Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: W7 DHCP & DNS Problem und langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 14.05.2018, 16:06   #1
spiderx
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Hallo Zusammen,
ich hatte folgende Ausgangslage: Eingeschränkte Internet Verbindung. D.h. Mailempfang war möglich aber das Aufrufen eines Links aus einer Mail führt immer zu einem "Page not Found Fehler" im Browser. Beim Suchen via Google (aus IE, Chrome, und FF), konnten aus der Ergebnisliste nur solche Treffer erreicht werden die offensichtlich auf IP6 unterstützen IP4 waren nicht erreichtbar.

JRT hat wie ADWCleaner gefunden (die Logs kommen nachfolgend).

Da mein Carrier den Router upgedated hatte, habe ich den Fehler dort vermutet. Der Service hat, nach Tests, den Router getauscht und 2 Tage lang war alles ok.

Jetzt bekommt mein System vom Router via DHCP wieder keinen DNS Server zugewiesen. Ich habe jetzt die IP-Konfiguration feste eingestellt inkl. Gateway (der Router) und DNS (8.8.8.8). Ich hänge den die Logs von Faber hier auch an, in der Hoffnung das jeman dort etwas verdächtiges findet. gruesse spiderx
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 7 Home Premium x64 
Ran by Richard (Administrator) on 03.05.2018 at 20:33:55,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 68 

Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FDR42LR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1CKUKIEI (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY3YT0J (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OY6GQTJ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EBO2OKX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O4HTK6C (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RVUCH2L (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91JA6F9X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAXZGPBW (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLL6QA72 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMAOVPY7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFUPM5ZA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2FJIURV (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECZ1E9XK (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZG97NMF (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ILL16DD3 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCWNOOF4 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JOB6KAR9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LU2H7R7X (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQ3ED874 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTS0NRHB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7N15HHZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4ZU28I7 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOBJWLFC (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7A7N67I (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMAG16RR (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XH3ED7EX (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YEX8QOPT (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZL5INMT1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLK6N3L2 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0FDR42LR (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1CKUKIEI (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY3YT0J (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OY6GQTJ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3EBO2OKX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3O4HTK6C (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8RVUCH2L (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91JA6F9X (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AAXZGPBW (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BLL6QA72 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BMAOVPY7 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DFUPM5ZA (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E2FJIURV (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECZ1E9XK (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GZG97NMF (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ILL16DD3 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JCWNOOF4 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JOB6KAR9 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LU2H7R7X (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MQ3ED874 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NTS0NRHB (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q7N15HHZ (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\R4ZU28I7 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SOBJWLFC (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W7A7N67I (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WMAG16RR (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XH3ED7EX (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YEX8QOPT (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZL5INMT1 (Temporary Internet Files Folder) 
Successfully deleted: C:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZLK6N3L2 (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.05.2018 at 20:38:19,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-02.2
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    05-04-2018
# Duration: 00:00:27
# OS:       Windows 7 Home Premium
# Scanned:  40818
# Detected: 2


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy             HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Legacy             MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
         
Code:
ATTFilter
# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build:    04-27-2018
# Database: 2018-05-02.2
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    05-04-2018
# Duration: 00:00:04
# OS:       Windows 7 Home Premium
# Cleaned:  2
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted       HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

***** [ Chromium (and derivatives) ] *****

Deleted       MSN Homepage & Bing Search Engine

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Prefetch
[+] Delete Tracing Keys
[+] Reset Chromium Policies
[+] Reset IE Policies
[+] Reset Proxy Settings
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 12.05.2018
durchgeführt von Richard (Administrator) auf RICHARD-PC (14-05-2018 14:32:17)
Gestartet von C:\Users\Richard\Desktop
Geladene Profile: Richard (Verfügbare Profile: Richard & x.richard & x.jan)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
(© 2015 Microsoft Corporation) C:\Users\Richard\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(JME) C:\Program Files (x86)\jmesoft\hotkey.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Dropbox, Inc.) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(SourceForge.net) C:\Program Files (x86)\Password Safe\pwsafe.exe
(Dropbox, Inc.) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11780712 2011-02-24] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\windows\SysWOW64\UMonit.exe [40960 2010-01-21] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] => C:\Program Files (x86)\jmesoft\hotkey.exe [114688 2009-07-16] (JME)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [385024 2009-09-05] (shbox.de)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-10] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\Run: [Dropbox Update] => C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\Run: [BingSvc] => C:\Users\Richard\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\RunOnce: [Uninstall C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64] => C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\MountPoints2: {89386ef8-0b9d-11e2-a564-1078d272dd0e} - E:\Startme.exe
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\MountPoints2: {be0ca26c-a953-11e1-9df3-1078d272dd0e} - E:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OfficeManager Terminerinnerung.lnk [2011-11-15]
ShortcutTarget: OfficeManager Terminerinnerung.lnk -> C:\Program Files (x86)\TVG\Gelbe Seiten Deutschland\win32\officemanager\OMAlarm.exe (Keine Datei)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2017-07-04]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Backup and Sync from Google.lnk [2018-05-03]
ShortcutTarget: Backup and Sync from Google.lnk -> C:\Program Files\Google\Drive\googledrivesync.exe ()
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-04-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Mozilla Thunderbird.lnk [2014-06-02]
ShortcutTarget: Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk [2013-01-28]
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe (Keine Datei)
Startup: C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Password Safe.lnk [2011-07-08]
ShortcutTarget: Password Safe.lnk -> C:\Program Files (x86)\Password Safe\pwsafe.exe (SourceForge.net)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\..\Interfaces\{2DBB7BE3-E2E0-4750-BD6C-8D271380517E}: [NameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxps://calendar.google.com/calendar/render?tab=wc&pli=1#main_7
hxxps://drive.google.com/drive/my-drive
SearchScopes: HKLM -> DefaultScope Wert fehlt
SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
SearchScopes: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001 -> DefaultScope {EB5A7054-2264-43F7-83BE-E79EC7E27671} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001 -> {3E95591C-DD59-490A-8E65-F3BCF201CE07} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001 -> {8220431C-6D1B-4647-9BE4-419CDFFF230F} URL = hxxp://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001 -> {EB5A7054-2264-43F7-83BE-E79EC7E27671} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2018-03-02] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2018-03-02] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2018-03-02] (Microsoft Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2018-03-02] (Microsoft Corporation)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1309253207680
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-12-04] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pyy3vzc4.default [2018-05-14]
FF Homepage: Mozilla\Firefox\Profiles\pyy3vzc4.default -> hxxps://www.google.de/
FF NewTab: Mozilla\Firefox\Profiles\pyy3vzc4.default -> about:home
FF NetworkProxy: Mozilla\Firefox\Profiles\pyy3vzc4.default -> type", 4
FF SearchPlugin: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\pyy3vzc4.default\searchplugins\bing-.xml [2016-05-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [Keine Datei]
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [Keine Datei]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR DefaultSuggestURL: Default -> hxxp://www.bing.com/osjson.aspx?FORM=__PARAM__DF&PC=__PARAM__&query={searchTerms}
CHR Profile: C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default [2018-05-14]
CHR Extension: (Google Drive) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-15]
CHR Extension: (YouTube) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-05]
CHR Extension: (Google-Suche) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-10]
CHR Extension: (Avira Browserschutz) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-19]
CHR Extension: (Google Docs Offline) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Yahoo Partner) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdmjodecdegfglgaapafjleomjjlpnh [2018-05-02]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Google Mail) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-03]
CHR Extension: (Chrome Media Router) - C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-02]
CHR HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Richard\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2016-03-15]
CHR HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpdmjodecdegfglgaapafjleomjjlpnh] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-07] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-07] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058392 2017-12-12] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-26] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [199496 2018-05-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [154168 2018-05-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-29] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-29] (Avira Operations GmbH & Co. KG)
S3 RTL8023x64; C:\windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
S3 s0016bus; C:\windows\System32\DRIVERS\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\windows\System32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\windows\System32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\windows\System32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\windows\System32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\windows\System32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\windows\System32\DRIVERS\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 USTOR2K; C:\windows\System32\DRIVERS\ustor2k.sys [52224 2010-02-22] (Genesys Logic)
S1 [verify-U]_System; system32\drivers\[verify-U]-driver.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-14 14:32 - 2018-05-14 14:34 - 000020002 _____ C:\Users\Richard\Desktop\FRST.txt
2018-05-14 14:14 - 2018-05-14 14:14 - 000054458 _____ C:\windows\system32\sfcdetails.txt
2018-05-14 13:59 - 2018-05-14 13:59 - 002404864 _____ (Farbar) C:\Users\Richard\Desktop\FRST64.exe
2018-05-14 13:55 - 2018-05-14 13:56 - 047475320 _____ (Microsoft Corporation) C:\Users\Richard\Downloads\Windows-KB890830-x64-V5.60.exe
2018-05-14 12:50 - 2018-05-14 12:50 - 000003840 _____ C:\Users\x.jan\Documents\cc_20180514_125046.reg
2018-05-14 12:48 - 2018-05-14 12:48 - 000001268 _____ C:\Users\x.jan\Desktop\Revo Uninstaller.lnk
2018-05-14 12:48 - 2018-05-14 12:48 - 000000000 ____D C:\Users\x.jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-05-14 12:47 - 2018-05-14 12:47 - 000012106 _____ C:\Users\x.jan\Documents\cc_20180514_124723.reg
2018-05-14 12:45 - 2018-05-14 12:46 - 000000000 ____D C:\Users\x.jan\Documents\Audible
2018-05-14 12:17 - 2018-05-14 12:17 - 001024494 _____ C:\Users\x.jan\Documents\cc_20180514_121729.reg
2018-05-14 12:17 - 2018-05-14 12:17 - 000001072 _____ C:\Users\x.jan\Documents\cc_20180514_121752.reg
2018-05-10 14:36 - 2018-05-10 14:36 - 001278077 _____ C:\Users\Richard\Documents\Scan0048.pdf
2018-05-10 12:59 - 2018-05-10 12:59 - 000001345 _____ C:\Users\Richard\Desktop\BRAINWAVES INNOVATIONEN.html
2018-05-10 12:58 - 2018-05-10 12:59 - 000000000 ____D C:\Users\Richard\Desktop\BRAINWAVES INNOVATIONEN_files
2018-05-06 11:39 - 2018-05-04 14:18 - 007271632 _____ (Malwarebytes) C:\Users\Richard\Desktop\adwcleaner_7.1.1.exe
2018-05-04 16:53 - 2018-05-14 14:33 - 000000000 ____D C:\Users\Richard\Desktop\jans werkzeug nicht löschen
2018-05-04 16:04 - 2018-05-14 12:49 - 000000000 ____D C:\Users\x.jan\AppData\LocalLow\Mozilla
2018-05-04 15:44 - 2018-05-04 15:44 - 000000000 ____D C:\Program Files (x86)\ESET
2018-05-04 14:50 - 2018-05-14 12:49 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-05-04 14:36 - 2018-05-14 13:57 - 141696960 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2018-05-04 14:23 - 2018-05-04 14:25 - 000000000 ____D C:\AdwCleaner
2018-05-04 11:50 - 2018-05-14 14:32 - 000000000 ____D C:\FRST
2018-05-03 22:28 - 2018-05-03 22:28 - 000868422 _____ C:\Users\Richard\Desktop\Einkaufsführer Museumsbund.eml
2018-05-03 18:05 - 2018-05-14 12:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-03 18:05 - 2018-05-03 18:05 - 000000000 ____D C:\Program Files\Malwarebytes
2018-05-03 17:31 - 2018-05-04 15:28 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-05-03 17:31 - 2018-05-03 17:31 - 000255928 _____ (Malwarebytes) C:\windows\system32\Drivers\21210282.sys
2018-04-27 17:16 - 2018-04-27 17:16 - 005413965 _____ C:\Users\Richard\Desktop\MDK Medizinischer Dienst, Bericht.pdf
2018-04-27 17:00 - 2018-04-27 17:00 - 006380476 _____ C:\Users\Richard\Desktop\Artzbriefe.pdf
2018-04-27 16:12 - 2018-04-27 16:12 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-04-16 11:52 - 2018-04-16 11:53 - 000000000 ____D C:\Users\Richard\Desktop\Personal
2018-04-16 11:41 - 2018-04-16 11:45 - 000000000 ____D C:\Users\Richard\Desktop\Aachen Münchener Vers
2018-04-16 11:37 - 2018-05-11 17:45 - 000000000 ____D C:\Users\Richard\Desktop\Artwave
2018-04-16 11:35 - 2018-04-23 12:04 - 000000000 ____D C:\Users\Richard\Desktop\Bilder von Artwave
2018-04-16 11:25 - 2018-04-16 11:39 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2018-05-14 14:33 - 2017-05-16 09:29 - 000000000 ____D C:\Users\Richard\AppData\LocalLow\Mozilla
2018-05-14 14:26 - 2009-07-14 06:45 - 000017360 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-05-14 14:26 - 2009-07-14 06:45 - 000017360 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-05-14 14:25 - 2017-05-16 09:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-05-14 14:25 - 2012-05-27 09:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-14 14:24 - 2016-03-15 16:30 - 000000000 ___RD C:\Users\Richard\Google Drive
2018-05-14 14:22 - 2011-07-08 16:01 - 000000000 ____D C:\Users\Richard\AppData\Local\PasswordSafe
2018-05-14 14:17 - 2017-12-04 18:01 - 000003292 _____ C:\windows\System32\Tasks\Avira_Antivirus_Systray
2018-05-14 14:17 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-05-14 14:16 - 2011-03-28 08:56 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-05-14 14:01 - 2015-06-19 10:17 - 000001232 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001UA.job
2018-05-14 13:56 - 2011-03-31 15:27 - 141696960 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-05-14 13:43 - 2011-03-28 13:45 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Mozilla
2018-05-14 13:07 - 2011-03-31 09:24 - 000000000 ____D C:\Users\Richard\AppData\Local\ElevatedDiagnostics
2018-05-14 13:07 - 2009-07-14 05:20 - 000000000 ____D C:\windows\system32\NDF
2018-05-14 12:50 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-05-14 12:48 - 2016-04-05 12:52 - 000000000 ____D C:\Program Files (x86)\VS Revo Group
2018-05-14 12:37 - 2015-11-05 13:39 - 000000000 ____D C:\ProgramData\InstallShield
2018-05-14 12:33 - 2011-03-28 14:25 - 000000000 ____D C:\ProgramData\Skype
2018-05-14 12:19 - 2014-04-29 21:24 - 000000000 ____D C:\windows\pss
2018-05-14 12:15 - 2013-02-08 11:41 - 000002794 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-05-14 12:12 - 2011-03-28 16:53 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Skype
2018-05-14 10:01 - 2012-02-17 17:30 - 000003946 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{CF352C0D-764A-4B2C-A95E-07DD82E18C90}
2018-05-11 17:33 - 2013-06-14 09:54 - 000000000 ____D C:\Users\Richard\Desktop\RN lampen
2018-05-10 13:36 - 2014-02-24 10:51 - 000000000 ____D C:\Users\Richard\AppData\Local\Windows Live
2018-05-09 16:01 - 2015-06-19 10:17 - 000001180 _____ C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001Core.job
2018-05-07 11:04 - 2013-05-10 11:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-07 11:00 - 2017-09-09 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-07 10:57 - 2016-04-20 13:58 - 000199496 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2018-05-07 10:57 - 2016-04-20 13:58 - 000154168 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2018-05-04 15:43 - 2012-10-01 11:01 - 000000000 ____D C:\ProgramData\Sony Ericsson
2018-05-04 15:42 - 2012-10-01 11:01 - 000000000 ____D C:\Program Files (x86)\Sony Ericsson
2018-05-04 15:38 - 2012-07-27 10:17 - 003331072 ___SH C:\Users\Richard\Desktop\Thumbs.db
2018-05-04 15:23 - 2010-10-28 18:26 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-05-04 15:17 - 2013-05-10 11:05 - 000000000 ____D C:\Program Files (x86)\Avira
2018-05-04 15:16 - 2013-05-10 11:05 - 000000000 ____D C:\ProgramData\Avira
2018-05-04 14:51 - 2011-03-28 02:56 - 000000000 ____D C:\Users\Richard\AppData\Local\VirtualStore
2018-05-04 14:50 - 2011-03-31 15:40 - 000000000 ____D C:\Program Files\CCleaner
2018-05-03 21:19 - 2010-10-28 17:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-05-03 21:17 - 2011-06-28 10:44 - 000000000 ____D C:\Program Files (x86)\Adobe
2018-05-03 21:15 - 2011-04-05 15:44 - 000000000 ____D C:\Users\Richard\AppData\Roaming\klickTel
2018-05-03 21:15 - 2011-04-05 15:33 - 000000140 _____ C:\windows\ktel.ini
2018-05-03 21:15 - 2010-10-28 18:23 - 000000000 ____D C:\Program Files\Lenovo
2018-05-03 21:15 - 2010-10-28 17:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 21:14 - 2011-03-28 02:58 - 000000000 ____D C:\Users\Richard\AppData\Local\Lenovo
2018-05-03 21:12 - 2014-06-07 14:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sirona
2018-05-03 21:12 - 2011-05-02 13:57 - 000000000 ____D C:\Users\Richard\AppData\Roaming\CD-LabelPrint
2018-05-03 21:00 - 2010-10-28 18:28 - 000000000 ____D C:\ProgramData\CyberLink
2018-05-03 21:00 - 2010-10-28 17:49 - 000000000 ____D C:\Program Files (x86)\Lenovo
2018-05-03 20:59 - 2011-04-13 13:45 - 000000000 ____D C:\Users\x.richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 20:59 - 2011-03-28 03:01 - 000000000 ____D C:\Users\x.jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 20:59 - 2011-03-28 02:56 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 20:59 - 2010-10-28 18:27 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 20:59 - 2010-10-28 18:27 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-05-03 20:58 - 2014-04-29 21:05 - 000000000 ____D C:\Program Files (x86)\Java
2018-05-02 12:31 - 2013-09-02 17:10 - 000002216 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-04-27 16:13 - 2011-07-08 15:55 - 000000000 ____D C:\Users\Richard\AppData\Roaming\Dropbox
2018-04-27 16:07 - 2014-08-07 12:29 - 000000000 ____D C:\ProgramData\Package Cache
2018-04-25 16:22 - 2015-01-22 17:40 - 000000000 ____D C:\Users\Richard\Desktop\privat
2018-04-23 12:10 - 2011-04-29 17:13 - 000000000 ____D C:\Users\Richard\AppData\Local\FreePDF_XP
2018-04-16 11:54 - 2017-08-11 18:06 - 000000000 ____D C:\Users\Richard\Desktop\Infos
2018-04-16 11:51 - 2014-05-13 17:36 - 000000000 ____D C:\Users\Richard\Desktop\Shopwaves
2018-04-16 11:46 - 2016-04-04 18:02 - 000000000 ____D C:\Users\Richard\Desktop\Wieczorek
2018-04-16 11:42 - 2017-08-11 17:58 - 000000000 ____D C:\Users\Richard\Desktop\Abgasreinigung

