| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Laptop läuft seit Kurzem deutlich langsamerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.06.2015, 17:18
| #1 |
 |  Laptop läuft seit Kurzem deutlich langsamer Hallo zusammen, mein Laptop läuft seit ein paar Wochen deutlich langsamer als gewöhnt. Eine Vermutung ist, dass die Ursache beim Download und Installation des BlueStacks App Player liegt, weil ich etwa seitdem die Veränderung beobachte. Muss aber natürlich nicht. Insbesondere, wenn mehrere Programme gleichzeitig laufen, gibt es große Probleme. Ich habe in Eigenregie eine AVG-Scan gemacht und auch schon Malwarebytes und den AdwCleaner laufen lassen, dann die Funde entfernt, was wahrscheinlich ziemlich dämlich war!? Nun ja, was kann ich nun tun? Ich bin total dankbar für euren Rat! |
|
18.06.2015, 18:26
| #2 |
| /// the machine /// TB-Ausbilder    | Laptop läuft seit Kurzem deutlich langsamer hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
18.06.2015, 18:36
| #3 |
| | Laptop läuft seit Kurzem deutlich langsamer Toll, danke für die schnelle Antwort.
__________________Hier die FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by Nutzer (administrator) on ROSWITHA-PC on 18-06-2015 19:29:55
Running from C:\Users\Nutzer\Desktop
Loaded Profiles: Nutzer (Available Profiles: Nutzer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\DCService.exe
( ) C:\Windows\System32\lxbkcoms.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Akamai Technologies, Inc.) C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Akamai Technologies, Inc.) C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
() C:\Program Files (x86)\FreeDoko\FreeDoko.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Meridian'93) C:\Program Files (x86)\Carcassonne CE\Carcassonne.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9644576 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [2703752 2010-03-25] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-30] (Akamai Technologies, Inc.)
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7416088 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {6bb2361c-5aaf-11e2-9025-002454e344c5} - F:\AutoRun.exe
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {6bb23629-5aaf-11e2-9025-002454e344c5} - F:\AutoRun.exe
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {6bb23634-5aaf-11e2-9025-002454e344c5} - F:\AutoRun.exe
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {84dca380-8a55-11e3-b178-002454e344c5} - F:\AutoRun.exe
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {84dca38e-8a55-11e3-b178-002454e344c5} - F:\AutoRun.exe
HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\MountPoints2: {84dca63a-8a55-11e3-b178-002454e344c5} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-868785299-726797094-2297327714-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={7B12DEB8-7E54-4C8B-B590-BCB44B65269B}&mid=6bd65bbfc15b47d0a506d16d1207ad36-cb9821c46167f8360e13f207154d234b23563c7d&lang=de&ds=AVG&coid=avgtbavg&cmpid=0415av&pr=fr&d=2015-05-05 16:29:52&v=4.1.0.411&pid=wtu&sg=&sap=hp
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-868785299-726797094-2297327714-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-868785299-726797094-2297327714-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-27] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-27] (Oracle Corporation)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default
FF Homepage: www.google.de
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-08] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-868785299-726797094-2297327714-1001: @www.flatcast.com/FlatViewer 5.2 -> C:\PROGRA~2\MOZILL~1\plugins\NpFv522.dll [2009-09-21] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NpFv522.dll [2009-09-21] (1 mal 1 Software GmbH)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\searchplugins\duckduckgo.xml [2013-06-24]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\2020Player_IKEA@2020Technologies.com [2013-11-08]
FF Extension: ProxTube - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\ich@maltegoetz.de.xpi [2014-09-12]
FF Extension: DuckDuckGo Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2013-06-24]
FF Extension: UnPlug - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\unplug@compunach.xpi [2013-04-02]
FF Extension: NoScript - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-13]
FF Extension: ReloadEvery - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-07-19]
FF Extension: Downloads Window - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2014-01-16]
FF Extension: Video DownloadHelper - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-03-15]
FF Extension: Adblock Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-13]
FF Extension: Tab Mix Plus - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2013-03-20]
FF Extension: Always on Top - C:\Users\Nutzer\AppData\Roaming\Mozilla\Firefox\Profiles\roq1xq2y.default\Extensions\{E6C93316-271E-4b3d-8D7E-FE11B4350AEB}.xpi [2014-05-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-05-08] () [File not signed]
R2 lxbk_device; C:\Windows\system32\lxbkcoms.exe [565928 2008-02-19] ( )
R2 lxbk_device; C:\Windows\SysWOW64\lxbkcoms.exe [537256 2008-02-19] ( )
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [620056 2015-05-05] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [45856 2013-05-21] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-16] (DT Soft Ltd)
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [250368 2010-04-07] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2010-10-25] (Windows (R) 2003 DDK 3790 provider)
S4 sfdrv01; C:\Windows\System32\drivers\sfdrv01.sys [68608 2005-08-10] (Protection Technology) [File not signed]
S4 sfhlp02; C:\Windows\System32\drivers\sfhlp02.sys [7168 2005-05-16] (Protection Technology) [File not signed]
S4 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [89600 2005-11-03] (Protection Technology) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [File not signed]
S3 WsAudioDevice_383S(1); C:\Windows\System32\drivers\WsAudioDevice_383S(1).sys [29288 2013-01-08] (Wondershare)
R3 yukonw7; C:\Windows\System32\DRIVERS\yk62x64.sys [395264 2009-09-28] ()
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 19:30 - 2015-06-18 19:30 - 00000000 _____ C:\Users\Nutzer\Desktop\TAT400.part2.rar
2015-06-18 19:29 - 2015-06-18 19:30 - 00018589 _____ C:\Users\Nutzer\Desktop\FRST.txt
2015-06-18 19:29 - 2015-06-18 19:30 - 00000000 ____D C:\FRST
2015-06-18 19:29 - 2015-06-18 19:29 - 02109952 _____ (Farbar) C:\Users\Nutzer\Desktop\FRST64.exe
2015-06-18 19:23 - 2015-06-18 19:30 - 07108701 _____ C:\Users\Nutzer\Desktop\TAT400.part2.rar.part
2015-06-18 19:08 - 2015-06-18 19:18 - 106857600 _____ C:\Users\Nutzer\Desktop\TAT400.part3.rar
2015-06-18 19:07 - 2015-06-18 19:26 - 57909248 _____ C:\Users\Nutzer\Desktop\TAT400.part1.rar.part
2015-06-18 18:34 - 2015-06-18 18:34 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Apple
2015-06-12 06:56 - 2015-06-12 07:01 - 00000000 ____D C:\Users\Nutzer\Desktop\Sets
2015-06-10 19:39 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 19:39 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 19:39 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 19:39 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 19:39 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 19:39 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 19:39 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 19:39 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 19:39 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 19:39 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 19:39 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 19:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 19:39 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 19:39 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 19:39 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 19:39 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 19:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 19:39 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 19:39 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 19:38 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 19:38 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 19:38 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 19:38 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 19:38 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 19:38 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 19:38 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 19:38 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 19:38 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 19:38 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 19:38 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 19:38 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 19:38 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 19:38 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 19:38 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 19:38 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 19:38 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 19:38 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 19:38 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 19:38 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 19:38 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 19:38 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 19:38 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 19:38 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 19:38 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 19:38 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 19:38 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 19:38 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 19:38 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 19:38 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 19:37 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 19:37 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 19:37 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 19:37 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 19:37 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 19:37 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 19:37 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 19:37 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 19:37 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 19:37 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 19:37 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 19:37 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 19:37 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 19:37 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 19:37 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 19:37 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 19:37 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 19:37 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 19:37 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 19:37 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 19:37 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 19:37 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 19:37 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 19:37 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 19:37 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 19:37 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 19:37 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 19:37 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 19:37 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 19:37 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 19:37 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 19:37 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 19:37 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 19:37 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 19:37 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 19:37 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 19:37 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 19:37 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 19:37 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 19:37 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 19:37 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 19:37 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 19:37 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 19:37 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 19:37 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 19:37 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 19:37 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 19:37 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 19:37 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 19:37 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 19:37 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 19:37 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 19:37 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 19:37 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 19:37 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 19:37 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 19:37 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 19:37 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 19:37 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 19:37 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-09 13:34 - 2015-06-09 13:34 - 00000000 ____D C:\Users\Nutzer\AppData\Local\GWX
2015-06-08 22:17 - 2015-06-08 22:17 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-08 22:17 - 2015-06-08 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-06-08 22:17 - 2015-06-08 22:17 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-06-08 22:17 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-08 22:17 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 22:17 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-06 16:46 - 2015-06-06 16:46 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Macromedia
