Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 09.04.2016, 00:38   #1
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Hallo community,
ich habe den Verdacht, dass mein Laptop (Windows 10) gehackt wurde bzw dass jmnd. unerlaubt Zugriff darauf hatte und evtl. Malware oder Spyware installiert hat. Muss aber dazu sagen, dass ich eher wenig Ahnung vom Thema hab-_-
Gestern hatte ein mir persönlich Unbekannter Zugriff auf meinen Laptop per Teamviewer. Nach Kontakt per Telefon habe ich ihm blauäugig vertraut, aber nun bin ich mir nicht sicher, ob da alles mit rechten Dingen zuging, auch weil ich nicht die gesamte Zeit zusehen konnte. Aktuell läuft mein PC auch langsamer und beim Viren-Scan über AVG Sec. hängt er sich auf, was vorher nie der Fall war.
Hier gleich mal der HiJack Logfile und ich hoffe, ihr könnt mir Gewissheit geben...danke im Voraus!

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 00:04:40, on 09.04.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)

FIREFOX: 45.0.1 (x86 de)
Boot mode: Normal

Running processes:
C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\WinZip\WZUpdateNotifier.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\Martin\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] "C:\Program Files\TOSHIBA\Utilities\HWSetup.exe" hwSetUP
O4 - HKLM\..\Run: [KeNotify] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Lokaler Dienst')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Netzwerkdienst')
O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Startup: Protectorion SmartTray.lnk = Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O4 - Global Startup: Update Benachrichtigungsdienst.lnk = C:\Program Files\WinZip\WZUpdateNotifier.exe
O4 - Global Startup: WinZip Preloader.lnk = C:\Program Files\WinZip\WzPreloader.exe
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
O23 - Service: @oem9.inf,%BcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\WINDOWS\system32\BtwRSupportService.exe (file missing)
O23 - Service: Dropbox-Update-Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox-Update-Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
O23 - Service: devolo Network Service (DevoloNetworkService) - devolo AG - C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
O23 - Service: Defragmentation-Service (DfSdkS) - mst software GmbH, Germany - C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-Dienst (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: Notebook Performance Tuning Service (TEMPRO) (TemproMonitoringService) - Toshiba Europe GmbH - C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.2.8 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 13721 bytes


LG,
Martin

Alt 09.04.2016, 17:22   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 10.04.2016, 08:58   #3
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Farbar Scan FRST.txt



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Martin (Administrator) auf MARTIN-TOSH (10-04-2016 08:49:47)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin (Verfügbare Profile: Martin & Gast)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TEco.exe
(Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(Braincell consult & research GmbH) C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\NetworkUXBroker.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2009-08-03] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [596328 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35160 2009-08-06] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [497504 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [909624 2009-08-05] (TOSHIBA Corporation)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-07-29] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1481568 2009-08-26] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [711000 2009-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\Toshiba\Registration\ToshibaReminder.exe [134032 2009-07-30] (Toshiba Europe GmbH)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944648 2015-06-12] (Synaptics Incorporated)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2009-08-12] (TOSHIBA)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2009-06-02] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34088 2009-01-13] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2446648 2009-08-11] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe"
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-12] (Dropbox, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-03-23] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2875464 2016-03-28] ()
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1631144 2013-03-29] (Valve Corporation)
HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"
HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\MountPoints2: {1665bc50-fde0-11e5-8d7f-0026223f32fa} - "F:\HiSuiteDownLoader.exe" 
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-12] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-04-06]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2016-04-06]
ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-04-06]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\DJ Polterabend\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk [2009-09-08]
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-11-15]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Protectorion SmartTray.lnk [2012-08-23]
ShortcutTarget: Protectorion SmartTray.lnk -> C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\ProtectorionLauncher.exe (Braincell consult & research GmbH)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{061292e7-4e0b-48e7-9bf3-0fbbc62c599f}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2d7f2d4d-f8fb-49aa-92c3-74cfda8e30f6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{974be9e2-f49d-4c97-9945-4300e9079acb}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{f6556f80-dedb-4c79-bedb-9eb447f983cf}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEH&bmod=TSEH
SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={D3AEC589-1513-473F-81CD-6F41E8B26023}&mid=d5ce895a9a8f47cc98ecd16ff0cb731e-7feb6dfe2b0f8fcb826b0bb4ea7eadf225f38942&lang=de&ds=AVG&coid=avgtbavg&cmpid=0316tb&pr=fr&d=2016-03-12 03:33:06&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-28] (AVG)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-10] (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.8.608\AVG Web TuneUp.dll [2016-03-28] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-10] (Oracle Corporation)
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Keine Datei
Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} -  Keine Datei
Toolbar: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000 -> Kein Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  Keine Datei
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default
FF DefaultSearchEngine: AVG Secure Search
FF SearchEngineOrder.1: Ask.com
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "no_proxies_on", "*.local"
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-07] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-07] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.8\\npsitesafety.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2010-12-20] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-10] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\askcom.xml [2012-08-18]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\avg-nation-search.xml [2014-04-27]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\avg-secure-search.xml [2016-03-28]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\daemon-search.xml [2010-12-11]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\google-images.xml [2014-12-02]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\searchplugins\google-maps.xml [2014-12-02]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\nation-secure-search.xml [2014-04-27]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2016-03-28]
FF Extension: AVG Web TuneUp - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\pgntb0g1.default\extensions\avg@toolbar.xpi [2016-03-28]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-04-06] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-06]
CHR Extension: (Google Docs) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-06]
CHR Extension: (Google Drive) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-06]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-06]
CHR Extension: (Google Tabellen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-06]
CHR Extension: (Google Docs Offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-06]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06]
CHR Extension: (Google Mail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-06]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - <kein Path/update_url>

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-03-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2015-10-23] (Broadcom Corporation.)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-20] (Dropbox, Inc.)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3647992 2014-05-14] (devolo AG)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-06-12] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
R2 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 vToolbarUpdater40.2.8; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe [1957448 2016-03-12] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1216584 2016-03-28] ()

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2015-10-23] (Broadcom Corporation.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2014-05-14] (CACE Technologies)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-12] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [45728 2015-10-23] (Toshiba Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-10 08:49 - 2016-04-10 08:51 - 00027547 _____ C:\Users\Martin\Downloads\FRST.txt
2016-04-10 08:49 - 2016-04-10 08:49 - 02374144 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2016-04-10 08:49 - 2016-04-10 08:49 - 00000000 ____D C:\FRST
2016-04-09 00:00 - 2016-04-09 00:03 - 01475080 _____ C:\Users\Martin\Downloads\HijackThis - CHIP-Installer.exe
2016-04-07 20:56 - 2016-04-07 20:56 - 00000000 ____D C:\Diagprog
2016-04-06 18:42 - 2016-04-07 20:38 - 00000000 ____D C:\Users\Martin\Desktop\BMW Daten Bimmerfest
2016-04-06 18:32 - 2016-04-06 18:43 - 00000000 ____D C:\Users\Martin\AppData\Local\WinZip
2016-04-06 16:36 - 2016-04-06 18:35 - 536775892 _____ C:\Users\Martin\Downloads\Archive-76be.zip
2016-04-06 15:30 - 2016-04-08 23:26 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-06 15:30 - 2016-04-08 23:26 - 00002261 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-06 15:28 - 2016-04-06 15:28 - 00987728 _____ (Google Inc.) C:\Users\Martin\Downloads\ChromeSetup.exe
2016-04-06 15:23 - 2016-04-08 23:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-06 15:17 - 2016-04-06 15:17 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-04-06 15:17 - 2016-04-06 15:17 - 00002108 _____ C:\Users\Public\Desktop\WinZip.lnk
2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\Users\Martin\AppData\Local\Nico Mak Computing
2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2016-04-06 15:17 - 2016-04-06 15:17 - 00000000 ____D C:\Program Files\WinZip
2016-04-06 15:13 - 2016-04-06 15:14 - 01475080 _____ C:\Users\Martin\Downloads\WinZip 64 Bit - CHIP-Installer.exe
2016-04-06 14:58 - 2016-04-06 14:58 - 00065039 _____ C:\WINDOWS\unins000.dat
2016-04-06 14:58 - 2016-04-06 14:58 - 00001692 _____ C:\Users\Public\Desktop\INPA.lnk
2016-04-06 14:58 - 2016-04-06 14:58 - 00001672 _____ C:\Users\Public\Desktop\WinKFP.lnk
2016-04-06 14:58 - 2016-04-06 14:58 - 00001590 _____ C:\Users\Public\Desktop\NCS-Expertentool.lnk
2016-04-06 14:58 - 2016-04-06 14:58 - 00001563 _____ C:\Users\Public\Desktop\Tool32.lnk
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BMW Standard Tools
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\NFS-Backup
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\NCSEXPER
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\Entwicklungsdaten
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\EDIABAS
2016-04-06 14:58 - 2016-04-06 14:58 - 00000000 ____D C:\EC-APPS
2016-04-06 14:58 - 2016-04-06 14:55 - 00725002 _____ C:\WINDOWS\unins000.exe
2016-04-06 14:53 - 2016-04-06 14:55 - 33709365 _____ (BMW Group ) C:\Users\Martin\Desktop\Standard_Tools_Setup_2.12.exe
2016-04-06 14:50 - 2016-04-06 14:51 - 02114664 _____ C:\Users\Martin\Downloads\winrar-x64-531d.exe
2016-04-06 11:03 - 2016-04-06 11:04 - 00274740 _____ C:\WINDOWS\Minidump\040616-87078-01.dmp
2016-04-06 11:03 - 2016-04-06 11:03 - 00000000 ____D C:\WINDOWS\Minidump
2016-04-06 10:16 - 2016-04-06 10:16 - 35149164 _____ C:\Users\Martin\Downloads\BMW Standard Tools 2.12.rar
2016-04-05 20:38 - 2016-04-07 20:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-04-05 20:38 - 2016-04-05 20:38 - 00001127 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-04-05 20:38 - 2016-04-05 20:38 - 00001115 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-04-05 20:38 - 2016-04-05 20:38 - 00000000 ____D C:\Users\Martin\AppData\Roaming\TeamViewer
2016-04-05 20:35 - 2016-04-05 20:35 - 01475080 _____ C:\Users\Martin\Downloads\TeamViewer - CHIP-Installer.exe
2016-04-05 19:24 - 2016-04-05 19:45 - 856086033 _____ C:\Users\Martin\Downloads\Windows_XP_Final_Update.zip
2016-04-04 14:38 - 2016-04-04 14:38 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01005.Wdf
2016-04-04 14:37 - 2016-04-04 16:43 - 00000000 ____D C:\Users\Martin\AppData\Local\APManager
2016-04-04 14:37 - 2016-04-04 14:37 - 00000000 ____D C:\Users\Martin\Documents\APMaps
2016-04-04 14:36 - 2016-04-04 14:36 - 00001323 _____ C:\Users\Martin\Desktop\Accessport Manager.lnk
2016-04-04 14:36 - 2016-04-04 14:36 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessport
2016-04-04 14:36 - 2016-04-04 14:36 - 00000000 ____D C:\Program Files (x86)\Accessport
2016-04-04 14:35 - 2016-04-04 14:36 - 07068638 _____ C:\Users\Martin\Downloads\APManagerSetup.exe
2016-03-28 10:38 - 2016-03-28 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-19 12:38 - 2016-03-19 12:38 - 00194671 _____ C:\Users\Martin\Desktop\kfz-kaufvertrag-privat.pdf
2016-03-19 09:52 - 2016-03-19 09:52 - 00147058 _____ C:\Users\Martin\Downloads\kaufvertrag.pdf
2016-03-19 09:46 - 2016-03-19 09:46 - 00184785 _____ C:\Users\Martin\Downloads\kfz-kaufvertrag-privat.pdf
2016-03-19 09:45 - 2016-03-19 09:45 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-19 09:43 - 2016-03-19 09:44 - 85161656 _____ (Adobe Systems Incorporated) C:\Users\Martin\Downloads\AcroRdrDC1501020060_de_DE.exe
2016-03-16 09:50 - 2016-03-16 09:50 - 00316352 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftd2xx.dll
2016-03-16 09:50 - 2016-03-16 09:50 - 00274880 _____ (FTDI Ltd.) C:\WINDOWS\system32\FTLang.dll
2016-03-16 09:50 - 2016-03-16 09:50 - 00168384 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftbusui.dll
2016-03-16 09:50 - 2016-03-16 09:50 - 00108352 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftdibus.sys
2016-03-16 09:50 - 2016-03-16 09:50 - 00095168 _____ (FTDI Ltd.) C:\WINDOWS\system32\Drivers\ftser2k.sys
2016-03-16 09:50 - 2016-03-16 09:50 - 00075200 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftcserco.dll
2016-03-16 09:50 - 2016-03-16 09:50 - 00065472 _____ (FTDI Ltd.) C:\WINDOWS\system32\ftserui2.dll
2016-03-16 09:44 - 2016-03-16 09:44 - 00274368 _____ (FTDI Ltd.) C:\WINDOWS\SysWOW64\ftd2xx.dll
2016-03-15 20:04 - 2016-03-15 20:04 - 00012150 _____ C:\Users\Martin\Desktop\Kosten.odt
2016-03-12 04:33 - 2016-03-28 10:41 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-03-12 04:33 - 2016-03-12 13:47 - 00000000 ____D C:\Users\Martin\AppData\Local\AVG Web TuneUp
2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-03-12 04:33 - 2016-03-12 04:33 - 00000000 ____D C:\Program Files\AVG Web TuneUp
2016-03-12 04:32 - 2016-03-28 10:41 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-03-11 20:11 - 2016-03-11 20:11 - 00002439 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-10 08:48 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-04-10 08:48 - 2012-10-17 12:37 - 00000000 ____D C:\ProgramData\MFAData
2016-04-10 08:48 - 2011-09-14 14:24 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{737F47C7-A605-4F4D-8217-2D285D389E1B}
2016-04-09 09:10 - 2013-03-12 09:35 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-04-09 08:52 - 2015-12-17 05:44 - 02086168 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-04-09 08:52 - 2015-10-30 20:35 - 00889250 _____ C:\WINDOWS\system32\perfh007.dat
2016-04-09 08:52 - 2015-10-30 20:35 - 00197298 _____ C:\WINDOWS\system32\perfc007.dat
2016-04-09 08:52 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-04-09 08:52 - 2010-10-12 18:02 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-09 01:22 - 2015-08-20 22:19 - 00000000 ___RD C:\Users\Martin\Dropbox
2016-04-09 01:22 - 2015-08-20 22:17 - 00001214 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-09 01:22 - 2015-08-20 22:17 - 00000000 ____D C:\Users\Martin\AppData\Local\Dropbox
2016-04-09 01:21 - 2016-02-03 19:18 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-09 01:21 - 2015-08-20 22:17 - 00001210 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-09 01:18 - 2015-12-17 06:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-04-09 01:17 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-04-08 23:40 - 2012-05-04 00:52 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-08 23:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-06 18:32 - 2014-08-06 13:35 - 00000000 ____D C:\ProgramData\WinZip
2016-04-06 17:34 - 2010-10-12 15:51 - 00000000 ____D C:\Users\Martin\AppData\Local\Google
2016-04-06 15:30 - 2009-09-08 10:11 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-06 14:51 - 2011-02-01 22:33 - 00000000 ____D C:\Program Files\WinRAR
2016-04-06 11:05 - 2015-12-17 05:45 - 00000000 ____D C:\Users\Martin
2016-04-06 11:03 - 2015-12-17 05:36 - 00288280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-04-06 11:02 - 2015-12-17 05:35 - 654992433 _____ C:\WINDOWS\MEMORY.DMP
2016-04-06 10:27 - 2015-06-03 14:47 - 00000000 ____D C:\Users\Martin\AppData\Local\Avg
2016-04-05 18:13 - 2015-10-23 17:58 - 00000000 ____D C:\Users\Martin\AppData\Local\Packages
2016-04-04 14:34 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-03-28 10:57 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-28 10:38 - 2015-08-20 22:17 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-03-13 04:39 - 2014-04-03 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-13 04:31 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-12 04:33 - 2013-09-28 09:36 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2016-03-11 20:11 - 2015-10-23 18:10 - 00000000 ___RD C:\Users\Martin\OneDrive