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-10-28 18:26 - 2010-10-28 18:26 - 001914000 _____ (Adobe Systems Incorporated) C:\ProgramData\flashax10.exe
2011-03-31 09:26 - 2011-03-31 09:26 - 000000109 _____ () C:\Users\Richard\AppData\Roaming\edition.txt
2013-04-16 16:49 - 2013-04-16 16:49 - 000038437 _____ () C:\Users\Richard\AppData\Roaming\Kommagetrennte Werte (DOS).ADR
2014-02-12 16:43 - 2014-02-12 16:43 - 000038448 _____ () C:\Users\Richard\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
2013-07-26 09:08 - 2014-02-12 16:42 - 000038427 _____ () C:\Users\Richard\AppData\Roaming\Microsoft Excel.ADR
2014-02-12 16:44 - 2014-02-12 16:44 - 000038450 _____ () C:\Users\Richard\AppData\Roaming\Tabulatorgetrennte Werte (Windows).ADR
2014-06-07 14:32 - 2014-06-07 14:32 - 001150092 _____ () C:\Users\Richard\AppData\Roaming\WrapAnGo_Install.log
2011-06-16 15:21 - 2011-06-16 15:21 - 000000095 _____ () C:\Users\Richard\AppData\Local\fusioncache.dat
2013-07-11 10:48 - 2013-08-20 09:17 - 000004096 ____H () C:\Users\Richard\AppData\Local\keyfile3.drm

Einige Dateien in TEMP:
====================
2018-05-03 17:51 - 2018-03-23 16:02 - 071191456 _____ (Malwarebytes                                                ) C:\Users\Richard\AppData\Local\Temp\mb3-setup-consumer-3.4.4.2398-1.0.322-1.0.4446.exe
2018-05-14 12:37 - 2006-05-24 19:10 - 000455600 _____ (Macrovision Corporation) C:\Users\x.jan\AppData\Local\Temp\_isAFAF.exe
2011-08-12 01:20 - 2011-08-12 01:20 - 000248488 _____ (Ask.com) C:\Users\x.richard\AppData\Local\Temp\AskSLib.dll
2015-02-12 11:08 - 2015-02-12 11:08 - 000000000 ____D () C:\Users\x.richard\AppData\Local\Temp\avgnt.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2018-05-08 12:24

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 12.05.2018
durchgeführt von Richard (14-05-2018 14:34:50)
Gestartet von C:\Users\Richard\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-03-28 00:55:58)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2823007649-2030606852-2140657807-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2823007649-2030606852-2140657807-1007 - Limited - Enabled)
Gast (S-1-5-21-2823007649-2030606852-2140657807-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2823007649-2030606852-2140657807-1005 - Limited - Enabled)
Richard (S-1-5-21-2823007649-2030606852-2140657807-1001 - Administrator - Enabled) => C:\Users\Richard
x.jan (S-1-5-21-2823007649-2030606852-2140657807-1003 - Administrator - Enabled) => C:\Users\x.jan
x.richard (S-1-5-21-2823007649-2030606852-2140657807-1002 - Administrator - Enabled) => C:\Users\x.richard

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{DF0FDC37-67A0-F601-F87B-FDFD9257A39D}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{40F72BC9-0C14-4122-8930-4B037EAEAD45}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{4b629f54-1d82-40c9-9979-4485bb58d155}) (Version: 1.2.109.23832 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.163 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{D827660F-36C3-4CB6-BCFF-C0E066935C55}) (Version: 3.41.9267.0638 - Google, Inc.)
BMWi Businessplan (HKLM-x32\...\{56E939F5-C630-52D8-F7F1-D41E426A1248}) (Version: 1.5.0 - Bundesministerium für Wirtschaft und Energie) Hidden
BMWi Businessplan (HKLM-x32\...\de.bmwi.businessplan) (Version: 1.5.0 - Bundesministerium für Wirtschaft und Energie)
ccc-core-static (HKLM-x32\...\{612DADBF-02EE-84F3-70EC-056F07C6601D}) (Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\...\Dropbox) (Version: 48.4.58 - Dropbox, Inc.)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 3.0.4.9 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
GPL Ghostscript 8.71 (HKLM\...\GPL Ghostscript 8.71) (Version:  - )
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8620 - Grundlegende Software für das Gerät (HKLM\...\{F6CE08BC-6929-412E-BB42-A9A7CD9721D7}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP Officejet Pro 8620 Hilfe (HKLM-x32\...\{F8E43C63-DFF2-4134-A46C-2A6F00517A35}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
I-Port.de (HKLM-x32\...\I-Port.de) (Version: 2.3.0.93 - Imaxel Lab S.L)
i-port.de Bestellsoftware (HKLM-x32\...\{B4244B8D-0D9C-4EB0-BDF3-03A2060E96A8}}_is1) (Version: 3.5.9.65 - Foto Online Service GmbH)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Rescue System (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 3.0.1029 - CyberLink Corp.)
Lenovo Software Instruction (HKLM-x32\...\{A79C1D34-2831-4A5D-91C7-279EF892B5CF}) (Version: 1.0.0.090907 - Lenovo)
Lenovo Treiber- und Anwendungsinstallation (HKLM-x32\...\{45970CD1-D599-47D4-938F-3E9800D54ED1}) (Version: 5.1.0.1126 - Lenovo)
LVT (HKLM-x32\...\{D3063097-EC84-4D21-84A4-9D852E974355}) (Version: 4.1.1.0930 - Lenovo)
LXH-JME2207FN Hotkey Driver (HKLM-x32\...\{42B21298-C850-4272-AFD9-636CBC005421}) (Version: 5.1.0804 - Lenovo)
Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.5007.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 60.0 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0 (x64 en-US)) (Version: 60.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 60.0.0.6697 - Mozilla)
Mozilla Thunderbird 52.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 52.7.0 (x86 de)) (Version: 52.7.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0407-0000-0000000FF1CE}) (Version: 15.0.5007.1000 - Microsoft Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Password Safe (HKLM-x32\...\Password Safe) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6316 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2823007649-2030606852-2140657807-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-04-12] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-07] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-04-12] (Google)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2010-03-02] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-07] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1_S-1-5-21-2823007649-2030606852-2140657807-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2823007649-2030606852-2140657807-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2823007649-2030606852-2140657807-1001: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Richard\AppData\Roaming\Dropbox\bin\DropboxExt64.19.0.dll [2018-04-23] (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {011DDE3C-1303-4B99-B8C8-0B580E918033} - System32\Tasks\{22CEAAC1-2EF5-498F-8884-5BF0A3AD21F0} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.23.0.105/de/abandoninstall?page=tsBing
Task: {1D049AD6-A4CA-4766-B7C1-D81D941E2B98} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001UA => C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {2ECADE36-421B-4B0B-A68A-3662D6773CB7} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {33CEC0BC-B96D-4562-AB81-AB77D33CFF63} - System32\Tasks\{4E382E44-767A-4B32-9405-08BAF62C013E} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )
Task: {3A6FB3B1-4D3A-4C6D-9C74-7A1B998482A2} - System32\Tasks\HP AR Program Upload - 34021e1fb54e4981831efa53235d7063957d265fb05c448e90677533a5d07a24 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {3E88FC5D-B240-4275-A508-4DDBB1721D98} - System32\Tasks\{4D21CA11-0526-4DFB-92D5-77157188964E} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )
Task: {51D4E024-DC35-457B-ACA0-B95C1471FD81} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd)
Task: {54243350-BCED-4C77-8B6C-B02A5B428B19} - System32\Tasks\{AD41FFC0-C9DF-4393-BBC3-49E8E74AC98E} => C:\temp\Canon\x86\DrvSetup\Setup.exe <==== ACHTUNG
Task: {5A2EEC9D-F4BA-4FEA-9692-90F693C363BA} - System32\Tasks\{11B20EFC-1F31-410D-B16B-3C8724B0BA03} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.13.0.104&LastError=404
Task: {671DEF8D-4281-4C12-8325-7FA1541E178F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {709E7B6F-7E2C-4AE7-9BAC-55E00AB397EA} - System32\Tasks\HP AR Program Upload - 4137e27d0dbb4b408f593709e29129797df61d3fedd84ee2a132244c1245ef53 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {7B1E1FDB-4E04-434C-8ACE-23AF31A26C2A} - System32\Tasks\{9E08E925-A121-4FA7-AE19-41825155F004} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/de/eula
Task: {83A5963A-F612-4739-A9DA-01BA7BC04940} - System32\Tasks\HP AR Program Upload - d913019fa7b5450295b63661327793c307d5393534264f6492acedd98ed0a51c => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {83E44A6B-CC31-4ACB-9CBE-72E81E5F6274} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-05-07] (Avira Operations GmbH & Co. KG)
Task: {8B853BFD-9992-45B7-97A2-1F7D57DEB3F5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001Core => C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {8C8546FF-FFA3-4735-BFFF-F588AE66BDA2} - System32\Tasks\{CE80A831-E855-4B33-A24E-1801EF1E3413} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {8F0922CD-4DCF-4E2C-9038-C4EB4EC4D613} - System32\Tasks\{6D290570-B0F9-4614-A308-0983846733EC} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )
Task: {90A33AA9-7744-473B-B133-BFBCE5974B77} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd)
Task: {9892A5BC-973C-4201-BFD1-BC00E8399E84} - System32\Tasks\{B294538B-D1E7-48B4-B8B2-10BB15906E8C} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/de/eula
Task: {A07F0275-40E9-4305-B6DB-551E20EDC730} - System32\Tasks\{F6596631-C6BE-4927-93BC-8E75C16AC27B} => C:\Program Files (x86)\Skype\\Phone\Skype.exe
Task: {A6FDB22A-0B58-45CB-936F-3D86C6DD99CA} - System32\Tasks\{4C0D7B79-ED72-4D74-81C3-ACACA108D497} => C:\temp\Canon\x86\DrvSetup\Setup.exe <==== ACHTUNG
Task: {AA0C7876-4E06-46B8-A22A-EF6B06A0C7D1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {AA31C128-2B43-4BC7-A964-8EC0AEC845B6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B3E90982-B2CB-4B35-9EFC-52F38B0CBC72} - System32\Tasks\{931FC068-4063-4FB5-B41D-9A1DAFD5191B} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )
Task: {BDCB4BA6-11EC-4B05-8C67-D1AE2323AF26} - System32\Tasks\HP AR Program Upload - 7ef8dec92f304234b19cb227205c09fb5d2153450ad3425f801d15f46d2793c8 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {C285A2CD-3CB9-4B72-B67B-0A5317261273} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {C63346E9-CFE9-4233-9E7B-DF4F83F96FD4} - System32\Tasks\HP AR Program Upload - 96ebb325aec84955a4c7cf5bd6a3ec726e3d6906757f4d739dfe0192a6944c22 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {CA9CBA09-0C95-4C6B-8957-70F2E3C74C16} - System32\Tasks\HP AR Program Upload - a8e6124f8a464576b9aac200166ee2b3528133b29e6d44de88d29076fae1c488 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {CB300A34-397B-45FB-A7A1-CBF85AF3B565} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2017-12-12] (Microsoft Corporation)
Task: {CC37897A-36AC-4A76-A0D5-590E25863854} - System32\Tasks\{BCCB9CEA-B118-4E86-84D8-B7F9A338E271} => C:\temp\Canon\x86\DrvSetup\Setup.exe <==== ACHTUNG
Task: {CC5F3164-C664-4B49-B3A1-FF595B23A36C} - System32\Tasks\HP AR Program Upload - 228214e2aff64a26903bce615651864ae7228e69302c4edc8f814c9597201421 => C:\Program Files\HP\HP Officejet Pro 8620\bin\HPRewards.exe [2014-07-21] (TODO: <Company name>)
Task: {F3422927-B694-4FA3-8B23-02A909A97532} - System32\Tasks\{27A544BA-802E-4EA7-9EAD-5290136257AD} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )
Task: {F4D38000-50AC-4F72-AD37-D7E8EF649C16} - System32\Tasks\{97195F62-A7BC-451B-872C-D511470A06A0} => C:\Program Files (x86)\I-Port.de\ImageDesk.exe [2011-03-08] ( )

