hey

kennt wer wie ich das kontrollieren könnte ?
habe es durch hxxp://whoer.net/ bemerkt


Yes (Illegal 3rd party exploits, including proxies, worms and trojan)

****IP is listed in the XBL, because it appears in: CBL


Diese IP-Adresse ist infiziert oder ist NATting für eine Maschine mit Tinba infiziert.


Tinba (auch als "kleine Banker" und "Illi" bekannt) ist ein E-Banking-Trojaner zielte darauf ab, die Anmeldeinformationen für das Online-Banking-Konten zu stehlen. Es verbreitet sich über entführt Webseiten (Drive-by-Exploits) und bösartigen E-Mail-Anhänge.

Die CBL Erkennung wird mit sinkholing Techniken hergestellt.

Dies wurde durch eine TCP / IP-Verbindung von IP auf Port 2328 gehen, um die IP-Adresse 192.42.119.41 (der erfasste Doline) auf Port 80.

Das Botnet Kommando- und Kontrolldomäne für diese Verbindung war "qdphhwkjrhrn.com".

Hinter einem NAT, sollten Sie in der Lage, die infizierte Maschine durch die Suche nach versuchten Verbindungen zur IP-Adresse 192.42.119.41 oder den Hostnamen qdphhwkjrhrn.com auf jedem Port mit einem Netzwerk-Sniffer wie Wireshark zu finden sein. Äquivalent, können Sie Ihre DNS-Server oder Proxy-Server-Logs, um Verweise auf 192.42.119.41 oder qdphhwkjrhrn.com zu untersuchen. Siehe Fortgeschrittene Techniken für weitere Einzelheiten über, wie Wireshark verwenden - ignorieren Sie die Verweise auf Port 25 / SMTP-Verkehr - die Identifizierung von Tätigkeit nicht an Port 25.

Dieser Nachweis entspricht einer Verbindung am 2015.08.27 11.09.48 (GMT - dieser Zeitstempel wird mit einer Genauigkeit von 1 Sekunde angenommen).


habe ein Router an dem sind noch 3 desktop pc und 1 android 2 windows Smartphones angeschlossen

gilt das für mein pc oder kann es alle im Netzwerk betreffen ?

bei mir sind diese Ports offen
21offenFTP-Server
22offenSecure Shell (SSH)
23offenTelnet-Server
53offenDNS
80offenWeb-Server
1723offenVPN-Server (PPTP)

soll das so sein ?

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Code: Alles auswählenAufklappen

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-08-2015
durchgeführt von Kostik (Administrator) auf KOSTIK-PC (28-08-2015 12:22:22)
Gestartet von C:\Users\Kostik\Downloads\Programs
Geladene Profile: Kostik (Verfügbare Profile: Kostik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Driver-Soft Inc.) C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Cristi) D:\Dual Monitor\DualMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Malwarebytes Corporation) K:\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Malwarebytes Corporation) K:\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes Corporation) K:\ Malwarebytes Anti-Malware \mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(eVenture Limited) C:\Program Files (x86)\hide.me VPN\vpnsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-21] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-04-28] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3992208 2014-10-03] (Stardock Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-05] (COMODO)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2015-07-22] (Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [383768 2013-07-12] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-08-28] (Malwarebytes Corporation)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4939800 2015-08-20] (Emsisoft Ltd)
HKU\S-1-5-21-4162029952-804958439-1470344954-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3907152 2015-08-14] (Tonec Inc.)
HKU\S-1-5-21-4162029952-804958439-1470344954-1000\...\Run: [dualmonitor] => D:\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
IFEO\ccleaner64.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\dtagent.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [! IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\S-1-5-21-4162029952-804958439-1470344954-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-nl/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4162029952-804958439-1470344954-1000 -> {35E85216-0BEA-48F0-B7B1-4CA16F1A5AD2} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-08-21] (Internet Download Manager, Tonec Inc.)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-08-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-22] (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-07-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [NameServer] 46.166.179.34 46.166.179.35 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [DhcpNameServer] 46.166.179.34 46.166.179.35