2015-06-03 19:31 - 2015-06-09 13:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-05-26 17:24 - 2015-05-26 17:24 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Avg
2015-05-26 07:42 - 2015-06-11 22:38 - 00032598 _____ C:\Windows\PFRO.log
2015-05-24 20:28 - 2015-05-25 21:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-18 19:26 - 2010-06-14 12:47 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-18 19:20 - 2015-02-12 16:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-18 19:18 - 2013-03-28 15:12 - 00000000 ____D C:\Users\Nutzer\Desktop\tatort und co
2015-06-18 19:04 - 2010-06-14 12:51 - 01560538 _____ C:\Windows\WindowsUpdate.log
2015-06-18 18:33 - 2013-04-09 08:41 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-18 18:03 - 2012-07-15 02:00 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\FreeDoko
2015-06-18 16:58 - 2012-07-11 12:25 - 00000000 ____D C:\Program Files (x86)\Carcassonne CE
2015-06-18 11:03 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-18 11:03 - 2009-07-14 06:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-18 09:54 - 2012-07-16 15:22 - 00000000 ____D C:\ProgramData\MFAData
2015-06-18 09:50 - 2013-04-09 08:41 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-18 09:49 - 2015-05-18 18:42 - 00002464 _____ C:\Windows\setupact.log
2015-06-18 09:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 21:12 - 2013-08-26 08:28 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\vlc
2015-06-14 02:32 - 2013-05-02 18:35 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Audacity
2015-06-13 22:27 - 2015-03-14 14:08 - 00000000 ____D C:\Windows\rescache
2015-06-12 07:01 - 2013-08-21 15:54 - 00000000 ____D C:\AdwCleaner
2015-06-12 07:01 - 2012-07-11 07:43 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Adobe
2015-06-12 06:59 - 2013-08-08 18:44 - 00000000 ____D C:\Users\Nutzer\Desktop\Bistum
2015-06-12 06:59 - 2013-04-26 10:16 - 00000000 ____D C:\Users\Nutzer\Desktop\Fotos
2015-06-12 06:48 - 2014-11-12 17:32 - 00000000 ____D C:\Users\Nutzer\Desktop\für FDA
2015-06-11 22:47 - 2010-06-15 05:23 - 00699682 _____ C:\Windows\system32\perfh007.dat
2015-06-11 22:47 - 2010-06-15 05:23 - 00149790 _____ C:\Windows\system32\perfc007.dat
2015-06-11 22:47 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-11 22:41 - 2009-07-14 06:45 - 00302216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-11 22:38 - 2014-12-11 10:06 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 22:38 - 2014-05-07 07:43 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-11 22:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 06:56 - 2013-07-21 12:51 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 06:46 - 2012-07-14 00:34 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-09 17:34 - 2015-05-05 16:30 - 00000000 ____D C:\Users\Nutzer\AppData\Local\AVG Web TuneUp
2015-06-09 13:34 - 2013-03-28 00:42 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Akamai
2015-06-09 13:31 - 2012-07-13 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-09 13:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2015-06-08 22:17 - 2013-06-11 10:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 20:56 - 2012-08-15 11:30 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\pokerth
2015-06-06 17:03 - 2012-07-13 00:19 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Mozilla
2015-06-06 14:21 - 2015-02-12 16:57 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Apple Computer
2015-06-06 14:21 - 2013-11-04 16:17 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\FreeVideoConverter
2015-06-06 14:21 - 2013-09-23 20:25 - 00000000 ____D C:\Users\Nutzer\triplea
2015-06-06 14:21 - 2013-06-11 15:09 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Dropbox
2015-06-06 14:21 - 2013-04-17 14:08 - 00000000 ____D C:\Users\Nutzer\Documents\Steuer-Sparbuch
2015-06-06 14:21 - 2013-04-12 14:05 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Apowersoft
2015-06-06 14:21 - 2013-03-17 19:51 - 00000000 ____D C:\Users\Nutzer\Rapid Evolution 3
2015-06-06 14:21 - 2013-03-15 16:00 - 00000000 ____D C:\Users\Nutzer\Documents\VirtualDJ
2015-06-06 14:21 - 2013-02-23 09:02 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\KastorStreamRecorder
2015-06-06 14:21 - 2013-01-09 19:00 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\dvdcss
2015-06-06 14:21 - 2012-12-11 21:15 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\TuneUp Software
2015-06-06 14:21 - 2012-10-16 22:17 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Skype
2015-06-06 14:21 - 2012-09-30 13:42 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\Orbit
2015-06-06 14:21 - 2012-08-28 07:35 - 00000000 ____D C:\Users\Nutzer\Documents\TmForever
2015-06-06 14:21 - 2012-07-16 19:38 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\DVDVideoSoft
2015-06-06 14:21 - 2012-07-16 19:29 - 00000000 ____D C:\Users\Nutzer\AppData\Roaming\DAEMON Tools Lite
2015-06-06 14:21 - 2012-06-14 00:27 - 00000000 ____D C:\Users\Nutzer
2015-06-06 14:21 - 2010-06-15 05:08 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-06-06 14:20 - 2014-11-03 10:12 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Avg2015
2015-06-06 14:20 - 2013-04-17 14:00 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2015-06-06 14:20 - 2013-03-28 15:11 - 00000000 ____D C:\Users\Nutzer\.gimp-2.8
2015-06-06 14:20 - 2013-03-28 00:35 - 00000000 ____D C:\Program Files (x86)\JDownloader
2015-06-06 14:20 - 2012-11-29 00:12 - 00000000 ____D C:\MP4ToMP3Converter
2015-06-06 14:20 - 2012-08-25 17:08 - 00000000 ____D C:\Lxk1100
2015-06-06 14:20 - 2012-07-16 14:19 - 00000000 ____D C:\Users\Nutzer\AppData\Local\Adobe
2015-06-06 14:20 - 2012-07-12 00:14 - 00000000 ____D C:\Program Files (x86)\gnubackgammon
2015-06-06 14:20 - 2012-07-11 12:45 - 00000000 ____D C:\Users\Nutzer\.gnubg
2015-06-06 14:20 - 2011-11-16 14:17 - 00000000 ____D C:\ProgramData\Adobe
2015-05-31 14:57 - 2012-08-25 17:40 - 00000387 _____ C:\Windows\Lexstat.ini
2015-05-30 13:19 - 2010-11-21 11:40 - 00000000 ____D C:\Users\Nutzer\Desktop\Studium und Arbeit
2015-05-27 07:42 - 2012-10-16 22:17 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-26 17:25 - 2014-03-31 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-25 21:56 - 2015-04-05 08:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-25 21:56 - 2015-04-05 08:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-25 10:13 - 2013-04-22 10:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
==================== Files in the root of some directories =======
2013-03-18 13:48 - 2013-04-12 13:48 - 0001472 _____ () C:\Users\Nutzer\AppData\Local\RecConfig.xml
2013-12-05 18:42 - 2013-12-05 18:42 - 0000859 _____ () C:\Users\Nutzer\AppData\Local\recently-used.xbel
2012-06-15 10:36 - 2012-06-15 10:36 - 0007605 _____ () C:\Users\Nutzer\AppData\Local\Resmon.ResmonCfg
2012-07-16 20:17 - 2014-05-01 19:23 - 0017408 _____ () C:\Users\Nutzer\AppData\Local\WebpageIcons.db
2011-11-16 14:17 - 2010-01-16 08:15 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2010-06-14 13:00 - 2010-06-14 13:00 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-06-14 12:58 - 2010-06-14 12:59 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2010-06-14 12:54 - 2010-06-14 12:55 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-06-14 12:59 - 2010-06-14 13:00 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2010-06-14 12:53 - 2010-06-14 12:54 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2010-06-14 12:55 - 2010-06-14 12:58 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Some files in TEMP:
====================
C:\Users\Nutzer\AppData\Local\Temp\vlc-2.2.1-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-06-13 22:17
==================== End of log ============================
Und die Addition.txt [CODE] Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by Nutzer at 2015-06-18 19:31:17
Running from C:\Users\Nutzer\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-868785299-726797094-2297327714-500 - Administrator - Disabled)
Gast (S-1-5-21-868785299-726797094-2297327714-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-868785299-726797094-2297327714-1003 - Limited - Enabled)
Nutzer (S-1-5-21-868785299-726797094-2297327714-1001 - Administrator - Enabled) => C:\Users\Nutzer
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.6090 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
American Audio DB Builder 2.7 (HKLM-x32\...\American Audio DB Builder_is1) (Version: - )
Apple Application Support (32-Bit) (HKLM-x32\...\{2FE00055-C4F3-4F7A-AEDD-E198D54CF12F}) (Version: 3.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{28791292-D18D-42FA-AE66-3D3D20AA8618}) (Version: 3.1.1 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4365 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.1.0.411 - AVG Technologies)
Awale (HKLM-x32\...\Awale) (Version: 4.0.0 - Myriad SARL)
BatteryLifeExtender (HKLM-x32\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Dropbox (HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
El Grande (HKLM-x32\...\{54490FED-042A-47E0-9037-BA6B8F21438C}) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 16.0.15910 - Landesfinanzdirektion Thüringen)
ETDWare PS/2-x64 7.0.7.0_WHQL (HKLM\...\Elantech) (Version: 7.0.7.0 - ELAN Microelectronics Corp.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Flatcast Viewer Plugin 5.2.2.454 (HKLM-x32\...\Flatcast_is1) (Version: - 1 mal 1 Software GmbH)
Free Awale 1.5 (HKLM-x32\...\{51A14781-C4B3-4ABE-B075-5C88A0A19ED3}_is1) (Version: - Alain Le Bot)
Free PDF to Word Converter 5.1.0.383 (HKLM\...\Free PDF to Word Converter_is1) (Version: 5.1.0.383 - Smart Soft)
Free Video Converter V 3.2 (HKLM-x32\...\Free Video Converter_is1) (Version: 3.2.0.0 - Koyote Soft)
FreeDoko 0.7.11 (HKLM-x32\...\FreeDoko) (Version: 0.7.11 - Borg Enders und Diether Knof)
Freez FLV to MP3 Converter (HKLM-x32\...\Freez FLV to MP3 Converter v1.5_is1) (Version: 1.5 - www.smallvideosoft.com)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hide and Seek version 1.0 (HKLM-x32\...\Hide and Seek_is1) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Japanese Fonts Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5760-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JPEG Lossless Rotator 9.1 (HKLM\...\JPEG Lossless Rotator_is1) (Version: - Anny)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lexmark X1100 Series (HKLM\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MP4 To MP3 Converter V3.0 (HKLM-x32\...\MP4 To MP3 Converter_is1) (Version: - hxxp://www.MP4ToMP3Converter.net)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
PokerTH (HKLM-x32\...\PokerTH 0.9.5) (Version: 0.9.5 - www.pokerth.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Remove Empty Directories version 2.2 (HKLM-x32\...\{06F25DC8-71E2-44E2-805A-F15E15B51C74}_is1) (Version: 2.2 - Jonas John)
Samsung Recovery Solution 4 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM-x32\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
Ski Challenge 13 (DE) (HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\sc13-DE_MAIN) (Version: - )
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Some PDF to Word Converter 1.5 (HKLM-x32\...\Some PDF to Word Converter_is1) (Version: - SomePDF.com)
Ticket To Ride 1.0 (HKLM-x32\...\Ticket To Ride 1.0) (Version: - Days of Wonder)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TripleA Version 1_8_0_5 (HKLM-x32\...\TripleAVersion1_8_0_5) (Version: - )
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VirtualDJ Home FREE (HKLM-x32\...\{B515962D-C979-44AC-9912-F7BB499B4B2C}) (Version: 7.3 - Atomix Productions)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wari (HKLM-x32\...\ST6UNST #1) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Winamp Backup Tool (HKLM-x32\...\Winamp Backup Tool) (Version: 1.1.0.1420 RC1 - Christoph Grether & Paweł Porwisz)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-868785299-726797094-2297327714-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinDFT (HKLM-x32\...\{065F384A-5C64-4532-814A-A24BA5374503}) (Version: 1.0.0 - HGST)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinX Free FLV to MP3 Converter 2.0.6 (HKLM-x32\...\WinX Free FLV to MP3 Converter_is1) (Version: - Digiarty Software,Inc.)
Zain Internet (HKLM-x32\...\Zain Internet) (Version: 11.300.05.07.412 - Huawei Technologies Co.,Ltd)
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-868785299-726797094-2297327714-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-868785299-726797094-2297327714-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-868785299-726797094-2297327714-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-868785299-726797094-2297327714-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-868785299-726797094-2297327714-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Restore Points =========================
18-06-2015 18:34:06 Removed Apple Software Update
18-06-2015 19:19:36 Removed Apple Mobile Device Support
18-06-2015 19:25:21 Removed Atheros Client Installation Program
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06BCE0B0-3AA8-4DD5-8A2D-5233CD546E3A} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {0E770F45-7A8B-4EF9-835C-D58A42D868A8} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe
Task: {177CA1F1-24E6-48EC-91D4-B673A4521E0C} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {25B18D24-2D99-4688-8426-DD8C8C62298C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2C61B200-6E03-40A3-BAEA-D01CF0743A41} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {2D67F3D8-00C7-4B08-8F24-5ACD6F9675D9} - System32\Tasks\{51AEF445-5835-4741-83F0-7A77D88161D8} => Firefox.exe hxxp://ui.skype.com/ui/0/6.3.0.107/de/abandoninstall?page=tsProgressBar
Task: {2FA9950C-2824-4594-A3D3-30BAA8DF27D5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {3F5032B5-1ACA-40ED-8E8C-85E2E91F503E} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-12-17] (Samsung Electronics Co., Ltd.)