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001Core.job => C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2823007649-2030606852-2140657807-1001UA.job => C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe

==================== Verknüpfungen & WMI ========================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)


==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-03-28 03:15 - 2005-03-12 02:07 - 000087040 _____ () C:\windows\System32\redmonnt.dll
2014-03-19 12:47 - 2017-01-17 04:25 - 000117440 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2010-10-28 17:53 - 2010-01-21 08:40 - 000040960 _____ () C:\Windows\SysWOW64\UMonit.exe
2018-04-12 14:43 - 2018-04-12 14:43 - 046214128 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-05-14 14:22 - 2018-05-14 14:22 - 000113152 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_ctypes.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000080896 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\bz2.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001585152 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_hashlib.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000128512 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32api.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000137728 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\pywintypes27.dll
2018-05-14 14:22 - 2018-05-14 14:22 - 000548864 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\pythoncom27.dll
2018-05-14 14:22 - 2018-05-14 14:22 - 000689664 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\unicodedata.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000438784 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32com.shell.shell.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001489408 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._core_.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001007104 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._gdi_.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001039872 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._windows_.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001325056 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._controls_.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000916992 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._misc_.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 001084416 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\pysqlite2._sqlite.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000149504 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32file.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000136192 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32security.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000007680 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\hashobjs_ext.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000020992 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\thumbnails_ext.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000118784 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\usb_ext.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000047616 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_socket.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 002224640 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_ssl.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000014848 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\common.time34.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000023040 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32event.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000033280 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows.conditional.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000019968 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows.winwrap.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000107520 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows.volumes.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000223232 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32gui.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000173568 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_elementtree.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000169472 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\pyexpat.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000048128 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32inet.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000103424 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\wx._html2.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000046080 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_psutil_windows.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000633272 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows._cacheinvalidation.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000011776 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32crypt.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000301568 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\PIL._imaging.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000032256 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_multiprocessing.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 005458944 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\cello.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000026112 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\_yappi.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000044032 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32process.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000027648 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32pipe.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000010752 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\select.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000029696 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32pdh.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000038400 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows.connectivity.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000071168 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\windows.device_monitor.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000020480 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32profile.pyd
2018-05-14 14:22 - 2018-05-14 14:22 - 000026624 _____ () C:\Users\Richard\AppData\Local\Temp\_MEI23962\win32ts.pyd
2009-11-03 17:03 - 2009-11-03 17:03 - 000016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-10-28 17:52 - 2010-10-28 17:52 - 000270336 _____ () C:\windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-10-28 17:53 - 2009-10-26 09:52 - 000139264 _____ () C:\Windows\SysWOW64\ustor.dll
2010-10-28 17:53 - 2009-07-16 09:20 - 000032768 _____ () C:\Program Files (x86)\jmesoft\Keyhook.dll
2010-10-28 17:53 - 2007-12-31 10:27 - 000007168 _____ () C:\Program Files (x86)\jmesoft\VistaVolume.dll
2017-06-26 17:51 - 2017-06-26 17:51 - 000325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2018-04-27 16:12 - 2018-04-23 12:15 - 000866120 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-04-27 16:12 - 2018-04-23 12:15 - 002079048 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-04-11 15:04 - 2018-04-23 12:15 - 000100312 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000018896 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\select.pyd
2018-04-11 15:04 - 2018-04-23 12:16 - 000020808 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000035808 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000694232 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000021856 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000130520 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 001856864 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000022880 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2018-04-27 16:12 - 2018-04-23 12:15 - 000145880 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2018-04-27 16:12 - 2018-04-23 12:15 - 000116696 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2018-04-11 15:04 - 2018-04-23 12:15 - 000105944 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32api.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000022872 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000063312 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000024536 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32event.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000077120 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\fastpath.pyd
2018-04-27 16:12 - 2018-04-23 12:15 - 000392664 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2018-04-27 16:12 - 2018-04-23 12:15 - 000020952 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000124888 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32file.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000114136 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32security.pyd
2018-04-11 15:04 - 2018-04-23 12:16 - 000392520 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000026464 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000043480 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32process.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000024024 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000175576 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32gui.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000030168 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000026072 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32job.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000048600 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32service.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000057816 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000021840 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000023376 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000022864 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000066400 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 003863880 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000084944 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\sip.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 001798464 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 001959232 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000028632 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32ts.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000155472 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000521544 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000051024 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000043336 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000131400 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000219984 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000204104 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000025440 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000060888 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32print.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000054616 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000024024 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\win32profile.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000022880 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000022368 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000021856 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000022368 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000027496 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-04-11 15:04 - 2018-04-23 12:15 - 000349144 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2018-04-11 15:04 - 2018-04-23 12:17 - 000023904 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000025432 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2018-04-27 16:12 - 2018-04-23 12:15 - 000036312 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\librsync.dll
2018-04-11 15:04 - 2018-04-23 12:17 - 000021856 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000181064 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-04-11 15:04 - 2018-04-23 12:17 - 000030544 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000024384 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-04-27 16:12 - 2018-04-23 12:16 - 001638208 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-04-11 15:04 - 2018-04-23 12:17 - 000026464 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000546632 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000359744 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2018-04-27 16:12 - 2018-04-23 12:16 - 000038216 _____ () C:\Users\Richard\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2823007649-2030606852-2140657807-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Richard\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: )
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: Sony PC Companion => 3

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4B5B7FE0-6B37-4F43-B476-AEABBC63ABD7}] => (Allow) svchost.exe
FirewallRules: [{B10EAE3B-CF3D-4C35-93E5-CDEEE96122F2}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{B3022448-17C3-4FFE-AE09-A8D9CFA157AB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{3063D909-088B-4D0F-85B9-DF53A99EF8D8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{CF5103F0-73B7-486E-A5B1-0DE0BD7FC976}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{A99D7E60-4CFD-4CBF-9B16-469042198D13}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0E047650-5F7E-44C0-B881-8E81156C29EA}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{D6BE443E-71E3-4D1B-A0EF-72C5AE7AC0B9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{D3339849-B488-493B-A9BC-BAC882207BB8}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{FA26D320-DBD9-49A2-86A0-3A24C609B86C}] => (Allow) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D321F838-6858-4762-B546-D8E8B0C03FCE}] => (Allow) C:\Users\Richard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{DD777394-036F-49AB-8F11-76353871B521}C:\users\richard\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\richard\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9E6571E9-2114-4F08-9CA3-8AF1397E88DA}C:\users\richard\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\richard\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{36CFB4B3-BA7D-4DE9-A97D-BB0886BF13B6}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{52EE22D9-84BF-4870-822F-6F11E0502650}] => (Allow) LPort=2869
FirewallRules: [{79E285EB-C9A6-42B6-B99D-A626153EA4E5}] => (Allow) LPort=1900
FirewallRules: [{A5E2B747-5FA0-4455-A9C1-48EACE4EB455}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{130F3474-6C6F-4387-B020-54EFD322026A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\FaxApplications.exe
FirewallRules: [{D7CA7F69-9578-4556-849F-B9A813D5DC13}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\DigitalWizards.exe
FirewallRules: [{2DCB84B6-617A-4725-A4FD-E31827C1A40A}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\bin\SendAFax.exe
FirewallRules: [{5B09842D-4CD0-4974-9C64-E5464ECEF3E0}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\DeviceSetup.exe
FirewallRules: [{C7C95F29-A8AE-4F54-8843-9372603FDCF3}] => (Allow) LPort=5357
FirewallRules: [{071019B3-BBC1-49B7-B86F-423C05038BD8}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CF6BECE7-17B4-4CF9-A473-8A50CCF4583E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{03171165-FD5D-499C-8F18-8FE45114CCF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9E71695C-F564-49AF-94B2-699231934006}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A0C79B4D-8C90-444E-A6BC-FA3E47D34315}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4A73134A-B335-48C6-A6A4-F4A4C6484C2A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0009DB11-E5DE-4220-B1D7-4DFC5B556903}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CFDF94BF-BAB9-4938-AC36-ECEFFDF9F8A6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

03-05-2018 20:34:16 JRT Pre-Junkware Removal
03-05-2018 20:57:09 Removed Java 8 Update 171
03-05-2018 20:58:59 Konfiguriert Power2Go
03-05-2018 21:14:50 Entfernt klickTel Frühjahr 2011
03-05-2018 21:15:01 Entfernt Lenovo Healthcare Software
03-05-2018 21:16:03 Removed Skype™ 7.41
03-05-2018 21:18:18 Removed DHTML Editing Component
04-05-2018 11:43:14 Removed Avira Browser Safety
04-05-2018 15:00:28 Windows-Sicherung
04-05-2018 15:15:02 Removed Avira Software Updater
04-05-2018 15:22:55 Revo Uninstaller's restore point - Adobe Flash Player 20 ActiveX
04-05-2018 15:24:31 Revo Uninstaller's restore point - GALILEOS Viewer 1.9
04-05-2018 15:42:27 Revo Uninstaller's restore point - Sony Ericsson Update Engine
11-05-2018 17:29:15 Windows-Sicherung
14-05-2018 11:52:09 Removed Skype™ 7.40
14-05-2018 12:32:57 Removed Skype™ 7.40
14-05-2018 12:37:23 Entfernt MFL-Pro Suite

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/14/2018 02:22:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Richard\Desktop\jans werkzeug nicht löschen\esetsmartinstaller_deu.exe". Fehler in
Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (05/14/2018 02:18:33 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System

Error: (05/14/2018 01:40:19 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung empfangen: 20.

Error: (05/14/2018 12:41:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System

Error: (05/14/2018 12:26:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
[verify-U]_System


Windows Defender:
===================================
Date: 2015-05-06 10:15:54.284
Description: 
Die Windows Defender-Überprüfung wurde vor Fertigstellung beendet.
Überprüfungs-ID:{0F192A4D-2225-43A2-BEB0-A7F66AF0FB5A}
Überprüfungstyp:AntiSpyware
Überprüfungsparameter:Schnellscan
Benutzer:NT-AUTORITÄT\NETZWERKDIENST

Date: 2014-08-21 11:19:17.459
Description: 
Die Windows Defender-Überprüfung wurde vor Fertigstellung beendet.
Überprüfungs-ID:{B091E6B9-4C1E-4307-8026-E855F988A4A4}
Überprüfungstyp:AntiSpyware
Überprüfungsparameter:Schnellscan
Benutzer:NT-AUTORITÄT\NETZWERKDIENST

Date: 2016-04-20 12:54:47.703
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070002
Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

Date: 2014-11-05 11:52:00.688
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070002
Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

Date: 2014-09-27 16:08:46.547
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070002
Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

Date: 2014-07-10 22:55:41.262
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070002
Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

Date: 2013-02-02 19:33:54.128
Description: 
Beim Laden der Signaturen wurde von Windows Defender ein Fehler festgestellt. Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.
Versuchte Signaturen:Aktuell
Fehlercode:0x80070002
Fehlerbeschreibung:Das System kann die angegebene Datei nicht finden. 
Signaturversion:0.0.0.0
Modulversion:0.0.0.0

CodeIntegrity:
===================================

Date: 2012-08-23 16:59:42.973
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-23 16:48:46.568
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-20 17:08:35.011
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-15 17:10:18.339
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-15 12:52:35.714
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-14 18:13:20.183
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-14 18:09:40.016
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

Date: 2012-08-14 17:58:25.933
Description: 
Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\wow64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

==================== Speicherinformationen =========================== 

Prozessor: Pentium(R) Dual-Core CPU E5500 @ 2.80GHz
Prozentuale Nutzung des RAM: 48%
Installierter physikalischer RAM: 4095.24 MB
Verfügbarer physikalischer RAM: 2116.83 MB
Summe virtueller Speicher: 8188.43 MB
Verfügbarer virtueller Speicher: 5494.28 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:440.59 GB) (Free:273.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (Sicherungsplatte) (Fixed) (Total:465.73 GB) (Free:88.12 GB) NTFS

\\?\Volume{66f3cf38-e2aa-11df-b0e7-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AAA223C2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=440.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.1 GB) - (Type=12)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.7 GB) (Disk ID: 00038A56)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 15.05.2018, 12:25   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Lesestoff:
Google Chrome

Offensichtlich nutzt du den Browser Chrome von Google. Ich muss von der Verwendung dieses Browsers aus Datenschutzgründen dringend abraten. Siehe auch Google: Chrome-Browser scannt lokale Dateien auf Windows-PCs

Installiere Mozilla Firefox, damit lassen sich auch Profildaten aus Chrome importieren, anschließend Google Chrome deinstallieren.



