dem Protokoll von TDSSKIller
die Ausführung angeklickt
danach nochmals durlaufen lassen
dann hat er 7 Dateien gefunden
Code:
ATTFilter
19:19:35.0163 0x1844  Scan finished
19:19:35.0163 0x1844  ============================================================
19:19:35.0179 0x0f50  Detected object count: 7
19:19:35.0179 0x0f50  Actual detected object count: 7
19:20:08.0812 0x0f50  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  MDM ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  phonostar-PlayerTimer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:20:08.0812 0x0f50  SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - skipped by user
19:20:08.0812 0x0f50  SpybotPostWindows10UpgradeReInstall ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:21:19.0929 0x116c  Deinitialize success
         
Nochmals Adware cleaner
Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 05/01/2016 um 13:31:19
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center  (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Description
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1104 Bytes] ##########
         
Code:
ATTFilter
# AdwCleaner v5.028 - Bericht erstellt am 05/01/2016 um 13:27:46
# Aktualisiert am 04/01/2016 von Xplode
# Datenbank : 2016-01-04.2 [Server]
# Betriebssystem : Windows 8.1 Pro with Media Center  (x64)
# Benutzername : Andreas - OLIVER
# Gestartet von : C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Description
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\productivityboss.dl.tb.ask.com

***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [909 Bytes] ##########
         
Antimalware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 05.01.2016
Suchlaufzeit: 16:05
Protokolldatei: antimaleware 05.12.  17.00 Uhr.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.01.05.04
Rootkit-Datenbank: v2015.12.26.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Andreas

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 427771
Abgelaufene Zeit: 43 Min., 0 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ESTE Online-Scann
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# end=init
# utc_time=2016-01-05 04:13:25
# local_time=2016-01-05 05:13:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27501
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# end=updated
# utc_time=2016-01-05 04:16:47
# local_time=2016-01-05 05:16:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=23fb86eff63a6f4094ee47d1c811e981
# engine=27501
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-05 07:21:05
# local_time=2016-01-05 08:21:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 11484198 59428145 0 0
# scanned=478388
# found=14
# cleaned=0
# scan_time=11057
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=54E15990C12358B8876C804C3C7EE08D96156F85 ft=1 fh=108fb7b57305e57b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer(1).exe"
sh=902399D39CADD3051CB940F0F4D740DD2E8D0776 ft=1 fh=064523198c7dc028 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer.exe"
sh=DCC1AC6D325239F4B73E4E60B7D0F737B7B3817B ft=1 fh=3a8913d52bf87674 vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\disk-defrag-setup.exe"
sh=9EB9BA4C559B7AEBE059A42A348327FFDE21075A ft=1 fh=c4d55f96e957cfd3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer(1).exe"
sh=64B35B044602337D1C765F3EA7995412403E8F4A ft=1 fh=4162ffcaac94070e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Andreas\Downloads\MyPhoneExplorer_1.8.5.exe"
sh=994F86E28C39280086B61C2A549252549BABD46A ft=1 fh=40b5aa8f3d6d4063 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="D:\Download\cpu-z_1.62-setup-en.exe"
sh=13287F94C77CE22E0C11855F6DD07512CC74C105 ft=1 fh=080273d70ec48dd3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="D:\Download\FreeStudio590.exe"
sh=64131EBCE68286BAAEFAC74F12628EBFC159B7CB ft=1 fh=252d3f247af8095f vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="D:\Download\PDFCreator-1_6_1_setup.exe"
sh=34A619E0795F52DB39262CF86ADCF0D6DF84476A ft=1 fh=5621164713ac1697 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Download\zafwSetupWeb_102_064_000.exe"
sh=87337331ED3B70706C8E9B91F7C5CE6474110588 ft=1 fh=7ae9f71c25b93d05 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="D:\Download\zaSetupWeb_110_000_020.exe"
sh=EEA83DB49F52CDCC3BDB69A3E3FDF2FD91419233 ft=1 fh=f78ee07fd38aa416 vn="Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung" ac=I fn="D:\Download\Nero 8\Nero 8.3.2.1.exe"
sh=EAE2784C9115FE9CFA44A116B74E72C1BCCFA7F6 ft=1 fh=2e79e77116fe19c4 vn="Win32/WebDevAZ.C evtl. unerwünschte Anwendung" ac=I fn="D:\USB-Grün\MyPhoneExplorer_1.8.5.exe"
         
ESTE Online-Scann
Code:
ATTFilter
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir	Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer(1).exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\Demo BeamNG Drive - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\disk-defrag-setup.exe	Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer(1).exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\LanguageTool-2.8 - CHIP-Installer.exe	Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Andreas\Downloads\MyPhoneExplorer_1.8.5.exe	Win32/WebDevAZ.C evtl. unerwünschte Anwendung
D:\Download\cpu-z_1.62-setup-en.exe	MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung
D:\Download\FreeStudio590.exe	Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung
D:\Download\PDFCreator-1_6_1_setup.exe	Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung
D:\Download\zafwSetupWeb_102_064_000.exe	Win32/Toolbar.Conduit evtl. unerwünschte Anwendung
D:\Download\zaSetupWeb_110_000_020.exe	Win32/Toolbar.Conduit evtl. unerwünschte Anwendung
D:\Download\Nero 8\Nero 8.3.2.1.exe	Win32/Toolbar.AskSBar evtl. unerwünschte Anwendung
D:\USB-Grün\MyPhoneExplorer_1.8.5.exe	Win32/WebDevAZ.C evtl. unerwünschte Anwendung
         

Alt 08.01.2016, 19:55   #9
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Abschließend noch die letzten FRST von Heute
Ich hoffe ich habe soweit alles richtig verstanden und ausgeführt
leider etwas viel lese-text geworden
mit freundlichen Grüßen
Andreas
und Dank im Vorraus
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-01-2015
durchgeführt von Andreas (Administrator) auf OLIVER (08-01-2016 18:38:40)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2011-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [2904984 2011-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] ()
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: [] 
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2011-09-05] (Adobe Systems Incorporated)

FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default
FF NewTab: hxxps://www.google.de/
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( )
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22]
FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17]
FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31]
FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-03-09] [ist nicht signiert]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-08] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 18:28 - 2016-01-05 13:30 - 00000991 _____ C:\Users\Andreas\Desktop\AdwCleaner[S3].txt
2016-01-08 18:27 - 2016-01-04 21:18 - 00000987 _____ C:\Users\Andreas\Desktop\AdwCleaner[S2].txt
2016-01-08 18:26 - 2016-01-04 19:21 - 00259818 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt
2016-01-08 18:25 - 2016-01-04 19:15 - 00514432 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt
2016-01-07 14:02 - 2016-01-07 14:02 - 00071339 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016 14.00 Uhr.txt
2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Downloads\FRST 07.01.2016.txt
2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016.txt
2016-01-07 13:41 - 2016-01-07 13:41 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe
2016-01-07 13:39 - 2016-01-07 13:39 - 00004002 _____ C:\Users\Andreas\Desktop\ESTE Online-Scanner log 05.01.2016.txt
2016-01-07 13:28 - 2016-01-07 13:28 - 00003078 _____ C:\Users\Andreas\Desktop\ESET Online Scanner .txt
2016-01-05 17:13 - 2016-01-05 17:13 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-05 17:11 - 2016-01-05 17:11 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe
2016-01-05 17:06 - 2016-01-05 17:06 - 00001211 _____ C:\Users\Andreas\Desktop\antimaleware 05.12.  17.00 Uhr.txt
2016-01-05 16:05 - 2016-01-08 18:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-05 16:04 - 2016-01-05 16:04 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-05 16:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-05 16:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-05 16:04 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-05 16:02 - 2016-01-05 16:03 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024(1).exe
2016-01-05 15:51 - 2016-01-05 15:51 - 00004993 _____ C:\Users\Andreas\Desktop\Antimailware 2.txt
2016-01-05 15:51 - 2016-01-05 15:51 - 00001467 _____ C:\Users\Andreas\Desktop\Antimailware 4.txt
2016-01-05 15:51 - 2016-01-05 15:51 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 3.txt
2016-01-05 15:50 - 2016-01-05 15:50 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 1.txt
2016-01-05 14:36 - 2016-01-05 14:36 - 00001190 _____ C:\Users\Andreas\Desktop\AdwCleaner[C2] 05.01.2016  13.30 Uhr.txt
2016-01-05 13:23 - 2016-01-05 13:23 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(3).exe
2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(2).exe
2016-01-05 13:18 - 2016-01-05 13:18 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(1).exe
2016-01-05 13:16 - 2016-01-05 13:16 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028.exe
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.22Uhr.txt
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.21Uhr.txt
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.20Uhr.txt
2016-01-04 19:17 - 2016-01-04 19:21 - 00259818 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt
2016-01-04 19:15 - 2016-01-04 19:15 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-01-04 19:11 - 2016-01-04 19:15 - 00514432 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt
2016-01-04 19:10 - 2016-01-04 19:10 - 00062665 _____ C:\Users\Andreas\Desktop\FRST 19.10 Uhr.txt
2016-01-04 19:10 - 2016-01-04 19:10 - 00057162 _____ C:\Users\Andreas\Desktop\FRST_04-01-2016_17-13-36    19.10 Uhr.txt
2016-01-04 19:02 - 2016-01-04 19:02 - 00001206 _____ C:\Users\Andreas\Desktop\antimaleware 19.00 Uhr.txt
2016-01-04 17:59 - 2016-01-04 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-04 17:58 - 2016-01-04 17:58 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-04 17:55 - 2016-01-04 17:55 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1]nach Neustart.txt
2016-01-04 17:44 - 2016-01-04 17:44 - 00507278 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt
2016-01-04 17:26 - 2016-01-04 17:47 - 00757750 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt
2016-01-04 17:26 - 2016-01-04 17:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Downloads\tdsskiller.exe
2016-01-04 17:21 - 2016-01-04 17:21 - 00057162 _____ C:\Users\Andreas\Desktop\FRST.txt
2016-01-04 17:21 - 2016-01-04 17:21 - 00003046 _____ C:\Users\Andreas\Desktop\AdwCleaner[S1].txt
2016-01-04 17:19 - 2016-01-04 17:19 - 00061325 _____ C:\Users\Andreas\Desktop\Addition.txt
2016-01-04 17:13 - 2016-01-04 17:13 - 00061325 _____ C:\Users\Andreas\Downloads\Addition.txt
2016-01-04 17:12 - 2016-01-08 18:39 - 00027131 _____ C:\Users\Andreas\Downloads\FRST.txt
2016-01-04 17:11 - 2016-01-08 18:38 - 00000000 ____D C:\FRST
2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2016-01-04 17:04 - 2016-01-05 13:31 - 00000000 ____D C:\AdwCleaner
2016-01-04 16:39 - 2016-01-08 13:43 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien
2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf
2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf
2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf
2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf
2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf
2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf
2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf
2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf
2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe
2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft
2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe
2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java
2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt
2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game
2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime
2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf
2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf
2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf
2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile
2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf
2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf
2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf
2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf
2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf
2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf
2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf
2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf
2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf
2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf
2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf
2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf
2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf
2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf
2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf
2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf
2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf
2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf
2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf
2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf
2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf
2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf
2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf
2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf
2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf
2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf
2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf
2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf
2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf
2015-12-09 11:54 - 2015-12-09 11:54 - 00224529 _____ C:\Users\Andreas\Downloads\illbruck_de-de-tp652-.ab.01.10.15-web(1).pdf
2015-12-09 09:08 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 09:08 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 09:08 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 09:08 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 09:08 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 09:08 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 09:08 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 09:08 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 09:08 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 09:08 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 09:08 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 09:08 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 09:08 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 09:08 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 09:08 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 09:08 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 09:08 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 09:08 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 09:08 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 09:08 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 09:08 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 09:08 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 09:08 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 09:08 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 09:08 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 09:08 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 09:08 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 09:08 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 09:08 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 09:08 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 09:08 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 09:08 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 09:08 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 09:08 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 09:08 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 09:07 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 09:07 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 09:07 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 09:07 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 09:07 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 09:07 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 09:07 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 09:07 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 09:07 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 09:07 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 09:07 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 09:07 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 09:07 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 09:07 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 09:07 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 09:07 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 09:07 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 09:07 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 09:07 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 09:07 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 09:07 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 09:07 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 09:07 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 09:07 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 09:07 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 09:07 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 09:07 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 09:07 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 09:07 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 09:07 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 09:07 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 09:07 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 09:07 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 09:07 - 2015-10-11 07:34 - 00468824 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 09:07 - 2015-10-11 07:34 - 00462168 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00443224 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00092504 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 09:07 - 2015-10-11 07:34 - 00027992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 09:07 - 2015-10-10 19:41 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 09:07 - 2015-10-10 19:40 - 00078848 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winusb.sys
2015-12-09 09:07 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 09:07 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 09:07 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 09:07 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 09:07 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-09 09:07 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 09:07 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-08 13:45 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas
2016-01-08 13:43 - 2015-02-10 15:31 - 00189952 ___SH C:\Users\Andreas\Documents\Thumbs.db
2016-01-08 13:25 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon
2016-01-08 13:24 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2016-01-08 13:23 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-08 13:23 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-08 13:22 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2016-01-08 13:22 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 13:19 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-07 18:55 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-01-07 14:45 - 2012-11-29 12:12 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003
2016-01-07 13:39 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db
2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-05 13:32 - 2014-10-19 19:39 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-05 13:32 - 2013-05-14 17:31 - 00196143 ____N C:\WINDOWS\Minidump\010516-26390-01.dmp
2016-01-04 19:15 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-04 18:59 - 2014-09-10 19:21 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList
2016-01-04 18:51 - 2015-07-24 12:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-04 18:51 - 2015-07-23 20:48 - 00000000 ____D C:\Program Files\Rockstar Games
2016-01-04 18:01 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-04 18:01 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-04 18:01 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-04 18:01 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-04 17:13 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db
2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS
2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT
2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-11 09:49 - 2013-08-22 15:44 - 05429400 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 09:35 - 2014-08-24 20:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 09:35 - 2013-01-01 17:01 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 09:34 - 2014-08-24 20:45 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 09:32 - 2013-09-16 15:55 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 09:26 - 2012-12-17 19:31 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip
2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml
2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt
2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg
2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-08 14:04

==================== Ende von FRST.txt ============================
         
Addition
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-01-2015
durchgeführt von Andreas (2016-01-08 18:39:29)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.1 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version:  - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version:  - Nordic Games)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version:  - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version:  - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version:  - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports  (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\en-US\acadficn.dll (Autodesk, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05208D44-3084-4240-A7BD-16942B2EF02D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {271A966B-8197-4093-B9DB-9922655525A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {8C6FBA75-C331-4694-B87A-BC734E21936F} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-andreas-woelfle@hotmail.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {AC11F914-50F2-4825-ADAF-67935759C791} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Tools\Media\Notepad++\NppShell_05.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2012-11-29 22:59 - 2012-11-29 22:59 - 00093696 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09433235.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09433235.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

08-01-2016 13:58:31 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/08/2016 01:44:28 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/08/2016 01:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x14a0
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5

Error: (01/08/2016 01:20:11 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/08/2016 01:20:11 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/07/2016 04:04:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x1174
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5

Error: (01/07/2016 01:40:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/07/2016 01:40:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/07/2016 01:37:52 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/07/2016 04:25:26 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/07/2016 04:20:16 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (01/08/2016 01:19:07 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/07/2016 06:54:02 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.

Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys

Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys

Error: (01/05/2016 05:15:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (01/05/2016 05:15:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Andreas\AppData\Local\Temp\ehdrv.sys


======== Speicherinformationen ====

Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 80%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 1555.91 MB
Summe virtueller Speicher: 16271.39 MB
Verfügbarer virtueller Speicher: 8967.11 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:378.94 GB) (Free:146.22 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS

== MBR & Partitionstabelle ==

Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 09.01.2016, 07:05   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Zitat:
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
Du hast gecrackte Adobe Software auf dem Rechner

Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 09.01.2016, 22:06   #11
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Hallo cosinus,

Danke für die Info
Adobe Programm war drauf und wurde komplett deinstaliert
Adobe Reader XI , Adobe Air und Adobe Flash player wurde beibehalten

Neue FRST und Addition hänge ich an
(allerdings ist der Info-Code den du mir als hinweis gegeben hast noch immer vorhanden)

noch zur info: email mit dok-word Dokument wurde nicht am 19.12.2015 geöffnet sondern vermutlich 21.12 oder 22.12.2015 da habe ich im Download-Ordner ein unbekante Datei gefunden
ViewProduktAttrachment-OpenFile 22.12.2015 15:03 Datei 358KB

Mit freundlichen Grüßen
Andreas

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:06-01-2015
durchgeführt von Andreas (Administrator) auf OLIVER (09-01-2016 21:32:21)
Gestartet von C:\Users\Andreas\Downloads
Geladene Profile: Andreas (Verfügbare Profile: Andreas & MSSQL$SQLEXPRESS)
Platform: Windows 8.1 Pro with Media Center (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
(DATA BECKER GmbH & Co KG) C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Condusiv Technologies) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(Samsung Electronics CO., LTD.) C:\ProgramData\SAMSUNG\SW Update Service\SWMAgent.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
() C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Samsung Electronics CO., LTD.) C:\Program Files\Samsung\S Agent\CommonAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2710856 2009-11-01] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-03] (CANON INC.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13677784 2014-09-29] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [415680 2012-02-05] (Autodesk, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2793200 2013-11-29] (Synaptics Incorporated)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-12] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [97392 2012-08-15] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WekaUpdateCenter] => C:\Program Files (x86)\Common Files\Weka\Update Manager\WekaUpdateManager.exe [198000 2012-03-01] (Haufe-Lexware GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1828136 2008-02-28] (Nero AG)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-18] (Electronic Arts)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1093976 2013-09-19] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1566016 2015-07-27] (Samsung)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [phonostar-PlayerTimer] => C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe [42496 2014-12-04] ()
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Run: [Spybot-S&D Cleaning] => C:\Tools\System\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Policies\Explorer: [] 
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\MountPoints2: {0301ea6d-eaec-11e3-8040-c48508d4a372} - "F:\iStudio.exe" 
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs: ,C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-11] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [156256 2013-11-11] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Symbol-Overlay-Steuerprogramm für AutoCAD Digitale Signaturen] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2012-02-06] (Autodesk, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk [2014-08-24]
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk [2013-03-13]
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0CBAE8C9-0F58-427E-817D-95609070D6E2}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{C1373ACE-7D17-460E-98DE-31CEBF2DCF1E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung13.msn.com
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> DefaultScope {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
SearchScopes: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003 -> {F7E9B3D9-56D2-4C05-9AE7-BEAB4E8B30CE} URL = 
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2012-06-14] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-13] (Oracle Corporation)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2012-06-14] (CANON INC.)