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-28 09:36 - 2014-04-27 18:00 - 0001704 _____ () C:\Program Files (x86)\Mozilla Firefoxnation-secure-search.xml
2011-05-23 17:53 - 2011-05-23 17:54 - 0000000 _____ () C:\Users\Martin\AppData\Local\{E4168390-D1AC-4111-95DA-4DE9DDBE3A68}

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-04 16:33

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Martin (2016-04-10 08:51:53)
Gestartet von C:\Users\Martin\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-17 04:08:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2000210142-2090411493-3058419309-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2000210142-2090411493-3058419309-503 - Limited - Disabled)
Gast (S-1-5-21-2000210142-2090411493-3058419309-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2000210142-2090411493-3058419309-1002 - Limited - Enabled)
Martin (S-1-5-21-2000210142-2090411493-3058419309-1000 - Administrator - Enabled) => C:\Users\Martin

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
AccessPORT Driver 1.3.1 (HKLM-x32\...\AccessPORT Driver) (Version:  - Cobb Tuning Products, LLC.)
Accessport Manager 2.1.1.13 (HKLM-x32\...\Accessport Manager) (Version: 2.1.1.13 - Cobb Tuning Products, LLC)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.2.8870 - Adobe Systems Inc.)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
ALDI NORD Bestellsoftware 4.14.5 (HKLM-x32\...\ALDI NORD Bestellsoftware) (Version: 4.14.5 - ORWO Net)
Amazon.de (HKLM-x32\...\{A74F16FA-1D5B-405B-8D8D-1BC6F9DAED8B}) (Version:  - Amazon EU S.a.r.L.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo WinOptimizer 6.60 (HKLM-x32\...\Ashampoo WinOptimizer 6_is1) (Version: 6.6.0 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{0FB2E75A-1024-331F-77EF-D45F71505D58}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.8.608 - AVG Technologies)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.00.08(T) - TOSHIBA CORPORATION)
BMW Standard Tools (HKLM-x32\...\{ 70994916-61E9-40D2-A30C-89D2C030017F}_is1) (Version: 2.12.0 - BMW Group)
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Canon MG5100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5100_series) (Version:  - )
ccc-core-static (x32 Version: 2009.0729.2238.38827 - Ihr Firmenname) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.2.2.0 - devolo AG)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
eBay (HKLM-x32\...\{E83BA61A-5D77-4DD5-9C92-A3447F11E27D}) (Version: 1.0.4 - eBay Inc.)
FMW 1 (Version: 1.72.2 - AVG Technologies) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: 4.3.0.1110 - Foxit Corporation)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{8D1E61D1-1395-4E97-997F-D002DB3A5074}) (Version: 3.2.9502 - OpenOffice.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Protectorion Data Safe (HKLM-x32\...\{CA0528BB-7B85-46C9-8D43-D9947C4FF8B5}) (Version: 3.4 - Braincell consult & research GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30101 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{0FB630AB-7BD8-40AE-B223-60397D57C3C9}) (Version: 2.00.0006 - Realtek)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.43 - Piriform)
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version:  - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version:  - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version:  - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version:  - )
Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
Skype(TM) Launcher (HKLM-x32\...\{26D8DF7E-DBF8-43A6-8D42-F37497CE603D}) (Version:  - Skype Technologies S.A.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.10.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
Toshiba Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.09 - TOSHIBA)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1E9E8BA6-FD0B-465D-AFA2-ECE10BF095F9}) (Version: 1.0.04.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{F3529665-D75E-4D6D-98F0-745C78C68E9B}) (Version: 8.0.21 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.1 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.0.07-A - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.1.10.64 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM-x32\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version:  - )
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.1.64 - TOSHIBA Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.4C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.0 - TOSHIBA Corporation)
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.00 - TOSHIBA)
Toshiba Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.08.0001 - TOSHIBA)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.4.1.64 - TOSHIBA Corporation)
Toshiba Photo Service - powered by myphotobook (HKLM-x32\...\eu.myphotobook.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.0.0-663 - myphotobook GmbH)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{C2DDF845-7107-40E8-8D2A-8719F1799570}) (Version: 1.0.04.64 - TOSHIBA Corporation)
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.9.1.12 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.14 - TOSHIBA)
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.7C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.2.25.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version:  - )
TRORMCLauncher (Version: 1.0.0.7 - TOSHIBA) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Utility Common Driver (x32 Version: 1.0.50.27C - TOSHIBA) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {044B1215-AC8B-4E77-9896-BB3344362C67} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {05919AFF-EC96-412D-86E3-667324664A87} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {05EB13B5-6715-4E08-B49E-A0A216CC9A06} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {073FCFA6-355C-4A6C-87EE-FF8B52975697} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {09569323-E733-4B93-8D8D-381A593BE1CF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {0D8A0B49-C09E-4B6B-9CEE-AECBA3D1C35B} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {0F01B5D4-78EC-44DF-9537-C91D3D3FADFD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {1AF1D8E8-F811-409D-91BB-D033AF92E7CA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1C0A6948-A78E-416E-A3F3-16764F360A22} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-07] (Adobe Systems Incorporated)
Task: {1F17ADD9-DCF6-4D73-907D-C4EED30487B1} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {2A39DDA4-9482-4ECF-BE57-F06D6AADE905} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {2D5368BA-EDB9-4E86-A668-CF2130BEAD77} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {2FF21FF6-5784-4D89-BE20-1B92DFBBBC00} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {3E21AE4D-8E1B-4AD4-B1A7-E376EF009CF3} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {4339889F-04B0-4167-BDF1-D7FE563BC022} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {45D19459-FDE5-43C8-BC71-D9531053DDA9} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {52BF854E-2B6C-4F1E-907A-DD2B07443E88} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {5706D1B3-75BF-4BC3-B663-62C8D378372A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {590E6831-A4B6-4AE2-9BD3-8DF8913EAE67} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {59DE207C-051A-4E8E-85D2-F8F11D2198A5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {671DA0F9-0612-48AD-94BD-768B73DC6111} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {6727E40A-A4C8-4F25-A477-8AD8D3A8F698} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {6C9D2C6D-659D-4B01-BBC3-E030E7E6B482} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {6D502555-E274-4C58-8374-CCE94D136266} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2000210142-2090411493-3058419309-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: {6FD999AB-8D33-4906-B4C5-C62AD1646349} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {770C0999-696E-41F9-AB91-E499B18436A5} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {815704E9-BC03-48F5-9DEC-5F956C226B8D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {8579D0F4-00EE-4167-89AC-6C6DDEE33197} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2000210142-2090411493-3058419309-1000 => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: {892FB8C1-8627-48A2-A445-4EAB957F0F06} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8F1144E1-D1DC-4E1B-B1DA-63F95B8CC079} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {A0A4EFB4-175B-44A8-99A9-08AD041E1B71} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {A4C6DDD3-C809-4AE5-80B4-B79FCEBF12AF} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {A7F7B4A8-81DE-4820-83CD-16FCB0597E50} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe
Task: {A9C10BD1-4770-402D-AAC0-27B98D678269} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {AE969F50-0EF6-459E-96AB-6E4D777966B2} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {B1D08977-1F98-4237-929D-56352C50F0D3} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.)
Task: {B30B5C5A-A967-4B80-A8A6-88225277ADA7} - System32\Tasks\{6470E94E-3334-4700-9813-AE640EEADA48} => pcalua.exe -a C:\Windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
Task: {B760F9F6-B70F-4F6D-AA30-8DAA7B49F65D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {B9ACC160-DABF-4E33-B7D4-A14D71AB8354} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BEC47F94-F8A1-4286-B90A-A80D098EC339} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {BF32A50D-33CB-4DBC-9C88-4E159D6CA6D9} - System32\Tasks\{6088A1ED-8355-4C38-BBF4-820B50049834} => pcalua.exe -a "C:\Users\Martin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EJV31QEW\Firefox%20Setup%203.6.10[1].exe" -d C:\Users\Martin\Desktop
Task: {CC7D19B9-1306-4211-9E83-D1EF1437177C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {CEAD5A65-5ACC-48E6-AF3B-2063463FB984} - System32\Tasks\{28A67731-A5EA-40F6-A373-0BBD08DBAD4B} => pcalua.exe -a "C:\Program Files (x86)\Real\RealPlayer\Update\r1puninst.exe" -c RealNetworks|RealPlayer|15.0
Task: {DABBE447-B3EC-47DD-8DF7-9B7377534282} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {DFE2AB57-BDAF-475A-BCE8-B29055DE29ED} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-20] (Dropbox, Inc.)
Task: {E59539D5-35E9-4941-A7DB-B17BDC5BAEF4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {ED6E7618-D51B-453A-857E-0B6B822403CB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {F2051EDA-EE9A-48A3-9615-8757B43C6E9B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {F81CC4D1-47EE-4AD8-857C-C204181DCA24} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {FBD2A2EB-2B00-4615-B1F1-0820B3F096A0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2000210142-2090411493-3058419309-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2000210142-2090411493-3058419309-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Protectorion Data Safe\Update ....lnk -> C:\Users\Martin\AppData\Local\Programs\Protectorion Data Safe\update.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-28 10:41 - 2016-03-28 10:41 - 01216584 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2009-08-26 17:58 - 2009-08-26 17:58 - 00553984 _____ () C:\Program Files\TOSHIBA\TECO\TecoPower.dll
2012-12-07 19:27 - 2012-12-07 19:27 - 00167424 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-03-12 04:33 - 2016-03-12 04:32 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\loggingserver.exe
2016-03-02 18:55 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-02 18:55 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-03 19:30 - 2016-02-03 19:31 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-19 14:46 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-02 18:55 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-15 19:27 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-15 19:27 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-03 19:28 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-02-03 19:28 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2009-08-06 14:14 - 2009-08-06 14:14 - 03002728 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2009-07-16 15:27 - 2009-07-16 15:27 - 07244600 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-07-16 15:27 - 2009-07-16 15:27 - 00051512 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2009-09-08 10:04 - 2009-06-22 15:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 17:38 - 2009-07-25 17:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2016-03-28 10:41 - 2016-03-28 10:41 - 02875464 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2009-08-03 18:18 - 2009-08-03 18:18 - 00081752 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2016-03-12 04:33 - 2016-03-12 04:32 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\log4cplusU.dll
2016-02-03 19:30 - 2016-02-03 19:31 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-02-03 19:30 - 2016-02-03 19:31 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2010-05-04 16:36 - 2010-05-04 16:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2016-03-28 10:38 - 2016-02-23 20:19 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-03-28 10:38 - 2016-02-23 20:20 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-03-28 10:38 - 2016-02-23 20:19 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-03-28 10:38 - 2016-03-12 02:18 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-03-28 10:38 - 2016-02-23 20:20 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-03-28 10:38 - 2016-03-12 02:18 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-03-28 10:38 - 2016-02-13 02:24 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-03-28 10:38 - 2016-03-12 02:18 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-03-28 10:38 - 2016-02-23 20:19 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-03-28 10:38 - 2016-02-23 20:20 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-03-28 10:38 - 2016-02-23 20:21 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-03-28 10:38 - 2016-03-12 02:18 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-03-28 10:38 - 2016-02-23 20:20 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-03-28 10:38 - 2016-02-23 20:23 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-03-28 10:38 - 2016-02-23 20:23 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-03-28 10:38 - 2016-03-12 02:18 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-03-28 10:38 - 2016-03-12 02:18 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-03-28 10:38 - 2016-02-23 20:25 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-08 23:41 - 2016-04-08 23:41 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7648 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-27 20:33 - 2015-10-27 20:33 - 00434876 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com
127.0.0.1	www.123moviedownload.com