Bitte auch Avira deinstallieren

Wir deinstallieren dann am besten auch gleich weiteren unnötigen oder veralteten Krempel.

Avira empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:


    Adobe Acrobat Reader DC - Deutsch

    Avira

    Avira Antivirus

    TeamViewer 11


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________

__________________

Alt 17.05.2018, 11:13   #3
spiderx
 
W7 DHCP & DNS Problem und langsam - Standard

welcher scanner?



Hallo Cosinus,
den Avira und Altprogramme habe ich mal runter. Mit welchem scanner geht es weiter?
Gruesse spiderx
__________________

Alt 17.05.2018, 11:27   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Schädlinge suchen mit Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.05.2018, 15:19   #5
spiderx
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Scheint soweit mal sauber zu sein, (ich habe Chrome und TV11 noch drauf da ich beide zwingend benötige).
Welche AV spiele ich anstatt Avira auf?

Code:
ATTFilter
14:59:03.0185 0x0e8c  TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
14:59:10.0706 0x0e8c  ============================================================
14:59:10.0706 0x0e8c  Current date / time: 2018/05/17 14:59:10.0706
14:59:10.0706 0x0e8c  SystemInfo:
14:59:10.0716 0x0e8c  
14:59:10.0716 0x0e8c  OS Version: 6.1.7601 ServicePack: 1.0
14:59:10.0716 0x0e8c  Product type: Workstation
14:59:10.0716 0x0e8c  ComputerName: RICHARD-PC
14:59:10.0716 0x0e8c  UserName: Richard
14:59:10.0716 0x0e8c  Windows directory: C:\windows
14:59:10.0716 0x0e8c  System windows directory: C:\windows
14:59:10.0716 0x0e8c  Running under WOW64
14:59:10.0716 0x0e8c  Processor architecture: Intel x64
14:59:10.0716 0x0e8c  Number of processors: 2
14:59:10.0716 0x0e8c  Page size: 0x1000
14:59:10.0716 0x0e8c  Boot type: Normal boot
14:59:10.0716 0x0e8c  CodeIntegrityOptions = 0x00000001
14:59:10.0716 0x0e8c  ============================================================
15:00:17.0240 0x0e8c  KLMD registered as C:\windows\system32\drivers\29246752.sys
15:00:17.0250 0x0e8c  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23889, osProperties = 0x1
15:00:19.0802 0x0e8c  System UUID: {FAFC592A-E968-3118-B208-DE0D4793958D}
15:00:22.0406 0x0e8c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:00:22.0446 0x0e8c  Drive \Device\Harddisk1\DR1 - Size: 0x746EC00000 ( 465.73 Gb ), SectorSize: 0x200, Cylinders: 0xED7D, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:00:22.0766 0x0e8c  ============================================================
15:00:22.0766 0x0e8c  \Device\Harddisk0\DR0:
15:00:22.0876 0x0e8c  MBR partitions:
15:00:22.0876 0x0e8c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:00:22.0876 0x0e8c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3712E000
15:00:22.0876 0x0e8c  \Device\Harddisk1\DR1:
15:00:22.0876 0x0e8c  MBR partitions:
15:00:22.0876 0x0e8c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A375800
15:00:22.0876 0x0e8c  ============================================================
15:00:23.0156 0x0e8c  C: <-> \Device\Harddisk0\DR0\Partition2
15:00:23.0176 0x0e8c  E: <-> \Device\Harddisk1\DR1\Partition1
15:00:23.0176 0x0e8c  ============================================================
15:00:23.0176 0x0e8c  Initialize success
15:00:23.0176 0x0e8c  ============================================================
15:14:39.0542 0x1288  ============================================================
15:14:39.0542 0x1288  Scan started
15:14:39.0542 0x1288  Mode: Manual; SigCheck; TDLFS; 
15:14:39.0542 0x1288  ============================================================
15:14:39.0542 0x1288  KSN ping started
15:14:39.0682 0x1288  KSN ping finished: true
15:14:40.0334 0x1288  ================ Scan system memory ========================
15:14:40.0334 0x1288  System memory - ok
15:14:40.0334 0x1288  ================ Scan services =============================
15:14:40.0464 0x1288  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
15:14:40.0524 0x1288  1394ohci - ok
15:14:40.0554 0x1288  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
15:14:40.0584 0x1288  ACPI - ok
15:14:40.0614 0x1288  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
15:14:40.0664 0x1288  AcpiPmi - ok
15:14:40.0721 0x1288  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\DRIVERS\adp94xx.sys
15:14:40.0736 0x1288  adp94xx - ok
15:14:40.0766 0x1288  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\DRIVERS\adpahci.sys
15:14:40.0786 0x1288  adpahci - ok
15:14:40.0806 0x1288  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\DRIVERS\adpu320.sys
15:14:40.0830 0x1288  adpu320 - ok
15:14:40.0858 0x1288  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
15:14:40.0878 0x1288  AeLookupSvc - ok
15:14:40.0938 0x1288  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\windows\system32\drivers\afd.sys
15:14:40.0978 0x1288  AFD - ok
15:14:41.0018 0x1288  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
15:14:41.0028 0x1288  agp440 - ok
15:14:41.0048 0x1288  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
15:14:41.0119 0x1288  ALG - ok
15:14:41.0140 0x1288  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
15:14:41.0150 0x1288  aliide - ok
15:14:41.0190 0x1288  [ B4143CB1DD16AE73C6177C72F33450A6, D675AEF56FF030314AB3B4F13A81D72272E67AE10E415058928182A3B8370FE1 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
15:14:41.0250 0x1288  AMD External Events Utility - ok
15:14:41.0270 0x1288  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
15:14:41.0280 0x1288  amdide - ok
15:14:41.0300 0x1288  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\DRIVERS\amdk8.sys
15:14:41.0350 0x1288  AmdK8 - ok
15:14:41.0548 0x1288  [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] amdkmdag        C:\windows\system32\DRIVERS\atipmdag.sys
15:14:41.0933 0x1288  amdkmdag - ok
15:14:41.0987 0x1288  [ 6BA71D6616B56816E57394D77DD1BB6F, 5250378D4CA31578D8E92DD4402E2AA34C2299EA2D9471AC5A9A7CEA46A54CB3 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
15:14:42.0115 0x1288  amdkmdap - ok
15:14:42.0144 0x1288  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
15:14:42.0256 0x1288  AmdPPM - ok
15:14:42.0293 0x1288  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
15:14:42.0309 0x1288  amdsata - ok
15:14:42.0347 0x1288  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\DRIVERS\amdsbs.sys
15:14:42.0365 0x1288  amdsbs - ok
15:14:42.0378 0x1288  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
15:14:42.0390 0x1288  amdxata - ok
15:14:42.0435 0x1288  [ 086CA47573FAF282C93BE3416E1B6D65, 608D208B9D5FDB8A6DAABA939EAC664FFBFA294FD53CCD21942C27F1B8FF016A ] AppID           C:\windows\system32\drivers\appid.sys
15:14:42.0518 0x1288  AppID - ok
15:14:42.0535 0x1288  [ 5B502842E57F10BDC0301E15B98E3E26, 2FEC4F4409C9BF3A89E69C1806F8D9F37CF405E22971C68B5E297A43A8D6B3C4 ] AppIDSvc        C:\windows\System32\appidsvc.dll
15:14:42.0554 0x1288  AppIDSvc - ok
15:14:42.0610 0x1288  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\windows\System32\appinfo.dll
15:14:42.0660 0x1288  Appinfo - ok
15:14:42.0710 0x1288  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\DRIVERS\arc.sys
15:14:42.0720 0x1288  arc - ok
15:14:42.0740 0x1288  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\DRIVERS\arcsas.sys
15:14:42.0750 0x1288  arcsas - ok
15:14:42.0822 0x1288  [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:14:42.0842 0x1288  aspnet_state - ok
15:14:42.0852 0x1288  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
15:14:42.0934 0x1288  AsyncMac - ok
15:14:42.0954 0x1288  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
15:14:42.0964 0x1288  atapi - ok
15:14:42.0994 0x1288  [ 77C149E6D702737B2E372DEE166FAEF8, D18FEAE9D915D5F25B787B755F9C6321A9C9506D4F563DD637E3586401E36053 ] AtiHdmiService  C:\windows\system32\drivers\AtiHdmi.sys
15:14:43.0054 0x1288  AtiHdmiService - ok
15:14:43.0234 0x1288  [ D1D06810BF7E21F5763EB06CB7E7262B, 77DEEA2C76D1C3E65E3D4F1FB2C671195019E9B78336EA4E040565DB88228611 ] atikmdag        C:\windows\system32\DRIVERS\atikmdag.sys
15:14:43.0444 0x1288  atikmdag - ok
15:14:43.0516 0x1288  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
15:14:43.0556 0x1288  AudioEndpointBuilder - ok
15:14:43.0576 0x1288  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\windows\System32\Audiosrv.dll
15:14:43.0596 0x1288  AudioSrv - ok
15:14:43.0646 0x1288  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
15:14:43.0726 0x1288  AxInstSV - ok
15:14:43.0776 0x1288  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\DRIVERS\bxvbda.sys
15:14:43.0826 0x1288  b06bdrv - ok
15:14:43.0846 0x1288  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
15:14:43.0866 0x1288  b57nd60a - ok
15:14:43.0896 0x1288  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
15:14:43.0946 0x1288  BDESVC - ok
15:14:43.0976 0x1288  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
15:14:44.0016 0x1288  Beep - ok
15:14:44.0086 0x1288  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
15:14:44.0136 0x1288  BFE - ok
15:14:44.0176 0x1288  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
15:14:44.0236 0x1288  BITS - ok
15:14:44.0276 0x1288  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
15:14:44.0286 0x1288  blbdrive - ok
15:14:44.0326 0x1288  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\windows\system32\DRIVERS\bowser.sys
15:14:44.0356 0x1288  bowser - ok
15:14:44.0376 0x1288  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\DRIVERS\BrFiltLo.sys
15:14:44.0436 0x1288  BrFiltLo - ok
15:14:44.0456 0x1288  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\DRIVERS\BrFiltUp.sys
15:14:44.0486 0x1288  BrFiltUp - ok
15:14:44.0516 0x1288  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
15:14:44.0566 0x1288  Browser - ok
15:14:44.0606 0x1288  [ E5E9B1625A767CEB6F319C12D33EAB78, F49FF610C0712FAE4B69BD300C78D7DEA7C72DFC076323295779272D1E23D7CE ] BrSerIb         C:\windows\system32\DRIVERS\BrSerIb.sys
15:14:44.0656 0x1288  BrSerIb - ok
15:14:44.0686 0x1288  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
15:14:44.0716 0x1288  Brserid - ok
15:14:44.0736 0x1288  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
15:14:44.0776 0x1288  BrSerWdm - ok
15:14:44.0796 0x1288  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
15:14:44.0826 0x1288  BrUsbMdm - ok
15:14:44.0846 0x1288  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
15:14:44.0856 0x1288  BrUsbSer - ok
15:14:44.0886 0x1288  [ D9F6B30AD93CBD165EC71FADF51DF25E, 9E38846451650F4F320CB1DEA9C010653A54D7419591719936BF53BEE269F1A8 ] BrUsbSIb        C:\windows\system32\DRIVERS\BrUsbSIb.sys
15:14:44.0896 0x1288  BrUsbSIb - ok
15:14:44.0906 0x1288  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
15:14:44.0936 0x1288  BTHMODEM - ok
15:14:44.0976 0x1288  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
15:14:45.0036 0x1288  bthserv - ok
15:14:45.0056 0x1288  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
15:14:45.0106 0x1288  cdfs - ok
15:14:45.0146 0x1288  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
15:14:45.0176 0x1288  cdrom - ok
15:14:45.0206 0x1288  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
15:14:45.0256 0x1288  CertPropSvc - ok
15:14:45.0276 0x1288  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\DRIVERS\circlass.sys
15:14:45.0306 0x1288  circlass - ok
15:14:45.0376 0x1288  [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS            C:\windows\system32\CLFS.sys
15:14:45.0396 0x1288  CLFS - ok
15:14:45.0573 0x1288  [ 1C0DD335FE0E3AE4A8244EF6D6BD6347, F02C96B811027107F954FC8259319860BD9CD16601A93899A4BD69E77AADC6FA ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
15:14:45.0649 0x1288  ClickToRunSvc - ok
15:14:45.0710 0x1288  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:14:45.0720 0x1288  clr_optimization_v2.0.50727_32 - ok
15:14:45.0750 0x1288  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:14:45.0760 0x1288  clr_optimization_v2.0.50727_64 - ok
15:14:45.0840 0x1288  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:14:45.0870 0x1288  clr_optimization_v4.0.30319_32 - ok
15:14:45.0900 0x1288  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:14:45.0920 0x1288  clr_optimization_v4.0.30319_64 - ok
15:14:45.0950 0x1288  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
15:14:45.0980 0x1288  CmBatt - ok
15:14:46.0010 0x1288  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
15:14:46.0020 0x1288  cmdide - ok
15:14:46.0060 0x1288  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\windows\system32\Drivers\cng.sys
15:14:46.0090 0x1288  CNG - ok
15:14:46.0110 0x1288  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\DRIVERS\compbatt.sys
15:14:46.0120 0x1288  Compbatt - ok
15:14:46.0140 0x1288  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\drivers\CompositeBus.sys
15:14:46.0160 0x1288  CompositeBus - ok
15:14:46.0160 0x1288  COMSysApp - ok
15:14:46.0170 0x1288  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\DRIVERS\crcdisk.sys
15:14:46.0180 0x1288  crcdisk - ok
15:14:46.0230 0x1288  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\windows\system32\cryptsvc.dll
15:14:46.0250 0x1288  CryptSvc - ok
15:14:46.0290 0x1288  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch      C:\windows\system32\rpcss.dll
15:14:46.0320 0x1288  DcomLaunch - ok
15:14:46.0350 0x1288  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
15:14:46.0410 0x1288  defragsvc - ok
15:14:46.0430 0x1288  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\windows\system32\Drivers\dfsc.sys
15:14:46.0460 0x1288  DfsC - ok
15:14:46.0500 0x1288  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
15:14:46.0570 0x1288  Dhcp - ok
15:14:46.0702 0x1288  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\windows\system32\diagtrack.dll
15:14:46.0812 0x1288  DiagTrack - ok
15:14:46.0842 0x1288  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
15:14:46.0912 0x1288  discache - ok
15:14:46.0942 0x1288  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\windows\system32\drivers\disk.sys
15:14:46.0962 0x1288  Disk - ok
15:14:46.0992 0x1288  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
15:14:47.0042 0x1288  Dnscache - ok
15:14:47.0072 0x1288  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
15:14:47.0122 0x1288  dot3svc - ok
15:14:47.0162 0x1288  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
15:14:47.0202 0x1288  DPS - ok
15:14:47.0252 0x1288  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
15:14:47.0272 0x1288  drmkaud - ok
15:14:47.0332 0x1288  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
15:14:47.0362 0x1288  DXGKrnl - ok
15:14:47.0402 0x1288  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
15:14:47.0452 0x1288  EapHost - ok
15:14:47.0562 0x1288  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\DRIVERS\evbda.sys
15:14:47.0704 0x1288  ebdrv - ok
15:14:47.0734 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] EFS             C:\windows\System32\lsass.exe
15:14:47.0784 0x1288  EFS - ok
15:14:47.0844 0x1288  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
15:14:47.0884 0x1288  ehRecvr - ok
15:14:47.0914 0x1288  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
15:14:47.0954 0x1288  ehSched - ok
15:14:48.0004 0x1288  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\DRIVERS\elxstor.sys
15:14:48.0024 0x1288  elxstor - ok
15:14:48.0044 0x1288  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
15:14:48.0074 0x1288  ErrDev - ok