FireFox:
========
FF ProfilePath: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default
FF NewTab: hxxps://www.google.de/
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-19] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-19] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-04] (CANON INC.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-03-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-27] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Tools\Media\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @phonostar.de/phonostar-Player -> C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll [2015-01-23] ( )
FF Plugin HKU\S-1-5-21-3658493019-1111599900-2463904087-1003: @protectdisc.com/NPPDLicenseHelper -> C:\Users\Andreas\AppData\Roaming\ProtectDisc\License Helper v2\NPPDLicenseHelper.dll [2009-06-25] ( )
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\englische-ergebnisse.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\gmx-suche.xml [2014-06-05]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\lastminute.xml [2014-04-10]
FF SearchPlugin: C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\searchplugins\webde-suche.xml [2014-06-05]
FF Extension: Garmin Communicator - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2015-06-22]
FF Extension: GMX MailCheck - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\extensions\mailcheck@gmx.net [2015-12-17]
FF Extension: Avira Browser Safety - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\abs@avira.com [2015-12-31]
FF Extension: Adblock Plus - C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Profiles\l38lhrwd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [19232 2012-01-31] (Autodesk, Inc.)
S4 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2013-12-26] (Autodesk)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 DBService; C:\Program Files (x86)\Common Files\DATA BECKER Shared\DBService.exe [189776 2010-10-28] (DATA BECKER GmbH & Co KG)
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593152 2014-01-29] (Samsung Electronics CO., LTD.)
S4 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250200 2013-09-19] (Garmin Ltd or its subsidiaries)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-18] (Intel Corporation)
R2 IntelliMemory; C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe [64848 2012-08-06] (Condusiv Technologies)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [191064 2012-02-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273136 2013-08-28] ()
S4 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [529704 2008-02-28] (Nero AG)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-18] (Electronic Arts)
S2 pr2ah4nc; C:\Windows\system32\pr2ah4nc.exe [754288 2007-05-18] (CODEMASTERS)
R2 SDScannerService; C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Tools\System\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL11.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [597080 2012-02-11] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 SWUpdateService; C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe [3000664 2014-10-21] (Samsung Electronics CO., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3378416 2013-08-28] (Intel® Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-22] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-05] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 intmfs; C:\Windows\System32\DRIVERS\intmfs.sys [24400 2012-08-06] (Condusiv Technologies)
R0 intmsd; C:\Windows\System32\DRIVERS\intmsd.sys [73552 2012-08-06] (Condusiv Technologies)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\Netwew00.sys [3345376 2013-10-08] (Intel Corporation)
R0 pe3ah4nc; C:\Windows\System32\drivers\pe3ah4nc.sys [72560 2007-05-18] (CODEMASTERS)
R0 ps6ah4nc; C:\Windows\System32\drivers\ps6ah4nc.sys [77176 2007-05-18] (CODEMASTERS)
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows (R) Win 7 DDK provider)
S4 RsFx0200; C:\Windows\System32\DRIVERS\RsFx0200.sys [334936 2012-02-11] (Microsoft Corporation)
R3 stdriver; C:\Windows\system32\DRIVERS\stdriverx64.sys [33488 2014-03-03] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 SBIOSIO; \??\C:\Users\Andreas\AppData\Local\Temp\__Samsung_Update\SBIOSIO64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 21:32 - 2016-01-09 21:32 - 00058453 _____ C:\Users\Andreas\Downloads\Addition 09.01.2016  21.00Uhr.txt
2016-01-09 21:32 - 2016-01-09 21:32 - 00000000 ___SH C:\DkHyperbootSync
2016-01-09 21:24 - 2016-01-09 21:24 - 00045783 _____ C:\Users\Andreas\Desktop\FRST 09.01.2016 21.00Uhr.txt
2016-01-08 18:43 - 2016-01-08 18:43 - 00059770 _____ C:\Users\Andreas\Desktop\FRST 08.01.2016 18.40 Uhr.txt
2016-01-08 18:41 - 2016-01-08 18:41 - 00059912 _____ C:\Users\Andreas\Desktop\FRST 08.01.2016.txt
2016-01-08 18:40 - 2016-01-08 18:40 - 00061335 _____ C:\Users\Andreas\Desktop\Addition 08.01.2016.txt
2016-01-08 18:28 - 2016-01-05 13:30 - 00000991 _____ C:\Users\Andreas\Desktop\AdwCleaner[S3].txt
2016-01-08 18:27 - 2016-01-04 21:18 - 00000987 _____ C:\Users\Andreas\Desktop\AdwCleaner[S2].txt
2016-01-08 18:26 - 2016-01-04 19:21 - 00259818 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt
2016-01-08 18:25 - 2016-01-04 19:15 - 00514432 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt
2016-01-07 14:02 - 2016-01-07 14:02 - 00071339 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016 14.00 Uhr.txt
2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Downloads\FRST 07.01.2016.txt
2016-01-07 13:51 - 2016-01-07 13:51 - 00071481 _____ C:\Users\Andreas\Desktop\FRST 07.01.2016.txt
2016-01-07 13:41 - 2016-01-07 13:41 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64(1).exe
2016-01-07 13:39 - 2016-01-07 13:39 - 00004002 _____ C:\Users\Andreas\Desktop\ESTE Online-Scanner log 05.01.2016.txt
2016-01-07 13:28 - 2016-01-07 13:28 - 00003078 _____ C:\Users\Andreas\Desktop\ESET Online Scanner .txt
2016-01-05 17:13 - 2016-01-05 17:13 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-05 17:11 - 2016-01-05 17:11 - 02870984 _____ (ESET) C:\Users\Andreas\Downloads\esetsmartinstaller_deu.exe
2016-01-05 17:06 - 2016-01-05 17:06 - 00001211 _____ C:\Users\Andreas\Desktop\antimaleware 05.12.  17.00 Uhr.txt
2016-01-05 16:05 - 2016-01-09 21:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-05 16:04 - 2016-01-05 16:04 - 00001124 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-01-05 16:04 - 2016-01-05 16:04 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-01-05 16:04 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-05 16:04 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-05 16:04 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-05 16:02 - 2016-01-05 16:03 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024(1).exe
2016-01-05 15:51 - 2016-01-05 15:51 - 00004993 _____ C:\Users\Andreas\Desktop\Antimailware 2.txt
2016-01-05 15:51 - 2016-01-05 15:51 - 00001467 _____ C:\Users\Andreas\Desktop\Antimailware 4.txt
2016-01-05 15:51 - 2016-01-05 15:51 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 3.txt
2016-01-05 15:50 - 2016-01-05 15:50 - 00001198 _____ C:\Users\Andreas\Desktop\Antimailware 1.txt
2016-01-05 14:36 - 2016-01-05 14:36 - 00001190 _____ C:\Users\Andreas\Desktop\AdwCleaner[C2] 05.01.2016  13.30 Uhr.txt
2016-01-05 13:23 - 2016-01-05 13:23 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(4).exe