FireFox:
========
FF ProfilePath: C:\Users\Kostik\AppData\Roaming\Mozilla\Firefox\Profiles\5evw9erv.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-11] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-22] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-07-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Keine Datei]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-14] (NVIDIA Corporation)
FF Plugin-x32: @qq.com/npchrome -> C:\Program Files (x86)\Common Files\Tencent\Npchrome\npchrome.dll [Keine Datei]
FF Plugin-x32: @qq.com/npqscall -> C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-28] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Extension: HTTPS-Everywhere - C:\Users\Kostik\AppData\Roaming\Mozilla\Firefox\Profiles\5evw9erv.default\Extensions\https-everywhere@eff.org [2015-08-15]
FF Extension: Blur - C:\Users\Kostik\AppData\Roaming\Mozilla\Firefox\Profiles\5evw9erv.default\Extensions\donottrackplus@abine.com.xpi [2015-07-31]
FF Extension: Adblock Plus - C:\Users\Kostik\AppData\Roaming\Mozilla\Firefox\Profiles\5evw9erv.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-02]
FF HKU\S-1-5-21-4162029952-804958439-1470344954-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: Kein Name - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2015-08-21]
FF HKU\S-1-5-21-4162029952-804958439-1470344954-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Kostik\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Kostik\AppData\Roaming\IDM\idmmzcc5 [2015-08-20]
StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-28]
CHR Extension: (Google Docs) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-28]
CHR Extension: (Google Drive) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-28]
CHR Extension: (YouTube) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-28]
CHR Extension: (uBlock Origin) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-08-06]
CHR Extension: (Adblock for Youtube™) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2015-07-30]
CHR Extension: (Google Search) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-28]
CHR Extension: (Blur) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2015-08-27]
CHR Extension: (Google Sheets) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-28]
CHR Extension: (HTTPS Everywhere) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-07-28]
CHR Extension: (Referer Control) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkcfpcejkafcihlgbojoidoihckciin [2015-07-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-28]
CHR Extension: (AllDebrid Chrome Extension) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdjbgnpehbhpibonmjjjbjaoechnlcaf [2015-07-28]
CHR Extension: (Ghostery) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-07-28]
CHR Extension: (IDM Integration Module) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-07-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Kostik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-21]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-08-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [5531008 2015-08-20] (Emsisoft Ltd)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-07-22] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-07-22] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-07-22] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe [324608 2015-07-22] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2765496 2015-08-24] (Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-08-05] (COMODO)
R3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-05] (COMODO)
S4 Disc Soft Lite Bus Service; D:\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-06] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-20] (NVIDIA Corporation)
R2 hmevpnsvc; C:\Program Files (x86)\hide.me VPN\vpnsvc.exe [190672 2015-08-25] (eVenture Limited)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [24888 2015-07-26] (Hewlett-Packard Company)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
R3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160768 2011-05-27] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-08-28] (Malwarebytes Corporation)
R2 MBAMScheduler; K:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; K:\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-20] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-20] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2015-08-27] (Riverbed Technology, Inc.)
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2015-07-22] ()
R0 asstor64; C:\Windows\System32\DRIVERS\asstor64.sys [81208 2014-10-23] (Asmedia Technology)
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2015-07-22] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2015-07-22] (MCCI Corporation)
R3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [24648 2015-07-22] (MCCI Corporation)
R3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [141896 2015-07-22] (MCCI Corporation)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-07-27] (Disc Soft Ltd)
R1 epp64; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys [138504 2015-08-08] (Emsisoft GmbH)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-08-28] ()
S3 HWiNFO32; C:\Users\Kostik\AppData\Local\Temp\HWiNFO64A.SYS [31136 2015-08-28] () [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO)
R2 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [109272 2015-08-27] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-08-27] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-08-27] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-08-28] (Intel Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-21] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [31144 2015-06-04] (TuneUp Software)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S1 SDHookDriver; \??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-28 12:21 - 2015-08-28 12:22 - 00000000 ____D C:\FRST
2015-08-28 02:43 - 2015-08-28 02:43 - 00000000 ____D C:\Intel
2015-08-28 02:29 - 2015-08-28 02:29 - 00000901 _____ C:\Users\Public\Desktop\CPUID CPU-Z MSI.lnk
2015-08-28 02:29 - 2015-08-28 02:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-08-28 02:29 - 2015-08-28 02:29 - 00000000 ____D C:\Program Files\CPUID
2015-08-28 02:13 - 2015-08-28 02:13 - 00000578 _____ C:\EamClean.log
2015-08-28 01:58 - 2015-08-28 02:25 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-08-28 01:58 - 2015-08-28 01:58 - 00001120 _____ C:\Users\Kostik\Desktop\Malwarebytes Anti-Exploit.lnk
2015-08-28 01:58 - 2015-08-28 01:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-08-28 01:58 - 2015-08-28 01:58 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-08-28 01:00 - 2015-08-28 01:00 - 01283592 _____ (Avira Operations GmbH & Co. KG) C:\Users\Kostik\Desktop\AviraDNSRepairDE.exe
2015-08-28 00:31 - 2015-08-28 00:31 - 00000000 ____D C:\Program Files (x86)\Heimdal
2015-08-28 00:27 - 2015-08-28 00:27 - 00000000 ____D C:\ProgramData\CSIS
2015-08-28 00:19 - 2015-08-28 01:52 - 00000000 ____D C:\ProgramData\HitmanPro.Alert
2015-08-28 00:19 - 2015-08-28 00:43 - 00000000 ____D C:\Windows\CryptoGuard
2015-08-28 00:19 - 2015-08-28 00:23 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-27 23:18 - 2015-08-27 23:18 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Wireshark
2015-08-27 23:15 - 2015-08-28 12:20 - 00801642 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-08-27 23:15 - 2015-08-27 23:15 - 00000000 ___HD C:\VTRoot
2015-08-27 23:11 - 2015-08-27 23:11 - 00001545 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2015-08-27 23:11 - 2015-08-27 23:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2015-08-27 23:11 - 2015-08-27 23:11 - 00000000 ____D C:\Program Files\Wireshark
2015-08-27 23:11 - 2015-08-27 23:11 - 00000000 ____D C:\Program Files (x86)\WinPcap
2015-08-27 15:46 - 2015-08-27 15:46 - 00001091 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2015-08-27 15:46 - 2015-08-27 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
2015-08-27 00:01 - 2015-08-27 00:01 - 00000000 ____D C:\Users\Kostik\Desktop\küchenbretter
2015-08-26 20:55 - 2015-08-26 20:55 - 00002049 _____ C:\Users\Kostik\Desktop\JDownloader 2.lnk
2015-08-26 20:55 - 2015-08-26 20:55 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2015-08-26 20:54 - 2015-08-26 21:06 - 00000000 ____D C:\Users\Kostik\AppData\Local\JDownloader v2.0
2015-08-25 15:53 - 2015-08-25 16:35 - 00000000 ____D C:\Users\Kostik\Desktop\Bewerbung
2015-08-22 13:07 - 2015-08-27 23:00 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Hide.me
2015-08-22 13:07 - 2015-08-22 13:08 - 00000000 ____D C:\Program Files (x86)\hide.me VPN
2015-08-22 13:07 - 2015-08-22 13:07 - 00001025 _____ C:\Users\Public\Desktop\hide.me VPN.lnk
2015-08-22 13:07 - 2015-08-22 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hide.me VPN
2015-08-21 22:25 - 2015-08-26 01:28 - 00001121 _____ C:\Users\Kostik\Desktop\Revo Uninstaller Pro.lnk
2015-08-21 22:22 - 2015-08-21 22:22 - 00031800 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-08-21 22:22 - 2015-08-21 22:22 - 00000000 ____D C:\Users\Kostik\AppData\Local\VS Revo Group
2015-08-21 22:22 - 2015-08-21 22:22 - 00000000 ____D C:\ProgramData\VS Revo Group
2015-08-21 22:22 - 2015-08-21 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-08-21 22:22 - 2015-08-21 22:22 - 00000000 ____D C:\Program Files\VS Revo Group
2015-08-21 22:14 - 2015-08-22 15:21 - 00000000 ____D C:\Users\Kostik\Documents\Endless Legend
2015-08-21 18:19 - 2015-08-21 18:19 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-21 18:19 - 2015-08-21 18:19 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-21 18:19 - 2015-08-21 18:19 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-21 18:19 - 2015-08-21 18:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-21 18:19 - 2015-08-21 18:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-21 18:19 - 2015-08-21 18:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-21 18:19 - 2015-08-21 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-21 18:19 - 2015-08-21 18:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-21 18:18 - 2015-08-21 18:18 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-08-21 18:18 - 2015-08-21 18:18 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-08-21 18:18 - 2015-08-21 18:18 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-08-21 18:18 - 2015-08-21 18:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-08-21 18:16 - 2015-08-21 18:17 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-21 18:16 - 2015-08-21 18:17 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-21 18:16 - 2015-08-21 18:16 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-21 18:16 - 2015-08-21 18:16 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-21 18:16 - 2015-08-21 18:16 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-21 18:16 - 2015-08-21 18:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-21 16:25 - 2015-08-28 01:47 - 00197616 _____ (Tonec Inc.) C:\Windows\system32\Drivers\idmwfp.sys
2015-08-19 17:19 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 17:19 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 17:19 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 17:19 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 00:20 - 2015-08-23 21:53 - 00000000 ____D C:\Users\Kostik\Desktop\Künstlerset
2015-08-15 02:54 - 2015-08-15 02:54 - 00000000 ____D C:\Users\Kostik\Desktop\Neuer Ordner
2015-08-14 13:04 - 2015-08-14 13:04 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-14 13:04 - 2015-08-14 13:04 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 13:04 - 2015-08-14 13:04 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-14 13:04 - 2015-08-14 13:04 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-14 13:04 - 2015-08-07 06:34 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-14 13:04 - 2015-08-07 06:34 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-14 13:04 - 2015-08-07 06:34 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-14 13:04 - 2015-08-07 06:34 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-14 13:04 - 2015-08-07 06:34 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-14 13:04 - 2015-08-03 12:12 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-08-14 13:03 - 2015-08-14 13:04 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 13:03 - 2015-08-14 13:04 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-08-14 13:03 - 2015-08-14 13:04 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-14 13:03 - 2015-08-14 13:04 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-08-14 13:03 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 13:03 - 2015-08-07 13:06 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-13 20:51 - 2015-08-13 20:51 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-08-13 20:51 - 2015-08-13 20:51 - 00000000 ____D C:\ProgramData\Shared Space
2015-08-13 20:51 - 2015-08-13 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2015-08-13 20:51 - 2015-08-13 20:51 - 00000000 ____D C:\Program Files\COMODO
2015-08-13 02:36 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 02:36 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 23:57 - 2015-08-12 23:57 - 00000000 ____D C:\Users\Kostik\AppData\Local\Chromium
2015-08-12 23:55 - 2015-08-12 23:55 - 00017551 _____ C:\Windows\DirectX.log
2015-08-12 15:47 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 15:47 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 15:47 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 15:47 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 15:47 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 15:47 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 15:47 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 15:47 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 15:47 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 15:47 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 15:47 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 15:47 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 15:47 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 15:47 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 15:47 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 15:47 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 15:47 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 15:46 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 15:46 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 15:46 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 15:46 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 15:46 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 15:46 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 15:46 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 15:46 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 15:46 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 15:46 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 15:46 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 15:46 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 15:46 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 15:46 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 15:46 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 15:46 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 15:46 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 15:46 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 15:46 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 15:46 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 15:46 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 15:46 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 15:46 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 15:46 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 15:46 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 15:46 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 15:46 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 15:46 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 15:46 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 15:46 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 15:46 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 15:46 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 15:46 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 15:46 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 15:46 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 15:46 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 15:46 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 15:46 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 15:46 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 15:46 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 15:46 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 15:46 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 15:46 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 15:46 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 15:46 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 15:46 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 15:46 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 15:46 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 15:46 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 15:46 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 15:46 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 15:46 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 15:46 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 15:46 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 15:46 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 15:46 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 15:46 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 15:46 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 15:45 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 15:45 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 15:45 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 15:45 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 15:45 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 15:45 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 15:45 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 15:45 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 15:45 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 15:45 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 15:45 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 15:45 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 15:45 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 15:45 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 15:45 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 15:45 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 15:45 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 15:45 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 15:45 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 15:45 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 15:45 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 15:45 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 15:45 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 15:45 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 15:45 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 15:45 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 15:45 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 15:45 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 15:45 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 15:45 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 15:45 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 15:45 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 15:45 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 15:45 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 15:45 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 15:25 - 2015-08-12 15:25 - 00000000 ____D C:\Users\Kostik\AppData\Local\Ntronium_Games