Da befinden sich 14956 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2000210142-2090411493-3058419309-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img3.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "TWebCamera"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{0BFC16B4-C331-4499-B77D-5F9C140A0449}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0D8143BE-B4EB-45DD-A250-50952CDEAA49}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80FBBD8E-2B8A-416D-98A0-9CCCE859E664}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{6D6343EC-1425-479C-A157-FB0394008CB8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{8516A2EB-BE36-4A0A-A0E8-E794EA0A14B5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{1B38C172-1D33-4729-B171-E71A7C807573}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9F1054F0-08E3-4079-8C28-E1E5D03B8C29}] => (Allow) svchost.exe
FirewallRules: [{4F963B9A-AC62-4B81-88D3-B08104C7A8F4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{3D2F00DA-0BA9-4CCE-B356-6FC2C52C47D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A186E83C-614E-4C78-A91C-8875546E6BDB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E8B0F9FB-1B50-41AC-97EA-66E566F2635E}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{57C6F0E7-01EE-44C6-ABBD-4EE565847026}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{DB51191B-2F20-4E9F-9319-2E1D0843E7B5}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{092E92CC-D1A1-4C4F-93FF-2C30DE46EA10}] => (Allow) C:\Program Files (x86)\Activision\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [TCP Query User{4531433B-B2E9-4F3B-B84F-E354284C9948}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3.exe
FirewallRules: [UDP Query User{38B97628-FA76-4DDB-B722-194E32FC31D3}C:\program files (x86)\microsoft games\age of empires iii\age3.exe] => (Block) C:\program files (x86)\microsoft games\age of empires iii\age3.exe
FirewallRules: [TCP Query User{980E9CD6-4C49-420C-A433-A5B7512BB335}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [UDP Query User{D9D75EF5-2CCA-4612-9D10-2531C045DF9F}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [TCP Query User{E3C27577-1120-44A2-BA1A-A99A1DCCAD31}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [UDP Query User{06EDC328-A1DB-4196-8E44-C8D98863302A}C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe] => (Block) C:\program files (x86)\steam\steamapps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{DFBF0DB7-FB08-4551-9545-ECE6CFD6B21B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C69F9DE8-6F65-4C2C-AA23-E9D7021D4F8A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1126235A-1D57-4A9E-B71F-1910C8D8511C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BAA3137E-4AC9-4FBA-8B29-20191751049C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1CD929C5-FC40-4220-9DC1-63D70E0BC858}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{64E7CB07-B151-484A-99D7-DF29A2DEA8A0}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{34B72F2A-876B-4D92-A87A-3419B27C12E5}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{5D40AA08-79FF-4CC4-8F3C-052EDE0B96D3}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [TCP Query User{892380FF-10D3-4831-8A85-2A892F14F362}C:\users\martin\desktop\warcraft 1.18\war3.exe] => (Block) C:\users\martin\desktop\warcraft 1.18\war3.exe
FirewallRules: [UDP Query User{B5A5B3F8-3D1A-460C-88D2-9CE94DC0B8C7}C:\users\martin\desktop\warcraft 1.18\war3.exe] => (Block) C:\users\martin\desktop\warcraft 1.18\war3.exe
FirewallRules: [{F5F1249D-D2F1-46C0-BA38-7B6498AA5C54}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{711A7E70-9CFF-47CA-86B1-264175ACEEB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4sp.exe
FirewallRules: [{9BB53347-D821-40B8-8DEC-C265E6B19884}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{D7406BC4-8554-4D1B-A01F-CCB1F373C2AA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\call of duty modern warfare 2\iw4mp.exe
FirewallRules: [{3B23CDED-F837-4BD8-A425-E0B9874AF067}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{225AE33F-DDA2-46AC-8CAD-1C22496E687B}C:\users\martin\desktop\age of empires ii\empires2.exe] => (Allow) C:\users\martin\desktop\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB93B0C0-998E-4E30-B618-A991DA3082AE}C:\users\martin\desktop\age of empires ii\empires2.exe] => (Allow) C:\users\martin\desktop\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{8EB90B02-339A-4A66-A910-163D3BD63633}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{92999DC8-5F68-4826-AD2B-403CDC517BC5}C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe] => (Allow) C:\program files (x86)\lucasarts\star wars battlefront ii\gamedata\battlefrontii.exe
FirewallRules: [TCP Query User{FB74B361-62A8-40BC-BB32-06D5C2868155}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{35D67AC5-00F3-4626-A13D-9F69C6A05962}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{20EA17D9-A6A4-4B47-9F9F-EA620078C25E}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0CFC968D-BDF1-476E-9743-C3C91303108B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{2036D734-F707-4B1F-9D95-9DFA98173020}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{3E70CAE4-D396-4781-8595-4845D2655467}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [TCP Query User{9C38D606-932A-4B71-81AF-E910A5F859CF}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [UDP Query User{38D5E8FA-FFE8-40B5-9CE7-A440671ACE42}C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe] => (Allow) C:\program files (x86)\mediamonkey\mediamonkey (non-skinned).exe
FirewallRules: [{ABD00674-C197-4F96-997A-7389827881EA}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{83C2D1AA-0E10-4A9D-81B6-5E0AF78CA55A}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{AFA9504B-153B-4A5C-8022-7D94AAE82AA6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{17AF64C9-CA91-4E82-A2BC-912324D52E2A}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{706A6C80-A328-495E-8988-5AA6C4AB5BB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3EE18752-1DD6-4A85-95BE-63F361D7B661}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D5D14F3B-67F7-46D4-92C1-3147C9F0202F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{75C52CD6-2743-4561-A612-03D07C64CDAC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{8A8BD4C3-7407-48BD-B0AB-3AEFCE6AECF7}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{FAF617ED-2237-4165-9453-BA0218F35AD8}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C4CCD9D9-AF56-49D3-BBCF-9BC8A8F1F634}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{E00E78AE-7931-4118-9133-6A010A45147C}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CC187B33-396B-4D83-A68A-63449E5D1AC4}C:\users\dj\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dj\appdata\roaming\spotify\spotify.exe
FirewallRules: [{33BDEFCC-B175-4995-A639-8E5F6C7827E8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{96CD4AC7-2DD4-4BCA-859F-80706B9E28DC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{D8D35B1E-65FE-453A-9534-EE27C60C807F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{A5C67F12-466F-4372-8F69-C17405B9541F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{87F4F911-3457-48E0-92BB-A23084BC626B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1FE41D17-D8BB-4B72-8459-1BD06D5D8527}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{4BFFF07C-B62B-42FA-970D-D3073409C3EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{C4F5837C-DDA4-4CBB-A9AF-E37593F835D2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7F91FA7B-8AF0-41AD-AAC0-2A250C693A92}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C46494AF-FD4C-4D4D-94F7-EF1B8121C7A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4C58191A-9065-4DB3-9E8B-0056CB580E5C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BF7D2245-EED3-4176-8B93-70D0FDF83840}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

28-03-2016 10:54:07 Windows Update
04-04-2016 20:24:09 Geplanter Prüfpunkt
06-04-2016 15:16:31 WinZip 20.0 wird installiert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/08/2016 11:37:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avgui.exe, Version 16.51.0.7497 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 18cc

Startzeit: 01d1900481b56fdb

Beendigungszeit: 60000

Anwendungspfad: C:\Program Files (x86)\AVG\Av\avgui.exe

Berichts-ID: 8ffdd49d-fdd1-11e5-8d7d-0026223f32fa

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (04/07/2016 08:17:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: devolonetsvc.exe, Version: 4.2.2.0, Zeitstempel: 0x537360e3
Name des fehlerhaften Moduls: devolonetsvc.exe, Version: 4.2.2.0, Zeitstempel: 0x537360e3
Ausnahmecode: 0xc0000417
Fehleroffset: 0x001db17c
ID des fehlerhaften Prozesses: 0x98c
Startzeit der fehlerhaften Anwendung: 0xdevolonetsvc.exe0
Pfad der fehlerhaften Anwendung: devolonetsvc.exe1
Pfad des fehlerhaften Moduls: devolonetsvc.exe2
Berichtskennung: devolonetsvc.exe3
Vollständiger Name des fehlerhaften Pakets: devolonetsvc.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: devolonetsvc.exe5

Error: (04/06/2016 03:16:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/06/2016 10:28:14 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avgui.exe, Version: 16.51.0.7497, Zeitstempel: 0x56d6b2f6
Name des fehlerhaften Moduls: TBAPI.dll, Version: 0.0.0.0, Zeitstempel: 0x56dc1066
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000c270
ID des fehlerhaften Prozesses: 0x18e4
Startzeit der fehlerhaften Anwendung: 0xavgui.exe0
Pfad der fehlerhaften Anwendung: avgui.exe1
Pfad des fehlerhaften Moduls: avgui.exe2
Berichtskennung: avgui.exe3
Vollständiger Name des fehlerhaften Pakets: avgui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: avgui.exe5

Error: (04/05/2016 06:37:03 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/04/2016 08:24:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (04/04/2016 04:34:45 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (04/04/2016 02:46:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: taskhostw.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d756
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.122, Zeitstempel: 0x56cbf9dd
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000231f7
ID des fehlerhaften Prozesses: 0x2f1c
Startzeit der fehlerhaften Anwendung: 0xtaskhostw.exe0
Pfad der fehlerhaften Anwendung: taskhostw.exe1
Pfad des fehlerhaften Moduls: taskhostw.exe2
Berichtskennung: taskhostw.exe3
Vollständiger Name des fehlerhaften Pakets: taskhostw.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: taskhostw.exe5

Error: (03/28/2016 10:55:43 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/28/2016 10:40:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ScriptHelper.exe, Version: 4.2.8.608, Zeitstempel: 0x56dc106e
Name des fehlerhaften Moduls: ScriptHelper.exe, Version: 4.2.8.608, Zeitstempel: 0x56dc106e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000155e
ID des fehlerhaften Prozesses: 0x16a4
Startzeit der fehlerhaften Anwendung: 0xScriptHelper.exe0
Pfad der fehlerhaften Anwendung: ScriptHelper.exe1
Pfad des fehlerhaften Moduls: ScriptHelper.exe2
Berichtskennung: ScriptHelper.exe3
Vollständiger Name des fehlerhaften Pakets: ScriptHelper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ScriptHelper.exe5


Systemfehler:
=============
Error: (04/10/2016 08:44:40 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (04/09/2016 09:19:39 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/09/2016 08:52:09 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.

Error: (04/09/2016 01:25:30 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (04/09/2016 01:18:42 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/09/2016 01:17:09 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_540dc erreicht.

Error: (04/09/2016 01:16:59 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_540dc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/08/2016 11:40:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/08/2016 11:38:58 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {7006698D-2974-4091-A424-85DD0B909E23}

Error: (04/08/2016 11:38:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_5224f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-03-28 11:11:13.556
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-16 16:51:40.545
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-13 03:37:19.774
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-11 04:08:36.872
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-04 03:35:58.888
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-03-03 22:35:00.765
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-29 13:18:16.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-11 05:05:14.229
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-03 19:35:38.710
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-23 03:38:48.805
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz
Prozentuale Nutzung des RAM: 52%
Installierter physikalischer RAM: 4060.87 MB
Verfügbarer physikalischer RAM: 1916.42 MB
Summe virtueller Speicher: 8156.87 MB
Verfügbarer virtueller Speicher: 5858.21 MB

==================== Laufwerke ================================

Drive c: (WINDOWS) (Fixed) (Total:185.81 GB) (Free:16.31 GB) NTFS
Drive d: (Data) (Fixed) (Total:185.91 GB) (Free:68.5 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 372.6 GB) (Disk ID: C83D8E54)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=185.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=504 MB) - (Type=27)
Partition 4: (Not Active) - (Size=185.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 10.04.2016, 20:32   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Zitat:
Zitat von sourKraut135 Beitrag anzeigen
Hallo community,
ich habe den Verdacht, dass mein Laptop (Windows 10) gehackt wurde bzw dass jmnd. unerlaubt Zugriff darauf hatte und evtl. Malware oder Spyware installiert hat.
Was meinst Du denn damit? Unerlaubt? Der mit Teamviewer? Was war da genau?

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 11.04.2016, 18:47   #5
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Ich hatte mich mit dem Typen über Teamviewer verbunden, es ging grob gesagt um eine Software für meinen BMW. Er hat dann in Windeseile ettliche Ordner von A nach B verschoben und hatte plötzlich 10 Fenster gleichzeitig offen. Mein Verdacht geht nun dahin, dass er im Hintergrund auf meinem PC etwas installiert hat, womit er auch nachträglich noch Zugang zu ihm hat oder ihn ausspäht.
Komischerweise war er auch zwischendurch von mir getrennt wegen Verbindungsproblemen, konnte sich später aber ohne neues Passwort für den Teamviewer wieder bei mir einloggen. Das kann doch nicht sein, oder?