2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(3).exe
2016-01-05 13:20 - 2016-01-05 13:20 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(2).exe
2016-01-05 13:18 - 2016-01-05 13:18 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028(1).exe
2016-01-05 13:16 - 2016-01-05 13:16 - 01749504 _____ C:\Users\Andreas\Downloads\adwcleaner_5.028.exe
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.22Uhr.txt
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.21Uhr.txt
2016-01-04 19:24 - 2016-01-04 19:24 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1] 19.20Uhr.txt
2016-01-04 19:17 - 2016-01-04 19:21 - 00259818 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.17.13_log.txt
2016-01-04 19:15 - 2016-01-04 19:15 - 00000000 ____D C:\TDSSKiller_Quarantine
2016-01-04 19:11 - 2016-01-04 19:15 - 00514432 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_19.11.15_log.txt
2016-01-04 19:10 - 2016-01-04 19:10 - 00062665 _____ C:\Users\Andreas\Desktop\FRST 19.10 Uhr.txt
2016-01-04 19:10 - 2016-01-04 19:10 - 00057162 _____ C:\Users\Andreas\Desktop\FRST_04-01-2016_17-13-36    19.10 Uhr.txt
2016-01-04 19:02 - 2016-01-04 19:02 - 00001206 _____ C:\Users\Andreas\Desktop\antimaleware 19.00 Uhr.txt
2016-01-04 17:59 - 2016-01-04 17:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-04 17:58 - 2016-01-04 17:58 - 22908888 _____ (Malwarebytes ) C:\Users\Andreas\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-04 17:55 - 2016-01-04 17:55 - 00003400 _____ C:\Users\Andreas\Desktop\AdwCleaner[C1]nach Neustart.txt
2016-01-04 17:44 - 2016-01-04 17:44 - 00507278 _____ C:\Users\Andreas\Desktop\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt
2016-01-04 17:26 - 2016-01-04 17:47 - 00757750 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_17.26.43_log.txt
2016-01-04 17:26 - 2016-01-04 17:26 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Andreas\Downloads\tdsskiller.exe
2016-01-04 17:21 - 2016-01-04 17:21 - 00057162 _____ C:\Users\Andreas\Desktop\FRST.txt
2016-01-04 17:21 - 2016-01-04 17:21 - 00003046 _____ C:\Users\Andreas\Desktop\AdwCleaner[S1].txt
2016-01-04 17:19 - 2016-01-04 17:19 - 00061325 _____ C:\Users\Andreas\Desktop\Addition.txt
2016-01-04 17:13 - 2016-01-09 21:08 - 00058453 _____ C:\Users\Andreas\Downloads\Addition.txt
2016-01-04 17:12 - 2016-01-09 21:32 - 00024973 _____ C:\Users\Andreas\Downloads\FRST.txt
2016-01-04 17:11 - 2016-01-09 21:32 - 00000000 ____D C:\FRST
2016-01-04 17:10 - 2016-01-04 17:11 - 02370560 _____ (Farbar) C:\Users\Andreas\Downloads\FRST64.exe
2016-01-04 17:04 - 2016-01-05 13:31 - 00000000 ____D C:\AdwCleaner
2016-01-04 16:39 - 2016-01-08 13:43 - 00000000 ____D C:\Users\Andreas\Documents\A Desktopdateien
2016-01-04 15:13 - 2016-01-04 15:13 - 00052697 _____ C:\Users\Andreas\Downloads\RE_3100134490_8753513655_20160101.pdf
2015-12-29 18:47 - 2015-12-29 18:47 - 00532721 _____ C:\Users\Andreas\Downloads\Rechnung Elmar Lorch Neckarhalde 24.pdf
2015-12-29 17:44 - 2015-12-29 17:44 - 01976669 _____ C:\Users\Andreas\Downloads\Angebot Herrn Lorch Neckarhalde 24.pdf
2015-12-29 16:39 - 2015-12-29 16:39 - 01413613 _____ C:\Users\Andreas\Downloads\Rechnung Fam.Baltzer-Noak Giebelfenster.pdf
2015-12-29 16:36 - 2015-12-29 16:36 - 02689619 _____ C:\Users\Andreas\Downloads\Rundbogenfenster Neckarhalde 24.pdf
2015-12-29 10:10 - 2015-12-29 10:10 - 00122897 _____ C:\Users\Andreas\Downloads\schoenbuchhalbmarathon2013.pdf
2015-12-29 10:03 - 2015-12-29 10:03 - 00068182 _____ C:\Users\Andreas\Downloads\2007-05-13-Leinfelden-Echterdingen-07-05-13-schoenbuch-pdf.pdf
2015-12-28 16:27 - 2015-12-28 16:27 - 03614157 _____ C:\Users\Andreas\Downloads\2015Bilder-Fenster.pdf
2015-12-25 13:38 - 2015-12-25 13:38 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-25 13:38 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2015-12-25 13:34 - 2015-12-25 13:34 - 00002031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00002019 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-12-25 13:34 - 2015-12-25 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2015-12-25 10:37 - 2015-12-25 10:37 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-25 10:33 - 2015-12-25 10:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Andreas\Downloads\spybot-2.4.40.exe
2015-12-23 19:24 - 2015-12-23 19:39 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\.minecraft
2015-12-23 19:24 - 2015-12-23 19:24 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft(1).exe
2015-12-23 19:24 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\java
2015-12-23 19:21 - 2015-12-23 20:19 - 00001470 _____ C:\Users\Andreas\Downloads\nativelog.txt
2015-12-23 19:21 - 2015-12-23 19:24 - 00000000 ____D C:\Users\Andreas\Downloads\game
2015-12-23 19:21 - 2015-12-23 19:21 - 01247112 _____ (Mojang) C:\Users\Andreas\Downloads\Minecraft.exe
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\tools
2015-12-23 19:21 - 2015-12-23 19:21 - 00000000 ____D C:\Users\Andreas\Downloads\runtime
2015-12-23 14:17 - 2015-12-23 14:17 - 00049289 _____ C:\Users\Andreas\Downloads\VR-GewinnSparen_13202006_vom_23.11.2015_20151223021734.pdf
2015-12-23 14:17 - 2015-12-23 14:17 - 00049195 _____ C:\Users\Andreas\Downloads\Mitteilung_13202006_vom_23.11.2015_20151223021732.pdf
2015-12-23 09:49 - 2015-12-23 09:49 - 00171255 _____ C:\Users\Andreas\Downloads\271183.pdf
2015-12-22 15:03 - 2015-12-22 15:03 - 00366243 _____ C:\Users\Andreas\Downloads\ViewProductAttachment-OpenFile
2015-12-22 11:23 - 2015-12-22 11:23 - 05601627 _____ C:\Users\Andreas\Downloads\kf_694_18-03-2015.pdf
2015-12-22 10:44 - 2015-12-22 10:44 - 00564782 _____ C:\Users\Andreas\Downloads\kf_614_hst_13-07-2012_06-03-2013_18-03-2015_18-03-2015.pdf
2015-12-22 10:36 - 2015-12-22 10:36 - 05513745 _____ C:\Users\Andreas\Downloads\bestellformular_kunststofffenster_28.05.2015_10-06-2015.pdf
2015-12-21 15:05 - 2015-12-21 15:05 - 00244231 _____ C:\Users\Andreas\Downloads\051001besonderer-einsatz-und-verarbeitung-farbiger-profile(1).pdf
2015-12-21 13:00 - 2015-12-21 13:00 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth(1).pdf
2015-12-21 11:34 - 2015-12-21 11:34 - 01597571 _____ C:\Users\Andreas\Downloads\Senioren_und_soziallagenbezogene_Gesundheitsfoerderung_und_Praevention(1).pdf
2015-12-21 11:29 - 2015-12-21 11:29 - 00434271 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen Teil 2.pdf
2015-12-16 10:38 - 2015-12-16 10:38 - 05821280 _____ C:\Users\Andreas\Downloads\3._arn_in-kurven_07-10-2014(1).pdf
2015-12-16 10:35 - 2015-12-16 10:35 - 03807865 _____ C:\Users\Andreas\Downloads\4._arna_in-kurven_07-10-2014(1).pdf
2015-12-16 10:29 - 2015-12-16 10:29 - 01977655 _____ C:\Users\Andreas\Downloads\2._arei_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03305335 _____ C:\Users\Andreas\Downloads\1._are_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03277743 _____ C:\Users\Andreas\Downloads\6._arr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:27 - 2015-12-16 10:27 - 03121460 _____ C:\Users\Andreas\Downloads\5._arnr_in-kurven_07-10-2014(1).pdf
2015-12-16 10:25 - 2015-12-16 10:25 - 09742494 _____ C:\Users\Andreas\Downloads\ahf_95_classic_art_09-11-2015.pdf
2015-12-15 09:32 - 2015-12-15 09:32 - 00053266 _____ C:\Users\Andreas\Downloads\Kontoauszug_13202006__Nr.0112015_vom_30.11.2015_20151215093238.pdf
2015-12-15 09:31 - 2015-12-15 09:31 - 00058584 _____ C:\Users\Andreas\Downloads\Kontoauszug_1334000__Nr.0112015_vom_30.11.2015_20151215093143.pdf