Task: {551F7819-8CD7-4A57-B2ED-17B0E71E6EDB} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {5ECF6C2E-912A-492A-8886-E43513A973B4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8C486767-AED4-465E-A7E4-4C5C97BD3CD1} - System32\Tasks\advSRS4 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {9FFD599B-F86B-4C3E-A704-D3EEAA2BDB9C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {A11DD170-4A83-45EC-A357-6272362D8A81} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-09] (Google Inc.)
Task: {AF533F9B-7F7D-4A43-832E-759C0B4D0BF4} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {B56C0533-0D9F-43B5-ABEA-6B32C17A6896} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-11-14] (Microsoft Corporation)
Task: {B71F54E5-6439-413A-8DAC-6E801C6D2938} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {C4F7CA60-F41B-4DFA-87D2-BB4E955248C6} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D5F3117C-6EA6-45D1-B3CA-6FB138FA81EC} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {DD742FD1-D09A-4E3F-95D9-28D4B15112E0} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {DF8C4F1C-740C-42D6-8158-8B565341757E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {EEA2A079-7FCE-4ABB-BDD3-F8D69CC2F2C0} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-05 16:29 - 2015-05-05 16:29 - 00620056 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2010-05-08 13:48 - 2010-05-08 13:48 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe
2011-12-18 10:05 - 2011-12-18 10:05 - 04932608 _____ () C:\Program Files (x86)\FreeDoko\FreeDoko.exe
2015-02-19 23:40 - 2015-02-19 23:40 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2010-06-14 13:02 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2015-05-05 16:29 - 2015-05-05 16:29 - 01711128 _____ () C:\Program Files (x86)\AVG Web TuneUp\TBAPI.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 01805574 _____ () C:\Program Files (x86)\FreeDoko\libatkmm-1.6-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 03637275 _____ () C:\Program Files (x86)\FreeDoko\libglibmm-2.4-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00725282 _____ () C:\Program Files (x86)\FreeDoko\libsigc-2.0-0.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 02563859 _____ () C:\Program Files (x86)\FreeDoko\libgdkmm-2.4-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 01582383 _____ () C:\Program Files (x86)\FreeDoko\libpangomm-1.4-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00308224 _____ () C:\Program Files (x86)\FreeDoko\libcairo-2.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00133632 _____ () C:\Program Files (x86)\FreeDoko\libfontconfig-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00053248 _____ () C:\Program Files (x86)\FreeDoko\xmlparse.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00081920 _____ () C:\Program Files (x86)\FreeDoko\xmltok.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00059904 _____ () C:\Program Files (x86)\FreeDoko\zlib1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00025088 _____ () C:\Program Files (x86)\FreeDoko\libpangocairo-1.0-0.dll
2008-09-25 20:26 - 2008-09-25 20:26 - 00660371 _____ () C:\Program Files (x86)\FreeDoko\gnet-2.0.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 13247859 _____ () C:\Program Files (x86)\FreeDoko\libgtkmm-2.4-1.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00015360 _____ () C:\Program Files (x86)\FreeDoko\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-png.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00008704 _____ () C:\Program Files (x86)\FreeDoko\lib\pango\1.4.0\modules\pango-basic-win32.dll
2008-09-25 20:28 - 2008-09-25 20:28 - 00025600 _____ () C:\Program Files (x86)\FreeDoko\lib\gtk-2.0\2.4.0\loaders\libpixbufloader-xpm.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:E7BA7168
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-868785299-726797094-2297327714-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Nutzer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: lxbkbmgr.exe => "C:\Program Files (x86)\Lexmark X1100 Series\lxbkbmgr.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{F7D37BF3-D9A8-4DFF-8FE1-2B60AD994CC0}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{78C55AEE-B5DE-4FE2-BFAC-9F3BB8D95E64}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{F450FE72-CCEA-438D-8D95-3F4E4CBEBB14}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [TCP Query User{DF684BE9-1909-4425-970F-88B1EE092330}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{4B71852B-437D-4379-9F5C-088E4F9B6F05}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{0F07EFDB-F988-4A93-B633-2397357BC9F6}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{6125B59B-ED76-4831-9D20-75B34DB6F5D3}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{0FFC249F-0756-4F99-A285-6D3CBD4EF2BA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{113A6EBE-72C2-4CCE-AFB2-577B71DD7E03}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{1037E8C6-F1BE-48F1-A7CA-899A95FD71E4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{7F92C0C7-0A46-4E05-94D3-4AC61BF96171}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{2104B66E-CFA4-4BB5-9B18-2D749DF53DBB}C:\program files (x86)\carcassonne ce\carcassonne.exe] => (Block) C:\program files (x86)\carcassonne ce\carcassonne.exe
FirewallRules: [UDP Query User{3FFEFEAD-9897-4837-B72C-4A1A78681A34}C:\program files (x86)\carcassonne ce\carcassonne.exe] => (Block) C:\program files (x86)\carcassonne ce\carcassonne.exe
FirewallRules: [{3A90B581-4D7B-4932-85D6-1F5A5CA97553}] => (Allow) C:\Windows\SysWOW64\lxbkcoms.exe
FirewallRules: [{70A70281-32C1-42E5-926F-CC751D2DD586}] => (Allow) C:\Windows\SysWOW64\lxbkcoms.exe
FirewallRules: [{FAB953B6-67CF-4CF1-9D3D-761A731030D3}] => (Allow) C:\Windows\System32\lxbkcoms.exe
FirewallRules: [{3644A33A-F60E-49F4-9D32-4154CE3CAF54}] => (Allow) C:\Windows\System32\lxbkcoms.exe
FirewallRules: [{F32BD2E1-58A1-4C44-815C-5156A10995CD}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxbkpswx.exe
FirewallRules: [{E9353043-31F1-4EC9-9E97-BA0D87AC9347}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxbkpswx.exe
FirewallRules: [TCP Query User{39C5333A-9164-415F-AC98-43BDBC51256C}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{5E11A65B-FAC5-45AC-B4FF-50DD1946D561}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{4DA918EB-A5D3-4ED2-966E-98E12284820C}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{F661CCD0-6CB0-4E9B-9909-39F40366F2EF}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{44A2FF92-C11E-4C02-8891-0D6C6DA64861}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{A4202759-1601-4F11-84E9-EE4A806E0C03}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{61B3C14B-36BC-4E4B-BA0E-CCC6AF02F5E4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{E318AF99-B443-4360-9CF4-5ABC6F420071}C:\program files (x86)\carcassonne ce\carcassonne.exe] => (Block) C:\program files (x86)\carcassonne ce\carcassonne.exe
FirewallRules: [UDP Query User{8D53B5FA-FA9A-4DFD-B1CD-CD68BA620221}C:\program files (x86)\carcassonne ce\carcassonne.exe] => (Block) C:\program files (x86)\carcassonne ce\carcassonne.exe
FirewallRules: [TCP Query User{08096E04-A366-4B6A-9BC0-97F4BE6212F8}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0846C862-3052-4BEE-A53C-13B83B64B949}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{BA241CCC-31D1-4E64-B8A6-92F81DBCA60A}] => (Allow) C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [{7FA4A873-D27A-4887-BCD5-5947FCDD1566}] => (Allow) C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe
FirewallRules: [TCP Query User{C43D34E5-12C7-4E2E-BC2E-BFECBFD98E7A}C:\users\nutzer\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nutzer\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{A77E891D-36BE-47C3-8420-290AFCA71C86}C:\users\nutzer\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\nutzer\appdata\local\akamai\netsession_win.exe
FirewallRules: [{F41EED95-AB0D-43E8-9FA5-5E1C1CFE52EB}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{79A75982-7EC8-4BC7-B5FE-0A3DAB7EF0AE}] => (Allow) C:\Users\Nutzer\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{B9255512-1B16-4F93-8DF2-58AC217C301F}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{603A171E-34B0-4CA5-BFF6-1D92DF6A6D64}C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\nutzer\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{FA305F24-2AE1-4BA1-9EC5-737CAB3360BA}C:\program files (x86)\koch media\el grande\bin\elgrande.exe] => (Block) C:\program files (x86)\koch media\el grande\bin\elgrande.exe
FirewallRules: [UDP Query User{26F81A11-C913-4D1E-B9C5-068FBB5A3F05}C:\program files (x86)\koch media\el grande\bin\elgrande.exe] => (Block) C:\program files (x86)\koch media\el grande\bin\elgrande.exe
FirewallRules: [{4BBF9B96-4B9C-4198-928E-4906ACE20507}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{2252030E-B7D4-40A9-8E7F-9871571216B4}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{289862A3-708B-4AB4-9BBC-FACEFC9FE16E}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2CA5E068-E3D4-49FF-A25F-2FC72B39AA3D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{91C3818D-A5DC-4B6F-A17A-E3DAC23EACCA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{150BC160-803A-4405-9551-D9A2C2023FA1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{59C98EBA-B910-4CA0-AC23-2D6E85CC19A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D7747552-1035-49D6-9D39-C84F55D78D8E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E02EB64D-0188-4F61-82EB-5A28B61442C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABAD288A-8EB6-4131-A14E-2409ACE050E3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8A55F124-FFF2-422E-A9E7-1CE29227DDE5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A310727D-4622-4E62-9E23-26426DAAC758}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{8A80B69B-0409-45FB-9A5F-58406A196639}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{56E400D0-306B-43E8-B88C-7AD8C7E1DCAE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{D50E92C8-AAB6-48AC-89DC-E29E81627692}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{D1D8AE2A-812E-435B-AC2C-E58A76B4E9C8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{C2B67297-BEE5-4A11-8F5C-A4E7978D1F50}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{DBA8F1E0-68B7-4579-8068-FBB547B8D828}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281611
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281611
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2015 07:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 77634927
System errors:
=============
Error: (06/17/2015 07:09:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.