15:14:48.0134 0x1288  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
15:14:48.0184 0x1288  EventSystem - ok
15:14:48.0224 0x1288  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\windows\system32\drivers\exfat.sys
15:14:48.0244 0x1288  exfat - ok
15:14:48.0264 0x1288  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\windows\system32\drivers\fastfat.sys
15:14:48.0294 0x1288  fastfat - ok
15:14:48.0354 0x1288  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
15:14:48.0414 0x1288  Fax - ok
15:14:48.0434 0x1288  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\DRIVERS\fdc.sys
15:14:48.0444 0x1288  fdc - ok
15:14:48.0454 0x1288  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
15:14:48.0484 0x1288  fdPHost - ok
15:14:48.0504 0x1288  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
15:14:48.0554 0x1288  FDResPub - ok
15:14:48.0584 0x1288  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
15:14:48.0594 0x1288  FileInfo - ok
15:14:48.0604 0x1288  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
15:14:48.0634 0x1288  Filetrace - ok
15:14:48.0654 0x1288  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
15:14:48.0684 0x1288  flpydisk - ok
15:14:48.0724 0x1288  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
15:14:48.0734 0x1288  FltMgr - ok
15:14:48.0804 0x1288  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\windows\system32\FntCache.dll
15:14:48.0874 0x1288  FontCache - ok
15:14:48.0914 0x1288  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:14:48.0924 0x1288  FontCache3.0.0.0 - ok
15:14:48.0944 0x1288  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
15:14:48.0954 0x1288  FsDepends - ok
15:14:48.0984 0x1288  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
15:14:48.0994 0x1288  Fs_Rec - ok
15:14:49.0024 0x1288  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
15:14:49.0044 0x1288  fvevol - ok
15:14:49.0054 0x1288  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\DRIVERS\gagp30kx.sys
15:14:49.0064 0x1288  gagp30kx - ok
15:14:49.0104 0x1288  [ 16C2A6BCDDA8952C2035DEC861492A19, 9023CD3A2C1009786A48EF7FBCC97ED1724C836279424A4D465CCE1AFA2DBDDA ] ggflt           C:\windows\system32\DRIVERS\ggflt.sys
15:14:49.0124 0x1288  ggflt - ok
15:14:49.0144 0x1288  [ 6B503DF845EABF3457E49FBBDA26C10E, A1553E3822EDEA26D8E67FCC7F9EA40DFBED49EC92FD5674AAF938F2D58CF964 ] ggsemc          C:\windows\system32\DRIVERS\ggsemc.sys
15:14:49.0154 0x1288  ggsemc - ok
15:14:49.0194 0x1288  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\windows\System32\gpsvc.dll
15:14:49.0264 0x1288  gpsvc - ok
15:14:49.0354 0x1288  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:14:49.0374 0x1288  gupdate - ok
15:14:49.0404 0x1288  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:14:49.0414 0x1288  gupdatem - ok
15:14:49.0444 0x1288  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
15:14:49.0484 0x1288  hcw85cir - ok
15:14:49.0514 0x1288  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
15:14:49.0554 0x1288  HdAudAddService - ok
15:14:49.0584 0x1288  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\drivers\HDAudBus.sys
15:14:49.0614 0x1288  HDAudBus - ok
15:14:49.0634 0x1288  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\DRIVERS\HidBatt.sys
15:14:49.0654 0x1288  HidBatt - ok
15:14:49.0664 0x1288  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\DRIVERS\hidbth.sys
15:14:49.0694 0x1288  HidBth - ok
15:14:49.0724 0x1288  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\DRIVERS\hidir.sys
15:14:49.0764 0x1288  HidIr - ok
15:14:49.0794 0x1288  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
15:14:49.0824 0x1288  hidserv - ok
15:14:49.0864 0x1288  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
15:14:49.0884 0x1288  HidUsb - ok
15:14:49.0914 0x1288  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
15:14:49.0944 0x1288  hkmsvc - ok
15:14:49.0964 0x1288  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
15:14:50.0014 0x1288  HomeGroupListener - ok
15:14:50.0044 0x1288  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
15:14:50.0074 0x1288  HomeGroupProvider - ok
15:14:50.0104 0x1288  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
15:14:50.0124 0x1288  HpSAMD - ok
15:14:50.0174 0x1288  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP            C:\windows\system32\drivers\HTTP.sys
15:14:50.0254 0x1288  HTTP - ok
15:14:50.0284 0x1288  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
15:14:50.0294 0x1288  hwpolicy - ok
15:14:50.0334 0x1288  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\drivers\i8042prt.sys
15:14:50.0344 0x1288  i8042prt - ok
15:14:50.0384 0x1288  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
15:14:50.0404 0x1288  iaStorV - ok
15:14:50.0474 0x1288  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:14:50.0504 0x1288  idsvc - ok
15:14:50.0524 0x1288  IEEtwCollectorService - ok
15:14:50.0734 0x1288  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\windows\system32\DRIVERS\igdkmd64.sys
15:14:50.0976 0x1288  igfx - ok
15:14:51.0006 0x1288  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\DRIVERS\iirsp.sys
15:14:51.0016 0x1288  iirsp - ok
15:14:51.0056 0x1288  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
15:14:51.0086 0x1288  IKEEXT - ok
15:14:51.0196 0x1288  [ 9297BC7FB61F58670EE176DD18F4DD92, 92B165ACDBF2AC602BBA63FD62D62ABE2E39FA398709C41601D314D36B552D74 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
15:14:51.0266 0x1288  IntcAzAudAddService - ok
15:14:51.0296 0x1288  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
15:14:51.0306 0x1288  intelide - ok
15:14:51.0336 0x1288  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
15:14:51.0366 0x1288  intelppm - ok
15:14:51.0406 0x1288  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
15:14:51.0436 0x1288  IPBusEnum - ok
15:14:51.0476 0x1288  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
15:14:51.0516 0x1288  IpFilterDriver - ok
15:14:51.0566 0x1288  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
15:14:51.0626 0x1288  iphlpsvc - ok
15:14:51.0646 0x1288  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
15:14:51.0676 0x1288  IPMIDRV - ok
15:14:51.0706 0x1288  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
15:14:51.0756 0x1288  IPNAT - ok
15:14:51.0796 0x1288  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
15:14:51.0836 0x1288  IRENUM - ok
15:14:51.0856 0x1288  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
15:14:51.0872 0x1288  isapnp - ok
15:14:51.0898 0x1288  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
15:14:51.0918 0x1288  iScsiPrt - ok
15:14:51.0948 0x1288  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
15:14:51.0948 0x1288  kbdclass - ok
15:14:51.0968 0x1288  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
15:14:51.0998 0x1288  kbdhid - ok
15:14:52.0018 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] KeyIso          C:\windows\system32\lsass.exe
15:14:52.0028 0x1288  KeyIso - ok
15:14:52.0058 0x1288  [ 7635071BC8EDBC8B501F4EF2B0A82820, 276A5672196EF3990FB1A2CE646B6B92241580E1BB96BCCA3CBDC781CF42111A ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
15:14:52.0078 0x1288  KSecDD - ok
15:14:52.0088 0x1288  [ 033937305C234FC8215A4692193AA43E, 1E48CA1F8020F9DA0778A0F39A69C3B918CF878B152A3B38A5D3B9892154B6DB ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
15:14:52.0098 0x1288  KSecPkg - ok
15:14:52.0118 0x1288  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
15:14:52.0168 0x1288  ksthunk - ok
15:14:52.0198 0x1288  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
15:14:52.0258 0x1288  KtmRm - ok
15:14:52.0308 0x1288  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
15:14:52.0350 0x1288  LanmanServer - ok
15:14:52.0380 0x1288  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
15:14:52.0430 0x1288  LanmanWorkstation - ok
15:14:52.0460 0x1288  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
15:14:52.0500 0x1288  lltdio - ok
15:14:52.0530 0x1288  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
15:14:52.0580 0x1288  lltdsvc - ok
15:14:52.0610 0x1288  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
15:14:52.0640 0x1288  lmhosts - ok
15:14:52.0670 0x1288  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\DRIVERS\lsi_fc.sys
15:14:52.0690 0x1288  LSI_FC - ok
15:14:52.0700 0x1288  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\DRIVERS\lsi_sas.sys
15:14:52.0710 0x1288  LSI_SAS - ok
15:14:52.0730 0x1288  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\DRIVERS\lsi_sas2.sys
15:14:52.0740 0x1288  LSI_SAS2 - ok
15:14:52.0750 0x1288  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\DRIVERS\lsi_scsi.sys
15:14:52.0760 0x1288  LSI_SCSI - ok
15:14:52.0780 0x1288  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
15:14:52.0830 0x1288  luafv - ok
15:14:52.0860 0x1288  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
15:14:52.0880 0x1288  Mcx2Svc - ok
15:14:52.0900 0x1288  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\DRIVERS\megasas.sys
15:14:52.0910 0x1288  megasas - ok
15:14:52.0940 0x1288  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\DRIVERS\MegaSR.sys
15:14:52.0960 0x1288  MegaSR - ok
15:14:52.0990 0x1288  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
15:14:53.0050 0x1288  MMCSS - ok
15:14:53.0060 0x1288  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
15:14:53.0100 0x1288  Modem - ok
15:14:53.0110 0x1288  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
15:14:53.0130 0x1288  monitor - ok
15:14:53.0150 0x1288  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
15:14:53.0160 0x1288  mouclass - ok
15:14:53.0180 0x1288  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
15:14:53.0210 0x1288  mouhid - ok
15:14:53.0250 0x1288  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
15:14:53.0270 0x1288  mountmgr - ok
15:14:53.0340 0x1288  [ DD48D3A79DD8895C02423ACD052ABCF1, 32B2FDA907EDF8635B7099D61C22B0AEA54884ABDFF95608E8B93D3DAAEC458B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:14:53.0350 0x1288  MozillaMaintenance - ok
15:14:53.0370 0x1288  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
15:14:53.0390 0x1288  mpio - ok
15:14:53.0400 0x1288  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
15:14:53.0430 0x1288  mpsdrv - ok
15:14:53.0480 0x1288  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
15:14:53.0520 0x1288  MpsSvc - ok
15:14:53.0560 0x1288  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
15:14:53.0610 0x1288  MRxDAV - ok
15:14:53.0650 0x1288  [ F77E8ABD746B93B9B4F9C13250302C47, 7A6B705DCFA540E90A2A10F8B245CFF7BCB018152EF67D4B988366386E67AE10 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
15:14:53.0680 0x1288  mrxsmb - ok
15:14:53.0720 0x1288  [ FF1B4AF370481C25B078FEAEE5455EDC, 596DE4DB5B29F99CD89038B9426000E42D47A27FEF56135F219C83F94B10C1E5 ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
15:14:53.0760 0x1288  mrxsmb10 - ok
15:14:53.0780 0x1288  [ 125B7C9D7372711EDBD5BFEE2E33CE60, 53ED38EBD558C1EE46EE0D3E39964730237991994946BE494806F7EC4A62D966 ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
15:14:53.0800 0x1288  mrxsmb20 - ok
15:14:53.0820 0x1288  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
15:14:53.0830 0x1288  msahci - ok
15:14:53.0860 0x1288  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
15:14:53.0870 0x1288  MSCamSvc - ok
15:14:53.0900 0x1288  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
15:14:53.0910 0x1288  msdsm - ok
15:14:53.0940 0x1288  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
15:14:53.0970 0x1288  MSDTC - ok
15:14:54.0000 0x1288  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
15:14:54.0040 0x1288  Msfs - ok
15:14:54.0060 0x1288  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
15:14:54.0110 0x1288  mshidkmdf - ok
15:14:54.0150 0x1288  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\windows\system32\Drivers\nx6000.sys
15:14:54.0150 0x1288  MSHUSBVideo - ok
15:14:54.0170 0x1288  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
15:14:54.0180 0x1288  msisadrv - ok
15:14:54.0210 0x1288  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
15:14:54.0260 0x1288  MSiSCSI - ok
15:14:54.0270 0x1288  msiserver - ok
15:14:54.0300 0x1288  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
15:14:54.0330 0x1288  MSKSSRV - ok
15:14:54.0340 0x1288  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
15:14:54.0370 0x1288  MSPCLOCK - ok
15:14:54.0370 0x1288  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
15:14:54.0430 0x1288  MSPQM - ok
15:14:54.0460 0x1288  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
15:14:54.0480 0x1288  MsRPC - ok
15:14:54.0500 0x1288  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\drivers\mssmbios.sys
15:14:54.0510 0x1288  mssmbios - ok
15:14:54.0520 0x1288  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
15:14:54.0570 0x1288  MSTEE - ok
15:14:54.0590 0x1288  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\DRIVERS\MTConfig.sys
15:14:54.0620 0x1288  MTConfig - ok
15:14:54.0640 0x1288  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
15:14:54.0650 0x1288  Mup - ok
15:14:54.0680 0x1288  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
15:14:54.0740 0x1288  napagent - ok
15:14:54.0780 0x1288  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
15:14:54.0800 0x1288  NativeWifiP - ok
15:14:54.0860 0x1288  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\windows\system32\drivers\ndis.sys
15:14:54.0900 0x1288  NDIS - ok
15:14:54.0920 0x1288  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
15:14:54.0970 0x1288  NdisCap - ok
15:14:55.0010 0x1288  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
15:14:55.0060 0x1288  NdisTapi - ok
15:14:55.0080 0x1288  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
15:14:55.0150 0x1288  Ndisuio - ok
15:14:55.0180 0x1288  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
15:14:55.0230 0x1288  NdisWan - ok
15:14:55.0260 0x1288  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
15:14:55.0310 0x1288  NDProxy - ok
15:14:55.0330 0x1288  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
15:14:55.0360 0x1288  NetBIOS - ok
15:14:55.0400 0x1288  [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
15:14:55.0430 0x1288  NetBT - ok
15:14:55.0460 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] Netlogon        C:\windows\system32\lsass.exe
15:14:55.0480 0x1288  Netlogon - ok
15:14:55.0510 0x1288  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
15:14:55.0560 0x1288  Netman - ok
15:14:55.0600 0x1288  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:55.0620 0x1288  NetMsmqActivator - ok
15:14:55.0630 0x1288  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:55.0650 0x1288  NetPipeActivator - ok
15:14:55.0670 0x1288  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
15:14:55.0710 0x1288  netprofm - ok
15:14:55.0730 0x1288  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:55.0740 0x1288  NetTcpActivator - ok
15:14:55.0750 0x1288  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:55.0760 0x1288  NetTcpPortSharing - ok
15:14:55.0780 0x1288  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\DRIVERS\nfrd960.sys
15:14:55.0790 0x1288  nfrd960 - ok
15:14:55.0820 0x1288  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
15:14:55.0840 0x1288  NlaSvc - ok
15:14:55.0850 0x1288  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
15:14:55.0890 0x1288  Npfs - ok