2015-12-14 17:11 - 2015-12-14 17:11 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016(1).pdf
2015-12-14 13:43 - 2015-12-14 13:43 - 00730987 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz WESTANSICHT Alt 5.1akt Kopie v2016_powermacg5.pdf
2015-12-14 13:42 - 2015-12-14 13:42 - 00533986 _____ C:\Users\Andreas\Downloads\01.12.15 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 01366764 _____ C:\Users\Andreas\Downloads\04.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel.pdf
2015-12-14 13:40 - 2015-12-14 13:40 - 00533986 _____ C:\Users\Andreas\Downloads\014.12.2015 BG Goletz SÜDANSICHT Alt 5.2akt Kopie 2 v2016.pdf
2015-12-14 13:38 - 2015-12-14 13:38 - 01369220 _____ C:\Users\Andreas\Downloads\07.12.2015 Goletz Erdgeschoss WP v2016 o. Möbel(1).pdf
2015-12-14 11:29 - 2015-12-14 11:29 - 00031481 _____ C:\Users\Andreas\Downloads\WTPG_teilweise_Selbstverantwortung.pdf
2015-12-14 11:28 - 2015-12-14 11:28 - 00042419 _____ C:\Users\Andreas\Downloads\WTPG_ambulant_betreute_WG.pdf
2015-12-14 11:25 - 2015-12-14 11:25 - 00129521 _____ C:\Users\Andreas\Downloads\WTPG_6.pdf
2015-12-14 11:24 - 2015-12-14 11:24 - 00405000 _____ C:\Users\Andreas\Downloads\WTPG_5.pdf
2015-12-14 11:23 - 2015-12-14 11:23 - 00662282 _____ C:\Users\Andreas\Downloads\WTPG_4.pdf
2015-12-14 11:22 - 2015-12-14 11:22 - 00580358 _____ C:\Users\Andreas\Downloads\WTPG_3.pdf
2015-12-14 11:21 - 2015-12-14 11:21 - 00410389 _____ C:\Users\Andreas\Downloads\WTPG_2.pdf
2015-12-14 11:20 - 2015-12-14 11:20 - 00323803 _____ C:\Users\Andreas\Downloads\WTPG_1.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00273829 _____ C:\Users\Andreas\Downloads\beratung_karl.pdf
2015-12-14 11:16 - 2015-12-14 11:16 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab(1).pdf
2015-12-14 11:11 - 2015-12-14 11:11 - 00222687 _____ C:\Users\Andreas\Downloads\beratung_knab.pdf
2015-12-14 11:08 - 2015-12-14 11:08 - 00357129 _____ C:\Users\Andreas\Downloads\falkenroth.pdf
2015-12-14 11:06 - 2015-12-14 11:06 - 00252951 _____ C:\Users\Andreas\Downloads\siegert.pdf
2015-12-14 11:02 - 2015-12-14 11:02 - 00212266 _____ C:\Users\Andreas\Downloads\stationaere_a_hilfe_hirt.pdf
2015-12-14 11:00 - 2015-12-14 11:00 - 00400182 _____ C:\Users\Andreas\Downloads\Altenarbeit - ausgewählte Rechtsfragen_Teil2(1).pdf
2015-12-14 09:35 - 2015-12-14 09:35 - 00275799 _____ C:\Users\Andreas\Downloads\3191059_14.12.2015_3191059-1_MAIL_AB_bth.pdf
2015-12-10 09:18 - 2015-12-10 09:18 - 05507334 _____ C:\Users\Andreas\Downloads\bestellformular_aluminium-kunststoff-fenster_neu_2015_18-08-2015.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-01-09 21:27 - 2012-08-24 02:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-01-09 21:08 - 2013-09-30 05:14 - 02044468 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-09 21:08 - 2013-09-30 04:58 - 00872284 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-09 21:08 - 2013-09-30 04:58 - 00193862 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-09 21:08 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-09 21:08 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-09 21:06 - 2012-11-29 12:12 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3658493019-1111599900-2463904087-1003
2016-01-09 21:04 - 2012-08-24 02:35 - 00000000 ____D C:\ProgramData\WinClon
2016-01-09 21:02 - 2015-05-03 14:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-09 21:02 - 2014-01-27 20:36 - 00000000 __RDO C:\Users\Andreas\SkyDrive
2016-01-09 21:01 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-09 21:00 - 2013-08-22 15:44 - 05431544 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-09 19:29 - 2013-11-25 22:32 - 00000000 ____D C:\Users\Andreas
2016-01-09 13:57 - 2014-03-09 12:48 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-01-09 12:29 - 2012-11-29 13:22 - 00000000 ____D C:\Users\Andreas\AppData\Local\Adobe
2016-01-09 12:21 - 2013-02-18 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-08 13:43 - 2015-02-10 15:31 - 00189952 ___SH C:\Users\Andreas\Documents\Thumbs.db
2016-01-08 13:23 - 2013-12-26 16:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 18:55 - 2013-08-22 14:25 - 01310720 ___SH C:\WINDOWS\system32\config\BBI
2016-01-07 13:39 - 2013-01-26 19:44 - 00677376 ___SH C:\Users\Andreas\Desktop\Thumbs.db
2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-07 04:18 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-05 13:32 - 2014-10-19 19:39 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-05 13:32 - 2013-05-14 17:31 - 00196143 ____N C:\WINDOWS\Minidump\010516-26390-01.dmp
2016-01-04 19:15 - 2014-02-04 18:18 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-01-04 18:59 - 2014-09-10 19:21 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieUserList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\LocalLow\EmieSiteList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieUserList
2016-01-04 18:59 - 2014-06-22 12:03 - 00000000 __SHD C:\Users\Andreas\AppData\Local\EmieSiteList
2016-01-04 18:51 - 2015-07-24 12:26 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-01-04 18:51 - 2015-07-23 20:48 - 00000000 ____D C:\Program Files\Rockstar Games
2015-12-31 11:17 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 15:03 - 2013-08-27 23:56 - 00033280 ___SH C:\Users\Andreas\Thumbs.db
2015-12-26 09:48 - 2015-04-19 06:58 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-26 09:48 - 2015-04-19 06:58 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-25 13:37 - 2014-06-22 12:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-25 13:34 - 2013-01-01 16:52 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-23 15:38 - 2014-02-06 16:14 - 00000000 ____D C:\ProgramData\CanonIJ
2015-12-23 09:40 - 2014-02-26 12:00 - 00000000 ____D C:\Users\MSSQL$SQLEXPRESS
2015-12-21 11:24 - 2013-02-23 19:59 - 00000000 ____D C:\ProgramData\Origin
2015-12-21 09:47 - 2013-10-06 13:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-21 09:47 - 2012-12-31 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-20 18:22 - 2015-04-05 10:12 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-14 09:55 - 2012-12-18 13:06 - 00000000 ____D C:\Users\Andreas\AppData\Roaming\ISSPLUS
2015-12-14 09:52 - 2012-12-18 12:59 - 00000000 ____D C:\MoveIT
2015-12-11 10:39 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-11-03 18:34 - 2015-11-03 18:35 - 98892838 _____ () C:\Program Files (x86)\BeamNG-Techdemo-0.3-setup.zip
2012-11-29 12:05 - 2014-03-10 10:59 - 0142434 _____ () C:\Users\Andreas\AppData\Roaming\AbsoluteReminder.xml
2014-03-03 09:25 - 2014-03-03 09:25 - 0001167 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt
2014-03-03 09:25 - 2014-03-03 09:25 - 0000000 _____ () C:\Users\Andreas\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2013-12-26 18:42 - 2014-06-22 13:11 - 0007607 _____ () C:\Users\Andreas\AppData\Local\Resmon.ResmonCfg
2014-11-03 11:28 - 2014-11-03 11:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-08-24 02:39 - 2012-08-08 05:07 - 2258432 _____ (Samsung Electronics) C:\ProgramData\MakeMarkerFile.exe
2012-08-24 02:39 - 2012-08-07 11:11 - 0003196 _____ () C:\ProgramData\MakeMarkerFile.xml
2015-01-01 21:37 - 2015-01-01 21:37 - 0000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Andreas\AppData\Local\Temp\avgnt.exe
C:\Users\Andreas\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-01-09 14:15