2015-08-12 15:24 - 2015-08-12 15:24 - 00000000 ____D C:\Users\Kostik\AppData\Local\Armada 2526 Gold
2015-08-11 00:05 - 2015-08-11 00:04 - 00222366 ____N C:\Users\Kostik\Desktop\Kontakte_003.vcf
2015-08-10 23:32 - 2015-08-10 23:32 - 00002026 _____ C:\Users\Kostik\Desktop\Customize Fences.lnk
2015-08-10 23:32 - 2015-08-10 23:32 - 00000000 ____D C:\Users\Kostik\Downloads\Stardock
2015-08-10 23:32 - 2015-08-10 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stardock
2015-08-10 23:32 - 2015-08-10 23:32 - 00000000 ____D C:\Program Files (x86)\Stardock
2015-08-10 22:35 - 2015-08-10 22:35 - 00018760 _____ C:\Windows\SysWOW64\QQVistaHelper.dll
2015-08-10 16:51 - 2015-08-28 12:00 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-10 16:51 - 2015-08-11 20:00 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-10 16:51 - 2015-08-11 20:00 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-10 16:51 - 2015-08-11 20:00 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-10 16:51 - 2015-08-10 16:51 - 00001422 _____ C:\Users\Kostik\Desktop\XYplorer - Verknüpfung.lnk
2015-08-10 16:51 - 2015-08-10 16:51 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-10 15:33 - 2015-08-28 11:52 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-10 15:33 - 2015-08-27 23:31 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-10 15:33 - 2015-08-27 23:31 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-10 15:33 - 2015-08-27 23:31 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-10 15:33 - 2015-08-27 23:31 - 00000517 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-10 15:33 - 2015-08-27 23:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-08-10 15:33 - 2015-08-10 15:33 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-08-10 15:27 - 2015-08-28 11:52 - 00008795 _____ C:\Windows\setupact.log
2015-08-10 15:27 - 2015-08-28 01:45 - 00008580 _____ C:\Windows\PFRO.log
2015-08-10 15:27 - 2015-08-10 15:27 - 00077408 _____ C:\Users\Kostik\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-10 15:27 - 2015-08-10 15:27 - 00000000 _____ C:\Windows\setuperr.log
2015-08-10 15:25 - 2015-08-27 15:41 - 00000000 ____D C:\Program Files\Unlocker
2015-08-10 15:25 - 2015-08-10 15:25 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-08-10 14:49 - 2015-08-10 14:49 - 00000000 ____D C:\Program Files (x86)\XYplorer
2015-08-09 21:06 - 2015-08-09 21:06 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-08-09 21:05 - 2015-08-10 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2015-08-09 00:37 - 2015-08-09 00:37 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\LolClient
2015-08-08 17:09 - 2015-08-08 17:09 - 00000000 ____D C:\Users\Kostik\AppData\Local\Avanquest
2015-08-08 00:31 - 2015-08-08 20:25 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Skype
2015-08-08 00:31 - 2015-08-08 00:31 - 00000000 ____D C:\Users\Kostik\Tracing
2015-08-08 00:31 - 2015-08-08 00:31 - 00000000 ____D C:\Users\Kostik\AppData\Local\Skype
2015-08-08 00:31 - 2015-08-08 00:31 - 00000000 ____D C:\ProgramData\DualMonitor
2015-08-08 00:20 - 2015-08-08 11:43 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-08-07 14:58 - 2015-08-13 20:51 - 00000000 ____D C:\ProgramData\Comodo
2015-08-07 00:26 - 2015-08-10 14:16 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2015-08-07 00:26 - 2015-08-08 20:25 - 00000000 ____D C:\Users\Kostik\AppData\Local\Abelssoft
2015-08-07 00:26 - 2015-08-07 00:26 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Abelssoft
2015-08-07 00:26 - 2015-08-07 00:26 - 00000000 ____D C:\ProgramData\XDMessagingv4
2015-08-06 12:59 - 2015-08-06 12:59 - 00305152 _____ (Intel(R) Corporation) C:\Windows\system32\Ncs2Setp.dll
2015-08-06 12:51 - 2015-08-27 14:17 - 00273904 _____ (Intel Corporation) C:\Windows\system32\IPROSetMonitor.exe
2015-08-06 12:51 - 2015-08-06 12:51 - 03795952 _____ (Intel(R) Corporation) C:\Windows\system32\ncscolib.dll
2015-08-06 12:51 - 2015-08-06 12:51 - 00879600 _____ (Intel(R) Corporation) C:\Windows\system32\ncs2dmix.dll
2015-08-06 12:51 - 2015-08-06 12:51 - 00835056 _____ (Intel(R) Corporation) C:\Windows\system32\accesor.dll
2015-08-06 12:51 - 2015-08-06 12:51 - 00270320 _____ (Intel(R) Corporation) C:\Windows\system32\ncs2instutility.dll
2015-08-06 12:51 - 2015-08-06 12:51 - 00037832 _____ (Intel Corporation ) C:\Windows\system32\Drivers\iqvw64e.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00806032 _____ (COMODO) C:\Windows\system32\Drivers\cmdguard.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00105096 _____ (COMODO) C:\Windows\system32\Drivers\inspect.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00045856 _____ (COMODO) C:\Windows\system32\Drivers\cmdhlp.sys
2015-08-05 01:31 - 2015-08-05 01:31 - 00021184 _____ (COMODO) C:\Windows\system32\Drivers\cmderd.sys
2015-08-05 01:29 - 2015-08-05 01:29 - 00579408 _____ (COMODO) C:\Windows\system32\guard64.dll
2015-08-05 01:29 - 2015-08-05 01:29 - 00445472 _____ (COMODO) C:\Windows\SysWOW64\guard32.dll
2015-08-05 01:29 - 2015-08-05 01:29 - 00041224 _____ (COMODO) C:\Windows\system32\cmdcsr.dll
2015-08-05 01:28 - 2015-08-05 01:28 - 00358080 _____ (COMODO) C:\Windows\system32\cmdvrt64.dll
2015-08-05 01:28 - 2015-08-05 01:28 - 00045760 _____ (COMODO) C:\Windows\system32\cmdkbd64.dll
2015-08-05 01:27 - 2015-08-05 01:27 - 00288448 _____ (COMODO) C:\Windows\SysWOW64\cmdvrt32.dll
2015-08-05 01:26 - 2015-08-05 01:26 - 00040640 _____ (COMODO) C:\Windows\SysWOW64\cmdkbd32.dll
2015-08-04 11:15 - 2015-08-27 02:02 - 00000336 _____ C:\Windows\Tasks\HPCeeScheduleForKostik.job
2015-08-04 11:15 - 2015-08-27 00:24 - 00003192 _____ C:\Windows\System32\Tasks\HPCeeScheduleForKostik
2015-08-03 22:29 - 2015-08-03 22:29 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2015-08-03 21:51 - 2015-08-27 00:18 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2015-08-03 21:48 - 2015-08-04 11:15 - 00000000 ____D C:\Users\Kostik\AppData\Local\Hewlett-Packard
2015-08-03 21:47 - 2015-08-03 21:47 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Hewlett-Packard
2015-08-03 21:36 - 2015-08-03 21:36 - 00000000 ____D C:\System.sav
2015-08-03 21:36 - 2015-08-03 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-08-03 21:35 - 2015-08-05 09:31 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\hpqLog
2015-08-03 21:35 - 2015-08-05 09:31 - 00000000 ____D C:\ProgramData\{ECA9D0D4-7782-4B7F-96E2-FDB0CF0A57D5}
2015-08-03 19:56 - 2015-08-04 06:50 - 00000000 ____D C:\Windows\System32\Tasks\Hewlett-Packard
2015-08-03 19:56 - 2015-08-03 21:36 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
2015-08-02 19:27 - 2015-08-02 19:27 - 00000000 ____D C:\ProgramData\Riot Games
2015-08-02 19:26 - 2015-08-02 19:26 - 00001319 _____ C:\Users\Public\Desktop\League of Legends.lnk
2015-08-02 19:26 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-08-02 19:26 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-08-02 19:26 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-08-02 19:25 - 2015-08-02 19:26 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Riot Games
2015-08-02 19:09 - 2015-08-28 02:50 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\XYplorer
2015-08-02 19:08 - 2015-08-10 14:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XYplorer
2015-08-02 19:07 - 2015-08-02 19:07 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\WinRAR
2015-08-02 19:06 - 2015-08-02 19:06 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-02 19:06 - 2015-08-02 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-02 19:00 - 2015-08-02 19:00 - 00000000 _____ C:\Windows\SOFT_REPAIR
2015-08-01 22:12 - 2015-08-17 19:56 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\vlc
2015-07-29 23:52 - 2015-07-29 23:52 - 00000000 ____D C:\Users\Kostik\Documents\Larian Studios
2015-07-29 18:46 - 2015-08-15 20:15 - 00000000 ____D C:\Users\Kostik\Documents\My Games
2015-07-29 18:17 - 2015-08-10 20:13 - 00000000 ____D C:\Users\Kostik\Documents\Endless Space
2015-07-29 17:01 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-07-29 17:01 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-07-29 17:01 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-07-29 17:01 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-07-29 17:01 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-07-29 17:01 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-07-29 16:21 - 2015-07-29 16:21 - 00000000 ____D C:\Users\Kostik\AppData\Local\Steam
2015-07-29 16:21 - 2015-07-29 16:21 - 00000000 ____D C:\Users\Kostik\AppData\Local\CEF
2015-07-29 16:18 - 2015-07-29 16:18 - 00000515 _____ C:\Users\Public\Desktop\Steam.lnk
2015-07-29 16:18 - 2015-07-29 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-29 12:43 - 2015-08-10 22:20 - 00000000 ____D C:\Program Files\Common Files\AV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-28 12:22 - 2015-07-28 09:13 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2015-08-28 12:00 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-28 12:00 - 2009-07-14 06:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-28 11:58 - 2011-04-12 09:43 - 00817466 _____ C:\Windows\system32\perfh007.dat
2015-08-28 11:58 - 2011-04-12 09:43 - 00210690 _____ C:\Windows\system32\perfc007.dat
2015-08-28 11:58 - 2009-07-14 07:13 - 01816648 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-28 11:57 - 2015-07-22 12:58 - 00000000 _____ C:\Windows\Path.idx
2015-08-28 11:55 - 2015-07-21 17:44 - 01338222 _____ C:\Windows\WindowsUpdate.log
2015-08-28 11:54 - 2015-07-22 18:48 - 00006468 _____ C:\Windows\SysWOW64\Gms.log
2015-08-28 11:52 - 2015-07-28 17:28 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 11:52 - 2015-07-22 14:30 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-28 11:52 - 2015-07-22 12:55 - 01048576 _____ C:\Windows\PE_Rom.dll
2015-08-28 11:52 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-28 11:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-28 02:49 - 2015-07-07 20:45 - 00178976 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2015-08-28 02:47 - 2015-07-23 01:47 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\DMCache
2015-08-28 02:46 - 2015-07-23 01:47 - 00000000 ____D C:\Users\Kostik\Downloads\Compressed
2015-08-28 02:33 - 2015-07-28 17:28 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 01:52 - 2015-07-23 01:47 - 00000000 ____D C:\Program Files (x86)\Internet Download Manager
2015-08-28 01:47 - 2015-07-23 01:47 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\IDM
2015-08-28 00:45 - 2015-07-21 18:02 - 00000000 ____D C:\AdwCleaner
2015-08-27 23:56 - 2015-07-28 11:19 - 00007610 _____ C:\Users\Kostik\AppData\Local\Resmon.ResmonCfg
2015-08-27 15:41 - 2015-07-21 18:05 - 00000000 ____D C:\Program Files\Intel
2015-08-27 15:41 - 2015-07-21 17:45 - 00000000 ____D C:\Users\Kostik
2015-08-27 15:41 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-27 14:18 - 2015-07-22 18:13 - 00000000 ____D C:\ProgramData\DriverGenius
2015-08-27 14:18 - 2015-07-22 18:11 - 00003346 _____ C:\Windows\System32\Tasks\Driver Genius
2015-08-27 14:17 - 2015-07-21 18:05 - 00405488 _____ (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-08-27 14:16 - 2015-07-22 18:35 - 00005354 _____ C:\Windows\SysWOW64\Saved_Config.txt
2015-08-27 14:16 - 2015-07-22 18:35 - 00000416 _____ C:\Windows\SysWOW64\Saved_StaticIP.txt
2015-08-27 00:20 - 2015-07-28 16:41 - 00000000 ____D C:\ProgramData\HP
2015-08-25 12:58 - 2015-07-23 14:19 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-08-24 12:00 - 2015-07-23 02:22 - 00000000 ____D C:\ProgramData\FanXpert2
2015-08-23 17:22 - 2015-07-23 03:53 - 00000000 ____D C:\Users\Kostik\Documents\Tencent Files
2015-08-21 19:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-21 18:18 - 2015-07-22 14:56 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-08-21 18:18 - 2015-07-22 14:51 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-21 18:17 - 2015-07-22 14:51 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-08-21 18:13 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-08-18 01:30 - 2015-07-22 14:55 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-18 01:30 - 2015-07-22 14:55 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-18 01:29 - 2015-07-22 14:55 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-18 01:29 - 2015-07-22 14:55 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-16 16:04 - 2015-07-21 17:43 - 01808066 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-16 03:44 - 2015-07-22 12:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-14 13:05 - 2015-07-22 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 13:04 - 2015-07-22 14:54 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-14 13:04 - 2015-07-22 14:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-14 13:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-08-13 10:26 - 2015-07-28 13:00 - 00342272 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-13 10:26 - 2015-07-22 16:13 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 10:26 - 2015-07-22 16:13 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 02:34 - 2015-07-22 15:07 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 02:32 - 2015-07-22 15:07 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-10 23:32 - 2015-07-23 14:14 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Stardock
2015-08-10 22:20 - 2015-07-28 13:37 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2015-08-10 17:13 - 2015-07-27 17:58 - 00000000 ____D C:\Users\Kostik\AppData\Local\Adobe
2015-08-10 14:16 - 2015-07-23 01:47 - 00000000 ____D C:\Users\Kostik\Downloads\Video
2015-08-09 22:16 - 2015-07-22 18:30 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-09 21:02 - 2015-07-27 17:43 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\DAEMON Tools Lite
2015-08-08 21:43 - 2015-07-27 20:05 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Awesomium
2015-08-08 20:25 - 2015-07-22 18:31 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2015-08-08 20:25 - 2015-07-22 18:11 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Avanquest Software
2015-08-08 20:25 - 2015-07-22 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2015-08-08 20:25 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-08 20:24 - 2015-07-22 18:11 - 00000000 ____D C:\Program Files (x86)\Driver-Soft
2015-08-08 19:46 - 2015-07-22 13:00 - 00000000 _____ C:\Windows\MB.idx
2015-08-07 00:10 - 2015-07-28 13:46 - 00000085 _____ C:\Windows\wininit.ini
2015-08-06 13:13 - 2015-07-21 18:05 - 00001904 ____N C:\Windows\system32\SetupBD.din
2015-08-06 09:08 - 2015-07-22 12:59 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\Adobe
2015-08-05 00:33 - 2009-07-14 04:34 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts.old
2015-08-04 06:50 - 2015-07-28 16:41 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2015-08-03 22:29 - 2015-07-28 16:41 - 00000167 _____ C:\Windows\system32\AddPort.ini
2015-08-02 21:13 - 2015-07-28 16:29 - 00001683 _____ C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2015-08-02 21:13 - 2015-07-27 17:58 - 00001741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2015-08-02 21:13 - 2015-07-27 17:57 - 00000000 ____D C:\ProgramData\Adobe
2015-08-02 12:27 - 2015-07-28 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2015-07-31 17:58 - 2015-07-23 02:38 - 00000000 ____D C:\Users\Kostik\AppData\Local\Mozilla
2015-07-29 19:12 - 2015-07-28 15:22 - 00000000 ____D C:\Users\Kostik\AppData\Roaming\WinPatrol
2015-07-29 19:12 - 2015-07-28 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-07-29 19:12 - 2015-07-28 15:22 - 00000000 ____D C:\ProgramData\InstallMate