Code:
ATTFilter
18:38:42.0279 0x12d8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:38:45.0033 0x12d8  ============================================================
18:38:45.0033 0x12d8  Current date / time: 2016/04/11 18:38:45.0033
18:38:45.0033 0x12d8  SystemInfo:
18:38:45.0033 0x12d8  
18:38:45.0033 0x12d8  OS Version: 10.0.10586 ServicePack: 0.0
18:38:45.0033 0x12d8  Product type: Workstation
18:38:45.0033 0x12d8  ComputerName: MARTIN-TOSH
18:38:45.0033 0x12d8  UserName: Martin
18:38:45.0033 0x12d8  Windows directory: C:\WINDOWS
18:38:45.0033 0x12d8  System windows directory: C:\WINDOWS
18:38:45.0033 0x12d8  Running under WOW64
18:38:45.0033 0x12d8  Processor architecture: Intel x64
18:38:45.0033 0x12d8  Number of processors: 2
18:38:45.0033 0x12d8  Page size: 0x1000
18:38:45.0033 0x12d8  Boot type: Normal boot
18:38:45.0033 0x12d8  ============================================================
18:38:45.0171 0x12d8  KLMD registered as C:\WINDOWS\system32\drivers\63416168.sys
18:38:45.0412 0x12d8  System UUID: {7E76AB96-3770-9979-D99D-7DE5ED0465C0}
18:38:45.0863 0x12d8  Drive \Device\Harddisk0\DR0 - Size: 0x5D27216000 ( 372.61 Gb ), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:38:45.0877 0x12d8  ============================================================
18:38:45.0877 0x12d8  \Device\Harddisk0\DR0:
18:38:45.0877 0x12d8  MBR partitions:
18:38:45.0877 0x12d8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xC8800, BlocksNum 0x173A0680
18:38:45.0877 0x12d8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x17565000, BlocksNum 0x173D4000
18:38:45.0877 0x12d8  ============================================================
18:38:45.0899 0x12d8  C: <-> \Device\Harddisk0\DR0\Partition1
18:38:45.0944 0x12d8  D: <-> \Device\Harddisk0\DR0\Partition2
18:38:45.0944 0x12d8  ============================================================
18:38:45.0945 0x12d8  Initialize success
18:38:45.0945 0x12d8  ============================================================
18:39:16.0612 0x1558  ============================================================
18:39:16.0612 0x1558  Scan started
18:39:16.0613 0x1558  Mode: Manual; SigCheck; TDLFS; 
18:39:16.0613 0x1558  ============================================================
18:39:16.0613 0x1558  KSN ping started
18:39:19.0045 0x1558  KSN ping finished: true
18:39:20.0875 0x1558  ================ Scan system memory ========================
18:39:20.0875 0x1558  System memory - ok
18:39:20.0879 0x1558  ================ Scan services =============================
18:39:21.0148 0x1558  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:39:21.0240 0x1558  1394ohci - ok
18:39:21.0288 0x1558  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:39:21.0304 0x1558  3ware - ok
18:39:21.0352 0x1558  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:39:21.0385 0x1558  ACPI - ok
18:39:21.0429 0x1558  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:39:21.0448 0x1558  acpiex - ok
18:39:21.0464 0x1558  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:39:21.0495 0x1558  acpipagr - ok
18:39:21.0546 0x1558  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:39:21.0610 0x1558  AcpiPmi - ok
18:39:21.0624 0x1558  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:39:21.0665 0x1558  acpitime - ok
18:39:21.0745 0x1558  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:39:21.0756 0x1558  AdobeARMservice - ok
18:39:21.0902 0x1558  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:39:21.0939 0x1558  AdobeFlashPlayerUpdateSvc - ok
18:39:22.0057 0x1558  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:39:22.0106 0x1558  ADP80XX - ok
18:39:22.0261 0x1558  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:39:22.0294 0x1558  AFD - ok
18:39:22.0334 0x1558  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:39:22.0351 0x1558  agp440 - ok
18:39:22.0370 0x1558  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:39:22.0424 0x1558  ahcache - ok
18:39:22.0475 0x1558  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
18:39:22.0540 0x1558  AJRouter - ok
18:39:22.0584 0x1558  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
18:39:22.0661 0x1558  ALG - ok
18:39:22.0699 0x1558  [ 7FE59496114A48A64E98E3218664A3E6, 1C11EE3686CB7F57783A5A5F56CCED71F61A46B26B0F4C4D04B1B37E8AC5A7D1 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:39:22.0826 0x1558  AMD External Events Utility - ok
18:39:22.0851 0x1558  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:39:22.0898 0x1558  AmdK8 - ok
18:39:23.0346 0x1558  [ E66C25946B3D9268D8E10D3769CF4719, C273A59D3A29549E3C8BBF896015CA0E5D64A4ECCD6C2FF360927773DA736022 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
18:39:24.0111 0x1558  amdkmdag - ok
18:39:24.0165 0x1558  [ D1D66D1D42E53B53AFC7598058E71796, 12A1C8D895891F89745493091174D3FF5A9953F21427E7E1BE1120DA762E0CBD ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
18:39:24.0228 0x1558  amdkmdap - ok
18:39:24.0250 0x1558  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:39:24.0283 0x1558  AmdPPM - ok
18:39:24.0317 0x1558  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:39:24.0334 0x1558  amdsata - ok
18:39:24.0357 0x1558  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:39:24.0378 0x1558  amdsbs - ok
18:39:24.0392 0x1558  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:39:24.0407 0x1558  amdxata - ok
18:39:24.0478 0x1558  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
18:39:24.0505 0x1558  AppHostSvc - ok
18:39:24.0544 0x1558  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:39:24.0563 0x1558  AppID - ok
18:39:24.0611 0x1558  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:39:24.0672 0x1558  AppIDSvc - ok
18:39:24.0689 0x1558  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:39:24.0729 0x1558  Appinfo - ok
18:39:24.0789 0x1558  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:39:24.0851 0x1558  AppReadiness - ok
18:39:24.0955 0x1558  [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:39:25.0096 0x1558  AppXSvc - ok
18:39:25.0120 0x1558  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:39:25.0138 0x1558  arcsas - ok
18:39:25.0254 0x1558  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:39:25.0271 0x1558  aspnet_state - ok
18:39:25.0312 0x1558  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
18:39:25.0369 0x1558  AsyncMac - ok
18:39:25.0395 0x1558  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:39:25.0410 0x1558  atapi - ok
18:39:25.0451 0x1558  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:39:25.0511 0x1558  AudioEndpointBuilder - ok
18:39:25.0593 0x1558  [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:39:25.0660 0x1558  Audiosrv - ok
18:39:25.0787 0x1558  [ 55D62DD579231402745ECCDD1E55C6CC, 29030EDEDDB40F6D78DD52353CB1FFF292A2CD25EF603225FD0A506868915781 ] AvgAMPS         C:\Program Files (x86)\AVG\Av\avgamps.exe
18:39:25.0820 0x1558  AvgAMPS - ok
18:39:25.0852 0x1558  [ 344B89E8D91B1F25239310DCC7337ED0, CF57BD6AAA2A1527957DA4BA4FFC8072D4BE071C95A8741690CA051727B4E30C ] Avgboota        C:\WINDOWS\system32\DRIVERS\avgboota.sys
18:39:25.0868 0x1558  Avgboota - ok
18:39:25.0902 0x1558  [ FF641C4AD6F27902A7D3CA57BEAA8E80, D5CC8F8BFAE3FFAF9E6FB8130337BACCCC2DB9AE04C8D01A3B7F9037EE3A0ED2 ] Avgdiska        C:\WINDOWS\system32\DRIVERS\avgdiska.sys
18:39:25.0916 0x1558  Avgdiska - ok
18:39:26.0082 0x1558  [ F5EB38E929945BB7B476924F4D61DB4F, B28CA18B80D038627A03E9EB176808ABB1CFB3DDE4D00A1CC3D90175169BA35B ] AVGIDSAgent     C:\Program Files (x86)\AVG\Av\avgidsagent.exe
18:39:26.0256 0x1558  AVGIDSAgent - ok
18:39:26.0373 0x1558  [ 9A809D3EA1569177B1CFA2A20E334C9D, DFC92C31D37EC49D2972712085E109E4D54C5F475D829F29884B51A523171AFC ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
18:39:26.0400 0x1558  AVGIDSDriver - ok
18:39:26.0442 0x1558  [ D54A730B8DA065C33901737446D7C006, 5054DE9BD322D8D794AC69A8F2FA91C6FA0D82CB67047796114DB958AB7A9771 ] AVGIDSHA        C:\WINDOWS\system32\DRIVERS\avgidsha.sys
18:39:26.0458 0x1558  AVGIDSHA - ok
18:39:26.0513 0x1558  [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64        C:\WINDOWS\system32\DRIVERS\avgldx64.sys
18:39:26.0530 0x1558  Avgldx64 - ok
18:39:26.0556 0x1558  [ 1B77FEC764628B1555086F749D911859, 0A0DA2FBB6472694A4E20E64F381AB99F7FE702E928C5FD2F7C6F353EC029F9B ] Avgloga         C:\WINDOWS\system32\DRIVERS\avgloga.sys
18:39:26.0576 0x1558  Avgloga - ok
18:39:26.0625 0x1558  [ 2A9380C58B7CD687EB9709086614820D, 7AB787135E96790740EE6A6A8046F2880B90ECF717359EEA579D2A149B953056 ] Avgmfx64        C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
18:39:26.0642 0x1558  Avgmfx64 - ok
18:39:26.0670 0x1558  [ 392339315A0738429B3C9E92A0F8F995, 3B101C2316DE151D39D88B33B382451C5C05C13FA5A52C4B00C5B7853931680A ] Avgrkx64        C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
18:39:26.0680 0x1558  Avgrkx64 - ok
18:39:26.0829 0x1558  [ BF1DFD9D1246994C8396FBFF472A2EEF, BC53CB81FB52C44148F07946AC5D47039BC33E5F1BB57DDE1F3EF1E635EC982C ] avgsvc          C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
18:39:26.0868 0x1558  avgsvc - ok
18:39:26.0894 0x1558  [ EADED7133726FEEC05C3A7CF0F661590, 2B8A912B77E3A78D44BA0689BDB75DF7838AC18EF153191229019C4DAED93B7B ] Avguniva        C:\WINDOWS\system32\DRIVERS\avguniva.sys
18:39:26.0904 0x1558  Avguniva - ok
18:39:26.0943 0x1558  [ 501D3FE6D8A15FB182983E4EA0C6386B, 15B000CA8757B9D91695465D5D842F441FD2FCF0DD1064FF52D04020E5830D8E ] avgwd           C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
18:39:26.0968 0x1558  avgwd - ok
18:39:26.0998 0x1558  [ E1280D6DE33584FF88B128C9A6773719, 0161DD5736BCB0D4DBCEA8FF576E25CB860C5432B330DCD8412CF3BEC64A3C5E ] Avgwfpa         C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
18:39:27.0016 0x1558  Avgwfpa - ok
18:39:27.0071 0x1558  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:39:27.0109 0x1558  AxInstSV - ok
18:39:27.0168 0x1558  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:39:27.0198 0x1558  b06bdrv - ok
18:39:27.0218 0x1558  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:39:27.0265 0x1558  BasicDisplay - ok
18:39:27.0270 0x1558  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:39:27.0304 0x1558  BasicRender - ok
18:39:27.0332 0x1558  [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
18:39:27.0345 0x1558  bcbtums - ok
18:39:27.0435 0x1558  [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
18:39:27.0514 0x1558  BcmBtRSupport - ok
18:39:27.0552 0x1558  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
18:39:27.0579 0x1558  bcmfn - ok
18:39:27.0598 0x1558  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:39:27.0626 0x1558  bcmfn2 - ok
18:39:27.0677 0x1558  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:39:27.0755 0x1558  BDESVC - ok
18:39:27.0796 0x1558  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:39:27.0851 0x1558  Beep - ok
18:39:27.0922 0x1558  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
18:39:27.0998 0x1558  BFE - ok
18:39:28.0101 0x1558  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:39:28.0192 0x1558  BITS - ok
18:39:28.0210 0x1558  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:39:28.0244 0x1558  bowser - ok
18:39:28.0292 0x1558  [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:39:28.0359 0x1558  BrokerInfrastructure - ok
18:39:28.0424 0x1558  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
18:39:28.0455 0x1558  Browser - ok
18:39:28.0499 0x1558  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:39:28.0565 0x1558  BthAvrcpTg - ok
18:39:28.0591 0x1558  [ 36417FC4F11C31C880CB428037DEDF3F, ACDB798A038E3D5CC350AC53A9EC8E14AD02E2C28AE4578EC0205E6DF537A8F9 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:39:28.0633 0x1558  BthEnum - ok
18:39:28.0673 0x1558  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:39:28.0706 0x1558  BthHFEnum - ok
18:39:28.0720 0x1558  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:39:28.0738 0x1558  bthhfhid - ok
18:39:28.0791 0x1558  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:39:28.0864 0x1558  BthHFSrv - ok
18:39:28.0908 0x1558  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:39:28.0943 0x1558  BTHMODEM - ok
18:39:28.0958 0x1558  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:39:28.0980 0x1558  BthPan - ok
18:39:29.0039 0x1558  [ CEFF59649E90987D263D96078724A54A, 3EB69F0BA282085682FB09F1469BF66A84229D8C7A044C6B98B78477716917EE ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
18:39:29.0106 0x1558  BTHPORT - ok
18:39:29.0146 0x1558  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:39:29.0182 0x1558  bthserv - ok
18:39:29.0216 0x1558  [ 0D279373091AA1BBEEE958AAF02B5EDF, 79CEBC2D9345103958DC161C31AC4BE078626D6DC28F6F06C432917872A1E3B4 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
18:39:29.0240 0x1558  BTHUSB - ok
18:39:29.0261 0x1558  [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
18:39:29.0274 0x1558  btwampfl - ok
18:39:29.0291 0x1558  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
18:39:29.0331 0x1558  buttonconverter - ok
18:39:29.0357 0x1558  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
18:39:29.0406 0x1558  CapImg - ok
18:39:29.0445 0x1558  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:39:29.0480 0x1558  cdfs - ok
18:39:29.0545 0x1558  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
18:39:29.0614 0x1558  CDPSvc - ok
18:39:29.0639 0x1558  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:39:29.0678 0x1558  cdrom - ok
18:39:29.0732 0x1558  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:39:29.0779 0x1558  CertPropSvc - ok
18:39:29.0822 0x1558  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:39:29.0840 0x1558  circlass - ok
18:39:29.0888 0x1558  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:39:29.0913 0x1558  CLFS - ok
18:39:29.0951 0x1558  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
18:39:29.0984 0x1558  ClipSVC - ok
18:39:30.0000 0x1558  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:39:30.0043 0x1558  CmBatt - ok
18:39:30.0087 0x1558  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:39:30.0119 0x1558  CNG - ok
18:39:30.0166 0x1558  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
18:39:30.0180 0x1558  cnghwassist - ok
18:39:30.0289 0x1558  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
18:39:30.0342 0x1558  CompositeBus - ok
18:39:30.0350 0x1558  COMSysApp - ok
18:39:30.0387 0x1558  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:39:30.0402 0x1558  condrv - ok
18:39:30.0479 0x1558  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
18:39:30.0516 0x1558  CoreMessagingRegistrar - ok
18:39:30.0569 0x1558  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:39:30.0641 0x1558  CryptSvc - ok
18:39:30.0657 0x1558  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:39:30.0675 0x1558  dam - ok
18:39:30.0697 0x1558  dbupdate - ok
18:39:30.0701 0x1558  dbupdatem - ok
18:39:30.0857 0x1558  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:39:30.0933 0x1558  DcomLaunch - ok
18:39:30.0985 0x1558  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
18:39:31.0048 0x1558  DcpSvc - ok
18:39:31.0102 0x1558  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:39:31.0154 0x1558  defragsvc - ok
18:39:31.0215 0x1558  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:39:31.0293 0x1558  DeviceAssociationService - ok
18:39:31.0343 0x1558  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:39:31.0387 0x1558  DeviceInstall - ok
18:39:31.0584 0x1558  [ 7997CA8D6C36A0E3CBB9283461C365A5, 268A0C5498A990786B5122DBE53A32513943821FB081435E1FB4D04832579D44 ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
18:39:31.0771 0x1558  DevoloNetworkService - ok
18:39:31.0830 0x1558  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
18:39:31.0898 0x1558  DevQueryBroker - ok