Error: (06/14/2015 06:34:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
Error: (06/12/2015 06:44:36 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/12/2015 06:44:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/12/2015 06:43:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/12/2015 06:43:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/12/2015 06:43:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "vToolbarUpdater18.4.0" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/12/2015 06:43:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "lxbk_device" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/12/2015 06:43:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "DCService.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (06/12/2015 06:43:52 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Click to Call PNR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1281611
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1281611
Error: (06/18/2015 05:52:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2028
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2028
Error: (06/18/2015 05:30:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014
Error: (06/18/2015 05:30:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/17/2015 07:03:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 77634927
CodeIntegrity Errors:
===================================
Date: 2013-04-01 18:45:46.319
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Nutzer\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-01 18:45:46.074
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Users\Nutzer\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-01 18:45:45.719
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-04-01 18:45:45.451
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-27 23:34:44.435
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-27 23:34:44.136
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Percentage of memory in use: 43%
Total physical RAM: 6076.61 MB
Available physical RAM: 3449.43 MB
Total Pagefile: 8575.3 MB
Available Pagefile: 5794.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:138.99 GB) (Free:6.18 GB) NTFS
Drive d: () (Fixed) (Total:139 GB) (Free:5.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 6FC19884)
Partition 1: (Not Active) - (Size=20 GB) - (Type=27)
Partition 2: (Active) - (Size=96 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=139 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
19.06.2015, 15:53
| #4 |
| /// the machine /// TB-Ausbilder | Laptop läuft seit Kurzem deutlich langsamer hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.06.2015, 18:07
| #5 |
| | Laptop läuft seit Kurzem deutlich langsamer Hier der Malwarebytes log. Keine Funde. Liegt wahrscheinlich an oben erwähnter Aktion kürzlich. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.19.03
rootkit: v2015.06.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Nutzer :: ROSWITHA-PC [administrator]
19.06.2015 17:54:53
mbar-log-2015-06-19 (17-54-53).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 386720
Time elapsed: 44 minute(s), 13 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
und der TDSSKiller Code:
ATTFilter 18:43:11.0278 0x02c4 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:43:21.0580 0x02c4 ============================================================
18:43:21.0580 0x02c4 Current date / time: 2015/06/19 18:43:21.0580
18:43:21.0580 0x02c4 SystemInfo:
18:43:21.0580 0x02c4
18:43:21.0580 0x02c4 OS Version: 6.1.7601 ServicePack: 1.0
18:43:21.0580 0x02c4 Product type: Workstation
18:43:21.0580 0x02c4 ComputerName: ROSWITHA-PC
18:43:21.0580 0x02c4 UserName: Nutzer
18:43:21.0580 0x02c4 Windows directory: C:\Windows
18:43:21.0580 0x02c4 System windows directory: C:\Windows
18:43:21.0580 0x02c4 Running under WOW64
18:43:21.0580 0x02c4 Processor architecture: Intel x64
18:43:21.0580 0x02c4 Number of processors: 2
18:43:21.0580 0x02c4 Page size: 0x1000
18:43:21.0580 0x02c4 Boot type: Normal boot
18:43:21.0580 0x02c4 ============================================================
18:43:21.0778 0x02c4 KLMD registered as C:\Windows\system32\drivers\66211615.sys
18:43:22.0055 0x02c4 System UUID: {8F2ACDAF-B729-ED26-D482-2271D4601A25}
18:43:22.0665 0x02c4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:43:22.0674 0x02c4 ============================================================
18:43:22.0674 0x02c4 \Device\Harddisk0\DR0:
18:43:22.0674 0x02c4 MBR partitions:
18:43:22.0674 0x02c4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2803A70, BlocksNum 0x2FFD0
18:43:22.0674 0x02c4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2833A40, BlocksNum 0x115FAEE0
18:43:22.0674 0x02c4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x13E2E920, BlocksNum 0x115FE9F0
18:43:22.0675 0x02c4 ============================================================
18:43:22.0704 0x02c4 C: <-> \Device\Harddisk0\DR0\Partition2
18:43:22.0751 0x02c4 D: <-> \Device\Harddisk0\DR0\Partition3
18:43:22.0751 0x02c4 ============================================================
18:43:22.0751 0x02c4 Initialize success
18:43:22.0751 0x02c4 ============================================================
18:43:57.0939 0x061c ============================================================
18:43:57.0939 0x061c Scan started
18:43:57.0939 0x061c Mode: Manual; SigCheck; TDLFS;
18:43:57.0939 0x061c ============================================================
18:43:57.0939 0x061c KSN ping started
18:44:00.0431 0x061c KSN ping finished: true
18:44:01.0659 0x061c ================ Scan system memory ========================
18:44:01.0659 0x061c System memory - ok
18:44:01.0660 0x061c ================ Scan services =============================
18:44:01.0858 0x061c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:44:02.0039 0x061c 1394ohci - ok
18:44:02.0094 0x061c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:44:02.0117 0x061c ACPI - ok
18:44:02.0162 0x061c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:44:02.0245 0x061c AcpiPmi - ok
18:44:02.0357 0x061c [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:44:02.0382 0x061c AdobeARMservice - ok
18:44:02.0459 0x061c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:44:02.0486 0x061c adp94xx - ok
18:44:02.0533 0x061c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:44:02.0556 0x061c adpahci - ok
18:44:02.0588 0x061c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:44:02.0607 0x061c adpu320 - ok
18:44:02.0649 0x061c [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:44:02.0686 0x061c AeLookupSvc - ok
18:44:02.0757 0x061c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:44:02.0826 0x061c AFD - ok
18:44:02.0874 0x061c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:44:02.0894 0x061c agp440 - ok
18:44:02.0945 0x061c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:44:02.0996 0x061c ALG - ok
18:44:03.0054 0x061c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:44:03.0078 0x061c aliide - ok
18:44:03.0123 0x061c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:44:03.0145 0x061c amdide - ok
18:44:03.0184 0x061c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:44:03.0255 0x061c AmdK8 - ok
18:44:03.0275 0x061c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:44:03.0308 0x061c AmdPPM - ok
18:44:03.0360 0x061c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:44:03.0387 0x061c amdsata - ok
18:44:03.0443 0x061c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:44:03.0475 0x061c amdsbs - ok
18:44:03.0540 0x061c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:44:03.0564 0x061c amdxata - ok
18:44:03.0609 0x061c [ 4FC6E2C2FC50445450651F42E90CC0BD, BC04902B1A5A5C3354E1C4A5C69906ED7DF19F90286BE1AC4E4224E05ED36184 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
18:44:03.0644 0x061c Apowersoft_AudioDevice - ok
18:44:03.0701 0x061c [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
18:44:03.0769 0x061c AppID - ok
18:44:03.0830 0x061c [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:44:03.0871 0x061c AppIDSvc - ok
18:44:03.0936 0x061c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:44:04.0006 0x061c Appinfo - ok
18:44:04.0067 0x061c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:44:04.0082 0x061c arc - ok
18:44:04.0101 0x061c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:44:04.0117 0x061c arcsas - ok
18:44:04.0260 0x061c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:44:04.0302 0x061c aspnet_state - ok
18:44:04.0341 0x061c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:44:04.0512 0x061c AsyncMac - ok
18:44:04.0567 0x061c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:44:04.0581 0x061c atapi - ok
18:44:04.0687 0x061c [ CCA705CDF038D5BC243203CE4416B345, C907A4022411D9FDFD5FCEA8D067CF1713F786351FAFA739EDC5B5C3E66B1BAD ] athr C:\Windows\system32\DRIVERS\athrx.sys
18:44:04.0795 0x061c athr - ok
18:44:04.0879 0x061c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:44:04.0940 0x061c AudioEndpointBuilder - ok
18:44:04.0980 0x061c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:44:05.0012 0x061c AudioSrv - ok
18:44:05.0118 0x061c [ E7C8FBDCB1C079C332F962DD1C075E5E, 4931B016C14B8ABE3CA5C8C0A3AC27253F2C72486CF43C299183EB65F93C06D4 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
18:44:05.0140 0x061c Avgdiska - ok
18:44:05.0505 0x061c [ DF1D6A57455998307972AF57FE8739C7, 48E608656B4B0F1A92DB180D5CC3414467B41B9C212D91CC7E0086454B7DADC7 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
18:44:05.0685 0x061c AVGIDSAgent - ok
18:44:05.0764 0x061c [ BDE56ADE3E236E659B3A4ADC3AD71413, CCDF67A73CB7D921384822CE2DA44C77C9184E2CEFBE1E69DBEFC57704ABF349 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
18:44:05.0793 0x061c AVGIDSDriver - ok
18:44:05.0861 0x061c [ 54384FC2230B4469E7EDF938B7CF5FF7, 93EF11C8D1EC307A71B43578EE3EFFF3FBAFB26AE0A94E4CFD54342CAA4C108C ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
18:44:05.0895 0x061c AVGIDSHA - ok
18:44:05.0951 0x061c [ 4FB010DEA1028ED0A26F20D2F404210F, 7C163D1A461A7D00BBADC46807A35911A5B2BA4B001FAF63C6AF17F54D5201E0 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
18:44:05.0972 0x061c Avgldx64 - ok
18:44:06.0067 0x061c [ 7EC2B7BBA7A30691D2E0D8478F219B90, EBB18E34D502E85F6450E944B3A1AD7B86692F2F0C9041B927F69CE40E7802A6 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
18:44:06.0102 0x061c Avgloga - ok
18:44:06.0153 0x061c [ 90F4D9B3118A4913124CDEDD4CDD4E4C, 806A873ABC913AA7391EE6079E29593E5319575207678B7876D250AFE50138C1 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
18:44:06.0172 0x061c Avgmfx64 - ok
18:44:06.0256 0x061c [ 719EF00B1C5BED9CF5675274A4F774B9, 3883B41AC13AC7B2E2D58AA3209B3D479C53469A3F423CAC151A3F25DA462E3D ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
18:44:06.0282 0x061c Avgrkx64 - ok
18:44:06.0323 0x061c [ EB9606C7C31E2C90BD9A81B0BEE01C28, D07A064C069124DEAF2782438E606BB497EF7E866FF9069C1C474B2A7CC0A61A ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
18:44:06.0344 0x061c Avgtdia - ok
18:44:06.0422 0x061c [ 3B5657B6C11CDA87F664DD6F7DD0702D, 1AE773849CB46F0F0B92A0B677D379924D263DBBC8CD626C8D3D73B639F51194 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
18:44:06.0437 0x061c avgtp - ok
18:44:06.0493 0x061c [ C9800EB63BFD55E5C176CAAB1084503A, CF19965C3A697D9AF6F8ACE9F2C8F95E8F7A39EC0595BADBD7932E2FB9C89A24 ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
18:44:06.0515 0x061c avgwd - ok
18:44:06.0606 0x061c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:44:06.0688 0x061c AxInstSV - ok
18:44:06.0753 0x061c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:44:06.0806 0x061c b06bdrv - ok
18:44:06.0863 0x061c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:44:06.0905 0x061c b57nd60a - ok
18:44:06.0963 0x061c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:44:07.0038 0x061c BDESVC - ok
18:44:07.0086 0x061c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:44:07.0135 0x061c Beep - ok
18:44:07.0219 0x061c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:44:07.0301 0x061c BFE - ok