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-22 13:06 - 2015-07-22 13:10 - 6103040 _____ () C:\Program Files (x86)\GUTABA.tmp
2015-07-23 13:43 - 2015-07-23 13:43 - 0033193 _____ () C:\Users\Kostik\AppData\Roaming\UserTile.png
2015-07-28 11:19 - 2015-08-27 23:56 - 0007610 _____ () C:\Users\Kostik\AppData\Local\Resmon.ResmonCfg
2015-07-22 18:35 - 2015-07-22 18:35 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Kostik\AppData\Local\Temp\130850877479541682.exe
C:\Users\Kostik\AppData\Local\Temp\130850886830066501.exe
C:\Users\Kostik\AppData\Local\Temp\13085088688327954585.exe
C:\Users\Kostik\AppData\Local\Temp\130850887881066615.exe
C:\Users\Kostik\AppData\Local\Temp\13085088793063945138.exe
C:\Users\Kostik\AppData\Local\Temp\HitmanPro_x64.exe
C:\Users\Kostik\AppData\Local\Temp\proxy_vole4688896009471804784.dll
C:\Users\Kostik\AppData\Local\Temp\qqsafeud.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-22 12:03

==================== Ende von FRST.txt ============================
         

Code: Alles auswählenAufklappen

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-08-2015
durchgeführt von Kostik (2015-08-28 12:22:41)
Gestartet von C:\Users\Kostik\Downloads\Programs
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-4162029952-804958439-1470344954-500 - Administrator - Disabled)
Gast (S-1-5-21-4162029952-804958439-1470344954-501 - Limited - Disabled)
Kostik (S-1-5-21-4162029952-804958439-1470344954-1000 - Administrator - Enabled) => C:\Users\Kostik

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Disabled - Up to date) {2F44E1F9-850B-1C7A-0E56-EB2E0A3E20C9}
AS: Comodo Defense+ (Enabled - Up to date) {493CE176-EB84-BC8D-9707-B3ACF7598648}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {9425001D-A331-13F4-34E6-D05C71B96A74}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {CA6681B7-87D1-B25B-86E8-21EB720D8B8E}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Wonders III (HKLM-x32\...\Steam App 226840) (Version:  - Triumph Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.17.3042.73586 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.17.3042.73586 - Alcor Micro Corp.) Hidden
Armada 2526 Gold Edition (HKLM-x32\...\Steam App 229970) (Version:  - Ntronium Games)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.0.2.0000 - Asmedia Technology)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
COMODO Firewall (HKLM\...\{367D1EA4-24FD-402F-AFF0-08A678D2EE28}) (Version: 8.2.0.4674 - COMODO Security Solutions Inc.)
CPUID CPU-Z MSI 1.72.1 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.72.1 - CPUID, Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Divinity: Original Sin (HKLM-x32\...\Steam App 230230) (Version:  - Larian Studios)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 10.0 - Emsisoft Ltd.)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
hide.me VPN Version 1.1.2 (HKLM-x32\...\{0E00BDA5-7998-4889-BE4B-39A4BBD2EDFB}_is1) (Version: 1.1.2 - eVenture Limited)
HP LaserJet Professional CP1520 Series (HKLM-x32\...\{5C069542-CA13-4f1b-B90C-28C6430F4992}) (Version:  - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.0.29.6 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.81 - Hewlett-Packard Company)
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.3.48.0 (HKLM\...\PROSetDX) (Version: 20.3.48.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.5.166.0 - Microsoft Corporation)
Microsoft Office Home and Business 2013 - de-de (HKLM\...\HomeBusinessRetail - de-de) (Version: 15.0.4745.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4745.1002 - Microsoft Corporation) Hidden
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26914 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Stardock Fences 2 (HKLM-x32\...\Stardock Fences 2) (Version: 2.13 - Stardock Software, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.353 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.353 - TuneUp Software) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireshark 1.12.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.7 - The Wireshark developer community, hxxp://www.wireshark.org)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XYplorer 15.50 (HKLM-x32\...\XYplorer) (Version: 15.50 - Donald Lessau)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

25-08-2015 13:02:48 Windows Update
26-08-2015 20:57:21 Revo Uninstaller Pro's restore point - QQ International
26-08-2015 20:57:32 删除 QQ International。
27-08-2015 14:15:30 Vor der Installation neuer Treiber - 27.08.2015 14:15:29
27-08-2015 14:16:49 Intel® Netzwerkanschlüsse
27-08-2015 15:35:09 Revo Uninstaller Pro's restore point - Emsisoft Anti-Malware
27-08-2015 15:40:29 Wiederherstellungsvorgang
28-08-2015 00:23:21 Prüfpunkt von HitmanPro
28-08-2015 01:51:53 Revo Uninstaller Pro's restore point - HitmanPro.Alert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0485C9CE-5566-4071-942D-74B09512A767} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {09CD721E-2B96-4E99-8C79-07CDF8AE45F5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {0DF551E0-A301-4CF9-A874-2C8360DBE3B3} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {137CCE76-D604-4E32-87CB-547BA4BDEF92} - System32\Tasks\ASUS\ASUS Network iControl Help Execute => C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelpEntry.exe [2012-05-02] (ASUSTeK Computer Inc.)
Task: {1621F49C-E788-4199-BDFE-19F80213E67E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {1B9BFDCE-847E-4A42-98A7-7285A8D72240} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
Task: {1CA0293B-4724-4B73-8AF2-67545E7D8B43} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-24] (Microsoft Corporation)
Task: {22D15D0B-EE8D-4762-8D51-85988EBB5EC1} - System32\Tasks\HPCeeScheduleForKostik => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {2C2F4231-A146-4F14-BF83-BB9AA389988E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {2CEAE339-6774-4316-A950-A5194BA8BCDF} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-07-08] (Microsoft Corporation)
Task: {34736463-67CF-4F88-8D57-346DC4D43F63} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2015-06-24] (Hewlett-Packard)
Task: {37741E03-9EC5-4726-8154-932894F3B693} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-08-24] (Microsoft Corporation)
Task: {37F0E68B-C4A9-4887-AEC4-CBB9E31042FC} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {46161FE0-A4C6-4115-BD01-78DCEFB3096A} - System32\Tasks\Driver Genius => C:\Program Files (x86)\Driver-Soft\DriverGenius\DriverGenius.exe [2015-08-27] (Driver-Soft Inc.)
Task: {4F701784-587B-463A-B12F-161F4E112C8D} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {612BE14B-BFAE-4E59-A712-EBB31E218D00} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {65DD4636-D68B-4C48-8684-E02E65467BAF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)
Task: {662DDC61-210C-4D5B-B010-3DFD50DEEDA2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-11] (Adobe Systems Incorporated)
Task: {7F2DDAAE-82FC-41EE-9213-C1FDEB523817} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {82686B27-8D53-4266-AC84-37FFC46A4A79} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2015-06-25] (TuneUp Software)
Task: {8EF1CA78-DAE5-444E-AEB5-B31160E98270} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-07-08] (Microsoft)
Task: {8F92A6EF-A7D5-42AD-BB77-1C11B28D78B9} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-05] (COMODO)
Task: {AD87D021-0EE6-43DE-A89E-1E7732965DA2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {C2A1239E-88C6-4C8D-99F6-027864F7FF22} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-05] (COMODO)
Task: {CF2220FB-777C-4DD7-8531-04522485F9E0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {D0281FEA-95AF-4044-AFC4-B6C89C25E33D} - System32\Tasks\arp_flush => C:\Program Files (x86)\hide.me VPN\FlushArpCache.exe
Task: {D082F7B0-3094-4613-AA79-556BD4C1ADFC} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-07-08] (Microsoft Corporation)
Task: {D9670DFC-A4DA-43B5-A00E-667F57A01918} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2015-06-19] (Hewlett-Packard)
Task: {E0390054-4E3A-4C0C-AFC6-A80A698FD21B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-07-11] (Hewlett-Packard Company)
Task: {FE1A30DF-F9AC-4D58-BD44-5BFD09649E71} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-28] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKostik.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-14 13:04 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-02 12:27 - 2013-02-18 08:23 - 00695808 _____ () D:\Dual Monitor\ExplorerHook64.dll
2015-07-22 12:39 - 2015-07-22 12:39 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2015-07-23 18:29 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-06-25 07:53 - 2015-06-25 07:53 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2015-08-22 11:34 - 2015-08-18 07:21 - 01763144 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-22 11:34 - 2015-08-18 07:21 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-07-22 14:55 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-22 12:39 - 2015-08-28 11:52 - 00030720 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-07-22 12:39 - 2015-07-22 12:39 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () D:\Adobe Acrobat XI pro\Acrobat\locale\de_de\acrotray.deu
2015-07-22 12:53 - 2015-07-22 12:48 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2015-07-22 12:53 - 2012-07-05 12:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2015-07-22 12:39 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2015-07-22 12:39 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2015-07-22 12:51 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2015-07-22 12:39 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2015-07-22 12:40 - 2013-05-08 16:22 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2015-07-22 12:52 - 2012-06-19 12:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2015-07-22 12:52 - 2012-07-25 09:56 - 01124864 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Network iControl\Network iControl.dll
2015-07-22 12:52 - 2012-07-20 09:39 - 01047040 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2015-07-22 12:39 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2015-07-22 12:39 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2015-07-22 12:39 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2015-07-22 12:39 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2015-07-22 12:39 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2015-07-22 12:39 - 2015-07-22 12:39 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2015-07-22 12:39 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2015-07-22 12:53 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\PEInfo.dll
2015-07-22 12:53 - 2010-09-23 11:51 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\AsIdxParser.dll
2015-07-22 12:53 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\USB BIOS Flashback\Aszip.dll
2015-07-22 12:39 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-07-22 12:25 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-01-06 15:40 - 2015-01-06 15:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IPROSetMonitor.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MpSigStub.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6435560.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6435560.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\PROUnstl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvStreaming.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\idmwfp.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\revoflt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\TeeDriverx64.sys:$CmdTcID
AlternateDataStreams: C:\Users\Kostik\Desktop\$_57 (1).JPG:$CmdZnID
AlternateDataStreams: C:\Users\Kostik\Desktop\$_57.JPG:$CmdZnID
AlternateDataStreams: C:\Users\Kostik\Desktop\AviraDNSRepairDE.exe:$CmdTcID
AlternateDataStreams: C:\Users\Kostik\Desktop\waeschestaender-mama-mill1.jpg:$CmdZnID

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4162029952-804958439-1470344954-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kostik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
                                                                                                                                                                                                                        