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:06-01-2015
durchgeführt von Andreas (2016-01-09 21:32:52)
Gestartet von C:\Users\Andreas\Downloads
Windows 8.1 Pro with Media Center (X64) (2013-11-26 08:00:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3658493019-1111599900-2463904087-500 - Administrator - Disabled)
Andreas (S-1-5-21-3658493019-1111599900-2463904087-1003 - Administrator - Enabled) => C:\Users\Andreas
Gast (S-1-5-21-3658493019-1111599900-2463904087-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3658493019-1111599900-2463904087-1006 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AMU (HKLM-x32\...\de.a2c.bafa.antragsmanager.unternehmer) (Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle)
AMU (x32 Version: 1.4.1 - Bundesamt fuer Wirtschaft und Ausfuhrkontrolle) Hidden
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
AutoCAD 2009 - Deutsch (HKLM\...\AutoCAD 2009 - Deutsch) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2009 - Deutsch (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2013 - English (HKLM\...\AutoCAD 2013 - English) (Version: 19.0.55.0 - Autodesk)
AutoCAD 2013 - English (Version: 19.0.55.0 - Autodesk) Hidden
AutoCAD 2013 Language Pack - English (Version: 19.0.55.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.0.84.0 - Autodesk)
Autodesk Content Service (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Content Service Language Pack (x32 Version: 3.0.84.0 - Autodesk) Hidden
Autodesk Inventor Fusion 2013 (HKLM\...\Autodesk Inventor Fusion 2013) (Version: 2.0.0.206 - Autodesk, Inc.)
Autodesk Inventor Fusion 2013 (Version: 2.0.0.206 - Autodesk, Inc.) Hidden
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (HKLM\...\Autodesk Inventor Fusion plug-in for AutoCAD 2013) (Version: 0.2.0.230 - Autodesk)
Autodesk Inventor Fusion plug-in for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Inventor Fusion plug-in language pack for AutoCAD 2013 (Version: 0.2.0.230 - Autodesk) Hidden
Autodesk Material Library 2013 (HKLM-x32\...\{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}) (Version: 3.0.13 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2013 (HKLM-x32\...\{606E12B9-641F-4644-A22A-FF38AE980AFD}) (Version: 3.0.13 - Autodesk)
Autodesk Sync (HKLM\...\{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}) (Version: 3.5.24.0 - Autodesk, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
BeamNG-Techdemo-0.3 (remove only) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\BeamNG-Techdemo-0.3) (Version:  - )
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version:  - )
Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version:  - )
Canon MX870 series Benutzerregistrierung (HKLM-x32\...\Canon MX870 series Benutzerregistrierung) (Version:  - )
Canon MX870 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX870_series) (Version:  - )
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.9.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.12.10.2 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.5.0.6 - Canon Inc.)
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER Einnahme-Überschussrechnung 2013 pro (HKLM-x32\...\Einnahme-Überschussrechnung 2013 pro_is1) (Version: 1.0 - DATA BECKER GmbH & Co. KG)
DiRT (HKLM-x32\...\{57B89E30-0BBA-4F20-9F2C-8E8CDE1CEDB6}) (Version: 1.00.0000 - Codemasters)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
Elevated Installer (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.1.16483 - Landesfinanzdirektion Thüringen)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garmin Express (HKLM-x32\...\{9471d6bd-67a9-40f6-a420-2ae4f08ef003}) (Version: 2.3.14.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.14.0 - Garmin Ltd or its subsidiaries) Hidden
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
GPS Master 2.0.14 (HKLM-x32\...\GPS Master_is1) (Version: 1.0 - GPS Master)
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Handwerksbüro X22-Datenübernahme (HKLM-x32\...\{AF7E45F7-DAF6-4DEF-B439-B334D7F43942}) (Version: 1.00.0076 - WEKA)
Help Desk (HKLM\...\{AEC9D273-E162-4614-83F1-722B8C74B185}) (Version: 1.0.96 - Samsung Electronics CO., LTD.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{89478C31-5CE8-461A-9084-9A0AF059F84F}) (Version: 15.5.0.0344 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
IntelliMemory (HKLM\...\{B506207A-C977-48B6-A14F-2C7E98EF0BE4}) (Version: 1.0.26 - Condusiv Technologies)
Java 7 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.170 - Oracle)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-Bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{8CB0713F-CFE0-445D-BCB2-538465860E1A}) (Version: 11.1.3128.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.0.0.0 - Electronic Arts)
Need for Speed™ The Run (HKLM-x32\...\{0EDC9BA0-016E-406a-86DA-04FC1BE00C21}) (Version: 1.1.0.0 - Electronic Arts)
Nero 8 (HKLM-x32\...\{BE282C23-5484-47FF-B2C1-EBEA5C891031}) (Version: 8.3.29 - Nero AG)
Nero BackItUp 12 Essentials (HKLM-x32\...\{0E3368AC-FB29-4C5E-938E-FA11C12D035E}) (Version: 12.0.01200 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Panzer Elite Action - Dunes Of War (HKLM-x32\...\{577D1191-A6DF-4534-8D97-805BCBAC5D1D}_is1) (Version:  - Nordic Games)
Panzer Elite Action - Fields Of Glory (HKLM-x32\...\{1DDAD87D-576E-43DE-8814-65ACC87CFED6}_is1) (Version:  - Nordic Games)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.6.1 - pdfforge)
phonostar-Player Version 3.03.5 (HKLM-x32\...\phonostar3RadioPlayer_is1) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Protect Disc License Helper 1.0.125 (IE) (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Protect Disc License Helper) (Version: 1.0.125 - Protect Disc)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7354 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.12.14 - Samsung Electronics CO., LTD.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games)
S Agent (Version: 1.1.50 - Samsung Electronics CO., LTD.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung New PC Studio (HKLM-x32\...\InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}) (Version: 1.00.0000 - Samsung Electronics Co., Ltd.)
Samsung New PC Studio (x32 Version: 1.00.0000 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Settings (HKLM-x32\...\{8CB5C357-12E5-41B1-A024-D57D4E6F32D9}) (Version: 2.0.1 - Samsung Electronics CO., LTD.)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version:  - Silicon Laboratories)
sirAdos Datenmanager Januar 2014 (HKLM-x32\...\{CC9E22A1-8012-493E-9BEC-381189F8F152}) (Version: 1.3.615 - sirAdos)
Snagit 11 (HKLM-x32\...\{7CA5C4DF-8327-4035-AE2B-CA76336A04FD}) (Version: 11.0.0 - TechSmith Corporation)
SoundTap Audiostream-Rekorder (HKLM-x32\...\SoundTap) (Version: 2.27 - NCH Software)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SQL Server 2012 Common Files (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{4F1936F8-82B4-437E-BC47-FAB9136A04B2}) (Version: 2.2.2 - Samsung Electronics CO., LTD.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.0.0.0 - Synaptics Incorporated)
Test Drive Unlimited 2 (HKLM-x32\...\Test Drive Unlimited 2_is1) (Version:  - Atari)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
VBA (2627.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VBA (2701.01) (x32 Version: 6.03.00.9402 - Microsoft Corporation) Hidden
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
VRally3 (HKLM-x32\...\VRally3_is1) (Version:  - )
WEKA DATANORM 3.6 (HKLM-x32\...\{124C8673-FB8C-426D-A5BA-2A7400EC5994}) (Version:  - )
WEKA Handwerksbüro 1.22.1.1 (HKLM-x32\...\weka-hwb-X22) (Version: X22 - WEKA)
WEKA Handwerksbüro X22 - 11.14 (HKLM-x32\...\de.bwso.hwb.Hwb.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (HKLM-x32\...\de.bwso.hwb.HwbMulti.X22.35D5C7BFAA9535BE6B34284D8A3268BE55ED9DD7.1) (Version: 1.1 - UNKNOWN)
WEKA Handwerksbüro X22 - 11.14 (Multiuser) (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA Handwerksbüro X22 - 11.14 (x32 Version: 1.1 - UNKNOWN) Hidden
WEKA LauncherService 1.2 (HKLM-x32\...\3599-1427-7716-9681) (Version:  - )
WEKA Update Center (HKLM-x32\...\{A8217164-542A-4C4B-9031-2AB445CA314A}) (Version: 1.00.00.0003 - WEKA MEDIA GmbH & Co. KG)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows-Treiberpaket - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass  (08/23/2013 6.2.8400.4218) (HKLM\...\26BFE384C802803107F583AE1A739E4FEB56134B) (Version: 08/23/2013 6.2.8400.4218 - Samsung Electronics Co. Ltd.)
Windows-Treiberpaket - Sunplus (SPCP825K) Ports  (07/01/2010 1.0.9.0) (HKLM\...\20986CDBFBCA238AA12329A115B1CC9D88E9C06C) (Version: 07/01/2010 1.0.9.0 - Sunplus)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
World of Warplanes (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813EU}_is1) (Version:  - Wargaming.net)
Xerox PhotoCafe (HKLM-x32\...\Xerox PhotoCafe) (Version: 1.0.0.6162 - Xerox)
XnView 1.99.6 (HKLM-x32\...\XnView_is1) (Version: 1.99.6 - Gougelet Pierre-e)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Tools\CAD\AutoCAD_2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Tools\CAD\AutoCAD_2013_EN\AutoCAD 2013\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3658493019-1111599900-2463904087-1003_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Tools\CAD\AutoCAD_2009\acadficn.dll (Autodesk, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {064796D5-6EFE-4B6D-A6F2-C50AFB733BF4} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2014-08-06] (SEC)
Task: {066FD32E-526F-4152-8F54-1896683DE177} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {0C478103-75E9-47F3-B24C-99AEDD11111E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {1C0C6668-0270-462C-A41A-BA63A59A5CC5} - System32\Tasks\fvw3_1zl0tlux => C:\windows\TEMP\fvw3_k81mor7p.bat
Task: {1D4B8A78-1690-435C-8D6B-2E52F1CF5528} - System32\Tasks\SUPatchForW10Up => C:\ProgramData\Samsung\SamsungUpdatePatch\SUPatchForW10Up.exe [2015-08-18] (Samsung Electronics CO., LTD.)
Task: {23B69281-D5F6-4E21-89D0-2B63E4A1F11E} - System32\Tasks\Xerox PhotoCafe Communicator => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe [2011-10-26] ()
Task: {271A966B-8197-4093-B9DB-9922655525A8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {34E6A3BC-6282-4F88-8D82-823135A2C919} - System32\Tasks\fvw3_av2pyhbc => C:\windows\TEMP\fvw3_p3h8wcih.bat
Task: {39F4E803-4332-40D3-85BE-4DB071C9B32C} - System32\Tasks\{63161025-A1C7-4386-A44C-B193CF3D00E5} => pcalua.exe -a C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb\GMX_MailCheck_ClickOnce.exe -d C:\Users\Andreas\AppData\Local\Apps\2.0\E2P568CR.JLT\NJ7BQQ7T.BLJ\gmx_..tion_6cdb69e781e75b82_0000.0004_57f18d6184a9dccb
Task: {3A2ED25E-2FB1-46B4-87D0-539222DA8DDD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {7BBAED33-F6CB-43A7-B397-FB3CBF40962F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {911C4932-0B21-48B1-8C62-6859B7C1FB98} - System32\Tasks\fvw3_1mwm5xo4 => C:\windows\TEMP\fvw3_rqztrkf1.bat
Task: {91D39EA6-AD37-4EA8-8E1F-4468910D3869} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-19] (Adobe Systems Incorporated)
Task: {98987C6A-1276-41DD-AD76-25123DA08F20} - System32\Tasks\fvw3_kcm2lata => C:\windows\TEMP\fvw3_qgb9ejzg.bat
Task: {99BE832F-AC40-4DD1-9661-5C22AEED9282} - System32\Tasks\fvw3_dx9jiowd => C:\windows\TEMP\fvw3_o9bredg3.bat
Task: {9C5A89A8-0063-45EB-BC35-7259812BE801} - System32\Tasks\fvw3_rov77k4o => C:\windows\TEMP\fvw3_48r36voi.bat
Task: {ACD48289-DE50-487C-8893-DFC82D9C97CA} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2014-10-10] (Samsung Electronics CO., LTD.)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {C362B08D-711C-4074-A298-C8177623B9A1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C9A2E220-897F-4F25-9014-D2A5A02F6026} - System32\Tasks\fvw3_ubbskhag => C:\windows\TEMP\fvw3_mhsqjyso.bat
Task: {CE69CB7B-E9EF-46E5-B27E-57A383D83D3A} - System32\Tasks\fvw3_emppjlpd => C:\windows\TEMP\fvw3_y820i7ze.bat
Task: {E2C1EFFF-A1B3-46F2-AEB1-0E4979FC84B6} - System32\Tasks\fvw3_fc8bp7ib => C:\windows\TEMP\fvw3_xw12iuq6.bat
Task: {EF2D71FE-5E65-4B9C-B410-05659FAA692D} - System32\Tasks\fvw3_9c6qebtr => C:\windows\TEMP\fvw3_smop7nzg.bat
Task: {F31F35FB-106B-41EF-BEC5-085AA9AA9D9A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {F5256FB0-D739-4735-AA28-844B82416C50} - System32\Tasks\fvw3_y8u0cpcj => C:\windows\TEMP\fvw3_i81jm8r1.bat
Task: {F938041D-0CFD-43E5-945C-D3D0646C07D8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {F94F8D43-48EC-4A5C-9FCC-DA90725F1D07} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2014-01-29] (Samsung Electronics CO., LTD.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Xerox PhotoCafe Communicator.job => C:\ProgramData\Xerox PhotoCafe\MessageCheck.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-11-03 11:25 - 2013-11-11 04:27 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2008-09-09 11:22 - 2008-09-09 11:22 - 00022016 _____ () C:\WINDOWS\System32\sst1cl6.dll
2014-02-04 18:18 - 2009-09-08 13:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2014-01-29 13:20 - 2014-01-29 13:20 - 00084800 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Tools\System\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-02-17 11:09 - 2014-12-04 10:38 - 00042496 _____ () C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
2014-08-24 20:36 - 2014-04-08 08:13 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-10-10 20:35 - 2014-10-10 20:35 - 00088624 _____ () C:\Program Files\Samsung\S Agent\ToastX64.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00027968 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 01141056 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00025920 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00109888 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00059712 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2014-01-29 13:20 - 2014-01-29 13:20 - 00102720 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-12-25 13:34 - 2014-05-13 12:04 - 00109400 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00167768 _____ () C:\Tools\System\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-25 13:34 - 2014-05-13 12:04 - 00416600 _____ () C:\Tools\System\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-25 13:34 - 2012-08-23 10:38 - 00574840 _____ () C:\Tools\System\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-25 13:34 - 2012-04-03 17:06 - 00565640 _____ () C:\Tools\System\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-08-24 20:36 - 2014-04-08 08:08 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-11-03 11:29 - 2013-09-16 12:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:A1EDB939