18:44:07.0379 0x061c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:44:07.0589 0x061c BITS - ok
18:44:07.0627 0x061c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:44:07.0652 0x061c blbdrive - ok
18:44:07.0728 0x061c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:44:07.0808 0x061c bowser - ok
18:44:07.0858 0x061c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:44:07.0951 0x061c BrFiltLo - ok
18:44:07.0984 0x061c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:44:08.0014 0x061c BrFiltUp - ok
18:44:08.0057 0x061c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:44:08.0124 0x061c Browser - ok
18:44:08.0181 0x061c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:44:08.0246 0x061c Brserid - ok
18:44:08.0289 0x061c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:44:08.0324 0x061c BrSerWdm - ok
18:44:08.0359 0x061c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:44:08.0391 0x061c BrUsbMdm - ok
18:44:08.0424 0x061c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:44:08.0456 0x061c BrUsbSer - ok
18:44:08.0480 0x061c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:44:08.0519 0x061c BTHMODEM - ok
18:44:08.0563 0x061c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:44:08.0625 0x061c bthserv - ok
18:44:08.0785 0x061c [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:44:08.0835 0x061c c2cautoupdatesvc - ok
18:44:08.0929 0x061c [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:44:08.0987 0x061c c2cpnrsvc - ok
18:44:09.0044 0x061c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:44:09.0097 0x061c cdfs - ok
18:44:09.0156 0x061c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:44:09.0191 0x061c cdrom - ok
18:44:09.0254 0x061c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:44:09.0347 0x061c CertPropSvc - ok
18:44:09.0374 0x061c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:44:09.0409 0x061c circlass - ok
18:44:09.0463 0x061c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
18:44:09.0491 0x061c CLFS - ok
18:44:09.0560 0x061c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:44:09.0586 0x061c clr_optimization_v2.0.50727_32 - ok
18:44:09.0642 0x061c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:44:09.0670 0x061c clr_optimization_v2.0.50727_64 - ok
18:44:09.0788 0x061c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:44:09.0841 0x061c clr_optimization_v4.0.30319_32 - ok
18:44:09.0884 0x061c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:44:09.0987 0x061c clr_optimization_v4.0.30319_64 - ok
18:44:10.0023 0x061c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:44:10.0053 0x061c CmBatt - ok
18:44:10.0096 0x061c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:44:10.0111 0x061c cmdide - ok
18:44:10.0185 0x061c [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
18:44:10.0224 0x061c CNG - ok
18:44:10.0271 0x061c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:44:10.0288 0x061c Compbatt - ok
18:44:10.0342 0x061c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:44:10.0386 0x061c CompositeBus - ok
18:44:10.0404 0x061c COMSysApp - ok
18:44:10.0443 0x061c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:44:10.0466 0x061c crcdisk - ok
18:44:10.0523 0x061c [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:44:10.0581 0x061c CryptSvc - ok
18:44:10.0624 0x061c [ 44BDDEB03C84A1C993C992FFB5700357, 29080E9A434BB2A932783B0B5104BC9E3C514A0FFB387123B75F4F4045E353BC ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
18:44:10.0636 0x061c CVirtA - ok
18:44:10.0706 0x061c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:44:10.0773 0x061c DcomLaunch - ok
18:44:10.0818 0x061c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:44:10.0876 0x061c defragsvc - ok
18:44:10.0922 0x061c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:44:10.0985 0x061c DfsC - ok
18:44:11.0035 0x061c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:44:11.0085 0x061c Dhcp - ok
18:44:11.0243 0x061c [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
18:44:11.0343 0x061c DiagTrack - ok
18:44:11.0413 0x061c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:44:11.0473 0x061c discache - ok
18:44:11.0529 0x061c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:44:11.0544 0x061c Disk - ok
18:44:11.0587 0x061c [ 05CB5910B3CA6019FC3CCA815EE06FFB, 8FA532ED500BB1F08E8034A6125BDD53B74D5E6AB0A83A6185B07AAFCD90AA82 ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
18:44:11.0619 0x061c DNE - ok
18:44:11.0657 0x061c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:44:11.0724 0x061c Dnscache - ok
18:44:11.0785 0x061c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:44:11.0865 0x061c dot3svc - ok
18:44:11.0944 0x061c [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
18:44:12.0001 0x061c dot4 - ok
18:44:12.0055 0x061c [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
18:44:12.0110 0x061c Dot4Print - ok
18:44:12.0144 0x061c [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
18:44:12.0175 0x061c dot4usb - ok
18:44:12.0220 0x061c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:44:12.0271 0x061c DPS - ok
18:44:12.0349 0x061c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:44:12.0407 0x061c drmkaud - ok
18:44:12.0509 0x061c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:44:12.0550 0x061c DXGKrnl - ok
18:44:12.0604 0x061c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:44:12.0661 0x061c EapHost - ok
18:44:12.0809 0x061c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:44:12.0981 0x061c ebdrv - ok
18:44:13.0052 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
18:44:13.0106 0x061c EFS - ok
18:44:13.0207 0x061c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:44:13.0262 0x061c ehRecvr - ok
18:44:13.0291 0x061c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:44:13.0341 0x061c ehSched - ok
18:44:13.0426 0x061c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:44:13.0456 0x061c elxstor - ok
18:44:13.0480 0x061c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:44:13.0517 0x061c ErrDev - ok
18:44:13.0566 0x061c [ 438021C3F32F30E227D0F5DFD118B7B1, A25EA3DFFFADF8EC291985814854CB92148BB38276876C0BBBB04E23B705E7CA ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:44:13.0615 0x061c ETD - ok
18:44:13.0687 0x061c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:44:13.0755 0x061c EventSystem - ok
18:44:13.0788 0x061c ew_hwusbdev - ok
18:44:13.0802 0x061c ew_usbenumfilter - ok
18:44:13.0833 0x061c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:44:13.0892 0x061c exfat - ok
18:44:13.0926 0x061c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:44:13.0991 0x061c fastfat - ok
18:44:14.0069 0x061c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:44:14.0152 0x061c Fax - ok
18:44:14.0189 0x061c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:44:14.0220 0x061c fdc - ok
18:44:14.0251 0x061c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:44:14.0329 0x061c fdPHost - ok
18:44:14.0360 0x061c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:44:14.0407 0x061c FDResPub - ok
18:44:14.0470 0x061c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:44:14.0485 0x061c FileInfo - ok
18:44:14.0501 0x061c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:44:14.0548 0x061c Filetrace - ok
18:44:14.0563 0x061c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:44:14.0594 0x061c flpydisk - ok
18:44:14.0657 0x061c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:44:14.0672 0x061c FltMgr - ok
18:44:14.0813 0x061c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
18:44:14.0891 0x061c FontCache - ok
18:44:14.0953 0x061c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:44:14.0984 0x061c FontCache3.0.0.0 - ok
18:44:15.0016 0x061c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:44:15.0031 0x061c FsDepends - ok
18:44:15.0047 0x061c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:44:15.0062 0x061c Fs_Rec - ok
18:44:15.0140 0x061c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:44:15.0156 0x061c fvevol - ok
18:44:15.0218 0x061c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:44:15.0234 0x061c gagp30kx - ok
18:44:15.0296 0x061c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:44:15.0359 0x061c gpsvc - ok
18:44:15.0484 0x061c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:15.0515 0x061c gupdate - ok
18:44:15.0546 0x061c [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:44:15.0562 0x061c gupdatem - ok
18:44:15.0593 0x061c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:44:15.0624 0x061c hcw85cir - ok
18:44:15.0702 0x061c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:44:15.0733 0x061c HdAudAddService - ok
18:44:15.0796 0x061c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:44:15.0827 0x061c HDAudBus - ok
18:44:15.0858 0x061c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:44:15.0889 0x061c HidBatt - ok
18:44:15.0905 0x061c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:44:15.0936 0x061c HidBth - ok
18:44:15.0983 0x061c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:44:16.0014 0x061c HidIr - ok
18:44:16.0030 0x061c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:44:16.0092 0x061c hidserv - ok
18:44:16.0154 0x061c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:44:16.0186 0x061c HidUsb - ok
18:44:16.0217 0x061c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:44:16.0295 0x061c hkmsvc - ok
18:44:16.0373 0x061c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:44:16.0451 0x061c HomeGroupListener - ok
18:44:16.0513 0x061c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:44:16.0544 0x061c HomeGroupProvider - ok
18:44:16.0591 0x061c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:44:16.0607 0x061c HpSAMD - ok
18:44:16.0669 0x061c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:44:16.0732 0x061c HTTP - ok
18:44:16.0763 0x061c huawei_cdcacm - ok
18:44:16.0778 0x061c huawei_enumerator - ok
18:44:16.0794 0x061c huawei_ext_ctrl - ok
18:44:16.0810 0x061c huawei_wwanecm - ok
18:44:16.0825 0x061c hwdatacard - ok
18:44:16.0856 0x061c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:44:16.0872 0x061c hwpolicy - ok
18:44:16.0919 0x061c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:44:16.0950 0x061c i8042prt - ok
18:44:16.0997 0x061c [ BE7D72FCF442C26975942007E0831241, A0FD29B3D1A1278787F8B3FBE7EC3216AAF328467974A6D90752639BB44DCD84 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:44:17.0012 0x061c iaStor - ok
18:44:17.0075 0x061c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:44:17.0106 0x061c iaStorV - ok
18:44:17.0200 0x061c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:44:17.0246 0x061c idsvc - ok
18:44:17.0278 0x061c IEEtwCollectorService - ok
18:44:17.0590 0x061c [ 2D18C9E1F23970DE32D78D3B1CDDA0A7, 4AC6425F6D1921ED7975A0450D536B2675964574E40D86099410423E72D70D88 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:44:17.0917 0x061c igfx - ok
18:44:17.0995 0x061c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:44:18.0011 0x061c iirsp - ok
18:44:18.0073 0x061c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:44:18.0136 0x061c IKEEXT - ok
18:44:18.0260 0x061c [ 801946CE25DD2179FE68599826B0BB88, 4C9D10303DF1EC005693DD28220A9C5B87DD32244112BA1F09D8AD0CF7D311DC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:44:18.0338 0x061c IntcAzAudAddService - ok
18:44:18.0432 0x061c [ 88A20FA54C73DED4E8DAC764E9130AE9, BBD9C8D12063F0A464FE0C48C6913A772EF5A5DCB8A00EBD37E494DCB752A5FF ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
18:44:18.0494 0x061c IntcHdmiAddService - ok
18:44:18.0541 0x061c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:44:18.0557 0x061c intelide - ok
18:44:18.0619 0x061c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:44:18.0650 0x061c intelppm - ok
18:44:18.0682 0x061c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:44:18.0728 0x061c IPBusEnum - ok
18:44:18.0775 0x061c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:44:18.0822 0x061c IpFilterDriver - ok
18:44:18.0869 0x061c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:44:18.0916 0x061c iphlpsvc - ok