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\DAEMON Tools Lite\DTAgent.exe" -autorun                                                                                                                                                                                                                              
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: Steam => "I:\Steam\steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{04E601B6-C99F-4472-A02D-A77A7BFC3D08}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{C568DF9C-19C2-4BAF-BE5A-815B806A6FB2}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{EC5564DB-700A-42B2-8FAC-B17FFA7AE7BB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03135975-550C-4286-9C32-471EDE3EF322}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EE22D1D8-8C36-48D6-B244-E6824174D558}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AED949F7-35E9-45E7-BC57-0C5CCD37EC55}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{52C37259-9713-41B6-874A-EE8508B5AD68}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F96C356B-B53C-4C20-B7D3-19EDB22C819C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2FE943B7-9117-4A1D-A47C-8D5AF564D5D3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C721A448-116D-4AAA-BE50-1D75E2DD25BF}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{D1B9DCCC-456A-4B66-B82C-B60D3E76970C}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{7CEFC3F1-ACAA-4027-86DB-CAF2EF2D1136}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{16DF2DB2-628E-4BA0-B0B9-AD0228AB5296}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{4EAE2245-A56C-484C-A946-5C2947232A67}] => (Allow) I:\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{D618433C-7A9F-40CC-8586-3D661AF5BD34}] => (Allow) I:\Steam\steamapps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{707E215A-2936-4D39-BF5D-7D0DEE06AE45}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{3344ABD5-F2E2-4FD6-A7C6-5E3A0C0E7DD3}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3Launcher.exe
FirewallRules: [{3156A7CF-EA74-4C90-B64E-2192EF597AF6}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{7D8E84CF-B7C8-49E5-87AD-383003788909}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3.exe
FirewallRules: [{B250288E-7791-4A83-AE85-A804716ECF91}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{2674C527-DEE2-47BD-BC68-7E73F0E0E722}] => (Allow) I:\Steam\steamapps\common\AoW3\AoW3_Debug.exe
FirewallRules: [{63D2AE10-CE38-4538-B94F-9E7E27D26D7A}] => (Allow) I:\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{31DC035B-1A33-4DE9-92AA-D5CB58E6853B}] => (Allow) I:\Steam\steamapps\common\Divinity - Original Sin\Shipping\EoCApp.exe
FirewallRules: [{4364DD18-FA2C-4BC8-BCB2-41BA8CD2EE90}] => (Allow) I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{F302910C-6D38-4148-8380-739EA3B200CC}] => (Allow) I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe
FirewallRules: [{71F535E1-CE0C-4139-92B6-FD6EF2D0FACB}] => (Allow) I:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{FF798793-B6AA-487C-86CA-2038649DEE59}] => (Allow) I:\Steam\steamapps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{C6A3A005-3790-49E8-B332-DFE6C083C723}] => (Allow) I:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{F2DBD492-40C3-46AD-9CB6-BA05883554C5}] => (Allow) I:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{02A66D62-40D0-48E7-BF67-9165CF9E1EAB}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [{AF421061-E1B9-4AAB-A061-EA3A4CEEEAF8}] => (Allow) D:\Firefox\firefox.exe
FirewallRules: [TCP Query User{F261936C-CB85-4401-A145-74A4B993A6EA}I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{63404AEC-78C4-427C-B0B2-6E7DDD67C05A}I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{C2E9ED50-196B-4FCF-946A-F5B5554DF5F7}] => (Block) I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{D6860C43-EEA9-4D1B-8BB7-765B35B1C01A}] => (Block) I:\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [{D60D2D39-8C3F-4340-BC87-65CDDA1F6309}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe
FirewallRules: [{3C69FDD6-F40F-4408-982B-9B34BF02C618}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\5C069542-CA13-4f1b-B90C-28C6430F4992\Installer\hpbcsiInstaller.exe
FirewallRules: [{28A0A28E-5616-4DD7-B390-5F73D71B911C}] => (Allow) I:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{AD265F32-0E7B-4A30-A919-20693F990D66}] => (Allow) I:\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{5176873B-4CF1-4F24-95E4-B8301C8B9080}] => (Allow) I:\Steam\steamapps\common\Armada Gold\Armada2526.exe
FirewallRules: [{3B32953B-C1AC-4861-B501-9B3F8B1B8A49}] => (Allow) I:\Steam\steamapps\common\Armada Gold\Armada2526.exe
FirewallRules: [{04FA31DE-537E-4744-885C-860AEDAFA9AD}] => (Allow) I:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{AF6D55F5-CC7C-4FCB-A1E2-C5777DBB593E}] => (Allow) I:\Steam\steamapps\common\Total War SHOGUN 2\Shogun2.exe
FirewallRules: [{877343C4-9F06-4C06-8C91-43B88B7F2753}] => (Allow) I:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{7B6789CC-E890-4F85-BFFC-7808A2B2C0AB}] => (Allow) I:\Steam\steamapps\common\Endless Legend\EndlessLegend.exe
FirewallRules: [{6980D7B1-3C3B-495F-B4E4-D65A15E31E32}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{416F6EE1-3821-4430-A144-E1CB0CA1305E}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{3FBFC2D2-BB34-4DFA-B82E-2A9DEE5D6BDA}] => (Allow) C:\Program Files (x86)\Common Files\Tencent\QQDownload\119\Tencentdl.exe
FirewallRules: [{293837D6-D8F6-47A4-8ABE-192A72CB9E8F}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{D5FC63DE-7E4A-4AC6-BE24-DDA25A1FAFA5}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{B2C574CA-3316-4D0D-9A37-3EDBF4E9FF6A}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Hook Test Driver
Description: Hook Test Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SDHookDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Qualcomm Atheros AR9485 Wireless Network Adapter
Description: Qualcomm Atheros AR9485 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications Inc.
Service: athr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/28/2015 11:54:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 02:22:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 02:15:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 01:54:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 01:51:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9c235886-d766-4565-8a2c-b1bd28161e45}

Error: (08/28/2015 01:47:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 12:42:47 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Kostik\AppData\Local\Temp\cleaner\eucleaner\setup\avscan.exe /CFG="C:\Users\Kostik\AppData\Local\Temp\cleaner\eucleaner\setup\sysscan.avp"; Beschreibung = Avira EU-Cleaner - 28.08.2015 00:42; Fehler = 0x80070005).

Error: (08/28/2015 12:30:28 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" ; Beschreibung = Revo Uninstaller Pro's restore point - Heimdal; Fehler = 0x80070005).

Error: (08/27/2015 10:22:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Infinity Wars TCG.exe, Version 4.6.6.2872 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2a3c

Startzeit: 01d0e102ea3749da

Endzeit: 59

Anwendungspfad: I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe

Berichts-ID: 4658218a-4cf9-11e5-8991-50465da331e5

Error: (08/27/2015 09:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Infinity Wars TCG.exe, Version 4.6.6.2872 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1b04

Startzeit: 01d0e0ff53f6a395

Endzeit: 16

Anwendungspfad: I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe

Berichts-ID: 5892af82-4cf3-11e5-8991-50465da331e5


Systemfehler:
=============
Error: (08/28/2015 11:52:31 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SDHookDriver

Error: (08/28/2015 11:52:20 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎08.‎2015 um 02:56:11 unerwartet heruntergefahren.

Error: (08/28/2015 02:20:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SDHookDriver

Error: (08/28/2015 02:20:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎28.‎08.‎2015 um 02:17:49 unerwartet heruntergefahren.

Error: (08/28/2015 02:14:00 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SDHookDriver

Error: (08/28/2015 01:53:03 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SDHookDriver

Error: (08/28/2015 01:45:52 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
SDHookDriver

Error: (08/28/2015 01:44:49 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (08/28/2015 01:44:48 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Start" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (08/28/2015 01:44:33 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office:
=========================
Error: (08/28/2015 11:54:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 02:22:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 02:15:28 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 01:54:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 01:51:53 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {9c235886-d766-4565-8a2c-b1bd28161e45}

Error: (08/28/2015 01:47:27 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/28/2015 12:42:47 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\Kostik\AppData\Local\Temp\cleaner\eucleaner\setup\avscan.exe /CFG="C:\Users\Kostik\AppData\Local\Temp\cleaner\eucleaner\setup\sysscan.avp"Avira EU-Cleaner - 28.08.2015 00:420x80070005

Error: (08/28/2015 12:30:28 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe" Revo Uninstaller Pro's restore point - Heimdal0x80070005

Error: (08/27/2015 10:22:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Infinity Wars TCG.exe4.6.6.28722a3c01d0e102ea3749da59I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe4658218a-4cf9-11e5-8991-50465da331e5

Error: (08/27/2015 09:39:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Infinity Wars TCG.exe4.6.6.28721b0401d0e0ff53f6a39516I:\Steam\steamapps\common\InfinityWars\Infinity Wars TCG.exe5892af82-4cf3-11e5-8991-50465da331e5


CodeIntegrity:
===================================
  Date: 2015-08-07 00:09:57.235
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-07 00:09:57.219
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 22:08:06.351
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 22:08:06.349
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 21:45:21.425
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 21:45:21.425
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 19:43:20.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 10:13:45.584
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-06 09:08:45.878
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-08-05 10:47:50.556
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDHook64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16328.55 MB
Verfügbarer physikalischer RAM: 11599.5 MB
Summe virtueller Speicher: 32655.3 MB
Verfügbarer virtueller Speicher: 27575.37 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:133.33 GB) (Free:77.29 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SSD Pro / Wichtige Programme) (Fixed) (Total:285.85 GB) (Free:277.9 GB) NTFS
Drive g: (DATEN DISK) (Fixed) (Total:1863.01 GB) (Free:1656.94 GB) NTFS
Drive h: (Programme SSHD) (Fixed) (Total:1863.01 GB) (Free:1820.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive i: (SSD) (Fixed) (Total:232.88 GB) (Free:103.62 GB) NTFS
Drive k: () (Removable) (Total:58.42 GB) (Free:58.07 GB) FAT32
Drive o: (S:P:A) (Fixed) (Total:319.28 GB) (Free:308.05 GB) NTFS
Drive p: (Musik) (Fixed) (Total:48.83 GB) (Free:17.55 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive q: (Filme) (Fixed) (Total:97.65 GB) (Free:62.24 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: CAC2A174)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: B4CEC4A1)
Partition 1: (Active) - (Size=133.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=285.9 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 5D2B99BC)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 47EF2131)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 36FD336F)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=42)

========================================================
Disk: 5 (Size: 58.4 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

hi,

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

hey danke mache ich sofort :=)

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org

Database version:
  main:    v2015.08.29.02
  rootkit: v2015.08.16.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17959
Kostik :: KOSTIK-PC [administrator]

29.08.2015 16:05:24
mbar-log-2015-08-29 (16-05-24).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 350098
Time elapsed: 5 minute(s), 59 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

TDSSKiller.exe
ab C:\Users\***\appdata\Local\Temp\Hwinfo64.sys

kommt die meldung TDSS ... Funktioniert nicht mehr

Problemsignatur:
Problemereignisname: APPCRASH
Anwendungsname: tdsskiller.exe
Anwendungsversion: 3.1.0.5
Anwendungszeitstempel: 55b205b0
Fehlermodulname: xapauthenticodesip.dll
Fehlermodulversion: 4.0.50401.0
Fehlermodulzeitstempel: 4bb42ead
Ausnahmecode: c0000005
Ausnahmeoffset: 00002d66
Betriebsystemversion: 6.1.7601.2.1.0.768.3
Gebietsschema-ID: 1031
Zusatzinformation 1: 0a9e
Zusatzinformation 2: 0a9e372d3b4ad19135b953a78882e789
Zusatzinformation 3: 0a9e
Zusatzinformation 4: 0a9e372d3b4ad19135b953a78882e789