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\09433235.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\09433235.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2014-03-09 12:10 - 00000900 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Andreas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Autodesk Licensing Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Garmin Core Update Service => 2
MSCONFIG\Services: HomeGroupListener => 3
MSCONFIG\Services: HomeGroupProvider => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NMIndexingService => 3
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SDScannerService => 3
MSCONFIG\Services: SDUpdateService => 3
MSCONFIG\Services: SDWSCService => 3
HKLM\...\StartupApproved\StartupFolder: => "WISO Mein Steuer-Sparbuch heute.lnk"
HKLM\...\StartupApproved\Run: => "CanonSolutionMenu"
HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "CLMLServer_For_P2G8"
HKLM\...\StartupApproved\Run32: => "CLVirtualDrive"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "WekaUpdateCenter"
HKLM\...\StartupApproved\Run32: => "Adobe Acrobat Speed Launcher"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3658493019-1111599900-2463904087-1003\...\StartupApproved\Run: => "AdobeBridge"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{E57D093D-23BE-4F77-9FE9-6F2955099C74}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{022638D9-68C7-499E-8779-8BE231349811}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [{3D94CD91-C46E-4257-AFB4-0AC6D4F792EE}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed The Run\Need For Speed The Run.exe
FirewallRules: [UDP Query User{969D4125-127F-4843-BBA4-49E1BC41023C}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [TCP Query User{5FFCF8EC-A5E2-4CE1-A792-034E7A7248C1}C:\tools\media\winamp\winamp.exe] => (Allow) C:\tools\media\winamp\winamp.exe
FirewallRules: [{776E44D0-898E-459F-85B7-8951E9B2CD19}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{446FFFFD-EF97-43D6-9283-1469B1F6D4E4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{023E90DA-A9F5-4CE8-9DA5-AF65B6C2C5F3}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{C6840099-6C64-44AB-A765-5AEF62C06543}] => (Allow) C:\Program Files\Condusiv Technologies\IntelliMemory\IntelliMem.exe
FirewallRules: [{214D6990-8124-46C8-8BCA-A462010E23C1}] => (Allow) LPort=1900
FirewallRules: [{D379275B-B611-47CF-8C8E-4028C1DA0DC5}] => (Allow) LPort=2869
FirewallRules: [{B1E7914B-EE0B-4F90-B3FF-4A2D94020834}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B246AA25-94FA-44A0-BC33-B1AD84A64E38}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{66A6F094-3B80-40EB-B0F9-99B5B90DFAD9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{A9F3D847-5291-47E6-AD52-8A96DB503987}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [UDP Query User{41F7081D-4F8B-40E6-A5E0-9A2A5A99D644}C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe] => (Allow) C:\program files (x86)\origin games\need for speed the run\need for speed the run.exe
FirewallRules: [TCP Query User{929F69C4-02A4-4371-AB84-FB1B08F470A7}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9470EF6A-5F5B-45AE-B64C-CD53059503DB}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{73DD42E9-6DF5-4A56-9F8C-583639E0220E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{8B514598-2843-4118-B8F8-A0BDFCD35C27}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{076DD059-1B7F-4E05-85C5-0FEFB9936868}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{55DA511A-CB94-43EF-B4C3-1226496AB4AC}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{7C5F8CAD-BA1E-49FE-B784-53BCCFC25C64}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{477D68FA-4343-4154-AEF2-D2CD027D8371}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{82747307-574E-4A60-B87A-969FBB0DCD1F}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [UDP Query User{A70959CA-E670-41D3-B8D9-CA5FCDE02931}C:\tools\system\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\tools\system\spybot - search & destroy 2\sdupdate.exe
FirewallRules: [TCP Query User{8DFED69A-677D-4CE5-A94D-0CE3292050D8}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{4B0F9AF1-F2E2-45B7-8492-CA47D123C10B}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [TCP Query User{53204618-E591-4E3E-9C81-7080EB3FADC1}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [UDP Query User{29DB62F4-6B27-497A-ACC5-1D5B2BF4A030}C:\program files (x86)\atari\tdu2\testdrive2.exe] => (Allow) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{7D4EAA75-92E8-4F64-9882-6CA933D6480D}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [{65313E84-34CD-4458-911A-2E040EBCC83A}] => (Block) C:\program files (x86)\atari\tdu2\testdrive2.exe
FirewallRules: [TCP Query User{E6A62001-1882-4154-AE24-D087E855B823}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [UDP Query User{F05B8AD7-125C-41C1-A20A-40ED1BCADCC2}C:\program files (x86)\atari\tdu2\uplauncher.exe] => (Allow) C:\program files (x86)\atari\tdu2\uplauncher.exe
FirewallRules: [{2C909032-398A-46FD-83DC-AF39131A4992}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{1BF29DAA-7BF1-4CF2-8931-524E317EFAA3}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{805A1286-AE32-4CFF-8ADF-1330A5A7F6B6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{9ECC36F3-66E0-4E25-B7EF-089877F027EA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{0F5E95A8-4C95-4D6B-A648-1EF18AC74769}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{51DB62F3-E033-4AD7-AF11-DF595A68E2A1}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{1D2CB13A-75DB-4331-A1C6-BA8E785770B9}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{1FA25717-7A9B-4494-BB83-870162589F35}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{909D2F1E-2B6D-40A5-BAA1-72A4906B9E94}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{79A5F39A-F6B3-4322-8268-F9A9F570716F}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{9A3F8BCA-6DE5-410E-96F1-980515C8A785}C:\games\world_of_warplanes\wowplauncher.exe] => (Block) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{FE127B2E-61C4-4065-9527-97EC6617CE8D}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{C2F5BF75-9441-4FB1-A14A-ABA89AC8EBD5}] => (Allow) C:\Program Files (x86)\GPS Master 2.0.14\GPS Master.exe
FirewallRules: [{850B8798-B0F4-4F90-9BEF-63F1805A6087}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [{47E06B7E-4B60-4444-B042-E6FA577CF60F}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Most Wanted\NFS13.exe
FirewallRules: [TCP Query User{F1D1C2F1-0914-48A3-8D2D-FE8F739BC850}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [UDP Query User{8A4B326C-BEEB-43FB-AC27-35A9E634A181}C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe] => (Allow) C:\program files (x86)\origin games\need for speed(tm) most wanted\nfs13.exe
FirewallRules: [{FD9BEC80-8F7F-48D5-8438-4431993E9183}] => (Allow) LPort=50248
FirewallRules: [{92CB16C5-48FA-499A-A0A7-B70C2B873F9B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1605453B-F84D-48AC-9238-8679CF8B2AC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{50078D83-F3B9-4EDC-AD6F-67799BF08033}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{773EB3DD-0783-4DA9-AB05-02F13862A106}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{00052CCD-CDB8-4B0F-9FF5-65D19FDA6EA5}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{8761E1F7-DFA1-4AB5-981C-05E69D18C334}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{2C7F9478-3AC9-434D-8795-916B542A168E}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [UDP Query User{B98E81AB-784F-403B-81DD-F5FA9751A26C}C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - dunes of war\pea.exe
FirewallRules: [TCP Query User{1BA3AEE4-31E5-4E4A-83FC-49EA4D02F651}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [UDP Query User{5E43DE58-3515-488D-82B8-255F65925A5F}C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe] => (Block) C:\program files (x86)\nordic games\panzer elite action - fields of glory\pea.exe
FirewallRules: [{B5DCD1E8-5162-4A8D-929F-04DD8C7A7D7B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{861976C2-A93A-44A3-B0F6-88C2733725B0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{255F4592-3F05-42CA-8F0F-47212DAF4CA1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EEA4923D-649A-46C4-B6B7-1A625426D849}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2347BA7F-8A58-48F0-A589-58DE813740E9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81E26DFC-D188-48B6-9550-A7D4A4F5B198}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Tools\System\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