18:44:18.0947 0x061c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:44:18.0962 0x061c IPMIDRV - ok
18:44:18.0994 0x061c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:44:19.0040 0x061c IPNAT - ok
18:44:19.0087 0x061c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:44:19.0165 0x061c IRENUM - ok
18:44:19.0196 0x061c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:44:19.0228 0x061c isapnp - ok
18:44:19.0259 0x061c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:44:19.0274 0x061c iScsiPrt - ok
18:44:19.0306 0x061c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:44:19.0321 0x061c kbdclass - ok
18:44:19.0368 0x061c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:44:19.0399 0x061c kbdhid - ok
18:44:19.0415 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
18:44:19.0430 0x061c KeyIso - ok
18:44:19.0493 0x061c [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:44:19.0524 0x061c KSecDD - ok
18:44:19.0571 0x061c [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:44:19.0586 0x061c KSecPkg - ok
18:44:19.0618 0x061c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:44:19.0664 0x061c ksthunk - ok
18:44:19.0711 0x061c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:44:19.0758 0x061c KtmRm - ok
18:44:19.0820 0x061c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:44:19.0867 0x061c LanmanServer - ok
18:44:19.0930 0x061c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:44:19.0976 0x061c LanmanWorkstation - ok
18:44:20.0023 0x061c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:44:20.0086 0x061c lltdio - ok
18:44:20.0132 0x061c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:44:20.0179 0x061c lltdsvc - ok
18:44:20.0226 0x061c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:44:20.0304 0x061c lmhosts - ok
18:44:20.0366 0x061c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:44:20.0398 0x061c LSI_FC - ok
18:44:20.0413 0x061c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:44:20.0429 0x061c LSI_SAS - ok
18:44:20.0476 0x061c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:44:20.0491 0x061c LSI_SAS2 - ok
18:44:20.0507 0x061c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:44:20.0522 0x061c LSI_SCSI - ok
18:44:20.0554 0x061c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:44:20.0616 0x061c luafv - ok
18:44:20.0647 0x061c lxbk_device - ok
18:44:20.0710 0x061c [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:44:20.0725 0x061c MBAMProtector - ok
18:44:20.0819 0x061c [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:44:20.0866 0x061c MBAMService - ok
18:44:20.0928 0x061c [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:44:20.0928 0x061c MBAMWebAccessControl - ok
18:44:20.0975 0x061c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:44:20.0990 0x061c Mcx2Svc - ok
18:44:21.0006 0x061c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:44:21.0022 0x061c megasas - ok
18:44:21.0068 0x061c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:44:21.0100 0x061c MegaSR - ok
18:44:21.0146 0x061c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:44:21.0224 0x061c MMCSS - ok
18:44:21.0240 0x061c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:44:21.0287 0x061c Modem - ok
18:44:21.0334 0x061c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:44:21.0365 0x061c monitor - ok
18:44:21.0427 0x061c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:44:21.0443 0x061c mouclass - ok
18:44:21.0505 0x061c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:44:21.0536 0x061c mouhid - ok
18:44:21.0583 0x061c [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:44:21.0599 0x061c mountmgr - ok
18:44:21.0677 0x061c [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:44:21.0708 0x061c MozillaMaintenance - ok
18:44:21.0739 0x061c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:44:21.0755 0x061c mpio - ok
18:44:21.0817 0x061c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:44:21.0864 0x061c mpsdrv - ok
18:44:21.0926 0x061c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:44:22.0004 0x061c MpsSvc - ok
18:44:22.0051 0x061c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:44:22.0098 0x061c MRxDAV - ok
18:44:22.0145 0x061c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:44:22.0192 0x061c mrxsmb - ok
18:44:22.0223 0x061c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:44:22.0254 0x061c mrxsmb10 - ok
18:44:22.0316 0x061c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:44:22.0394 0x061c mrxsmb20 - ok
18:44:22.0426 0x061c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:44:22.0441 0x061c msahci - ok
18:44:22.0472 0x061c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:44:22.0488 0x061c msdsm - ok
18:44:22.0504 0x061c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:44:22.0550 0x061c MSDTC - ok
18:44:22.0597 0x061c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:44:22.0644 0x061c Msfs - ok
18:44:22.0660 0x061c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:44:22.0722 0x061c mshidkmdf - ok
18:44:22.0753 0x061c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:44:22.0784 0x061c msisadrv - ok
18:44:22.0831 0x061c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:44:22.0894 0x061c MSiSCSI - ok
18:44:22.0894 0x061c msiserver - ok
18:44:22.0940 0x061c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:44:23.0003 0x061c MSKSSRV - ok
18:44:23.0065 0x061c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:44:23.0112 0x061c MSPCLOCK - ok
18:44:23.0128 0x061c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:44:23.0174 0x061c MSPQM - ok
18:44:23.0237 0x061c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:44:23.0252 0x061c MsRPC - ok
18:44:23.0284 0x061c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:44:23.0299 0x061c mssmbios - ok
18:44:23.0362 0x061c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:44:23.0424 0x061c MSTEE - ok
18:44:23.0440 0x061c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:44:23.0471 0x061c MTConfig - ok
18:44:23.0518 0x061c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:44:23.0549 0x061c Mup - ok
18:44:23.0580 0x061c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:44:23.0689 0x061c napagent - ok
18:44:23.0752 0x061c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:44:23.0798 0x061c NativeWifiP - ok
18:44:23.0876 0x061c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:44:23.0908 0x061c NDIS - ok
18:44:23.0939 0x061c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:44:24.0001 0x061c NdisCap - ok
18:44:24.0032 0x061c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:44:24.0095 0x061c NdisTapi - ok
18:44:24.0157 0x061c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:44:24.0220 0x061c Ndisuio - ok
18:44:24.0282 0x061c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:44:24.0344 0x061c NdisWan - ok
18:44:24.0376 0x061c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:44:24.0422 0x061c NDProxy - ok
18:44:24.0469 0x061c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:44:24.0500 0x061c NetBIOS - ok
18:44:24.0563 0x061c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:44:24.0610 0x061c NetBT - ok
18:44:24.0625 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
18:44:24.0641 0x061c Netlogon - ok
18:44:24.0688 0x061c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:44:24.0734 0x061c Netman - ok
18:44:24.0812 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:24.0875 0x061c NetMsmqActivator - ok
18:44:24.0906 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:24.0922 0x061c NetPipeActivator - ok
18:44:24.0968 0x061c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:44:25.0031 0x061c netprofm - ok
18:44:25.0046 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:25.0078 0x061c NetTcpActivator - ok
18:44:25.0078 0x061c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:44:25.0093 0x061c NetTcpPortSharing - ok
18:44:25.0140 0x061c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:44:25.0156 0x061c nfrd960 - ok
18:44:25.0202 0x061c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:44:25.0249 0x061c NlaSvc - ok
18:44:25.0280 0x061c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:44:25.0312 0x061c Npfs - ok
18:44:25.0358 0x061c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:44:25.0405 0x061c nsi - ok
18:44:25.0421 0x061c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:44:25.0468 0x061c nsiproxy - ok
18:44:25.0577 0x061c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:44:25.0639 0x061c Ntfs - ok
18:44:25.0670 0x061c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:44:25.0717 0x061c Null - ok
18:44:25.0780 0x061c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:44:25.0795 0x061c nvraid - ok
18:44:25.0842 0x061c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:44:25.0858 0x061c nvstor - ok
18:44:25.0904 0x061c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:44:25.0920 0x061c nv_agp - ok
18:44:25.0951 0x061c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:44:25.0982 0x061c ohci1394 - ok
18:44:26.0029 0x061c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:44:26.0107 0x061c p2pimsvc - ok
18:44:26.0170 0x061c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:44:26.0232 0x061c p2psvc - ok
18:44:26.0294 0x061c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:44:26.0310 0x061c Parport - ok
18:44:26.0357 0x061c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:44:26.0372 0x061c partmgr - ok
18:44:26.0435 0x061c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:44:26.0482 0x061c PcaSvc - ok
18:44:26.0513 0x061c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:44:26.0528 0x061c pci - ok
18:44:26.0591 0x061c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:44:26.0606 0x061c pciide - ok
18:44:26.0638 0x061c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:44:26.0669 0x061c pcmcia - ok
18:44:26.0684 0x061c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:44:26.0700 0x061c pcw - ok
18:44:26.0794 0x061c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:44:26.0856 0x061c PEAUTH - ok
18:44:26.0918 0x061c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:44:26.0965 0x061c PerfHost - ok
18:44:27.0090 0x061c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:44:27.0199 0x061c pla - ok
18:44:27.0246 0x061c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:44:27.0293 0x061c PlugPlay - ok
18:44:27.0324 0x061c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:44:27.0371 0x061c PNRPAutoReg - ok
18:44:27.0402 0x061c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:44:27.0418 0x061c PNRPsvc - ok
18:44:27.0496 0x061c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:44:27.0574 0x061c PolicyAgent - ok
18:44:27.0605 0x061c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:44:27.0667 0x061c Power - ok
18:44:27.0730 0x061c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:44:27.0776 0x061c PptpMiniport - ok
18:44:27.0823 0x061c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:44:27.0854 0x061c Processor - ok
18:44:27.0901 0x061c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
18:44:27.0948 0x061c ProfSvc - ok
18:44:27.0964 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
18:44:27.0979 0x061c ProtectedStorage - ok
18:44:28.0057 0x061c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:44:28.0120 0x061c Psched - ok
18:44:28.0182 0x061c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:44:28.0244 0x061c ql2300 - ok
18:44:28.0291 0x061c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:44:28.0322 0x061c ql40xx - ok
18:44:28.0354 0x061c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:44:28.0416 0x061c QWAVE - ok
18:44:28.0432 0x061c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:44:28.0478 0x061c QWAVEdrv - ok
18:44:28.0494 0x061c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:44:28.0541 0x061c RasAcd - ok
18:44:28.0572 0x061c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:44:28.0634 0x061c RasAgileVpn - ok
18:44:28.0666 0x061c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:44:28.0712 0x061c RasAuto - ok