15:14:55.0920 0x1288  [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi             C:\windows\system32\nsisvc.dll
15:14:55.0950 0x1288  nsi - ok
15:14:55.0990 0x1288  [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
15:14:56.0000 0x1288  nsiproxy - ok
15:14:56.0080 0x1288  [ 7FD5A7FB8F55254E9AF5666C653AF3CA, 5EE9805BB4A952AE455D08953FF12E55879776A521B3333F2730AC552DC17C48 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
15:14:56.0140 0x1288  Ntfs - ok
15:14:56.0160 0x1288  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
15:14:56.0200 0x1288  Null - ok
15:14:56.0250 0x1288  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
15:14:56.0270 0x1288  nvraid - ok
15:14:56.0300 0x1288  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
15:14:56.0320 0x1288  nvstor - ok
15:14:56.0350 0x1288  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
15:14:56.0360 0x1288  nv_agp - ok
15:14:56.0380 0x1288  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
15:14:56.0430 0x1288  ohci1394 - ok
15:14:56.0480 0x1288  [ 61537B02CEA00BE142B11384A7BBF04D, F4B8DE5A889C04CA4EEB82AD0A66D8828CA302ECAF9E91AAF288C8770EC97199 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:14:56.0490 0x1288  ose - ok
15:14:56.0700 0x1288  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:56.0860 0x1288  osppsvc - ok
15:14:56.0910 0x1288  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
15:14:56.0940 0x1288  p2pimsvc - ok
15:14:56.0970 0x1288  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
15:14:56.0990 0x1288  p2psvc - ok
15:14:57.0020 0x1288  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\DRIVERS\parport.sys
15:14:57.0050 0x1288  Parport - ok
15:14:57.0080 0x1288  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
15:14:57.0090 0x1288  partmgr - ok
15:14:57.0130 0x1288  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\windows\System32\pcasvc.dll
15:14:57.0170 0x1288  PcaSvc - ok
15:14:57.0200 0x1288  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
15:14:57.0210 0x1288  pci - ok
15:14:57.0240 0x1288  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
15:14:57.0250 0x1288  pciide - ok
15:14:57.0270 0x1288  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\DRIVERS\pcmcia.sys
15:14:57.0290 0x1288  pcmcia - ok
15:14:57.0300 0x1288  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
15:14:57.0310 0x1288  pcw - ok
15:14:57.0340 0x1288  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\windows\system32\drivers\peauth.sys
15:14:57.0370 0x1288  PEAUTH - ok
15:14:57.0430 0x1288  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
15:14:57.0460 0x1288  PerfHost - ok
15:14:57.0540 0x1288  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\windows\system32\pla.dll
15:14:57.0600 0x1288  pla - ok
15:14:57.0640 0x1288  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
15:14:57.0690 0x1288  PlugPlay - ok
15:14:57.0710 0x1288  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
15:14:57.0740 0x1288  PNRPAutoReg - ok
15:14:57.0770 0x1288  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
15:14:57.0780 0x1288  PNRPsvc - ok
15:14:57.0820 0x1288  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
15:14:57.0880 0x1288  PolicyAgent - ok
15:14:57.0910 0x1288  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
15:14:57.0960 0x1288  Power - ok
15:14:58.0000 0x1288  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
15:14:58.0050 0x1288  PptpMiniport - ok
15:14:58.0070 0x1288  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\DRIVERS\processr.sys
15:14:58.0100 0x1288  Processor - ok
15:14:58.0140 0x1288  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
15:14:58.0160 0x1288  ProfSvc - ok
15:14:58.0180 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] ProtectedStorage C:\windows\system32\lsass.exe
15:14:58.0190 0x1288  ProtectedStorage - ok
15:14:58.0220 0x1288  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
15:14:58.0250 0x1288  Psched - ok
15:14:58.0300 0x1288  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\DRIVERS\ql2300.sys
15:14:58.0360 0x1288  ql2300 - ok
15:14:58.0390 0x1288  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\DRIVERS\ql40xx.sys
15:14:58.0410 0x1288  ql40xx - ok
15:14:58.0430 0x1288  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
15:14:58.0450 0x1288  QWAVE - ok
15:14:58.0470 0x1288  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
15:14:58.0500 0x1288  QWAVEdrv - ok
15:14:58.0520 0x1288  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
15:14:58.0550 0x1288  RasAcd - ok
15:14:58.0580 0x1288  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
15:14:58.0600 0x1288  RasAgileVpn - ok
15:14:58.0620 0x1288  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
15:14:58.0670 0x1288  RasAuto - ok
15:14:58.0700 0x1288  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
15:14:58.0730 0x1288  Rasl2tp - ok
15:14:58.0750 0x1288  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
15:14:58.0800 0x1288  RasMan - ok
15:14:58.0840 0x1288  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
15:14:58.0870 0x1288  RasPppoe - ok
15:14:58.0880 0x1288  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
15:14:58.0920 0x1288  RasSstp - ok
15:14:58.0960 0x1288  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
15:14:59.0010 0x1288  rdbss - ok
15:14:59.0040 0x1288  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\DRIVERS\rdpbus.sys
15:14:59.0070 0x1288  rdpbus - ok
15:14:59.0100 0x1288  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
15:14:59.0150 0x1288  RDPCDD - ok
15:14:59.0150 0x1288  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
15:14:59.0190 0x1288  RDPENCDD - ok
15:14:59.0200 0x1288  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
15:14:59.0233 0x1288  RDPREFMP - ok
15:14:59.0353 0x1288  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
15:14:59.0423 0x1288  RdpVideoMiniport - ok
15:14:59.0443 0x1288  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
15:14:59.0483 0x1288  RDPWD - ok
15:14:59.0523 0x1288  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
15:14:59.0533 0x1288  rdyboost - ok
15:14:59.0563 0x1288  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
15:14:59.0613 0x1288  RemoteAccess - ok
15:14:59.0623 0x1288  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\windows\system32\regsvc.dll
15:14:59.0673 0x1288  RemoteRegistry - ok
15:14:59.0693 0x1288  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
15:14:59.0743 0x1288  RpcEptMapper - ok
15:14:59.0763 0x1288  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
15:14:59.0773 0x1288  RpcLocator - ok
15:14:59.0823 0x1288  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs           C:\windows\system32\rpcss.dll
15:14:59.0843 0x1288  RpcSs - ok
15:14:59.0883 0x1288  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
15:14:59.0943 0x1288  rspndr - ok
15:14:59.0963 0x1288  [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64      C:\windows\system32\DRIVERS\Rtnic64.sys
15:14:59.0973 0x1288  RTL8023x64 - ok
15:15:00.0003 0x1288  [ ABCB5A38A0D85BDF69B7877E1AD1EED5, 44DF1A92E8FA53677A04C46088B0AD49F1F6A090820BE550A514C4FBFD91444D ] RTL8167         C:\windows\system32\DRIVERS\Rt64win7.sys
15:15:00.0043 0x1288  RTL8167 - ok
15:15:00.0073 0x1288  [ EA268BCE30691C2DD24F02E617FD2EB5, DD95E7C1C60C773953CE9DB77D8441508CE4A21820AAEDE455A3A6C373278DA4 ] s0016bus        C:\windows\system32\DRIVERS\s0016bus.sys
15:15:00.0083 0x1288  s0016bus - ok
15:15:00.0103 0x1288  [ F5F9DEB89996D333EF976624D37E24E3, 88DE296EFA6CA2F32318F1807D633C8949D237FB33BA320551B71089CF5EB73B ] s0016mdfl       C:\windows\system32\DRIVERS\s0016mdfl.sys
15:15:00.0103 0x1288  s0016mdfl - ok
15:15:00.0133 0x1288  [ C17CE2AEE67480FEBCC36ECCB54C0BE8, E13F83608B29988CCDB5A462AA3E56D26222427066651EEDF48223664D3FAFEA ] s0016mdm        C:\windows\system32\DRIVERS\s0016mdm.sys
15:15:00.0143 0x1288  s0016mdm - ok
15:15:00.0163 0x1288  [ CC267F04C54C5EC5B7BD658D7628469F, 66F2283C8CE15BEED0B933EA82158C91FC77B1BF9FEF057D0E291922D07A8E53 ] s0016mgmt       C:\windows\system32\DRIVERS\s0016mgmt.sys
15:15:00.0173 0x1288  s0016mgmt - ok
15:15:00.0183 0x1288  [ 30A35BBCE09D9FE67482FD62C61911FC, 8E8B0910F2A4C7DCFF0F8A83AAA8F9B38D53CEB7B7E7DC5B64350A09CBE6F557 ] s0016nd5        C:\windows\system32\DRIVERS\s0016nd5.sys
15:15:00.0193 0x1288  s0016nd5 - ok
15:15:00.0213 0x1288  [ CA394DCC38579C7AD82E83EE64D798A0, A56DB0C67EF6CF1A95BB8E7FBFFBC7926D3E3A0511DD4389D2002312E72703A9 ] s0016obex       C:\windows\system32\DRIVERS\s0016obex.sys
15:15:00.0223 0x1288  s0016obex - ok
15:15:00.0243 0x1288  [ EB267CCEA84E6E8598D92F73332AC67B, 3C7F0FDD825D2C50B13E78FB742B09A5E636820C6F47778F1C5E6900B3C9B905 ] s0016unic       C:\windows\system32\DRIVERS\s0016unic.sys
15:15:00.0253 0x1288  s0016unic - ok
15:15:00.0273 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] SamSs           C:\windows\system32\lsass.exe
15:15:00.0283 0x1288  SamSs - ok
15:15:00.0303 0x1288  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
15:15:00.0313 0x1288  sbp2port - ok
15:15:00.0343 0x1288  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
15:15:00.0373 0x1288  SCardSvr - ok
15:15:00.0393 0x1288  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
15:15:00.0433 0x1288  scfilter - ok
15:15:00.0493 0x1288  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\windows\system32\schedsvc.dll
15:15:00.0573 0x1288  Schedule - ok
15:15:00.0593 0x1288  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
15:15:00.0623 0x1288  SCPolicySvc - ok
15:15:00.0643 0x1288  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
15:15:00.0663 0x1288  SDRSVC - ok
15:15:00.0683 0x1288  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
15:15:00.0703 0x1288  secdrv - ok
15:15:00.0743 0x1288  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\windows\system32\seclogon.dll
15:15:00.0783 0x1288  seclogon - ok
15:15:00.0803 0x1288  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
15:15:00.0853 0x1288  SENS - ok
15:15:00.0873 0x1288  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
15:15:00.0903 0x1288  SensrSvc - ok
15:15:00.0923 0x1288  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\DRIVERS\serenum.sys
15:15:00.0963 0x1288  Serenum - ok
15:15:00.0993 0x1288  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\DRIVERS\serial.sys
15:15:01.0003 0x1288  Serial - ok
15:15:01.0023 0x1288  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\DRIVERS\sermouse.sys
15:15:01.0053 0x1288  sermouse - ok
15:15:01.0093 0x1288  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
15:15:01.0143 0x1288  SessionEnv - ok
15:15:01.0173 0x1288  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
15:15:01.0213 0x1288  sffdisk - ok
15:15:01.0223 0x1288  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
15:15:01.0233 0x1288  sffp_mmc - ok
15:15:01.0243 0x1288  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
15:15:01.0263 0x1288  sffp_sd - ok
15:15:01.0283 0x1288  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\DRIVERS\sfloppy.sys
15:15:01.0293 0x1288  sfloppy - ok
15:15:01.0323 0x1288  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
15:15:01.0363 0x1288  SharedAccess - ok
15:15:01.0393 0x1288  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
15:15:01.0433 0x1288  ShellHWDetection - ok
15:15:01.0443 0x1288  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\DRIVERS\SiSRaid2.sys
15:15:01.0453 0x1288  SiSRaid2 - ok
15:15:01.0473 0x1288  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\DRIVERS\sisraid4.sys
15:15:01.0483 0x1288  SiSRaid4 - ok
15:15:01.0503 0x1288  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
15:15:01.0553 0x1288  Smb - ok
15:15:01.0593 0x1288  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
15:15:01.0623 0x1288  SNMPTRAP - ok
15:15:01.0643 0x1288  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
15:15:01.0653 0x1288  spldr - ok
15:15:01.0693 0x1288  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
15:15:01.0743 0x1288  Spooler - ok
15:15:01.0863 0x1288  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
15:15:02.0003 0x1288  sppsvc - ok
15:15:02.0043 0x1288  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
15:15:02.0093 0x1288  sppuinotify - ok
15:15:02.0143 0x1288  [ 9FDD80B815A7F29554FF6E0D77A7F60D, 768F1173063FDEDCFD98FF3D4E8D9A21E9F9C1E768C3C88D6649DF801F0D9044 ] srv             C:\windows\system32\DRIVERS\srv.sys
15:15:02.0173 0x1288  srv - ok
15:15:02.0213 0x1288  [ D62B353400F2C1FD0A5E93F8BDA83715, D7CD9E9FC235C599F408862B65ED6025EDA335071C6B4F315431D6E82071B253 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
15:15:02.0253 0x1288  srv2 - ok
15:15:02.0283 0x1288  [ CAEAA7FF473E33DB8E5B72AB145907D3, 8BF6F274F975A600E6E63637C3F9E425EEE64198F4780C9818CA7856AD683CA2 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
15:15:02.0313 0x1288  srvnet - ok
15:15:02.0343 0x1288  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
15:15:02.0373 0x1288  SSDPSRV - ok
15:15:02.0403 0x1288  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
15:15:02.0453 0x1288  SstpSvc - ok
15:15:02.0483 0x1288  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\DRIVERS\stexstor.sys
15:15:02.0493 0x1288  stexstor - ok
15:15:02.0533 0x1288  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\windows\system32\DRIVERS\serscan.sys
15:15:02.0543 0x1288  StillCam - ok
15:15:02.0583 0x1288  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
15:15:02.0623 0x1288  stisvc - ok
15:15:02.0653 0x1288  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\drivers\swenum.sys
15:15:02.0663 0x1288  swenum - ok
15:15:02.0703 0x1288  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
15:15:02.0743 0x1288  swprv - ok
15:15:02.0823 0x1288  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\windows\system32\sysmain.dll
15:15:02.0903 0x1288  SysMain - ok
15:15:02.0933 0x1288  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
15:15:02.0943 0x1288  TabletInputService - ok
15:15:02.0973 0x1288  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
15:15:03.0013 0x1288  TapiSrv - ok
15:15:03.0113 0x1288  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
15:15:03.0163 0x1288  Tcpip - ok
15:15:03.0223 0x1288  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
15:15:03.0273 0x1288  TCPIP6 - ok
15:15:03.0313 0x1288  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
15:15:03.0373 0x1288  tcpipreg - ok
15:15:03.0405 0x1288  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
15:15:03.0445 0x1288  TDPIPE - ok
15:15:03.0465 0x1288  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
15:15:03.0485 0x1288  TDTCP - ok
15:15:03.0515 0x1288  [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
15:15:03.0575 0x1288  tdx - ok
15:15:03.0835 0x1288  [ 708C203DF8EA1E4A09E05029803D9771, AF506F801D2BA6093CBE1B1685023BC2F3F66844BDEB3B6017096D040F778DCC ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:15:04.0005 0x1288  TeamViewer - ok
15:15:04.0045 0x1288  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\drivers\termdd.sys
15:15:04.0055 0x1288  TermDD - ok
15:15:04.0095 0x1288  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
15:15:04.0135 0x1288  TermService - ok
15:15:04.0165 0x1288  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
15:15:04.0195 0x1288  Themes - ok
15:15:04.0225 0x1288  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
15:15:04.0255 0x1288  THREADORDER - ok
15:15:04.0285 0x1288  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
15:15:04.0335 0x1288  TrkWks - ok