18:39:31.0945 0x1558  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:39:31.0994 0x1558  Dfsc - ok
18:39:32.0101 0x1558  [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS          C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 6\Dfsdks.exe
18:39:32.0145 0x1558  DfSdkS - detected UnsignedFile.Multi.Generic ( 1 )
18:39:34.0554 0x1558  Detect skipped due to KSN trusted
18:39:34.0555 0x1558  DfSdkS - ok
18:39:34.0643 0x1558  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:39:34.0713 0x1558  Dhcp - ok
18:39:34.0805 0x1558  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
18:39:34.0842 0x1558  diagnosticshub.standardcollector.service - ok
18:39:34.0940 0x1558  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:39:35.0002 0x1558  DiagTrack - ok
18:39:35.0022 0x1558  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:39:35.0038 0x1558  disk - ok
18:39:35.0092 0x1558  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
18:39:35.0157 0x1558  DmEnrollmentSvc - ok
18:39:35.0199 0x1558  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:39:35.0248 0x1558  dmvsc - ok
18:39:35.0296 0x1558  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
18:39:35.0351 0x1558  dmwappushservice - ok
18:39:35.0400 0x1558  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:39:35.0437 0x1558  Dnscache - ok
18:39:35.0487 0x1558  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:39:35.0529 0x1558  dot3svc - ok
18:39:35.0550 0x1558  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
18:39:35.0590 0x1558  DPS - ok
18:39:35.0652 0x1558  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
18:39:35.0666 0x1558  drmkaud - ok
18:39:35.0716 0x1558  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:39:35.0764 0x1558  DsmSvc - ok
18:39:35.0789 0x1558  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
18:39:35.0837 0x1558  DsSvc - ok
18:39:35.0928 0x1558  [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:39:36.0002 0x1558  DXGKrnl - ok
18:39:36.0047 0x1558  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:39:36.0084 0x1558  Eaphost - ok
18:39:36.0259 0x1558  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:39:36.0454 0x1558  ebdrv - ok
18:39:36.0496 0x1558  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
18:39:36.0512 0x1558  EFS - ok
18:39:36.0581 0x1558  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:39:36.0597 0x1558  EhStorClass - ok
18:39:36.0623 0x1558  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:39:36.0640 0x1558  EhStorTcgDrv - ok
18:39:36.0705 0x1558  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
18:39:36.0742 0x1558  embeddedmode - ok
18:39:36.0775 0x1558  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
18:39:36.0842 0x1558  EntAppSvc - ok
18:39:36.0863 0x1558  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:39:36.0896 0x1558  ErrDev - ok
18:39:36.0968 0x1558  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
18:39:37.0034 0x1558  EventSystem - ok
18:39:37.0083 0x1558  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:39:37.0134 0x1558  exfat - ok
18:39:37.0156 0x1558  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:39:37.0180 0x1558  fastfat - ok
18:39:37.0263 0x1558  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:39:37.0337 0x1558  Fax - ok
18:39:37.0354 0x1558  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:39:37.0385 0x1558  fdc - ok
18:39:37.0426 0x1558  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:39:37.0448 0x1558  fdPHost - ok
18:39:37.0454 0x1558  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:39:37.0495 0x1558  FDResPub - ok
18:39:37.0518 0x1558  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:39:37.0561 0x1558  fhsvc - ok
18:39:37.0605 0x1558  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
18:39:37.0636 0x1558  FileCrypt - ok
18:39:37.0683 0x1558  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:39:37.0718 0x1558  FileInfo - ok
18:39:37.0739 0x1558  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:39:37.0777 0x1558  Filetrace - ok
18:39:37.0807 0x1558  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:39:37.0852 0x1558  flpydisk - ok
18:39:37.0883 0x1558  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:39:37.0908 0x1558  FltMgr - ok
18:39:37.0995 0x1558  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:39:38.0131 0x1558  FontCache - ok
18:39:38.0218 0x1558  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:39:38.0236 0x1558  FontCache3.0.0.0 - ok
18:39:38.0284 0x1558  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:39:38.0320 0x1558  FsDepends - ok
18:39:38.0344 0x1558  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:39:38.0366 0x1558  Fs_Rec - ok
18:39:38.0430 0x1558  [ 8EC36B9FD3D25687C3F996200BBB8DED, 7711D8EA638EAF045F6C91C86C98136E8EED81F0B0AABF19984C469F87DDDA68 ] FTDIBUS         C:\WINDOWS\system32\drivers\ftdibus.sys
18:39:38.0442 0x1558  FTDIBUS - ok
18:39:38.0499 0x1558  [ 535AB1F6600D8384145E4A8521194D3F, 570E9D42B3D78E839BDDD96D2051B465E6AEEBC6F1E28DB94EE64F111A7DB18D ] FTSER2K         C:\WINDOWS\system32\drivers\ftser2k.sys
18:39:38.0510 0x1558  FTSER2K - ok
18:39:38.0552 0x1558  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:39:38.0584 0x1558  fvevol - ok
18:39:38.0621 0x1558  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:39:38.0636 0x1558  gagp30kx - ok
18:39:38.0679 0x1558  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:39:38.0719 0x1558  gencounter - ok
18:39:38.0735 0x1558  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
18:39:38.0778 0x1558  genericusbfn - ok
18:39:38.0834 0x1558  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:39:38.0862 0x1558  GPIOClx0101 - ok
18:39:38.0953 0x1558  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:39:39.0039 0x1558  gpsvc - ok
18:39:39.0056 0x1558  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
18:39:39.0089 0x1558  GpuEnergyDrv - ok
18:39:39.0171 0x1558  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:39:39.0194 0x1558  gupdate - ok
18:39:39.0203 0x1558  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:39:39.0217 0x1558  gupdatem - ok
18:39:39.0260 0x1558  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:39:39.0292 0x1558  HDAudBus - ok
18:39:39.0314 0x1558  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:39:39.0354 0x1558  HidBatt - ok
18:39:39.0404 0x1558  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:39:39.0424 0x1558  HidBth - ok
18:39:39.0474 0x1558  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:39:39.0503 0x1558  hidi2c - ok
18:39:39.0526 0x1558  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
18:39:39.0542 0x1558  hidinterrupt - ok
18:39:39.0565 0x1558  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:39:39.0598 0x1558  HidIr - ok
18:39:39.0638 0x1558  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:39:39.0669 0x1558  hidserv - ok
18:39:39.0716 0x1558  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:39:39.0739 0x1558  HidUsb - ok
18:39:39.0801 0x1558  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:39:39.0849 0x1558  HomeGroupListener - ok
18:39:39.0898 0x1558  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:39:39.0943 0x1558  HomeGroupProvider - ok
18:39:39.0996 0x1558  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:39:40.0031 0x1558  HpSAMD - ok
18:39:40.0053 0x1558  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
18:39:40.0062 0x1558  htcnprot - ok
18:39:40.0114 0x1558  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:39:40.0160 0x1558  HTTP - ok
18:39:40.0214 0x1558  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:39:40.0227 0x1558  hwpolicy - ok
18:39:40.0268 0x1558  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:39:40.0310 0x1558  hyperkbd - ok
18:39:40.0331 0x1558  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:39:40.0380 0x1558  i8042prt - ok
18:39:40.0421 0x1558  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
18:39:40.0440 0x1558  iai2c - ok
18:39:40.0468 0x1558  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
18:39:40.0504 0x1558  iaLPSS2i_I2C - ok
18:39:40.0525 0x1558  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:39:40.0553 0x1558  iaLPSSi_GPIO - ok
18:39:40.0601 0x1558  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:39:40.0669 0x1558  iaLPSSi_I2C - ok
18:39:40.0720 0x1558  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\WINDOWS\system32\drivers\iaStor.sys
18:39:40.0737 0x1558  iaStor - ok
18:39:40.0784 0x1558  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:39:40.0819 0x1558  iaStorAV - ok
18:39:40.0850 0x1558  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:39:40.0876 0x1558  iaStorV - ok
18:39:40.0911 0x1558  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
18:39:40.0937 0x1558  ibbus - ok
18:39:40.0971 0x1558  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
18:39:41.0021 0x1558  icssvc - ok
18:39:41.0091 0x1558  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:39:41.0141 0x1558  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:39:43.0560 0x1558  Detect skipped due to KSN trusted
18:39:43.0561 0x1558  IDriverT - ok
18:39:43.0580 0x1558  IEEtwCollectorService - ok
18:39:43.0671 0x1558  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:39:43.0738 0x1558  IKEEXT - ok
18:39:43.0823 0x1558  [ 0C3CF4B3BAE28E121A1689E3538F8712, 1599785D54E8306872A1DDD8546D316C9B193A85C5AEB37CF956B8C4077B8792 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:39:43.0884 0x1558  IntcAzAudAddService - ok
18:39:43.0934 0x1558  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:39:43.0947 0x1558  intelide - ok
18:39:43.0963 0x1558  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:39:43.0978 0x1558  intelpep - ok
18:39:43.0999 0x1558  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:39:44.0019 0x1558  intelppm - ok
18:39:44.0039 0x1558  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
18:39:44.0076 0x1558  IoQos - ok
18:39:44.0092 0x1558  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:39:44.0113 0x1558  IpFilterDriver - ok
18:39:44.0203 0x1558  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:39:44.0279 0x1558  iphlpsvc - ok
18:39:44.0303 0x1558  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:39:44.0351 0x1558  IPMIDRV - ok
18:39:44.0400 0x1558  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:39:44.0437 0x1558  IPNAT - ok
18:39:44.0451 0x1558  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:39:44.0480 0x1558  IRENUM - ok
18:39:44.0525 0x1558  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:39:44.0557 0x1558  isapnp - ok
18:39:44.0584 0x1558  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:39:44.0606 0x1558  iScsiPrt - ok
18:39:44.0621 0x1558  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:39:44.0636 0x1558  kbdclass - ok
18:39:44.0660 0x1558  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:39:44.0695 0x1558  kbdhid - ok
18:39:44.0731 0x1558  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
18:39:44.0762 0x1558  kdnic - ok
18:39:44.0773 0x1558  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:39:44.0788 0x1558  KeyIso - ok
18:39:44.0796 0x1558  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:39:44.0813 0x1558  KSecDD - ok
18:39:44.0849 0x1558  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:39:44.0867 0x1558  KSecPkg - ok
18:39:44.0916 0x1558  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:39:44.0946 0x1558  ksthunk - ok
18:39:44.0999 0x1558  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:39:45.0062 0x1558  KtmRm - ok
18:39:45.0107 0x1558  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:39:45.0152 0x1558  LanmanServer - ok
18:39:45.0197 0x1558  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:39:45.0243 0x1558  LanmanWorkstation - ok
18:39:45.0283 0x1558  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
18:39:45.0319 0x1558  lfsvc - ok
18:39:45.0328 0x1558  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
18:39:45.0365 0x1558  LicenseManager - ok
18:39:45.0416 0x1558  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
18:39:45.0449 0x1558  lltdio - ok
18:39:45.0505 0x1558  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:39:45.0551 0x1558  lltdsvc - ok
18:39:45.0591 0x1558  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:39:45.0633 0x1558  lmhosts - ok
18:39:45.0683 0x1558  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:39:45.0699 0x1558  LSI_SAS - ok
18:39:45.0711 0x2214  Object required for P2P: [ 55D62DD579231402745ECCDD1E55C6CC ] AvgAMPS
18:39:45.0724 0x1558  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
18:39:45.0741 0x1558  LSI_SAS2i - ok
18:39:45.0760 0x1558  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
18:39:45.0776 0x1558  LSI_SAS3i - ok
18:39:45.0794 0x1558  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:39:45.0810 0x1558  LSI_SSS - ok
18:39:45.0875 0x1558  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
18:39:45.0931 0x1558  LSM - ok
18:39:45.0952 0x1558  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:39:45.0986 0x1558  luafv - ok
18:39:46.0011 0x1558  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
18:39:46.0048 0x1558  MapsBroker - ok
18:39:46.0089 0x1558  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:39:46.0104 0x1558  megasas - ok
18:39:46.0135 0x1558  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:39:46.0166 0x1558  megasr - ok
18:39:46.0209 0x1558  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
18:39:46.0247 0x1558  MessagingService - ok
18:39:46.0387 0x1558  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
18:39:46.0423 0x1558  mlx4_bus - ok
18:39:46.0471 0x1558  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
18:39:46.0511 0x1558  MMCSS - ok
18:39:46.0532 0x1558  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:39:46.0562 0x1558  Modem - ok
18:39:46.0574 0x1558  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:39:46.0618 0x1558  monitor - ok
18:39:46.0642 0x1558  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:39:46.0657 0x1558  mouclass - ok
18:39:46.0708 0x1558  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:39:46.0749 0x1558  mouhid - ok
18:39:46.0766 0x1558  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:39:46.0783 0x1558  mountmgr - ok
18:39:46.0842 0x1558  [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:39:46.0870 0x1558  MozillaMaintenance - ok
18:39:46.0911 0x1558  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:39:46.0946 0x1558  mpsdrv - ok
18:39:47.0006 0x1558  [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:39:47.0080 0x1558  MpsSvc - ok
18:39:47.0120 0x1558  [ 2B9A1FF2450BAF7A795941BE471F16EF, DD213BACDAE4E3C4F89BFE54BCE77B2F66D12AA85949147AE8A31049876CAA3E ] MQAC            C:\WINDOWS\system32\drivers\mqac.sys
18:39:47.0172 0x1558  MQAC - ok
18:39:47.0215 0x1558  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:39:47.0252 0x1558  MRxDAV - ok
18:39:47.0301 0x1558  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:39:47.0327 0x1558  mrxsmb - ok
18:39:47.0354 0x1558  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:39:47.0406 0x1558  mrxsmb10 - ok
18:39:47.0427 0x1558  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:39:47.0447 0x1558  mrxsmb20 - ok
18:39:47.0478 0x1558  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
18:39:47.0530 0x1558  MsBridge - ok
18:39:47.0584 0x1558  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:39:47.0620 0x1558  MSDTC - ok
18:39:47.0658 0x1558  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:39:47.0694 0x1558  Msfs - ok
18:39:47.0733 0x1558  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:39:47.0747 0x1558  msgpiowin32 - ok
18:39:47.0768 0x1558  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:39:47.0800 0x1558  mshidkmdf - ok