08-01-2016 13:58:31 Geplanter Prüfpunkt
09-01-2016 21:27:16 Removed Adobe Help Manager

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/09/2016 09:06:12 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (01/09/2016 09:01:49 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 09:01:49 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 07:31:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ZeroConfigService.exe, Version: 16.1.0.0, Zeitstempel: 0x521e80f5
Name des fehlerhaften Moduls: MurocApi.dll, Version: 16.1.0.0, Zeitstempel: 0x521e7ff7
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000026570
ID des fehlerhaften Prozesses: 0xf50
Startzeit der fehlerhaften Anwendung: 0xZeroConfigService.exe0
Pfad der fehlerhaften Anwendung: ZeroConfigService.exe1
Pfad des fehlerhaften Moduls: ZeroConfigService.exe2
Berichtskennung: ZeroConfigService.exe3
Vollständiger Name des fehlerhaften Pakets: ZeroConfigService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ZeroConfigService.exe5

Error: (01/09/2016 07:30:13 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 07:30:13 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 02:04:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DATA BECKER Update Service.exe, Version: 0.0.4.1, Zeitstempel: 0x4d89246b
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650afd4
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5914
ID des fehlerhaften Prozesses: 0x19f8
Startzeit der fehlerhaften Anwendung: 0xDATA BECKER Update Service.exe0
Pfad der fehlerhaften Anwendung: DATA BECKER Update Service.exe1
Pfad des fehlerhaften Moduls: DATA BECKER Update Service.exe2
Berichtskennung: DATA BECKER Update Service.exe3
Vollständiger Name des fehlerhaften Pakets: DATA BECKER Update Service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: DATA BECKER Update Service.exe5

Error: (01/09/2016 02:00:22 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 02:00:22 PM) (Source: SQLAgent$SQLEXPRESS) (EventID: 324) (User: )
Description: OpenSQLServerInstanceRegKey:GetRegKeyAccessMask failed (reason: 2).

Error: (01/09/2016 01:02:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Systemfehler:
=============
Error: (01/09/2016 09:00:37 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/09/2016 07:31:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/09/2016 07:29:06 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/09/2016 07:29:16 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎01.‎2016 um 18:39:50 unerwartet heruntergefahren.

Error: (01/09/2016 01:59:22 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/09/2016 12:21:13 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (01/08/2016 01:20:00 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (01/08/2016 01:19:07 PM) (Source: ps6ah4nc) (EventID: 1) (User: )
Description: Protection Synchronization Driver detected an internal error, contact the customer support service.

Error: (01/07/2016 06:54:02 PM) (Source: volmgr) (EventID: 45) (User: )
Description: Das System konnte den Treiber für das Speicherabbild nicht laden.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 76%
Installierter physikalischer RAM: 8079.39 MB
Verfügbarer physikalischer RAM: 1887.52 MB
Summe virtueller Speicher: 16271.39 MB
Verfügbarer virtueller Speicher: 9481.27 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:378.94 GB) (Free:145.91 GB) NTFS
Drive d: (Daten) (Fixed) (Total:292.97 GB) (Free:161.07 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 50960A65)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 10.01.2016, 11:59   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.01.2016, 16:15   #13
Andreas 2016
 
Makrovirus "Berger Antriebstechnik" - Standard

Makrovirus "Berger Antriebstechnik"



Hallo cosinus,

Danke für deine Hilfe
Bin deinen Anweisungen gefolgt
Habe - Malwarebytes Anti-Rootkit- durchlaufen lassen
Ergebnis -kein Befund--Siehe Anhang
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.10.02
  rootkit: v2016.01.09.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18125
Andreas :: OLIVER [administrator]

10.01.2016 22:09:33
mbar-log-2016-01-10 (22-09-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 426796
Time elapsed: 40 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
heute nochmals da der rechner nichts gefunden hatte

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.11.02
  rootkit: v2016.01.09.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18125
Andreas :: OLIVER [administrator]

11.01.2016 14:16:20
mbar-log-2016-01-11 (14-16-20).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 426920
Time elapsed: 44 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Bin jetzt dennoch etwas Ratlos wie ich weiter vorgehen soll

Fall 1:
Kann es vielleicht sein daß mit dem öffnen der dok-Datei so ein Erpressungstrojaner gar nicht mit gekommen ist

Fall 2: Trojaner wurde gefunden und gelöscht von einem Programm welches ich benutzt habe
zB Adw-cleaner

Fall 3: Trojaner hält sich noch versteckt

Am Rechner selbst merke ich keine Veränderungen alles soweit in Ordnung
Mir ist wohl bekannt daß es keine absolute gewissheit gibt außer halt Neu Instalation
Aber es würde mich schon beruhigen wenn so erfahrene Leute wie ihr, die sich mit solchen Trojanern auskennen die analyse erstellen "möglichstes getan - sieht soweit gut aus"


Kann ich gefahrenlos Sicherungskopien von meinen Daten machen (Word/Exel/PDF/Bilder)?
Sollte ich beim onlinebanking änderungen vornehmen(habe jetzt SMS-Tan)
gibt ja auch Tan-codierungsgeräte für zuhause
Was mache ich mit den gefundenen Dateien aus TDSS_Killer

Ich hoffe ich strapaziere deine Freie-Zeit nicht allzusehr
Mit freundlichen Grüßen
Andreas

Antwort

Themen zu Makrovirus "Berger Antriebstechnik"
antivirus, avira, bergers antriebstechnik, bonjour, desktop, device driver, dnsapi.dll, doc-datei, ebanking, email, excel, failed, firefox, flash player, frage, google, homepage, makroviren, mozilla, mp3, problem, realtek, registry, safer networking, scan, schadsoftware eingefangen, svchost.exe, system, trojaner, updates, usb, windows, wiso



Ähnliche Themen: Makrovirus "Berger Antriebstechnik"


  1. Makrovirus in mail von "Berges Antriebstechnik"?
    Log-Analyse und Auswertung - 27.12.2015 (15)
  2. Eventueller Malware-Befall durch Makrovirus in Word-Doc ("Büromarkt Böttcher")
    Plagegeister aller Art und deren Bekämpfung - 17.12.2015 (10)
  3. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  4. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  5. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  6. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  7. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  8. AVIRA meldet "W32/Patched.ZA", "TR/ATRAPS.Gen2", "TR/ATRAPS.Gen", "ZR/sirefe.P.487"
    Log-Analyse und Auswertung - 30.07.2012 (9)
  9. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  10. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  11. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  12. "0.05870814618642739.exe" ("Win32:Trojan-gen") in "C:\Users\***\AppData\Local\Temp\"
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (25)
  13. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  14. "error cleaner" "privacy protector" "spyware&malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (7)
  15. "error cleaner" "privacy protector" "spyware und malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (2)
  16. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema Makrovirus "Berger Antriebstechnik" - Hallo Helfer, am 19.12.15 habe ich eine mail mit dem Betreff "Bestellung" von der Firma Berges Antriebstechnik erhalten. Im Anhang befand sich ein word-Dokument, welches ich dummerweise geöffnet habe (ohne - Makrovirus "Berger Antriebstechnik"...
Archiv
Du betrachtest: Makrovirus "Berger Antriebstechnik" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.