15:15:04.0395 0x1288  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
15:15:04.0445 0x1288  TrustedInstaller - ok
15:15:04.0485 0x1288  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
15:15:04.0505 0x1288  tssecsrv - ok
15:15:04.0545 0x1288  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
15:15:04.0565 0x1288  TsUsbFlt - ok
15:15:04.0605 0x1288  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
15:15:04.0635 0x1288  tunnel - ok
15:15:04.0655 0x1288  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\DRIVERS\uagp35.sys
15:15:04.0665 0x1288  uagp35 - ok
15:15:04.0685 0x1288  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
15:15:04.0725 0x1288  udfs - ok
15:15:04.0745 0x1288  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
15:15:04.0755 0x1288  UI0Detect - ok
15:15:04.0765 0x1288  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
15:15:04.0775 0x1288  uliagpkx - ok
15:15:04.0805 0x1288  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\drivers\umbus.sys
15:15:04.0835 0x1288  umbus - ok
15:15:04.0855 0x1288  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\DRIVERS\umpass.sys
15:15:04.0885 0x1288  UmPass - ok
15:15:04.0945 0x1288  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
15:15:04.0995 0x1288  upnphost - ok
15:15:05.0052 0x1288  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
15:15:05.0087 0x1288  usbaudio - ok
15:15:05.0107 0x1288  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
15:15:05.0157 0x1288  usbccgp - ok
15:15:05.0177 0x1288  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
15:15:05.0217 0x1288  usbcir - ok
15:15:05.0247 0x1288  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\windows\system32\drivers\usbehci.sys
15:15:05.0287 0x1288  usbehci - ok
15:15:05.0317 0x1288  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\windows\system32\drivers\usbhub.sys
15:15:05.0337 0x1288  usbhub - ok
15:15:05.0357 0x1288  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\windows\system32\drivers\usbohci.sys
15:15:05.0387 0x1288  usbohci - ok
15:15:05.0417 0x1288  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\DRIVERS\usbprint.sys
15:15:05.0447 0x1288  usbprint - ok
15:15:05.0487 0x1288  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\windows\system32\DRIVERS\usbscan.sys
15:15:05.0507 0x1288  usbscan - ok
15:15:05.0537 0x1288  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
15:15:05.0577 0x1288  USBSTOR - ok
15:15:05.0597 0x1288  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
15:15:05.0617 0x1288  usbuhci - ok
15:15:05.0647 0x1288  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
15:15:05.0657 0x1288  usbvideo - ok
15:15:05.0687 0x1288  [ 88CE07826F25B851E824ED2E57106323, 40F367539B50C4FEA783FE887FFE73D20F27DF66735F3D7AE195F0D0013BF243 ] USTOR2K         C:\windows\system32\DRIVERS\ustor2k.sys
15:15:05.0707 0x1288  USTOR2K - ok
15:15:05.0727 0x1288  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
15:15:05.0777 0x1288  UxSms - ok
15:15:05.0797 0x1288  [ 00A54A6CEDF599AABB72C20E0815BC37, 09835A43E1A17396BDC88BB38EF66EA8854913040347D9893EBF8550D0AA1452 ] VaultSvc        C:\windows\system32\lsass.exe
15:15:05.0807 0x1288  VaultSvc - ok
15:15:05.0837 0x1288  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
15:15:05.0847 0x1288  vdrvroot - ok
15:15:05.0897 0x1288  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
15:15:05.0957 0x1288  vds - ok
15:15:05.0997 0x1288  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
15:15:06.0027 0x1288  vga - ok
15:15:06.0047 0x1288  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
15:15:06.0087 0x1288  VgaSave - ok
15:15:06.0117 0x1288  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
15:15:06.0137 0x1288  vhdmp - ok
15:15:06.0157 0x1288  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
15:15:06.0167 0x1288  viaide - ok
15:15:06.0177 0x1288  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
15:15:06.0187 0x1288  volmgr - ok
15:15:06.0227 0x1288  [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
15:15:06.0247 0x1288  volmgrx - ok
15:15:06.0277 0x1288  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
15:15:06.0287 0x1288  volsnap - ok
15:15:06.0307 0x1288  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\DRIVERS\vsmraid.sys
15:15:06.0327 0x1288  vsmraid - ok
15:15:06.0377 0x1288  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
15:15:06.0487 0x1288  VSS - ok
15:15:06.0507 0x1288  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\System32\drivers\vwifibus.sys
15:15:06.0527 0x1288  vwifibus - ok
15:15:06.0547 0x1288  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
15:15:06.0587 0x1288  W32Time - ok
15:15:06.0607 0x1288  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\DRIVERS\wacompen.sys
15:15:06.0617 0x1288  WacomPen - ok
15:15:06.0657 0x1288  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
15:15:06.0697 0x1288  WANARP - ok
15:15:06.0717 0x1288  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
15:15:06.0747 0x1288  Wanarpv6 - ok
15:15:06.0817 0x1288  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
15:15:06.0867 0x1288  WatAdminSvc - ok
15:15:06.0927 0x1288  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
15:15:07.0027 0x1288  wbengine - ok
15:15:07.0057 0x1288  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
15:15:07.0077 0x1288  WbioSrvc - ok
15:15:07.0107 0x1288  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
15:15:07.0147 0x1288  wcncsvc - ok
15:15:07.0187 0x1288  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
15:15:07.0197 0x1288  WcsPlugInService - ok
15:15:07.0217 0x1288  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\DRIVERS\wd.sys
15:15:07.0227 0x1288  Wd - ok
15:15:07.0267 0x1288  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\windows\system32\DRIVERS\wdcsam64.sys
15:15:07.0287 0x1288  WDC_SAM - ok
15:15:07.0317 0x1288  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
15:15:07.0347 0x1288  Wdf01000 - ok
15:15:07.0367 0x1288  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\windows\system32\wdi.dll
15:15:07.0427 0x1288  WdiServiceHost - ok
15:15:07.0437 0x1288  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
15:15:07.0447 0x1288  WdiSystemHost - ok
15:15:07.0487 0x1288  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\windows\System32\webclnt.dll
15:15:07.0517 0x1288  WebClient - ok
15:15:07.0557 0x1288  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
15:15:07.0607 0x1288  Wecsvc - ok
15:15:07.0637 0x1288  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
15:15:07.0687 0x1288  wercplsupport - ok
15:15:07.0717 0x1288  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
15:15:07.0747 0x1288  WerSvc - ok
15:15:07.0777 0x1288  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
15:15:07.0797 0x1288  WfpLwf - ok
15:15:07.0827 0x1288  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\windows\system32\DRIVERS\wimfltr.sys
15:15:07.0837 0x1288  WimFltr - ok
15:15:07.0857 0x1288  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
15:15:07.0867 0x1288  WIMMount - ok
15:15:07.0887 0x1288  WinDefend - ok
15:15:07.0907 0x1288  WinHttpAutoProxySvc - ok
15:15:07.0957 0x1288  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
15:15:07.0997 0x1288  Winmgmt - ok
15:15:08.0067 0x1288  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\windows\system32\WsmSvc.dll
15:15:08.0147 0x1288  WinRM - ok
15:15:08.0187 0x1288  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\drivers\WinUsb.sys
15:15:08.0197 0x1288  WinUsb - ok
15:15:08.0237 0x1288  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
15:15:08.0297 0x1288  Wlansvc - ok
15:15:08.0447 0x1288  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:15:08.0527 0x1288  wlidsvc - ok
15:15:08.0547 0x1288  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
15:15:08.0577 0x1288  WmiAcpi - ok
15:15:08.0617 0x1288  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
15:15:08.0637 0x1288  wmiApSrv - ok
15:15:08.0657 0x1288  WMPNetworkSvc - ok
15:15:08.0677 0x1288  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
15:15:08.0727 0x1288  WPCSvc - ok
15:15:08.0747 0x1288  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
15:15:08.0767 0x1288  WPDBusEnum - ok
15:15:08.0787 0x1288  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
15:15:08.0837 0x1288  ws2ifsl - ok
15:15:08.0857 0x1288  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
15:15:08.0897 0x1288  wscsvc - ok
15:15:08.0897 0x1288  WSearch - ok
15:15:08.0927 0x1288  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\windows\system32\DRIVERS\wsvd.sys
15:15:08.0937 0x1288  wsvd - ok
15:15:09.0047 0x1288  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv        C:\windows\system32\wuaueng.dll
15:15:09.0177 0x1288  wuauserv - ok
15:15:09.0207 0x1288  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
15:15:09.0237 0x1288  WudfPf - ok
15:15:09.0257 0x1288  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
15:15:09.0287 0x1288  WUDFRd - ok
15:15:09.0327 0x1288  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
15:15:09.0347 0x1288  wudfsvc - ok
15:15:09.0377 0x1288  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
15:15:09.0407 0x1288  WwanSvc - ok
15:15:09.0457 0x1288  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\windows\system32\DRIVERS\yk62x64.sys
15:15:09.0477 0x1288  yukonw7 - ok
15:15:09.0497 0x1288  [verify-U]_System - ok
15:15:09.0497 0x1288  ================ Scan global ===============================
15:15:09.0537 0x1288  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\windows\system32\basesrv.dll
15:15:09.0567 0x1288  [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\windows\system32\winsrv.dll
15:15:09.0577 0x1288  [ 100788FE26FF7A1E530DD2A7ABE855F1, 64FDD30D7986AB41E0A545558AB8F93D5B1AEDF5ACE4F40B9C7B1FB3A59442AA ] C:\windows\system32\winsrv.dll
15:15:09.0607 0x1288  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
15:15:09.0637 0x1288  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\windows\system32\services.exe
15:15:09.0647 0x1288  [ Global ] - ok
15:15:09.0647 0x1288  ================ Scan MBR ==================================
15:15:09.0657 0x1288  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:15:09.0847 0x1288  \Device\Harddisk0\DR0 - ok
15:15:10.0167 0x1288  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:15:10.0327 0x1288  \Device\Harddisk1\DR1 - ok
15:15:10.0327 0x1288  ================ Scan VBR ==================================
15:15:10.0327 0x1288  [ EDFD3D66E6EDB4BDF62C7CC7E2042D6B ] \Device\Harddisk0\DR0\Partition1
15:15:10.0337 0x1288  \Device\Harddisk0\DR0\Partition1 - ok
15:15:10.0337 0x1288  [ 2A05C982F457F839D0E031FB41FC1867 ] \Device\Harddisk0\DR0\Partition2
15:15:10.0347 0x1288  \Device\Harddisk0\DR0\Partition2 - ok
15:15:10.0347 0x1288  [ E164AB8671C941BE3D308AA6E0E547D4 ] \Device\Harddisk1\DR1\Partition1
15:15:10.0347 0x1288  \Device\Harddisk1\DR1\Partition1 - ok
15:15:10.0347 0x1288  ================ Scan generic autorun ======================
15:15:10.0677 0x1288  [ BFC46E17C6C818C5E62D32D8B700144D, A4C63AC390AEFAB78434344EDF3873EFE6B718CA49F30ED0804F8DB8C94AA559 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:15:10.0949 0x1288  RtHDVCpl - ok
15:15:11.0039 0x1288  [ 44F8A66987EFE808CE588236AB7632E4, F04E8526564863EA8FE783780F2A3CC7448E44DEDCF0623397CE78A501850DC7 ] C:\windows\SysWOW64\UMonit.exe
15:15:11.0049 0x1288  UMonit - detected UnsignedFile.Multi.Generic ( 1 )
15:15:11.0299 0x1288  Detect skipped due to KSN trusted
15:15:11.0299 0x1288  UMonit - ok
15:15:11.0349 0x1288  [ 4EC4260D778FB923BA1AB697AFF6C0E3, 72372369153F675C26F938C5106BFD8704FC518348BC95961214B76DECB68689 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
15:15:11.0369 0x1288  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
15:15:11.0819 0x1288  Detect skipped due to KSN trusted
15:15:11.0819 0x1288  StartCCC - ok
15:15:11.0849 0x1288  [ 98E27A50D037BFCFE095AED77745692D, 4D42962079F94609CDB9CBB4F77016C3D9C70758B88CDF7C68C26939D53B3A27 ] C:\Program Files (x86)\jmesoft\hotkey.exe
15:15:11.0859 0x1288  jmekey - detected UnsignedFile.Multi.Generic ( 1 )
15:15:11.0959 0x1288  Detect skipped due to KSN trusted
15:15:11.0959 0x1288  jmekey - ok
15:15:12.0009 0x1288  [ 2819C34E9764437E9496E8B3B16C9547, 5BD387CA0621FEC5A44176207587EB4FC4046A5127E11541280E6ACA7374880B ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
15:15:12.0029 0x1288  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
15:15:12.0159 0x1288  Detect skipped due to KSN trusted
15:15:12.0159 0x1288  FreePDF Assistant - ok
15:15:12.0199 0x1288  [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
15:15:12.0219 0x1288  LifeCam - ok
15:15:12.0259 0x1288  [ 846965AE55A2662B1576C0F392DD1D6E, 0ADE383991FDC5A49DD15A27CB52CF75ABF518F0335E92003C0FF75DB417BBDC ] C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
15:15:12.0269 0x1288  SSBkgdUpdate - ok
15:15:12.0299 0x1288  [ 27249F2A900032F3C2DFAB8DE8F16399, 88F85055FC6A6C3872A9A3697F92E26EEB51655F5D53F49EE22768829839808A ] C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
15:15:12.0309 0x1288  PaperPort PTD - ok
15:15:12.0329 0x1288  [ BE72C212B14FC8F872A70C6C311D0529, 9C6A8060FD4505925894D8FD08EFCDE16BEEAAC70264519135B261C026333CAA ] C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe
15:15:12.0329 0x1288  IndexSearch - ok
15:15:12.0349 0x1288  [ A4A66195EB0ECD574A32AAA92DC0A7BD, 4E30D565917158316A541BB29D73BF5F3A01DAB1240363276DE0C5D59B2BFFFE ] C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe
15:15:12.0369 0x1288  PPort11reminder - ok
15:15:12.0419 0x1288  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
15:15:12.0429 0x1288  HP Software Update - ok
15:15:12.0489 0x1288  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:15:12.0569 0x1288  Sidebar - ok
15:15:12.0599 0x1288  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:15:12.0629 0x1288  mctadmin - ok
15:15:12.0679 0x1288  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:15:12.0709 0x1288  Sidebar - ok
15:15:12.0719 0x1288  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:15:12.0739 0x1288  mctadmin - ok
15:15:12.0829 0x1288  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Richard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:15:12.0849 0x1288  Dropbox Update - ok
15:15:12.0889 0x1288  [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Richard\AppData\Local\Microsoft\BingSvc\BingSvc.exe
15:15:12.0909 0x1288  BingSvc - ok
15:15:12.0919 0x1288  Skype - ok
15:15:12.0949 0x1288  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\windows\system32\cmd.exe
15:15:12.0999 0x1288  Uninstall C:\Users\Richard\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64 - ok
15:15:13.0009 0x1288  Waiting for KSN requests completion. In queue: 81
15:15:14.0009 0x1288  Waiting for KSN requests completion. In queue: 81
15:15:14.0199 0x1174  Object required for P2P: [ BFC46E17C6C818C5E62D32D8B700144D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:15:14.0529 0x1174  Object send P2P result: true
15:15:15.0023 0x1288  Win FW state via NFP2: enabled ( trusted )
15:15:15.0193 0x1288  ============================================================
15:15:15.0193 0x1288  Scan finished
15:15:15.0193 0x1288  ============================================================
15:15:15.0213 0x037c  Detected object count: 0
15:15:15.0213 0x037c  Actual detected object count: 0
15:15:22.0095 0x0bd4  Deinitialize success
         