18:39:47.0848 0x1558  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:39:47.0875 0x1558  mshidumdf - ok
18:39:47.0891 0x1558  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:39:47.0905 0x1558  msisadrv - ok
18:39:47.0953 0x1558  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:39:48.0001 0x1558  MSiSCSI - ok
18:39:48.0007 0x1558  msiserver - ok
18:39:48.0029 0x1558  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
18:39:48.0055 0x1558  MSKSSRV - ok
18:39:48.0076 0x1558  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
18:39:48.0109 0x1558  MsLldp - ok
18:39:48.0157 0x1558  [ 30130E99810283026C5FA2F57A4BB488, 3CF97CC2F63A7CDEA19C8B2DD73EED161309A7C334FF80567C18423F2DA34249 ] MSMQ            C:\WINDOWS\system32\mqsvc.exe
18:39:48.0180 0x2214  Object send P2P result: true
18:39:48.0181 0x2214  Object required for P2P: [ F5EB38E929945BB7B476924F4D61DB4F ] AVGIDSAgent
18:39:48.0207 0x1558  MSMQ - ok
18:39:48.0223 0x1558  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
18:39:48.0257 0x1558  MSPCLOCK - ok
18:39:48.0296 0x1558  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
18:39:48.0312 0x1558  MSPQM - ok
18:39:48.0345 0x1558  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:39:48.0380 0x1558  MsRPC - ok
18:39:48.0389 0x1558  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:39:48.0404 0x1558  mssmbios - ok
18:39:48.0421 0x1558  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
18:39:48.0437 0x1558  MSTEE - ok
18:39:48.0463 0x1558  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:39:48.0494 0x1558  MTConfig - ok
18:39:48.0512 0x1558  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:39:48.0529 0x1558  Mup - ok
18:39:48.0548 0x1558  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:39:48.0564 0x1558  mvumis - ok
18:39:48.0628 0x1558  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:39:48.0681 0x1558  NativeWifiP - ok
18:39:48.0733 0x1558  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:39:48.0784 0x1558  NcaSvc - ok
18:39:48.0810 0x1558  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:39:48.0846 0x1558  NcbService - ok
18:39:48.0853 0x1558  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:39:48.0947 0x1558  NcdAutoSetup - ok
18:39:48.0973 0x1558  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
18:39:48.0989 0x1558  ndfltr - ok
18:39:49.0045 0x1558  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:39:49.0093 0x1558  NDIS - ok
18:39:49.0137 0x1558  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
18:39:49.0178 0x1558  NdisCap - ok
18:39:49.0194 0x1558  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
18:39:49.0235 0x1558  NdisImPlatform - ok
18:39:49.0285 0x1558  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:39:49.0324 0x1558  NdisTapi - ok
18:39:49.0341 0x1558  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
18:39:49.0372 0x1558  Ndisuio - ok
18:39:49.0393 0x1558  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:39:49.0414 0x1558  NdisVirtualBus - ok
18:39:49.0435 0x1558  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
18:39:49.0474 0x1558  NdisWan - ok
18:39:49.0483 0x1558  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:39:49.0507 0x1558  ndiswanlegacy - ok
18:39:49.0545 0x1558  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
18:39:49.0585 0x1558  ndproxy - ok
18:39:49.0604 0x1558  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:39:49.0640 0x1558  Ndu - ok
18:39:49.0661 0x1558  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
18:39:49.0676 0x1558  NetBIOS - ok
18:39:49.0690 0x1558  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:39:49.0742 0x1558  NetBT - ok
18:39:49.0763 0x1558  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:39:49.0778 0x1558  Netlogon - ok
18:39:49.0827 0x1558  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
18:39:49.0873 0x1558  Netman - ok
18:39:49.0972 0x1558  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetMsmqActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:49.0988 0x1558  NetMsmqActivator - ok
18:39:49.0994 0x1558  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetPipeActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:50.0008 0x1558  NetPipeActivator - ok
18:39:50.0095 0x1558  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:39:50.0156 0x1558  netprofm - ok
18:39:50.0199 0x1558  [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
18:39:50.0242 0x1558  NetSetupSvc - ok
18:39:50.0261 0x1558  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpActivator C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:50.0275 0x1558  NetTcpActivator - ok
18:39:50.0283 0x1558  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:39:50.0296 0x1558  NetTcpPortSharing - ok
18:39:50.0353 0x1558  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
18:39:50.0405 0x1558  NgcCtnrSvc - ok
18:39:50.0455 0x1558  [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
18:39:50.0519 0x1558  NgcSvc - ok
18:39:50.0576 0x1558  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:39:50.0623 0x1558  NlaSvc - ok
18:39:50.0642 0x2214  Object send P2P result: true
18:39:50.0643 0x2214  Object required for P2P: [ 2A9380C58B7CD687EB9709086614820D ] Avgmfx64
18:39:50.0673 0x1558  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:39:50.0707 0x1558  Npfs - ok
18:39:50.0850 0x1558  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\WINDOWS\sysWOW64\drivers\npf_devolo.sys
18:39:50.0876 0x1558  NPF_devolo - ok
18:39:50.0892 0x1558  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:39:50.0921 0x1558  npsvctrig - ok
18:39:50.0960 0x1558  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:39:51.0008 0x1558  nsi - ok
18:39:51.0029 0x1558  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:39:51.0054 0x1558  nsiproxy - ok
18:39:51.0191 0x1558  [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
18:39:51.0270 0x1558  NTFS - ok
18:39:51.0317 0x1558  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:39:51.0347 0x1558  Null - ok
18:39:51.0366 0x1558  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:39:51.0383 0x1558  nvraid - ok
18:39:51.0437 0x1558  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:39:51.0487 0x1558  nvstor - ok
18:39:51.0505 0x1558  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:39:51.0524 0x1558  nv_agp - ok
18:39:51.0634 0x1558  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:39:51.0675 0x1558  odserv - ok
18:39:51.0736 0x1558  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
18:39:51.0787 0x1558  OneSyncSvc - ok
18:39:51.0852 0x1558  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:39:51.0864 0x1558  ose - ok
18:39:51.0961 0x1558  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:39:52.0041 0x1558  p2pimsvc - ok
18:39:52.0090 0x1558  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:39:52.0153 0x1558  p2psvc - ok
18:39:52.0178 0x1558  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:39:52.0215 0x1558  Parport - ok
18:39:52.0231 0x1558  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:39:52.0248 0x1558  partmgr - ok
18:39:52.0296 0x1558  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:39:52.0330 0x1558  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
18:39:53.0304 0x2214  Object send P2P result: true
18:39:53.0305 0x2214  Object required for P2P: [ 501D3FE6D8A15FB182983E4EA0C6386B ] avgwd
18:39:54.0744 0x1558  Detect skipped due to KSN trusted
18:39:54.0744 0x1558  PassThru Service - ok
18:39:54.0830 0x1558  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:39:54.0864 0x1558  PcaSvc - ok
18:39:54.0928 0x1558  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:39:54.0964 0x1558  pci - ok
18:39:54.0986 0x1558  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:39:55.0000 0x1558  pciide - ok
18:39:55.0016 0x1558  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:39:55.0033 0x1558  pcmcia - ok
18:39:55.0075 0x1558  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:39:55.0089 0x1558  pcw - ok
18:39:55.0103 0x1558  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:39:55.0119 0x1558  pdc - ok
18:39:55.0187 0x1558  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:39:55.0236 0x1558  PEAUTH - ok
18:39:55.0255 0x1558  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
18:39:55.0271 0x1558  percsas2i - ok
18:39:55.0286 0x1558  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
18:39:55.0302 0x1558  percsas3i - ok
18:39:55.0340 0x1558  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:39:55.0366 0x1558  PerfHost - ok
18:39:55.0406 0x1558  [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect        C:\WINDOWS\system32\DRIVERS\pgeffect.sys
18:39:55.0414 0x1558  PGEffect - ok
18:39:55.0468 0x1558  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
18:39:55.0542 0x1558  PhoneSvc - ok
18:39:55.0585 0x1558  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
18:39:55.0649 0x1558  PimIndexMaintenanceSvc - ok
18:39:55.0740 0x1558  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
18:39:55.0792 0x2214  Object send P2P result: true
18:39:55.0796 0x2214  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
18:39:55.0842 0x1558  pla - ok
18:39:55.0888 0x1558  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:39:55.0914 0x1558  PlugPlay - ok
18:39:55.0964 0x1558  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:39:56.0016 0x1558  PNRPAutoReg - ok
18:39:56.0048 0x1558  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:39:56.0077 0x1558  PNRPsvc - ok
18:39:56.0139 0x1558  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:39:56.0184 0x1558  PolicyAgent - ok
18:39:56.0203 0x1558  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
18:39:56.0235 0x1558  Power - ok
18:39:56.0293 0x1558  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
18:39:56.0317 0x1558  PptpMiniport - ok
18:39:56.0519 0x1558  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:39:56.0809 0x1558  PrintNotify - ok
18:39:56.0881 0x1558  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:39:56.0927 0x1558  Processor - ok
18:39:56.0972 0x1558  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:39:57.0020 0x1558  ProfSvc - ok
18:39:57.0040 0x1558  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
18:39:57.0060 0x1558  Psched - ok
18:39:57.0112 0x1558  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:39:57.0153 0x1558  QWAVE - ok
18:39:57.0203 0x1558  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:39:57.0232 0x1558  QWAVEdrv - ok
18:39:57.0266 0x1558  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:39:57.0309 0x1558  RasAcd - ok
18:39:57.0346 0x1558  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
18:39:57.0381 0x1558  RasAgileVpn - ok
18:39:57.0412 0x1558  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:39:57.0434 0x1558  RasAuto - ok
18:39:57.0470 0x1558  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
18:39:57.0514 0x1558  Rasl2tp - ok
18:39:57.0579 0x1558  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:39:57.0639 0x1558  RasMan - ok
18:39:57.0662 0x1558  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:39:57.0700 0x1558  RasPppoe - ok
18:39:57.0722 0x1558  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
18:39:57.0757 0x1558  RasSstp - ok
18:39:57.0786 0x1558  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:39:57.0814 0x1558  rdbss - ok
18:39:57.0831 0x1558  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:39:57.0853 0x1558  rdpbus - ok
18:39:57.0920 0x1558  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:39:57.0979 0x1558  RDPDR - ok
18:39:58.0007 0x1558  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:39:58.0021 0x1558  RdpVideoMiniport - ok
18:39:58.0050 0x1558  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:39:58.0072 0x1558  rdyboost - ok
18:39:58.0124 0x1558  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
18:39:58.0168 0x1558  ReFSv1 - ok
18:39:58.0228 0x1558  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:39:58.0252 0x2214  Object send P2P result: true
18:39:58.0260 0x2214  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
18:39:58.0283 0x1558  RemoteAccess - ok
18:39:58.0341 0x1558  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:39:58.0383 0x1558  RemoteRegistry - ok
18:39:58.0431 0x1558  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
18:39:58.0514 0x1558  RetailDemo - ok
18:39:58.0548 0x1558  [ 74727B8BF0227820660A79450F2D94EF, 86BC249322A3C63CBC3B532AD86BFDCB5A46A24A767137D02C944B94A899C521 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:39:58.0600 0x1558  RFCOMM - ok
18:39:58.0653 0x1558  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:39:58.0674 0x1558  RpcEptMapper - ok
18:39:58.0719 0x1558  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:39:58.0779 0x1558  RpcLocator - ok
18:39:58.0859 0x1558  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:39:58.0910 0x1558  RpcSs - ok
18:39:58.0962 0x1558  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
18:39:58.0997 0x1558  rspndr - ok
18:39:59.0030 0x1558  [ 8C22F21C924413D4E109995F748E18BB, 021369512F4C8F34458E1CD572B3A7F2F9434CB3EA941EBA8E5525263DB38BD7 ] RSUSBSTOR       C:\WINDOWS\System32\Drivers\RtsUStor.sys
18:39:59.0113 0x1558  RSUSBSTOR - ok
18:39:59.0181 0x1558  [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
18:39:59.0239 0x1558  rt640x64 - ok
18:39:59.0274 0x1558  [ 483C537E69FA97C77F7FE0E2E1C1F102, B5DCC1C669126C558057B328F86071F35B2FF55A0C595A05FC16F2E893BA48E4 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtHDMIVX.sys
18:39:59.0287 0x1558  RTHDMIAzAudService - ok
18:39:59.0369 0x1558  [ 5065AF94871CA7E884F0C9D92073C378, 3868EE0DD6A9FD05FC5EB16FE53F6874A335EB3D46D0B37B2CBDB79A9576DB04 ] rtl8192se       C:\WINDOWS\System32\drivers\rtl8192se.sys
18:39:59.0436 0x1558  rtl8192se - ok
18:39:59.0455 0x1558  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:39:59.0470 0x1558  s3cap - ok
18:39:59.0486 0x1558  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:39:59.0501 0x1558  SamSs - ok
18:39:59.0527 0x1558  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:39:59.0545 0x1558  sbp2port - ok
18:39:59.0593 0x1558  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:39:59.0631 0x1558  SCardSvr - ok
18:39:59.0641 0x1558  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:39:59.0669 0x1558  ScDeviceEnum - ok
18:39:59.0710 0x1558  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:39:59.0738 0x1558  scfilter - ok
18:39:59.0796 0x1558  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:39:59.0872 0x1558  Schedule - ok
18:39:59.0929 0x1558  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:39:59.0984 0x1558  SCPolicySvc - ok
18:40:00.0012 0x1558  [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:40:00.0036 0x1558  sdbus - ok
18:40:00.0080 0x1558  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
18:40:00.0114 0x1558  SDRSVC - ok
18:40:00.0140 0x1558  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:40:00.0157 0x1558  sdstor - ok
18:40:00.0175 0x1558  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:40:00.0220 0x1558  seclogon - ok
18:40:00.0260 0x1558  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
18:40:00.0285 0x1558  SENS - ok
18:40:00.0368 0x1558  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
18:40:00.0476 0x1558  SensorDataService - ok
18:40:00.0511 0x1558  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
18:40:00.0564 0x1558  SensorService - ok
18:40:00.0622 0x1558  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:40:00.0700 0x1558  SensrSvc - ok
18:40:00.0743 0x2214  Object send P2P result: true
18:40:00.0743 0x2214  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ]
         