Hwinfo64.sys habe die online gescannt aber ist sauber

Code: Alles auswählenAufklappen

ATTFilter

16:30:08.0485 0x1a3c  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:30:11.0449 0x1a3c  ============================================================
16:30:11.0449 0x1a3c  Current date / time: 2015/08/29 16:30:11.0449
16:30:11.0449 0x1a3c  SystemInfo:
16:30:11.0449 0x1a3c  
16:30:11.0449 0x1a3c  OS Version: 6.1.7601 ServicePack: 1.0
16:30:11.0449 0x1a3c  Product type: Workstation
16:30:11.0449 0x1a3c  ComputerName: KOSTIK-PC
16:30:11.0449 0x1a3c  UserName: Kostik
16:30:11.0449 0x1a3c  Windows directory: C:\Windows
16:30:11.0449 0x1a3c  System windows directory: C:\Windows
16:30:11.0449 0x1a3c  Running under WOW64
16:30:11.0449 0x1a3c  Processor architecture: Intel x64
16:30:11.0449 0x1a3c  Number of processors: 8
16:30:11.0449 0x1a3c  Page size: 0x1000
16:30:11.0449 0x1a3c  Boot type: Normal boot
16:30:11.0449 0x1a3c  ============================================================
16:30:11.0481 0x1a3c  System UUID: {DFBE6D1D-58A0-47CF-1953-6A4372B3C2F7}
16:30:11.0652 0x1a3c  Drive \Device\Harddisk4\DR4 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:11.0652 0x1a3c  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:11.0652 0x1a3c  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:11.0668 0x1a3c  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:11.0668 0x1a3c  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:30:11.0793 0x1a3c  ============================================================
16:30:11.0793 0x1a3c  \Device\Harddisk4\DR4:
16:30:11.0793 0x1a3c  MBR partitions:
16:30:11.0793 0x1a3c  \Device\Harddisk0\DR0:
16:30:11.0793 0x1a3c  MBR partitions:
16:30:11.0793 0x1a3c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
16:30:11.0793 0x1a3c  \Device\Harddisk1\DR1:
16:30:11.0793 0x1a3c  MBR partitions:
16:30:11.0793 0x1a3c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x10AAA000
16:30:11.0793 0x1a3c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x10AAA800, BlocksNum 0x23BB4030
16:30:11.0793 0x1a3c  \Device\Harddisk2\DR2:
16:30:11.0793 0x1a3c  MBR partitions:
16:30:11.0793 0x1a3c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927
16:30:11.0793 0x1a3c  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x61A7966, BlocksNum 0xC34F2CC
16:30:11.0793 0x1a3c  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x124F6C32, BlocksNum 0x27E8E00F
16:30:11.0793 0x1a3c  \Device\Harddisk3\DR3:
16:30:11.0793 0x1a3c  MBR partitions:
16:30:11.0793 0x1a3c  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
16:30:11.0793 0x1a3c  ============================================================
16:30:11.0793 0x1a3c  C: <-> \Device\Harddisk1\DR1\Partition1
16:30:11.0793 0x1a3c  D: <-> \Device\Harddisk1\DR1\Partition2
16:30:11.0793 0x1a3c  G: <-> \Device\Harddisk0\DR0\Partition1
16:30:11.0793 0x1a3c  H: <-> \Device\Harddisk3\DR3\Partition1
16:30:11.0824 0x1a3c  O: <-> \Device\Harddisk2\DR2\Partition3
16:30:11.0839 0x1a3c  P: <-> \Device\Harddisk2\DR2\Partition1
16:30:11.0855 0x1a3c  Q: <-> \Device\Harddisk2\DR2\Partition2
16:30:11.0855 0x1a3c  ============================================================
16:30:11.0855 0x1a3c  Initialize success
16:30:11.0855 0x1a3c  ============================================================
16:30:16.0317 0x1700  ============================================================
16:30:16.0317 0x1700  Scan started
16:30:16.0317 0x1700  Mode: Manual; SigCheck; TDLFS; 
16:30:16.0317 0x1700  ============================================================
16:30:16.0317 0x1700  KSN ping started
16:30:16.0972 0x1700  KSN ping finished: true
16:30:17.0424 0x1700  ================ Scan system memory ========================
16:30:17.0424 0x1700  System memory - ok
16:30:17.0424 0x1700  ================ Scan services =============================
16:30:17.0455 0x1700  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:30:17.0549 0x1700  1394ohci - ok
16:30:17.0627 0x1700  [ 56BD9B36526D8E4A1AD642E44B0B4031, 042169644AF89ECB149C841A7B3C3C70D5EF1906B946CA6CAABEC4E21E2588B7 ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:30:17.0705 0x1700  a2AntiMalware - ok
16:30:17.0721 0x1700  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:30:17.0736 0x1700  ACPI - ok
16:30:17.0736 0x1700  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:30:17.0752 0x1700  AcpiPmi - ok
16:30:17.0752 0x1700  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:30:17.0783 0x1700  AdobeARMservice - ok
16:30:17.0783 0x1700  [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:30:17.0814 0x1700  AdobeFlashPlayerUpdateSvc - ok
16:30:17.0814 0x1700  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:30:17.0830 0x1700  adp94xx - ok
16:30:17.0845 0x1700  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:30:17.0861 0x1700  adpahci - ok
16:30:17.0861 0x1700  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:30:17.0877 0x1700  adpu320 - ok
16:30:17.0877 0x1700  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:30:17.0892 0x1700  AeLookupSvc - ok
16:30:17.0908 0x1700  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:30:17.0923 0x1700  AFD - ok
16:30:17.0939 0x1700  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:30:17.0955 0x1700  agp440 - ok
16:30:17.0955 0x1700  [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus   C:\Windows\syswow64\drivers\AiChargerPlus.sys
16:30:17.0970 0x1700  AiChargerPlus - ok
16:30:17.0970 0x1700  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:30:17.0986 0x1700  ALG - ok
16:30:17.0986 0x1700  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:30:18.0001 0x1700  aliide - ok
16:30:18.0001 0x1700  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:30:18.0017 0x1700  amdide - ok
16:30:18.0017 0x1700  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:30:18.0033 0x1700  AmdK8 - ok
16:30:18.0048 0x1700  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:30:18.0064 0x1700  AmdPPM - ok
16:30:18.0064 0x1700  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:30:18.0079 0x1700  amdsata - ok
16:30:18.0079 0x1700  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:30:18.0095 0x1700  amdsbs - ok
16:30:18.0095 0x1700  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:30:18.0111 0x1700  amdxata - ok
16:30:18.0126 0x1700  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:30:18.0142 0x1700  AppID - ok
16:30:18.0142 0x1700  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:30:18.0157 0x1700  AppIDSvc - ok
16:30:18.0157 0x1700  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
16:30:18.0173 0x1700  Appinfo - ok
16:30:18.0173 0x1700  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:30:18.0189 0x1700  arc - ok
16:30:18.0189 0x1700  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:30:18.0204 0x1700  arcsas - ok
16:30:18.0220 0x1700  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
16:30:18.0251 0x1700  asComSvc - ok
16:30:18.0267 0x1700  [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
16:30:18.0282 0x1700  asHmComSvc - ok
16:30:18.0298 0x1700  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
16:30:18.0313 0x1700  AsIO - ok
16:30:18.0313 0x1700  [ A1EB3F68EC05EFD41176819D3CCBE094, 5E2B158F203B5D5D8851068036A60C14E8A04B9EBE72A34589BF6A479ADB06DB ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:30:18.0329 0x1700  asmthub3 - ok
16:30:18.0329 0x1700  [ B49B4ED4756D336DA1939D399E851067, 2B7C0526E381EABAF5EDBE7FA2C6B0BCEBC444DECED9DBF0B4C586A65181319B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:30:18.0360 0x1700  asmtxhci - ok
16:30:18.0360 0x1700  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:30:18.0376 0x1700  aspnet_state - ok
16:30:18.0376 0x1700  [ 8B04C7E7677C06096C66AF223B19B363, EA216952B75B0DCA62739483CF41D4937E153B5003D1BE465AE7907E19FD4AC4 ] asstor64        C:\Windows\system32\DRIVERS\asstor64.sys
16:30:18.0391 0x1700  asstor64 - ok
16:30:18.0391 0x1700  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
16:30:18.0407 0x1700  AsSysCtrlService - ok
16:30:18.0423 0x1700  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
16:30:18.0423 0x1700  AsUpIO - ok
16:30:18.0438 0x1700  [ 55B8384F53CF6405A7729F1CECEB0FA0, AB7CD793DCFDB33B1C2B6922D0CAA251F5E0D6FD2D5D585ACA5FBD26F276B034 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.08\AsusFanControlService.exe
16:30:18.0438 0x1700  AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
16:30:19.0187 0x1700  Detect skipped due to KSN trusted
16:30:19.0187 0x1700  AsusFanControlService - ok
16:30:19.0187 0x1700  [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER      C:\Windows\syswow64\drivers\ASUSFILTER.sys
16:30:19.0203 0x1700  ASUSFILTER - ok
16:30:19.0203 0x1700  [ 7882BB401553008C3D17251D98474412, 6F09D494C6244D5A0B6738C64D2E43BECB7FC222FE4D433BF26397F1AFEF03AB ] ASUSstpt        C:\Windows\system32\DRIVERS\ASUSstpt.sys
16:30:19.0218 0x1700  ASUSstpt - ok
16:30:19.0218 0x1700  [ 23041D6FADF1287457E12CDBE2466554, DC77E1881D36F93BFD8E4BE50CA61511ECF8F3421424DD7A94C60DC2DF24D3F4 ] ASUSumsc        C:\Windows\system32\DRIVERS\ASUSumsc.sys
16:30:19.0234 0x1700  ASUSumsc - ok
16:30:19.0249 0x1700  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:30:19.0265 0x1700  AsyncMac - ok
16:30:19.0265 0x1700  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:30:19.0281 0x1700  atapi - ok
16:30:19.0343 0x1700  [ 83E5FE3BCDA6E0ADD2E95819A9AF6348, 9500720DD7ABEE97F65DEFE7E9342DFE1FDAA284A3DF25313394C3F6EAE35706 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:30:19.0421 0x1700  athr - ok
16:30:19.0437 0x1700  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:30:19.0468 0x1700  AudioEndpointBuilder - ok
16:30:19.0468 0x1700  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:30:19.0499 0x1700  AudioSrv - ok
16:30:19.0499 0x1700  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:30:19.0515 0x1700  AxInstSV - ok
16:30:19.0530 0x1700  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:30:19.0546 0x1700  b06bdrv - ok
16:30:19.0561 0x1700  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:30:19.0577 0x1700  b57nd60a - ok
16:30:19.0577 0x1700  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:30:19.0593 0x1700  BDESVC - ok
16:30:19.0593 0x1700  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:30:19.0624 0x1700  Beep - ok
16:30:19.0639 0x1700  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:30:19.0655 0x1700  BFE - ok
16:30:19.0671 0x1700  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:30:19.0717 0x1700  BITS - ok
16:30:19.0717 0x1700  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:30:19.0733 0x1700  blbdrive - ok
16:30:19.0733 0x1700  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:30:19.0749 0x1700  bowser - ok
16:30:19.0749 0x1700  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:30:19.0764 0x1700  BrFiltLo - ok
16:30:19.0780 0x1700  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:30:19.0795 0x1700  BrFiltUp - ok
16:30:19.0795 0x1700  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:30:19.0811 0x1700  Browser - ok
16:30:19.0827 0x1700  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:30:19.0842 0x1700  Brserid - ok
16:30:19.0842 0x1700  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:30:19.0858 0x1700  BrSerWdm - ok