18:44:28.0775 0x061c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:44:28.0837 0x061c Rasl2tp - ok
18:44:28.0931 0x061c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:44:28.0978 0x061c RasMan - ok
18:44:29.0024 0x061c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:44:29.0087 0x061c RasPppoe - ok
18:44:29.0134 0x061c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:44:29.0165 0x061c RasSstp - ok
18:44:29.0212 0x061c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:44:29.0258 0x061c rdbss - ok
18:44:29.0305 0x061c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:44:29.0352 0x061c rdpbus - ok
18:44:29.0399 0x061c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:44:29.0461 0x061c RDPCDD - ok
18:44:29.0508 0x061c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:44:29.0539 0x061c RDPENCDD - ok
18:44:29.0555 0x061c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:44:29.0617 0x061c RDPREFMP - ok
18:44:29.0664 0x061c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:44:29.0726 0x061c RDPWD - ok
18:44:29.0773 0x061c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:44:29.0789 0x061c rdyboost - ok
18:44:29.0820 0x061c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:44:29.0867 0x061c RemoteAccess - ok
18:44:29.0882 0x061c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:44:29.0960 0x061c RemoteRegistry - ok
18:44:30.0007 0x061c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:44:30.0070 0x061c RpcEptMapper - ok
18:44:30.0101 0x061c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:44:30.0116 0x061c RpcLocator - ok
18:44:30.0163 0x061c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:44:30.0226 0x061c RpcSs - ok
18:44:30.0257 0x061c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:44:30.0319 0x061c rspndr - ok
18:44:30.0366 0x061c [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:44:30.0397 0x061c RTL8167 - ok
18:44:30.0475 0x061c [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\Windows\SysWOW64\drivers\rtport.sys
18:44:30.0491 0x061c rtport - ok
18:44:30.0553 0x061c [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\Windows\system32\Drivers\SABI.sys
18:44:30.0584 0x061c SABI - ok
18:44:30.0647 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
18:44:30.0678 0x061c SamSs - ok
18:44:30.0740 0x061c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:44:30.0756 0x061c sbp2port - ok
18:44:30.0818 0x061c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:44:30.0865 0x061c SCardSvr - ok
18:44:30.0912 0x061c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:44:30.0959 0x061c scfilter - ok
18:44:31.0037 0x061c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:44:31.0099 0x061c Schedule - ok
18:44:31.0146 0x061c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:44:31.0193 0x061c SCPolicySvc - ok
18:44:31.0208 0x061c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:44:31.0255 0x061c SDRSVC - ok
18:44:31.0318 0x061c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:44:31.0364 0x061c secdrv - ok
18:44:31.0396 0x061c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:44:31.0427 0x061c seclogon - ok
18:44:31.0458 0x061c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:44:31.0505 0x061c SENS - ok
18:44:31.0536 0x061c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:44:31.0583 0x061c SensrSvc - ok
18:44:31.0630 0x061c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:44:31.0661 0x061c Serenum - ok
18:44:31.0723 0x061c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:44:31.0739 0x061c Serial - ok
18:44:31.0786 0x061c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:44:31.0817 0x061c sermouse - ok
18:44:31.0864 0x061c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:44:31.0910 0x061c SessionEnv - ok
18:44:31.0973 0x061c [ A48B9F81D3C2BA989AE2D566747B4623, F1A6AE83173A32C49E261AF7A6F15BCB560A2D2D8D907225E2C115517C8EB906 ] sfdrv01 C:\Windows\system32\drivers\sfdrv01.sys
18:44:32.0004 0x061c sfdrv01 - detected UnsignedFile.Multi.Generic ( 1 )
18:44:34.0750 0x061c sfdrv01 ( UnsignedFile.Multi.Generic ) - warning
18:44:34.0750 0x061c Force sending object to P2P due to detect: sfdrv01
18:44:37.0339 0x061c Object send P2P result: true
18:44:39.0882 0x061c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:44:39.0898 0x061c sffdisk - ok
18:44:39.0913 0x061c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:44:39.0944 0x061c sffp_mmc - ok
18:44:39.0960 0x061c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:44:40.0007 0x061c sffp_sd - ok
18:44:40.0054 0x061c [ 9E0ECDA6C72C5D0D8CF3F0FBA076422B, 32E1433B528AD9C11BCCCDA987E8F7E6103E27A9B70C60126F312B0778F51606 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
18:44:40.0069 0x061c sfhlp02 - detected UnsignedFile.Multi.Generic ( 1 )
18:44:42.0706 0x061c sfhlp02 ( UnsignedFile.Multi.Generic ) - warning
18:44:45.0217 0x061c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:44:45.0264 0x061c sfloppy - ok
18:44:45.0311 0x061c [ F65D13175EBF3FA49B1F7F948926A16E, 48DAB84C88B0DA4015581DF4F4A48280E8E3522A43A2966D4C37EE2E84C61D6F ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
18:44:45.0326 0x061c sfvfs02 - detected UnsignedFile.Multi.Generic ( 1 )
18:44:47.0963 0x061c sfvfs02 ( UnsignedFile.Multi.Generic ) - warning
18:44:50.0459 0x061c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:44:50.0521 0x061c SharedAccess - ok
18:44:50.0584 0x061c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:44:50.0630 0x061c ShellHWDetection - ok
18:44:50.0662 0x061c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:44:50.0677 0x061c SiSRaid2 - ok
18:44:50.0708 0x061c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:44:50.0724 0x061c SiSRaid4 - ok
18:44:51.0020 0x061c [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:44:51.0114 0x061c SkypeUpdate - ok
18:44:51.0208 0x061c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:44:51.0348 0x061c Smb - ok
18:44:51.0488 0x061c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:44:51.0535 0x061c SNMPTRAP - ok
18:44:51.0582 0x061c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:44:51.0598 0x061c spldr - ok
18:44:51.0707 0x061c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:44:51.0769 0x061c Spooler - ok
18:44:52.0128 0x061c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:44:52.0409 0x061c sppsvc - ok
18:44:52.0471 0x061c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:44:52.0580 0x061c sppuinotify - ok
18:44:52.0736 0x061c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:44:52.0799 0x061c srv - ok
18:44:52.0861 0x061c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:44:53.0033 0x061c srv2 - ok
18:44:53.0064 0x061c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:44:53.0095 0x061c srvnet - ok
18:44:53.0142 0x061c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:44:53.0220 0x061c SSDPSRV - ok
18:44:53.0267 0x061c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:44:53.0314 0x061c SstpSvc - ok
18:44:53.0345 0x061c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:44:53.0360 0x061c stexstor - ok
18:44:53.0438 0x061c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:44:53.0501 0x061c stisvc - ok
18:44:53.0516 0x061c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:44:53.0548 0x061c swenum - ok
18:44:53.0610 0x061c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:44:53.0672 0x061c swprv - ok
18:44:53.0782 0x061c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:44:53.0875 0x061c SysMain - ok
18:44:53.0922 0x061c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:44:53.0953 0x061c TabletInputService - ok
18:44:54.0000 0x061c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:44:54.0062 0x061c TapiSrv - ok
18:44:54.0109 0x061c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:44:54.0156 0x061c TBS - ok
18:44:54.0265 0x061c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:44:54.0328 0x061c Tcpip - ok
18:44:54.0437 0x061c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:44:54.0499 0x061c TCPIP6 - ok
18:44:54.0530 0x061c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:44:54.0546 0x061c tcpipreg - ok
18:44:54.0608 0x061c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:44:54.0655 0x061c TDPIPE - ok
18:44:54.0686 0x061c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:44:54.0718 0x061c TDTCP - ok
18:44:54.0796 0x061c [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:44:54.0827 0x061c tdx - ok
18:44:54.0874 0x061c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:44:54.0889 0x061c TermDD - ok
18:44:54.0952 0x061c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:44:55.0030 0x061c TermService - ok
18:44:55.0061 0x061c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:44:55.0092 0x061c Themes - ok
18:44:55.0123 0x061c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:44:55.0170 0x061c THREADORDER - ok
18:44:55.0201 0x061c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:44:55.0264 0x061c TrkWks - ok
18:44:55.0342 0x061c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:44:55.0404 0x061c TrustedInstaller - ok
18:44:55.0451 0x061c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:44:55.0466 0x061c tssecsrv - ok
18:44:55.0529 0x061c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:44:55.0576 0x061c TsUsbFlt - ok
18:44:55.0638 0x061c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:44:55.0685 0x061c tunnel - ok
18:44:55.0732 0x061c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:44:55.0747 0x061c uagp35 - ok
18:44:55.0794 0x061c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:44:55.0872 0x061c udfs - ok
18:44:55.0903 0x061c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:44:55.0934 0x061c UI0Detect - ok
18:44:55.0966 0x061c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:44:55.0981 0x061c uliagpkx - ok
18:44:56.0028 0x061c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
18:44:56.0059 0x061c umbus - ok
18:44:56.0106 0x061c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:44:56.0137 0x061c UmPass - ok
18:44:56.0184 0x061c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:44:56.0246 0x061c upnphost - ok
18:44:56.0324 0x061c [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:44:56.0324 0x061c USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
18:44:58.0976 0x061c Detect skipped due to KSN trusted
18:44:58.0976 0x061c USBAAPL64 - ok
18:44:59.0023 0x061c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:44:59.0070 0x061c usbaudio - ok
18:44:59.0117 0x061c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:59.0164 0x061c usbccgp - ok
18:44:59.0210 0x061c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:44:59.0273 0x061c usbcir - ok
18:44:59.0320 0x061c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:44:59.0351 0x061c usbehci - ok
18:44:59.0444 0x061c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:44:59.0476 0x061c usbhub - ok
18:44:59.0491 0x061c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:44:59.0538 0x061c usbohci - ok
18:44:59.0569 0x061c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:44:59.0585 0x061c usbprint - ok
18:44:59.0663 0x061c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:44:59.0710 0x061c usbscan - ok
18:44:59.0741 0x061c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:59.0788 0x061c USBSTOR - ok
18:44:59.0834 0x061c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:44:59.0850 0x061c usbuhci - ok
18:44:59.0928 0x061c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:44:59.0959 0x061c usbvideo - ok
18:45:00.0006 0x061c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:45:00.0053 0x061c UxSms - ok
18:45:00.0084 0x061c [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
18:45:00.0100 0x061c VaultSvc - ok
18:45:00.0162 0x061c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:45:00.0178 0x061c vdrvroot - ok
18:45:00.0271 0x061c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:45:00.0349 0x061c vds - ok
18:45:00.0396 0x061c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:45:00.0427 0x061c vga - ok