Alt 11.04.2016, 18:50   #6
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

TDSSKiller File 2. Teil



Code:
ATTFilter
iaLPSS2i_I2C
18:40:00.0752 0x1558  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:40:00.0776 0x1558  SerCx - ok
18:40:00.0800 0x1558  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:40:00.0818 0x1558  SerCx2 - ok
18:40:00.0835 0x1558  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:40:00.0873 0x1558  Serenum - ok
18:40:00.0890 0x1558  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:40:00.0909 0x1558  Serial - ok
18:40:00.0930 0x1558  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:40:00.0959 0x1558  sermouse - ok
18:40:01.0023 0x1558  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:40:01.0072 0x1558  SessionEnv - ok
18:40:01.0131 0x1558  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:40:01.0160 0x1558  sfloppy - ok
18:40:01.0202 0x1558  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:40:01.0261 0x1558  SharedAccess - ok
18:40:01.0333 0x1558  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:40:01.0399 0x1558  ShellHWDetection - ok
18:40:01.0418 0x1558  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:40:01.0433 0x1558  SiSRaid2 - ok
18:40:01.0476 0x1558  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:40:01.0491 0x1558  SiSRaid4 - ok
18:40:01.0536 0x1558  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:40:01.0557 0x1558  SkypeUpdate - ok
18:40:01.0595 0x1558  [ F06D0E0C7CD13DD01DCCBAEB1EBC9283, 6E8C78EE466901650EF4028D6B64F2BF5969C883E8F498E9FAAA3C2A955F0A01 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:40:01.0605 0x1558  SmbDrvI - ok
18:40:01.0646 0x1558  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
18:40:01.0687 0x1558  smphost - ok
18:40:01.0733 0x1558  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
18:40:01.0802 0x1558  SmsRouter - ok
18:40:01.0858 0x1558  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:40:01.0888 0x1558  SNMPTRAP - ok
18:40:01.0936 0x1558  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:40:01.0968 0x1558  spaceport - ok
18:40:01.0988 0x1558  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:40:02.0004 0x1558  SpbCx - ok
18:40:02.0057 0x1558  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:40:02.0117 0x1558  Spooler - ok
18:40:02.0393 0x1558  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:40:02.0743 0x1558  sppsvc - ok
18:40:02.0880 0x1558  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:40:02.0933 0x1558  srv - ok
18:40:02.0953 0x1558  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:40:03.0006 0x1558  srv2 - ok
18:40:03.0018 0x1558  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:40:03.0046 0x1558  srvnet - ok
18:40:03.0170 0x1558  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:40:03.0193 0x2214  Object send P2P result: true
18:40:03.0236 0x1558  SSDPSRV - ok
18:40:03.0292 0x1558  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:40:03.0333 0x1558  SstpSvc - ok
18:40:03.0502 0x1558  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
18:40:03.0707 0x1558  StateRepository - ok
18:40:03.0729 0x1558  Steam Client Service - ok
18:40:03.0746 0x1558  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:40:03.0760 0x1558  stexstor - ok
18:40:03.0825 0x1558  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:40:03.0883 0x1558  stisvc - ok
18:40:03.0937 0x1558  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:40:03.0955 0x1558  storahci - ok
18:40:03.0972 0x1558  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:40:03.0987 0x1558  storflt - ok
18:40:04.0004 0x1558  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:40:04.0020 0x1558  stornvme - ok
18:40:04.0040 0x1558  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
18:40:04.0085 0x1558  storqosflt - ok
18:40:04.0134 0x1558  [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:40:04.0199 0x1558  StorSvc - ok
18:40:04.0239 0x1558  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
18:40:04.0254 0x1558  storufs - ok
18:40:04.0269 0x1558  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:40:04.0286 0x1558  storvsc - ok
18:40:04.0323 0x1558  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:40:04.0364 0x1558  svsvc - ok
18:40:04.0384 0x1558  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:40:04.0398 0x1558  swenum - ok
18:40:04.0425 0x1558  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
18:40:04.0482 0x1558  swprv - ok
18:40:04.0530 0x1558  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
18:40:04.0559 0x1558  Synth3dVsc - ok
18:40:04.0615 0x1558  [ 1C3F9491A1880C43F95A6F675736BF85, 15B47D3583400B8F8A10483B0E0B0228723F8E95750FADE0CACA64BAB48D8C97 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:40:04.0654 0x1558  SynTP - ok
18:40:04.0723 0x1558  [ E1415A51EFD0FB87649954C76BEE32D9, F65B35DE88351CEA4A0DD9CC76EB50EE777F323C4D15EEFCA43321CA4C525FBC ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
18:40:04.0749 0x1558  SynTPEnhService - ok
18:40:04.0827 0x1558  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:40:04.0894 0x1558  SysMain - ok
18:40:04.0972 0x1558  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:40:05.0021 0x1558  SystemEventsBroker - ok
18:40:05.0065 0x1558  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:40:05.0090 0x1558  TabletInputService - ok
18:40:05.0121 0x1558  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:40:05.0167 0x1558  TapiSrv - ok
18:40:05.0282 0x1558  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:40:05.0379 0x1558  Tcpip - ok
18:40:05.0442 0x1558  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
18:40:05.0522 0x1558  Tcpip6 - ok
18:40:05.0655 0x1558  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:40:05.0705 0x1558  tcpipreg - ok
18:40:05.0741 0x1558  [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] TDCMDPST        C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys
18:40:05.0749 0x1558  TDCMDPST - ok
18:40:05.0786 0x1558  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:40:05.0802 0x1558  tdx - ok
18:40:06.0299 0x1558  [ E9D702580349582413503A28F8329B32, 405CEA2DB2B9EE9EF87E454375BEA6A3F6FB30B95BBD9F397129C73D4CCCC282 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
18:40:06.0701 0x1558  TeamViewer - ok
18:40:06.0786 0x1558  [ 1B709733A04DCC41A63F9CD1F76A4EBE, 3973F7BA3CC5395040F68B60950A836D729B487BF7F732D31915064F7DA4C838 ] TemproMonitoringService C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
18:40:06.0817 0x1558  TemproMonitoringService - ok
18:40:06.0868 0x1558  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:40:06.0890 0x1558  terminpt - ok
18:40:06.0979 0x1558  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
18:40:07.0052 0x1558  TermService - ok
18:40:07.0073 0x1558  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
18:40:07.0116 0x1558  Themes - ok
18:40:07.0150 0x1558  [ 93EBCBD28E42875B223C6824AF66DFAA, 681DA2A03A7ABEF97593B45E458A0E2DA671350F3A8741DB6C43F8298DC21FF3 ] Thotkey         C:\WINDOWS\System32\drivers\Thotkey.sys
18:40:07.0160 0x1558  Thotkey - ok
18:40:07.0222 0x1558  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
18:40:07.0279 0x1558  TieringEngineService - ok
18:40:07.0328 0x1558  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
18:40:07.0423 0x1558  tiledatamodelsvc - ok
18:40:07.0462 0x1558  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:40:07.0504 0x1558  TimeBroker - ok
18:40:07.0592 0x1558  [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
18:40:07.0607 0x1558  TMachInfo - ok
18:40:07.0638 0x1558  [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv         C:\Windows\system32\TODDSrv.exe
18:40:07.0649 0x1558  TODDSrv - ok
18:40:07.0731 0x1558  [ 4DB8C79BCEA76063B83B13410366A1F7, 401521222F2E76D6D2E953006EB7C1DBBEA519306B83592DA0031F8ED656CDDE ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
18:40:07.0766 0x1558  TosCoSrv - ok
18:40:07.0812 0x1558  [ 707800855AFBD7648375EFB1519B8D6D, 29B572174C9DE4ACA15B8A5AF27038781DA14A158558A648C9EC5CAF096B60CF ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
18:40:07.0826 0x1558  TOSHIBA eco Utility Service - ok
18:40:07.0883 0x1558  [ DD58E1250F604CBBADDA04575E5E2376, 2A5BF5903BE2CA756124FCC66ED8DFD860EC6B30997962302682BE328F9B1E0F ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
18:40:07.0902 0x1558  TOSHIBA HDD SSD Alert Service - ok
18:40:07.0926 0x1558  [ E54143FA5F4D7D651364EBD2E6C1EECC, 52986D58A5176F57CCD7AD68DAA7A00E4A9F93872425BC6D20113CA50D4C31B3 ] tosrfec         C:\WINDOWS\System32\drivers\tosrfec.sys
18:40:07.0935 0x1558  tosrfec - ok
18:40:07.0977 0x1558  [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64       C:\WINDOWS\system32\drivers\tos_sps64.sys
18:40:08.0008 0x1558  tos_sps64 - ok
18:40:08.0079 0x1558  [ DE64C52BD0671165CF2EEBF2A728A3E2, 201E7D2CD34248AEAB961C87C8481FA1CD253621C5F26C121F5017D422C74288 ] TPCHSrv         C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
18:40:08.0109 0x1558  TPCHSrv - ok
18:40:08.0160 0x1558  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
18:40:08.0179 0x1558  TPM - ok
18:40:08.0225 0x1558  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:40:08.0261 0x1558  TrkWks - ok
18:40:08.0343 0x1558  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:40:08.0376 0x1558  TrustedInstaller - ok
18:40:08.0398 0x1558  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
18:40:08.0466 0x1558  tsusbflt - ok
18:40:08.0506 0x1558  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:40:08.0546 0x1558  TsUsbGD - ok
18:40:08.0571 0x1558  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
18:40:08.0606 0x1558  tunnel - ok
18:40:08.0629 0x1558  [ 63165D1FA4D51838CD8D7AA3CB4E2651, 70500C52A86ED002502EEBC3A40F5F4EEAEF086B9AC8540C9178FDD770E1265C ] TVALZ           C:\WINDOWS\system32\drivers\TVALZ_O.SYS
18:40:08.0640 0x1558  TVALZ - ok
18:40:08.0667 0x1558  [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL         C:\WINDOWS\system32\DRIVERS\TVALZFL.sys
18:40:08.0675 0x1558  TVALZFL - ok
18:40:08.0719 0x1558  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
18:40:08.0752 0x1558  tzautoupdate - ok
18:40:08.0767 0x1558  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:40:08.0783 0x1558  uagp35 - ok
18:40:08.0830 0x1558  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:40:08.0846 0x1558  UASPStor - ok
18:40:08.0865 0x1558  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
18:40:08.0897 0x1558  UcmCx0101 - ok
18:40:08.0912 0x1558  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
18:40:08.0930 0x1558  UcmUcsi - ok
18:40:08.0955 0x1558  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
18:40:08.0975 0x1558  Ucx01000 - ok
18:40:08.0992 0x1558  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
18:40:09.0040 0x1558  UdeCx - ok
18:40:09.0093 0x1558  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:40:09.0129 0x1558  udfs - ok
18:40:09.0167 0x1558  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:40:09.0181 0x1558  UEFI - ok
18:40:09.0226 0x1558  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
18:40:09.0248 0x1558  Ufx01000 - ok
18:40:09.0280 0x1558  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
18:40:09.0296 0x1558  UfxChipidea - ok
18:40:09.0369 0x1558  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
18:40:09.0387 0x1558  ufxsynopsys - ok
18:40:09.0437 0x1558  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:40:09.0478 0x1558  UI0Detect - ok
18:40:09.0498 0x1558  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:40:09.0514 0x1558  uliagpkx - ok
18:40:09.0533 0x1558  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:40:09.0568 0x1558  umbus - ok
18:40:09.0610 0x1558  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:40:09.0640 0x1558  UmPass - ok
18:40:09.0687 0x1558  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:40:09.0714 0x1558  UmRdpService - ok
18:40:09.0802 0x1558  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
18:40:09.0902 0x1558  UnistoreSvc - ok
18:40:10.0012 0x1558  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:40:10.0067 0x1558  upnphost - ok
18:40:10.0083 0x1558  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
18:40:10.0098 0x1558  UrsChipidea - ok
18:40:10.0124 0x1558  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
18:40:10.0139 0x1558  UrsCx01000 - ok
18:40:10.0150 0x1558  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
18:40:10.0165 0x1558  UrsSynopsys - ok
18:40:10.0181 0x1558  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:40:10.0199 0x1558  usbccgp - ok
18:40:10.0239 0x1558  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:40:10.0273 0x1558  usbcir - ok
18:40:10.0315 0x1558  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:40:10.0333 0x1558  usbehci - ok
18:40:10.0350 0x1558  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:40:10.0379 0x1558  usbhub - ok
18:40:10.0421 0x1558  [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:40:10.0452 0x1558  USBHUB3 - ok
18:40:10.0498 0x1558  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:40:10.0526 0x1558  usbohci - ok
18:40:10.0547 0x1558  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:40:10.0565 0x1558  usbprint - ok
18:40:10.0603 0x1558  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
18:40:10.0651 0x1558  usbser - ok
18:40:10.0687 0x1558  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:40:10.0704 0x1558  USBSTOR - ok
18:40:10.0751 0x1558  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:40:10.0786 0x1558  usbuhci - ok
18:40:10.0838 0x1558  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:40:10.0875 0x1558  usbvideo - ok
18:40:10.0889 0x1558  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:40:10.0914 0x1558  USBXHCI - ok
18:40:10.0987 0x1558  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
18:40:11.0076 0x1558  UserDataSvc - ok
18:40:11.0168 0x1558  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
18:40:11.0251 0x1558  UserManager - ok
18:40:11.0300 0x1558  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
18:40:11.0355 0x1558  UsoSvc - ok
18:40:11.0375 0x1558  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:40:11.0391 0x1558  VaultSvc - ok
18:40:11.0401 0x1558  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:40:11.0416 0x1558  vdrvroot - ok
18:40:11.0480 0x1558  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
18:40:11.0549 0x1558  vds - ok
18:40:11.0606 0x1558  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:40:11.0626 0x1558  VerifierExt - ok
18:40:11.0662 0x1558  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:40:11.0697 0x1558  vhdmp - ok
18:40:11.0717 0x1558  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
18:40:11.0734 0x1558  vhf - ok
18:40:11.0754 0x1558  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:40:11.0771 0x1558  vmbus - ok
18:40:11.0786 0x1558  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:40:11.0818 0x1558  VMBusHID - ok
18:40:11.0874 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:40:11.0918 0x1558  vmicguestinterface - ok
18:40:11.0936 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:40:11.0971 0x1558  vmicheartbeat - ok
18:40:11.0986 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:40:12.0020 0x1558  vmickvpexchange - ok
18:40:12.0036 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:40:12.0070 0x1558  vmicrdv - ok
18:40:12.0086 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:40:12.0121 0x1558  vmicshutdown - ok
18:40:12.0136 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:40:12.0170 0x1558  vmictimesync - ok
18:40:12.0185 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
18:40:12.0220 0x1558  vmicvmsession - ok
18:40:12.0236 0x1558  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:40:12.0270 0x1558  vmicvss - ok
18:40:12.0315 0x1558  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:40:12.0338 0x1558  volmgr - ok
18:40:12.0353 0x1558  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:40:12.0380 0x1558  volmgrx - ok
18:40:12.0399 0x1558  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:40:12.0427 0x1558  volsnap - ok
18:40:12.0481 0x1558  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:40:12.0499 0x1558  vpci - ok
18:40:12.0526 0x1558  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:40:12.0548 0x1558  vsmraid - ok
18:40:12.0636 0x1558  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
18:40:12.0719 0x1558  VSS - ok
18:40:12.0771 0x1558  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:40:12.0795 0x1558  VSTXRAID - ok
18:40:12.0927 0x1558  [ 6D76E501E29F743259C87E8CD38DEDCE, 5DE27843DD8D7D124B30629087B92365FAA57407B1139DED6D655F335BB6451F ] vToolbarUpdater40.2.8 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.8\ToolbarUpdater.exe
18:40:12.0994 0x1558  vToolbarUpdater40.2.8 - ok
18:40:13.0044 0x1558  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:40:13.0080 0x1558  vwifibus - ok
18:40:13.0099 0x1558  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
18:40:13.0133 0x1558  vwififlt - ok
18:40:13.0185 0x1558  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
18:40:13.0228 0x1558  W32Time - ok
18:40:13.0306 0x1558  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
18:40:13.0336 0x1558  w3logsvc - ok
18:40:13.0400 0x1558  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] W3SVC           C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:40:13.0450 0x1558  W3SVC - ok
18:40:13.0468 0x1558  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:40:13.0500 0x1558  WacomPen - ok
18:40:13.0552 0x1558  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\WINDOWS\system32\WalletService.dll
18:40:13.0613 0x1558  WalletService - ok
18:40:13.0629 0x1558  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:40:13.0665 0x1558  wanarp - ok
18:40:13.0670 0x1558  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:40:13.0691 0x1558  wanarpv6 - ok
18:40:13.0722 0x1558  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
18:40:13.0759 0x1558  WAS - ok
18:40:13.0852 0x1558  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:40:13.0945 0x1558  wbengine - ok
18:40:13.0994 0x1558  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:40:14.0057 0x1558  WbioSrvc - ok
18:40:14.0112 0x1558  [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:40:14.0155 0x1558  Wcmsvc - ok
18:40:14.0206 0x1558  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:40:14.0259 0x1558  wcncsvc - ok
18:40:14.0277 0x1558  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:40:14.0307 0x1558  WcsPlugInService - ok
18:40:14.0348 0x1558  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:40:14.0364 0x1558  WdBoot - ok
18:40:14.0435 0x1558  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:40:14.0470 0x1558  Wdf01000 - ok
18:40:14.0497 0x1558  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:40:14.0520 0x1558  WdFilter - ok
18:40:14.0559 0x1558  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:40:14.0601 0x1558  WdiServiceHost - ok
18:40:14.0607 0x1558  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:40:14.0633 0x1558  WdiSystemHost - ok
18:40:14.0710 0x1558  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
18:40:14.0764 0x1558  wdiwifi - ok
18:40:14.0780 0x1558  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:40:14.0797 0x1558  WdNisDrv - ok
18:40:14.0817 0x1558  WdNisSvc - ok
18:40:14.0875 0x1558  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:40:14.0907 0x1558  WebClient - ok
18:40:14.0917 0x1558  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:40:14.0945 0x1558  Wecsvc - ok
18:40:14.0966 0x1558  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:40:15.0006 0x1558  WEPHOSTSVC - ok
18:40:15.0052 0x1558  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:40:15.0080 0x1558  wercplsupport - ok
18:40:15.0103 0x1558  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:40:15.0135 0x1558  WerSvc - ok
18:40:15.0160 0x1558  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
18:40:15.0178 0x1558  WFPLWFS - ok
18:40:15.0233 0x1558  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:40:15.0271 0x1558  WiaRpc - ok
18:40:15.0298 0x1558  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:40:15.0313 0x1558  WIMMount - ok
18:40:15.0316 0x1558  WinDefend - ok
18:40:15.0337 0x1660  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
18:40:15.0347 0x1558  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
18:40:15.0366 0x1558  WindowsTrustedRT - ok
18:40:15.0389 0x1558  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
18:40:15.0404 0x1558  WindowsTrustedRTProxy - ok
18:40:15.0473 0x1558  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:40:15.0536 0x1558  WinHttpAutoProxySvc - ok
18:40:15.0589 0x1558  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
18:40:15.0633 0x1558  WinMad - ok
18:40:15.0711 0x1558  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:40:15.0759 0x1558  Winmgmt - ok
18:40:15.0906 0x1558  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:40:16.0086 0x1558  WinRM - ok
18:40:16.0143 0x1558  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
18:40:16.0162 0x1558  WINUSB - ok
18:40:16.0180 0x1558  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
18:40:16.0196 0x1558  WinVerbs - ok
18:40:16.0301 0x1558  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:40:16.0441 0x1558  WlanSvc - ok
18:40:16.0570 0x1558  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:40:16.0697 0x1558  wlidsvc - ok
18:40:16.0724 0x1558  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:40:16.0756 0x1558  WmiAcpi - ok
18:40:16.0817 0x1558  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:40:16.0859 0x1558  wmiApSrv - ok
18:40:16.0883 0x1558  WMPNetworkSvc - ok
18:40:16.0940 0x1558  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:40:16.0960 0x1558  Wof - ok
18:40:17.0064 0x1558  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:40:17.0181 0x1558  workfolderssvc - ok
18:40:17.0231 0x1558  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:40:17.0266 0x1558  wpcfltr - ok
18:40:17.0323 0x1558  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:40:17.0356 0x1558  WPDBusEnum - ok
18:40:17.0382 0x1558  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:40:17.0399 0x1558  WpdUpFltr - ok
18:40:17.0454 0x1558  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
18:40:17.0516 0x1558  WpnService - ok
18:40:17.0535 0x1558  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:40:17.0554 0x1558  ws2ifsl - ok
18:40:17.0601 0x1558  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:40:17.0642 0x1558  wscsvc - ok
18:40:17.0692 0x1558  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:40:17.0715 0x1558  WSDPrintDevice - ok
18:40:17.0727 0x1558  WSearch - ok
18:40:17.0783 0x1660  Object send P2P result: true
18:40:17.0793 0x1660  Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
18:40:17.0874 0x1558  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\WINDOWS\System32\WSService.dll
18:40:18.0121 0x1558  WSService - ok
18:40:18.0204 0x1558  [ 1AB42ABF8BE9C2B7B7B8B3A6234A4C15, 1D23E07E9390A922A308EB3205A9DDA6697BBC2953E8DCC691B4D0BCD15ECEB8 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
18:40:18.0247 0x1558  WtuSystemSupport - ok
18:40:18.0384 0x1558  [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:40:18.0510 0x1558  wuauserv - ok
18:40:18.0561 0x1558  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:40:18.0581 0x1558  WudfPf - ok
18:40:18.0591 0x1558  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
18:40:18.0617 0x1558  WUDFRd - ok
18:40:18.0662 0x1558  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:40:18.0685 0x1558  wudfsvc - ok
18:40:18.0696 0x1558  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:40:18.0721 0x1558  WUDFWpdFs - ok
18:40:18.0731 0x1558  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:40:18.0756 0x1558  WUDFWpdMtp - ok
18:40:18.0831 0x1558  [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:40:18.0922 0x1558  WwanSvc - ok
18:40:18.0986 0x1558  [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
18:40:19.0047 0x1558  XblAuthManager - ok
18:40:19.0114 0x1558  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
18:40:19.0193 0x1558  XblGameSave - ok
18:40:19.0239 0x1558  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
18:40:19.0279 0x1558  xboxgip - ok
18:40:19.0361 0x1558  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
18:40:19.0440 0x1558  XboxNetApiSvc - ok
18:40:19.0472 0x1558  [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
18:40:19.0490 0x1558  xinputhid - ok
18:40:19.0495 0x1558  ================ Scan global ===============================
18:40:19.0559 0x1558  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
18:40:19.0607 0x1558  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
18:40:19.0652 0x1558  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
18:40:19.0683 0x1558  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
18:40:19.0696 0x1558  [ Global ] - ok
18:40:19.0696 0x1558  ================
         