16:30:19.0858 0x1700  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:30:19.0889 0x1700  BrUsbMdm - ok
16:30:19.0889 0x1700  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:30:19.0905 0x1700  BrUsbSer - ok
16:30:19.0905 0x1700  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:30:19.0920 0x1700  BTHMODEM - ok
16:30:19.0920 0x1700  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:30:19.0951 0x1700  bthserv - ok
16:30:19.0951 0x1700  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:30:19.0983 0x1700  cdfs - ok
16:30:19.0983 0x1700  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:30:20.0014 0x1700  cdrom - ok
16:30:20.0014 0x1700  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:30:20.0045 0x1700  CertPropSvc - ok
16:30:20.0045 0x1700  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:30:20.0061 0x1700  circlass - ok
16:30:20.0061 0x1700  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:30:20.0092 0x1700  CLFS - ok
16:30:20.0123 0x1700  [ EC44010BAFA116B6ED200AB18A29E560, 0261CBABF18158FB836DB4569201035F702A5CE27C64551E29C2AC4BC6C3851C ] ClickToRunSvc   C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:30:20.0170 0x1700  ClickToRunSvc - ok
16:30:20.0185 0x1700  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:20.0201 0x1700  clr_optimization_v2.0.50727_32 - ok
16:30:20.0201 0x1700  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:30:20.0217 0x1700  clr_optimization_v2.0.50727_64 - ok
16:30:20.0217 0x1700  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:30:20.0232 0x1700  clr_optimization_v4.0.30319_32 - ok
16:30:20.0248 0x1700  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:30:20.0263 0x1700  clr_optimization_v4.0.30319_64 - ok
16:30:20.0263 0x1700  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:30:20.0279 0x1700  CmBatt - ok
16:30:20.0341 0x1700  [ 7A879AA59E7225CCA2015C09463EFF98, C442BBAA76CE00CB2E884938D779345BD1187F0D2317108AFD353B4D5EDA521B ] CmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
16:30:20.0419 0x1700  CmdAgent - ok
16:30:20.0435 0x1700  [ F33404455DBD79B7C85B8969C70537B5, B8975B0F748F02E3178C1148F9F0C5B71726ACBB88ED5C9351779F37001D377A ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
16:30:20.0451 0x1700  cmderd - ok
16:30:20.0466 0x1700  [ 347C6F4A0A2B51BB651DDDE0CA7E300B, 5722CEBEEF87A7BCFB20C9B5C24C8628130A5FF0BF6F6AB3A19CE60313EF4BBA ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
16:30:20.0482 0x1700  cmdGuard - ok
16:30:20.0482 0x1700  [ 12944DDE0FBE29DAE48B2FFE740F3C36, 6B8381131AFFCE362D9D9583B35EFB76FD983EF97A939F4EBEF52E167B72F14F ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
16:30:20.0497 0x1700  cmdHlp - ok
16:30:20.0497 0x1700  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:30:20.0513 0x1700  cmdide - ok
16:30:20.0544 0x1700  [ 7906367DCA033F747F7F0426A9F7C97E, 855BCFF8F71C692AA9B15B0378C4C257104078F0D435F3649C84A1068B568FAB ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
16:30:20.0591 0x1700  cmdvirth - ok
16:30:20.0591 0x1700  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:30:20.0622 0x1700  CNG - ok
16:30:20.0622 0x1700  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:30:20.0638 0x1700  Compbatt - ok
16:30:20.0638 0x1700  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:30:20.0653 0x1700  CompositeBus - ok
16:30:20.0653 0x1700  COMSysApp - ok
16:30:20.0669 0x1700  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:30:20.0685 0x1700  crcdisk - ok
16:30:20.0685 0x1700  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:30:20.0700 0x1700  CryptSvc - ok
16:30:20.0716 0x1700  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:30:20.0747 0x1700  DcomLaunch - ok
16:30:20.0747 0x1700  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:30:20.0778 0x1700  defragsvc - ok
16:30:20.0794 0x1700  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:30:20.0809 0x1700  DfsC - ok
16:30:20.0825 0x1700  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:30:20.0841 0x1700  Dhcp - ok
16:30:20.0856 0x1700  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:30:20.0903 0x1700  DiagTrack - ok
16:30:20.0919 0x1700  [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service D:\DAEMON Tools Lite\DiscSoftBusService.exe
16:30:20.0950 0x1700  Disc Soft Lite Bus Service - ok
16:30:20.0950 0x1700  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:30:20.0981 0x1700  discache - ok
16:30:20.0981 0x1700  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:30:20.0997 0x1700  Disk - ok
16:30:20.0997 0x1700  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:30:21.0012 0x1700  Dnscache - ok
16:30:21.0028 0x1700  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:30:21.0059 0x1700  dot3svc - ok
16:30:21.0059 0x1700  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:30:21.0090 0x1700  DPS - ok
16:30:21.0090 0x1700  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:30:21.0106 0x1700  drmkaud - ok
16:30:21.0106 0x1700  [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
16:30:21.0121 0x1700  dtlitescsibus - ok
16:30:21.0137 0x1700  [ 6688B6F74C360CBC366B7AF948D9084D, 9ED4BEEB5E53D1BA9095D1C3F680FCB9FD8389C4AD7BE388786AC3CECC7EC98A ] DTSAudioSvc     C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
16:30:21.0153 0x1700  DTSAudioSvc - ok
16:30:21.0168 0x1700  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:30:21.0184 0x1700  DXGKrnl - ok
16:30:21.0199 0x1700  [ 23B6F8081F5C7AF1343810641EE0DD58, 571EF6BC76C062AF0FC696213638831EBC90B056B353AD440B01CA17E0D5B1B7 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
16:30:21.0215 0x1700  e1cexpress - ok
16:30:21.0231 0x1700  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:30:21.0246 0x1700  EapHost - ok
16:30:21.0293 0x1700  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:30:21.0355 0x1700  ebdrv - ok
16:30:21.0355 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS             C:\Windows\System32\lsass.exe
16:30:21.0371 0x1700  EFS - ok
16:30:21.0387 0x1700  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:30:21.0402 0x1700  ehRecvr - ok
16:30:21.0418 0x1700  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:30:21.0433 0x1700  ehSched - ok
16:30:21.0433 0x1700  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:30:21.0465 0x1700  elxstor - ok
16:30:21.0465 0x1700  [ FBEFE3D8DFEBAA85A81897B0B0EB4E1E, 67ADE442E68DE986C10BBCC4A38F76955A6DCBBE9608CB1F7F0C155C8AF0B9E3 ] epp64           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp64.sys
16:30:21.0480 0x1700  epp64 - ok
16:30:21.0480 0x1700  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:30:21.0496 0x1700  ErrDev - ok
16:30:21.0511 0x1700  [ DDF090A1D27D496BA6BFBF7C59693A7F, 4EEB8970B11A64FA2DAE216574C7637541DE9435AD063DB3157ECF0D09D4A94C ] ESProtectionDriver C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
16:30:21.0527 0x1700  ESProtectionDriver - ok
16:30:21.0527 0x1700  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:30:21.0558 0x1700  EventSystem - ok
16:30:21.0574 0x1700  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:30:21.0605 0x1700  exfat - ok
16:30:21.0605 0x1700  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:30:21.0636 0x1700  fastfat - ok
16:30:21.0652 0x1700  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:30:21.0667 0x1700  Fax - ok
16:30:21.0683 0x1700  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:30:21.0699 0x1700  fdc - ok
16:30:21.0699 0x1700  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:30:21.0730 0x1700  fdPHost - ok
16:30:21.0730 0x1700  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:30:21.0761 0x1700  FDResPub - ok
16:30:21.0761 0x1700  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:30:21.0777 0x1700  FileInfo - ok
16:30:21.0777 0x1700  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:30:21.0808 0x1700  Filetrace - ok
16:30:21.0808 0x1700  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:30:21.0823 0x1700  flpydisk - ok
16:30:21.0839 0x1700  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:30:21.0855 0x1700  FltMgr - ok
16:30:21.0870 0x1700  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
16:30:21.0901 0x1700  FontCache - ok
16:30:21.0901 0x1700  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:30:21.0917 0x1700  FontCache3.0.0.0 - ok
16:30:21.0917 0x1700  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:30:21.0933 0x1700  FsDepends - ok
16:30:21.0933 0x1700  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:30:21.0948 0x1700  Fs_Rec - ok
16:30:21.0964 0x1700  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:30:21.0979 0x1700  fvevol - ok
16:30:21.0979 0x1700  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:30:21.0995 0x1700  gagp30kx - ok
16:30:22.0011 0x1700  [ 4B015AACA104091DF767273653B1B883, 7141B30D54F7DFE2B4718FB2EBAC7FA407D9BEA1D00F664C0278AC7E3B716A67 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:30:22.0042 0x1700  GfExperienceService - ok
16:30:22.0057 0x1700  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:30:22.0089 0x1700  gpsvc - ok
16:30:22.0089 0x1700  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:22.0104 0x1700  gupdate - ok
16:30:22.0120 0x1700  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:30:22.0135 0x1700  gupdatem - ok
16:30:22.0135 0x1700  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:30:22.0151 0x1700  hcw85cir - ok
16:30:22.0151 0x1700  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:30:22.0182 0x1700  HdAudAddService - ok
16:30:22.0182 0x1700  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:30:22.0198 0x1700  HDAudBus - ok
16:30:22.0213 0x1700  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:30:22.0229 0x1700  HidBatt - ok
16:30:22.0229 0x1700  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:30:22.0245 0x1700  HidBth - ok
16:30:22.0260 0x1700  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:30:22.0276 0x1700  HidIr - ok
16:30:22.0276 0x1700  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:30:22.0307 0x1700  hidserv - ok
16:30:22.0307 0x1700  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:30:22.0323 0x1700  HidUsb - ok
16:30:22.0323 0x1700  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:30:22.0354 0x1700  hkmsvc - ok
16:30:22.0369 0x1700  [ B8F54948104858D136E3B9498A26B3BD, B4780D9C0B4424EF9987436BFD36B86887FB198E6CAFA2B1A2216D4EA19617E2 ] hmevpnsvc       C:\Program Files (x86)\hide.me VPN\vpnsvc.exe
16:30:22.0385 0x1700  hmevpnsvc - ok
16:30:22.0385 0x1700  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:30:22.0401 0x1700  HomeGroupListener - ok
16:30:22.0416 0x1700  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:30:22.0432 0x1700  HomeGroupProvider - ok
16:30:22.0432 0x1700  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:30:22.0447 0x1700  HpSAMD - ok
16:30:22.0447 0x1700  [ A0FFCF6391B5270B2A34E379DE446878, 8AFD522ED2488723D2B72B7BA214272E6ABFAC4F3AA589888FFB35A0A44660CE ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
16:30:22.0463 0x1700  HPSupportSolutionsFrameworkService - ok
16:30:22.0479 0x1700  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:30:22.0510 0x1700  HTTP - ok
16:30:22.0510 0x1700  HWiNFO32 - ok