Geändert von cosinus (17.05.2018 um 15:33 Uhr) Grund: code tags

Alt 17.05.2018, 15:34   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Da ist ja rein garnix

Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: Malwarebytes Version 3

Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



2. Schritt: ESET

Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
  • Starte die Installationsdatei.
  • Akzeptiere die Nutzungsbedingungen.
  • Wähle Erkennung evtl. unerwünschter Anwendungen aktivieren aus und klicke auf Scannen.
  • Zuerst werden die notwendigen Signaturen heruntergeladen, anschließend startet ESET automatisch den Suchlauf.
  • Am Ende des Suchlaufs werden gegebenenfalls die gefundenen Elemente aufgelistet.
  • Schließe den ESET Online Scanner rechts oben [ X ] und klicke anschließend auf Schließen.
  • Drücke bitte die Tastenkombination WIN+R zum Ausführen und kopiere folgenden Text in die Zeile und drücke im Anschluss auf OK:
    Code:
    ATTFilter
    notepad "%tmp%\log.txt"
             
  • Kopiere den gesamten Text mittels STRG+A und STRG+C hier in deine Antwort in CODE-Tags



3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
--> W7 DHCP & DNS Problem und langsam

Alt 25.05.2018, 14:14   #7
spiderx
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Hallo Cosinus,
die Logs waren auch sauber. Habe die Kiste neu aufgesetzt. Läuft. Hier noch die Logs, sorry den ESET habe ich vergessen mir zu kopieren.
Vielen Dank für die Unterstuetzung. gruss spiderx
Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64   
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Malwarebytes      
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 22.0.0.209  
 Mozilla Thunderbird (52.7.0) 
 Google Chrome (66.0.3359.181) 
 Google Chrome (SetupMetrics...) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
  Malwarebytes Anti-Malware mbamtray.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 17.05.18
Scan-Zeit: 15:51
Protokolldatei: 6e78c72a-59d9-11e8-90ec-1078d272dd0e.json
Administrator: Ja

-Softwaredaten-
Version: 3.5.1.2522
Komponentenversion: 1.0.365
Version des Aktualisierungspakets: 1.0.5144
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Richard-PC\Richard

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Scan gestartet von: Manuell
Ergebnis: Abgeschlossen
Gescannte Objekte: 327420
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 13 Min., 32 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)

WMI: 0
(keine bösartigen Elemente erkannt)


(end)
         

Alt 25.05.2018, 16:07   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Zitat:
die Logs waren auch sauber. Habe die Kiste neu aufgesetzt.
Alle Logs waren sauber, alles neu installiert hast du trotzdem.Versteh ich nicht.
Was mit deinem ursprünglichen Problem ist nach der Neuinstallation verrätst du auch nicht
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.06.2018, 08:41   #9
spiderx
 
W7 DHCP & DNS Problem und langsam - Standard

W7 DHCP & DNS Problem und langsam



Zitat:
Zitat von cosinus Beitrag anzeigen
Alle Logs waren sauber, alles neu installiert hast du trotzdem.Versteh ich nicht.
Was mit deinem ursprünglichen Problem ist nach der Neuinstallation verrätst du auch nicht
Hallo Cosinus,
zur Vervollständigung:
Die Neuinstallation wurde gemacht, da es nach wie vor ein Problem beim Zugriff auf IP4v Hosts gab. Nach der Installation war das Problem weg - zunächst. Nach ein paar Tagen war es wieder da.

Zwischenzeitlich ist das Problem gelöst:
Die Internetanbindung läuft über Unitymedia via IP6v mittel Unity Connect Box. Unity hat immer wieder Probleme beim Übergang von IP6 zu ip4 das konnte mir der Support bestätigen.
Workaournd zur Lösung: DHCP vom Router abschalten und dann wieder einschalten. Wenn das nicht zum Erfolg führt. Reset ConnectBox auf Werkseinstellung, und wiederum DHCP off und on.

Somit closed. gruss spiderx

Antwort

Themen zu W7 DHCP & DNS Problem und langsam
antivirus, avira, error, failed, fehler, firefox, flash player, google, helper, home, homepage, installation, internet explorer, langsam, mozilla, problem, proxy, realtek, server, software, svchost.exe, system, usb, windows, windows xp



Ähnliche Themen: W7 DHCP & DNS Problem und langsam


  1. DHCP Dienst lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 24.02.2014 (23)
  2. DHCP Dienst startet nach Win Update nicht mehr
    Alles rund um Windows - 13.02.2014 (7)
  3. Windows Vista KEINE LAN Verbindung mit INTERNET möglich, statisch / dhcp
    Alles rund um Windows - 01.02.2014 (10)
  4. Internet läuft langsam .. DNS Problem ? Manchmal friert alles ein Neustart behebt Problem
    Log-Analyse und Auswertung - 25.04.2012 (1)
  5. DHCP Client und Afd Dienst starten nicht nach Trojaner
    Plagegeister aller Art und deren Bekämpfung - 29.02.2012 (7)
  6. Sicherheits-Update für ISC-DHCP-Server
    Nachrichten - 12.08.2011 (0)
  7. Problem u.a. mit Zuweisen neuer IP/Standardgateway/DHCP-Server
    Netzwerk und Hardware - 27.11.2010 (38)
  8. DHCP keine IP-Adresse wird zugeteilt
    Netzwerk und Hardware - 27.01.2010 (29)
  9. Dhcp fehler, grund für freeze?
    Netzwerk und Hardware - 29.12.2009 (1)
  10. IP trotz DHCP von Windows?
    Netzwerk und Hardware - 23.10.2008 (9)
  11. Fehler 1068: Der DHCP Dienst kann nicht gestartet werden
    Alles rund um Windows - 23.01.2008 (13)
  12. Problem mit DHCP Client, IP Zuweisung
    Netzwerk und Hardware - 13.11.2007 (6)
  13. DHCP-Client startet nicht Fehlercode:1068
    Alles rund um Windows - 05.10.2006 (2)
  14. DHCP ausschalten?
    Alles rund um Windows - 01.04.2006 (2)
  15. DHCP Dienst
    Antiviren-, Firewall- und andere Schutzprogramme - 20.02.2005 (3)
  16. Firewall auf dem PC / DHCP-Server
    Netzwerk und Hardware - 18.03.2004 (17)
  17. Netbios Namen per DHCP?
    Alles rund um Mac OSX & Linux - 07.11.2002 (3)

Zum Thema W7 DHCP & DNS Problem und langsam - Hallo Zusammen, ich hatte folgende Ausgangslage: Eingeschränkte Internet Verbindung. D.h. Mailempfang war möglich aber das Aufrufen eines Links aus einer Mail führt immer zu einem "Page not Found Fehler" im - W7 DHCP & DNS Problem und langsam...
Archiv
Du betrachtest: W7 DHCP & DNS Problem und langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.