Laut TDSSKiller "no threats found"...

Alt 11.04.2016, 22:31   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Und warum lässt Du den auf den PC? Das mit Teamviewer kann durchaus sein, man kann den PC auch neu starten und wird automatisch verbunden. Das siehst aber ja, ob Teamviewer läuft. Bei sowas kann man aber nur durch Neuinstallation ganz sicher sein.

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 12.04.2016, 19:41   #8
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Ich musste das Steuergerät umprogrammieren im Auto und dabei wollte er mir helfen (kannte ich nur über ein BMW-Forum). Folgende Frage hab ich da noch: Er hatte mir am nächsten Tag geschrieben, ob ich zu hause bin und ob ich meinen Laptop zur Hand hab. Ich hab dann geantwortet, dass ich arbeite und der Laptop zu hause liegt. Im Nachhinein kam mir auch das komisch vor...ist es möglich, dass er sich da nochmal in meinem Laptop eingeloggt hat, ohne dass ich dabei war?
Danke für deine Geduld mit mir!

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7
# end=init
# utc_time=2016-04-12 12:26:16
# local_time=2016-04-12 02:26:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29024
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7
# end=updated
# utc_time=2016-04-12 12:29:32
# local_time=2016-04-12 02:29:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c4fc1a08db6b164fa9ddf73e112dc0d7
# engine=29024
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-12 03:24:04
# local_time=2016-04-12 05:24:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 14248132 15162608 0 0
# scanned=294904
# found=10
# cleaned=0
# scan_time=10470
sh=C1C66AA7FFD537DF1720DD63E3BE4E009B0793F2 ft=1 fh=c25b5c4dff3942af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\AppData\Local\Temp\DMR\dmr_72.exe"
sh=69948DCD1A77D2488CFE067BBEDBFE992C94408F ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\1e87da46595dd36f9638122cdf2e0615\wz200gev-64.msi"
sh=781EBA75216AA639D2CC169EBFF940B61B9ACB99 ft=1 fh=ef3ad0c39b26277d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\7 Zip 32 Bit - CHIP-Installer.exe"
sh=1DFC5F6F64CB56D04C3EEA5DA32EC43E58EB72A7 ft=1 fh=29ea6a66be887c11 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\ashampoo_winoptimizer_6_6.60_7593.exe"
sh=76CF07C34A14B678F90FE088AC10A3F3F3D116A4 ft=1 fh=a2037e15ee781fd2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\HijackThis - CHIP-Installer.exe"
sh=975FA954A83707F4A8342E88DD9DC63D97ADD42D ft=1 fh=4b7f987a63c09f77 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\pSX1.13 - CHIP-Installer.exe"
sh=B6BC8BFD7315AD0A3B8643A20C7945F661560F18 ft=1 fh=589cede5bc25aab1 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\Spotify - CHIP-Installer.exe"
sh=AD814750DE5587910E97D72B933CE50D49AD5AEE ft=1 fh=48346e2f0aa83648 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\TeamViewer - CHIP-Installer.exe"
sh=9A030E4181F215768B7B27315FC10B1AEC88E618 ft=1 fh=cbbb12d67d6f65b9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Martin\Downloads\WinZip 64 Bit - CHIP-Installer.exe"
sh=69948DCD1A77D2488CFE067BBEDBFE992C94408F ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\1055b5.msi"
         

Alt 12.04.2016, 23:48   #9
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



Malware ist da keine.

Zitat:
ist es möglich, dass er sich da nochmal in meinem Laptop eingeloggt hat, ohne dass ich dabei war?
Nicht unmöglich, aber unwahrscheinlich.
Wie gesagt, hat man direkten Zugriff auf den PC kann man viel machen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 13.04.2016, 18:42   #10
sourKraut135
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



ok...und Spyware auch nicht?
was mache ich denn jetzt mit den infizierten Dateien? hab AVG aufm PC, soll ich alle Dateien damit vernichten?

Alt 14.04.2016, 11:54   #11
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Standard

Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer



CHIP-Installer - was ist das? - Anleitungen

Die Funde kannst Du löschen.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer
adobe, adobe flash player, alert, avg, bho, cid, defender, explorer, flash player, google, hack?, helper, hijack, hijack auswertung, hijackthis, hängt, internet, internet explorer, logfile, malware, malware / spyware, mozilla, performance, secure search, senden, software, spyware, temp, windows



Ähnliche Themen: Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer


  1. Linux Mint wurde über WordPress gehackt – und zwar gleich doppelt
    Nachrichten - 24.02.2016 (0)
  2. Wurde mein Mail Account gehackt?
    Plagegeister aller Art und deren Bekämpfung - 20.12.2014 (23)
  3. Schreiben von Telekom, dass Port 25 wegen Verdacht auf SPAM Mails eingeschränkt wurde
    Log-Analyse und Auswertung - 13.01.2014 (9)
  4. Mein Mailaccount wurde gehackt
    Plagegeister aller Art und deren Bekämpfung - 13.12.2013 (17)
  5. mein pc wurde gehackt
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (1)
  6. Mein PC wurde gehackt.
    Plagegeister aller Art und deren Bekämpfung - 02.06.2013 (7)
  7. Vor kurzem wurde mein Pc gehackt !
    Log-Analyse und Auswertung - 04.05.2012 (10)
  8. Wurde über Handy der web.de Account gehackt?
    Plagegeister aller Art und deren Bekämpfung - 07.12.2011 (1)
  9. wurde ich gehackt.. verdacht auf troja/keylogger
    Plagegeister aller Art und deren Bekämpfung - 15.02.2011 (1)
  10. Wurde mein MSN Konto gehackt?
    Alles rund um Windows - 28.01.2011 (1)
  11. PC wurde von profi gehackt, wie weiß ich nach dass er zugriff hatte ? log file ? etc
    Überwachung, Datenschutz und Spam - 05.11.2010 (2)
  12. Mein pc Wurde Wahrscheinlich gehackt!
    Netzwerk und Hardware - 14.04.2010 (8)
  13. Mein MSN wurde gehackt!!!
    Log-Analyse und Auswertung - 09.08.2009 (12)
  14. wurde mein msn account gehackt???
    Mülltonne - 05.04.2008 (0)
  15. Wurde über icq gehackt
    Log-Analyse und Auswertung - 03.02.2008 (4)
  16. Wurde mein Board gehackt?
    Plagegeister aller Art und deren Bekämpfung - 06.01.2008 (5)
  17. SE515 --> mein Router wurde gehackt ?!
    Plagegeister aller Art und deren Bekämpfung - 08.07.2007 (1)

Zum Thema Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer - Hallo community, ich habe den Verdacht, dass mein Laptop (Windows 10) gehackt wurde bzw dass jmnd. unerlaubt Zugriff darauf hatte und evtl. Malware oder Spyware installiert hat. Muss aber dazu - Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer...
Archiv
Du betrachtest: Verdacht, dass mein PC gehackt wurde, evtl. über TeamViewer auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.