18:45:00.0458 0x061c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:45:00.0505 0x061c VgaSave - ok
18:45:00.0552 0x061c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:45:00.0568 0x061c vhdmp - ok
18:45:00.0614 0x061c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:45:00.0630 0x061c viaide - ok
18:45:00.0646 0x061c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:45:00.0677 0x061c volmgr - ok
18:45:00.0724 0x061c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:45:00.0755 0x061c volmgrx - ok
18:45:00.0770 0x061c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:45:00.0802 0x061c volsnap - ok
18:45:00.0864 0x061c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:45:00.0880 0x061c vsmraid - ok
18:45:00.0973 0x061c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:45:01.0067 0x061c VSS - ok
18:45:01.0098 0x061c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:45:01.0114 0x061c vwifibus - ok
18:45:01.0176 0x061c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:45:01.0207 0x061c vwififlt - ok
18:45:01.0270 0x061c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:45:01.0332 0x061c W32Time - ok
18:45:01.0348 0x061c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:45:01.0379 0x061c WacomPen - ok
18:45:01.0457 0x061c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:45:01.0519 0x061c WANARP - ok
18:45:01.0535 0x061c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:45:01.0582 0x061c Wanarpv6 - ok
18:45:01.0660 0x061c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:45:01.0753 0x061c WatAdminSvc - ok
18:45:01.0847 0x061c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:45:01.0940 0x061c wbengine - ok
18:45:01.0987 0x061c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:45:02.0034 0x061c WbioSrvc - ok
18:45:02.0081 0x061c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:45:02.0112 0x061c wcncsvc - ok
18:45:02.0159 0x061c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:45:02.0190 0x061c WcsPlugInService - ok
18:45:02.0221 0x061c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:45:02.0237 0x061c Wd - ok
18:45:02.0284 0x061c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:45:02.0330 0x061c Wdf01000 - ok
18:45:02.0408 0x061c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:45:02.0471 0x061c WdiServiceHost - ok
18:45:02.0471 0x061c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:45:02.0502 0x061c WdiSystemHost - ok
18:45:02.0549 0x061c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:45:02.0596 0x061c WebClient - ok
18:45:02.0642 0x061c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:45:02.0689 0x061c Wecsvc - ok
18:45:02.0705 0x061c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:45:02.0752 0x061c wercplsupport - ok
18:45:02.0798 0x061c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:45:02.0861 0x061c WerSvc - ok
18:45:02.0908 0x061c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:45:02.0954 0x061c WfpLwf - ok
18:45:02.0970 0x061c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:45:02.0986 0x061c WIMMount - ok
18:45:03.0017 0x061c WinDefend - ok
18:45:03.0032 0x061c WinHttpAutoProxySvc - ok
18:45:03.0126 0x061c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:45:03.0204 0x061c Winmgmt - ok
18:45:03.0313 0x061c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
18:45:03.0422 0x061c WinRM - ok
18:45:03.0516 0x061c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
18:45:03.0547 0x061c WinUsb - ok
18:45:03.0625 0x061c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:45:03.0688 0x061c Wlansvc - ok
18:45:03.0719 0x061c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:45:03.0750 0x061c WmiAcpi - ok
18:45:03.0812 0x061c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:45:03.0828 0x061c wmiApSrv - ok
18:45:03.0906 0x061c WMPNetworkSvc - ok
18:45:03.0937 0x061c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:45:03.0984 0x061c WPCSvc - ok
18:45:04.0062 0x061c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:45:04.0093 0x061c WPDBusEnum - ok
18:45:04.0140 0x061c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:45:04.0187 0x061c ws2ifsl - ok
18:45:04.0296 0x061c [ AD12F5C7251BB8D575D560894E73CBBA, FAAA1440CBBDC889C0B8917065B932A9CC86E5C0FD5845D8830482915AF83F40 ] WsAudioDevice_383S(1) C:\Windows\system32\drivers\WsAudioDevice_383S(1).sys
18:45:04.0312 0x061c WsAudioDevice_383S(1) - ok
18:45:04.0358 0x061c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:45:04.0374 0x061c wscsvc - ok
18:45:04.0390 0x061c WSearch - ok
18:45:04.0514 0x061c [ FFD80DC0CDA145C3376A5076360162C8, 2DA34929DC416164A001B7C711D7CF1046FAE53F8B31697F3EC4AF75C45163E5 ] WtuSystemSupport C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
18:45:04.0546 0x061c WtuSystemSupport - ok
18:45:04.0686 0x061c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
18:45:04.0811 0x061c wuauserv - ok
18:45:04.0873 0x061c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:45:04.0936 0x061c WudfPf - ok
18:45:05.0014 0x061c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
18:45:05.0045 0x061c WUDFRd - ok
18:45:05.0060 0x061c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:45:05.0107 0x061c wudfsvc - ok
18:45:05.0154 0x061c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:45:05.0232 0x061c WwanSvc - ok
18:45:05.0294 0x061c [ 64F88AF327AA74E03658AE32B48CCB8B, 52C8941D96F2EF89BBC4A4268DC59E5BC89AE2DAB199C13BBFF11C2606BE7FFA ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
18:45:05.0341 0x061c yukonw7 - ok
18:45:05.0404 0x061c ================ Scan global ===============================
18:45:05.0435 0x061c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:45:05.0497 0x061c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
18:45:05.0513 0x061c [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
18:45:05.0544 0x061c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:45:05.0606 0x061c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:45:05.0622 0x061c [ Global ] - ok
18:45:05.0622 0x061c ================ Scan MBR ==================================
18:45:05.0638 0x061c [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
18:45:06.0402 0x061c \Device\Harddisk0\DR0 - ok
18:45:06.0402 0x061c ================ Scan VBR ==================================
18:45:06.0418 0x061c [ 73BD214E092EF93C8049B2CB66FA1478 ] \Device\Harddisk0\DR0\Partition1
18:45:06.0418 0x061c \Device\Harddisk0\DR0\Partition1 - ok
18:45:06.0433 0x061c [ 1EAE2E0CAB9E210F16CB3576C211CECF ] \Device\Harddisk0\DR0\Partition2
18:45:06.0433 0x061c \Device\Harddisk0\DR0\Partition2 - ok
18:45:06.0449 0x061c [ 0620FF35B98973AA57D9E0D2B97D0E4D ] \Device\Harddisk0\DR0\Partition3
18:45:06.0449 0x061c \Device\Harddisk0\DR0\Partition3 - ok
18:45:06.0449 0x061c ================ Scan generic autorun ======================
18:45:06.0854 0x061c [ 1E1FDBB3DF6EAE61984AEBC213271175, FA92FD4BBC60A3795FCAC90EC8A64A10E8C665A22B4B40F531685A043642C11E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:45:07.0088 0x061c RtHDVCpl - ok
18:45:07.0151 0x061c [ 105D15521C5BE6E62607BE69BE31D6E5, 0D908AC31AA09771F29579B89CCC7E9D1E7FC9AA0F521D040D0AF784C455655E ] C:\Windows\system32\igfxtray.exe
18:45:07.0166 0x061c IgfxTray - ok
18:45:07.0198 0x061c [ 5ADCD4825ABF840FDEBFC728D4DBF9D1, 87A19A6B50C474783DD4C7949021E4F497038B229BE13D7084F0B447FCD966AC ] C:\Windows\system32\hkcmd.exe
18:45:07.0229 0x061c HotKeysCmds - ok
18:45:07.0260 0x061c [ 40AEA35EB8A4ABBCD3E31A4D84028DD3, BE5F2D956109C84582F94190768B30ABBC10AD7DCC401948F7491BF3201AEB8C ] C:\Windows\system32\igfxpers.exe
18:45:07.0291 0x061c Persistence - ok
18:45:07.0291 0x061c ETDWare - ok
18:45:07.0681 0x061c [ 4D8BEBA64D348A74A11061E3BC32F96C, 7D7F38C7746B17369245046BE6B56055DDDAE6C3403266F8A95238F536FEE455 ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
18:45:07.0790 0x061c AVG_UI - ok
18:45:07.0946 0x061c [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
18:45:08.0024 0x061c Adobe ARM - ok
18:45:08.0134 0x061c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:45:08.0212 0x061c Sidebar - ok
18:45:08.0243 0x061c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:45:08.0258 0x061c mctadmin - ok
18:45:08.0336 0x061c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:45:08.0383 0x061c Sidebar - ok
18:45:08.0414 0x061c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:45:08.0430 0x061c mctadmin - ok
18:45:08.0742 0x061c [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\Nutzer\AppData\Local\Akamai\netsession_win.exe
18:45:08.0867 0x061c Akamai NetSession Interface - ok
18:45:09.0538 0x061c [ 845799C9874B68BEAE3B64059653C7E3, 2E0B9DD46569A6449989E2D7C60B88B46352A178019B4BD840C166674E798CFD ] C:\Program Files\CCleaner\CCleaner64.exe
18:45:09.0725 0x061c CCleaner Monitoring - ok
18:45:09.0740 0x061c Waiting for KSN requests completion. In queue: 119
18:45:10.0754 0x061c Waiting for KSN requests completion. In queue: 119
18:45:11.0768 0x061c Waiting for KSN requests completion. In queue: 119
18:45:12.0892 0x061c AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.6030 ), 0x41000 ( enabled : updated )
18:45:12.0923 0x061c Win FW state via NFP2: enabled
18:45:15.0372 0x061c ============================================================
18:45:15.0372 0x061c Scan finished
18:45:15.0372 0x061c ============================================================
18:45:15.0388 0x110c Detected object count: 3
18:45:15.0388 0x110c Actual detected object count: 3
18:50:08.0450 0x110c sfdrv01 ( UnsignedFile.Multi.Generic ) - skipped by user
18:50:08.0450 0x110c sfdrv01 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:50:08.0450 0x110c sfhlp02 ( UnsignedFile.Multi.Generic ) - skipped by user
18:50:08.0450 0x110c sfhlp02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:50:08.0450 0x110c sfvfs02 ( UnsignedFile.Multi.Generic ) - skipped by user
18:50:08.0450 0x110c sfvfs02 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:50:14.0549 0x0c24 Deinitialize success
Tausend Dank! |
|
20.06.2015, 12:03
| #6 |
| /// the machine /// TB-Ausbilder | Laptop läuft seit Kurzem deutlich langsamer http://support2.microsoft.com/kb/929135/de Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht. Diesen dann hier benennen.
__________________ --> Laptop läuft seit Kurzem deutlich langsamer |
|
20.06.2015, 12:51
| #7 |
| | Laptop läuft seit Kurzem deutlich langsamer Danke für die Hilfe. Inzwischen ist die Geschwindigkeit des Laptops nicht mehr merklich langsamer gegenüber dem "Normalzustand". Wann diese Verbesserung genau eingetreten ist, ist schwer zu sagen. Insofern vermute ich aber, dass das (De-)Aktivieren der einzelnen Dienste im Rahmen des Clean Boot keinen klaren Schluss zulässt, was bzw. ob etwas noch zu reparieren ist. Ich weiß nicht, ob überhaupt noch Handlungsbedarf besteht. Was nun? |
|
21.06.2015, 08:27
| #8 |
| /// the machine /// TB-Ausbilder | Laptop läuft seit Kurzem deutlich langsamer Naja, das musst du wissen. Ist er langsam, mach den Clean Boot, ansonsten einfach mal abwarten und testen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.06.2015, 20:52
| #9 |
| | Laptop läuft seit Kurzem deutlich langsamer Ich habe jetzt erstmal das Gefühl, dass der Rechner wieder gut läuft. Von mir aus also vorerst kein Bedarf mehr. Für mich war die Frage, ob es noch irgendwelche "Plagegeister" gibt - ich entdecke in dem ganzen Wirrwarr ja nix. Aber wenn ich nun nix mehr höre, sage ich mal  für die große Unterstützung und sehe das Thema als erledigt an.Wenn nochmal was kommen sollte, mach ich den Clean Boot und melde mich dann wieder. |
|
22.06.2015, 12:43
| #10 |
| /// the machine /// TB-Ausbilder | Laptop läuft seit Kurzem deutlich langsamer Soweit war nix zu sehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Laptop läuft seit Kurzem deutlich langsamer |
| bluestacks, dankbar, download, entfernt, euren, funde, gleichzeitig, große, hallo zusammen, installation, kurzem, langsame, langsamer, laptop, laufen, malwarebytes, natürlich, player, programme, seitdem, total, wahrscheinlich, woche, wochen, ziemlich, zusammen |
Linear-Darstellung