16:30:22.0510 0x1700  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:30:22.0525 0x1700  hwpolicy - ok
16:30:22.0541 0x1700  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:30:22.0557 0x1700  i8042prt - ok
16:30:22.0557 0x1700  [ 9EBE1AE8B3DA91D06BE1971EB37F7DA0, 55B0E66139C966AF0D4955B44363123198C559968C864DA85F6610CF1C844E8D ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
16:30:22.0588 0x1700  iaStorA - ok
16:30:22.0588 0x1700  [ D524B034148F14C60F1CA66D267EE56A, 18045270C5CA718501285EE05EDED8B0EF998A881ACF19D9602F91A2A30E40AB ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
16:30:22.0603 0x1700  IAStorDataMgrSvc - ok
16:30:22.0603 0x1700  [ C018747131B4E90E9267BA5B31EB43A7, 0FA045B63500D6AA98CADD72BA8052BD2631387FD1270A9FD5A77EB7A7A14536 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
16:30:22.0619 0x1700  iaStorF - ok
16:30:22.0635 0x1700  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:30:22.0650 0x1700  iaStorV - ok
16:30:22.0650 0x1700  [ 90D95B25F8413F937A2E155F196D892C, 5D08EE7BFEB000F2A06FA2F37729C29C2A71760A4BD6241330E6FF257CB8D8EE ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
16:30:22.0666 0x1700  ICCS - detected UnsignedFile.Multi.Generic ( 1 )
16:30:23.0149 0x1700  Detect skipped due to KSN trusted
16:30:23.0149 0x1700  ICCS - ok
16:30:23.0149 0x1700  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
16:30:23.0165 0x1700  ICCWDT - ok
16:30:23.0181 0x1700  [ BF02D8EF91CEF81DEB20260FE796B0F7, D0CD3A7568D9F08B5F40B1DE0F1CC41182727F686488E10040034ED2EEE83C66 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
16:30:23.0196 0x1700  IDMWFP - ok
16:30:23.0212 0x1700  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:30:23.0227 0x1700  idsvc - ok
16:30:23.0243 0x1700  IEEtwCollectorService - ok
16:30:23.0243 0x1700  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:30:23.0259 0x1700  iirsp - ok
16:30:23.0274 0x1700  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:30:23.0290 0x1700  IKEEXT - ok
16:30:23.0305 0x1700  [ 0FFA95F1171F64F2A51F69A75B1EFF4A, 1F0001D519756DE74477D9398F300187665EBDF1AD902F68A967C2F95C4F85DF ] inspect         C:\Windows\system32\DRIVERS\inspect.sys
16:30:23.0321 0x1700  inspect - ok
16:30:23.0368 0x1700  [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:30:23.0446 0x1700  IntcAzAudAddService - ok
16:30:23.0461 0x1700  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:30:23.0477 0x1700  Intel(R) Capability Licensing Service Interface - ok
16:30:23.0493 0x1700  [ 2914617074C8F6C4AD0E8FA9E531C323, E42FAC4E5D67C536526DDEEC063F0EB989E88325A0D2CFA2D3A4D9DBB34718D4 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
16:30:23.0508 0x1700  Intel(R) PROSet Monitoring Service - ok
16:30:23.0508 0x1700  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:30:23.0524 0x1700  intelide - ok
16:30:23.0524 0x1700  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:30:23.0555 0x1700  intelppm - ok
16:30:23.0555 0x1700  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:30:23.0586 0x1700  IPBusEnum - ok
16:30:23.0586 0x1700  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:30:23.0617 0x1700  IpFilterDriver - ok
16:30:23.0617 0x1700  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:30:23.0649 0x1700  iphlpsvc - ok
16:30:23.0649 0x1700  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:30:23.0664 0x1700  IPMIDRV - ok
16:30:23.0680 0x1700  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:30:23.0711 0x1700  IPNAT - ok
16:30:23.0711 0x1700  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:30:23.0742 0x1700  IRENUM - ok
16:30:23.0742 0x1700  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:30:23.0758 0x1700  isapnp - ok
16:30:23.0758 0x1700  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:30:23.0773 0x1700  iScsiPrt - ok
16:30:23.0789 0x1700  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
16:30:23.0805 0x1700  iusb3hcs - ok
16:30:23.0805 0x1700  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
16:30:23.0820 0x1700  iusb3hub - ok
16:30:23.0836 0x1700  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
16:30:23.0867 0x1700  iusb3xhc - ok
16:30:23.0867 0x1700  [ CA295D3E5032DDF8A3CBD1A256E646FA, 03879D331AE446FCF25D0193805A5E0C17764439B5B8FE1D684DDB96B1A358C9 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:30:23.0883 0x1700  jhi_service - ok
16:30:23.0898 0x1700  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:30:23.0898 0x1700  kbdclass - ok
16:30:23.0914 0x1700  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:30:23.0929 0x1700  kbdhid - ok
16:30:23.0929 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso          C:\Windows\system32\lsass.exe
16:30:23.0945 0x1700  KeyIso - ok
16:30:23.0961 0x1700  [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:30:23.0976 0x1700  KSecDD - ok
16:30:23.0976 0x1700  [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:30:23.0994 0x1700  KSecPkg - ok
16:30:23.0994 0x1700  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:30:24.0025 0x1700  ksthunk - ok
16:30:24.0025 0x1700  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:30:24.0056 0x1700  KtmRm - ok
16:30:24.0072 0x1700  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:30:24.0103 0x1700  LanmanServer - ok
16:30:24.0103 0x1700  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:30:24.0134 0x1700  LanmanWorkstation - ok
16:30:24.0150 0x1700  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:30:24.0165 0x1700  lltdio - ok
16:30:24.0181 0x1700  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:30:24.0212 0x1700  lltdsvc - ok
16:30:24.0212 0x1700  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:30:24.0243 0x1700  lmhosts - ok
16:30:24.0243 0x1700  [ DBA3BC9C377A867350099D693E8A3413, F3BDF96C8A3749DDD24FB60F3220A404450C043154F49AB64B3A433EED2906FE ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:30:24.0275 0x1700  LMS - ok
16:30:24.0275 0x1700  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:30:24.0290 0x1700  LSI_FC - ok
16:30:24.0306 0x1700  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:30:24.0321 0x1700  LSI_SAS - ok
16:30:24.0321 0x1700  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:30:24.0337 0x1700  LSI_SAS2 - ok
16:30:24.0337 0x1700  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:30:24.0353 0x1700  LSI_SCSI - ok
16:30:24.0368 0x1700  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:30:24.0399 0x1700  luafv - ok
16:30:24.0399 0x1700  [ B2E0C6FD6CA1B5EBC4E8DB8C674A661B, B0B7E41CB28482307CF4A3DD1909D277C661A73AA03E552DB6AAA71F017C9E19 ] MbaeSvc         C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
16:30:24.0431 0x1700  MbaeSvc - ok
16:30:24.0431 0x1700  [ E681CE4AE5C09651D53CB4387CA3560E, F8503DB901FE65191AE0229BA44F0BB417626224DEC0743BFC771914D4EEDFDD ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
16:30:24.0446 0x1700  mbamchameleon - ok
16:30:24.0446 0x1700  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:30:24.0462 0x1700  MBAMProtector - ok
16:30:24.0493 0x1700  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:30:24.0524 0x1700  MBAMScheduler - ok
16:30:24.0540 0x1700  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:30:24.0571 0x1700  MBAMService - ok
16:30:24.0571 0x1700  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:30:24.0587 0x1700  MBAMWebAccessControl - ok
16:30:24.0602 0x1700  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:30:24.0618 0x1700  Mcx2Svc - ok
16:30:24.0618 0x1700  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:30:24.0633 0x1700  megasas - ok
16:30:24.0649 0x1700  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:30:24.0665 0x1700  MegaSR - ok
16:30:24.0665 0x1700  [ E88F45EA2909C9E636A3CDC38EB2EDDD, D64F77A34077281CC53B6C843382F9D43F9DC423928377EC91DE955DD53C8EEC ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
16:30:24.0680 0x1700  MEIx64 - ok
16:30:24.0696 0x1700  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:30:24.0711 0x1700  MMCSS - ok
16:30:24.0727 0x1700  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:30:24.0758 0x1700  Modem - ok
16:30:24.0758 0x1700  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:30:24.0774 0x1700  monitor - ok
16:30:24.0774 0x1700  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:30:24.0789 0x1700  mouclass - ok
16:30:24.0805 0x1700  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:30:24.0821 0x1700  mouhid - ok
16:30:24.0821 0x1700  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:30:24.0836 0x1700  mountmgr - ok
16:30:24.0836 0x1700  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:30:24.0852 0x1700  mpio - ok
16:30:24.0867 0x1700  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:30:24.0899 0x1700  mpsdrv - ok
16:30:24.0914 0x1700  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:30:24.0945 0x1700  MpsSvc - ok
16:30:24.0945 0x1700  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:30:24.0977 0x1700  MRxDAV - ok
16:30:24.0977 0x1700  [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:30:24.0992 0x1700  mrxsmb - ok
16:30:25.0008 0x1700  [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:30:25.0023 0x1700  mrxsmb10 - ok
16:30:25.0023 0x1700  [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:30:25.0055 0x1700  mrxsmb20 - ok
16:30:25.0055 0x1700  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:30:25.0070 0x1700  msahci - ok
16:30:25.0070 0x1700  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:30:25.0086 0x1700  msdsm - ok
16:30:25.0101 0x1700  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:30:25.0117 0x1700  MSDTC - ok
16:30:25.0133 0x1700  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:30:25.0148 0x1700  Msfs - ok
16:30:25.0164 0x1700  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:30:25.0179 0x1700  mshidkmdf - ok
16:30:25.0195 0x1700  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:30:25.0211 0x1700  msisadrv - ok
16:30:25.0211 0x1700  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:30:25.0242 0x1700  MSiSCSI - ok
16:30:25.0242 0x1700  msiserver - ok
16:30:25.0257 0x1700  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:30:25.0273 0x1700  MSKSSRV - ok
16:30:25.0289 0x1700  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:30:25.0304 0x1700  MSPCLOCK - ok
16:30:25.0320 0x1700  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:30:25.0335 0x1700  MSPQM - ok
16:30:25.0351 0x1700  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:30:25.0367 0x1700  MsRPC - ok
16:30:25.0382 0x1700  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:30:25.0398 0x1700  mssmbios - ok
16:30:25.0398 0x1700  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:30:25.0429 0x1700  MSTEE - ok
16:30:25.0429 0x1700  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:30:25.0445 0x1700  MTConfig - ok
16:30:25.0460 0x1700  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:30:25.0476 0x1700  Mup - ok
16:30:25.0476 0x1700  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:30:25.0507 0x1700  napagent - ok
16:30:25.0523 0x1700  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:30:25.0538 0x1700  NativeWifiP - ok
16:30:25.0554 0x1700  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:30:25.0585 0x1700  NDIS - ok
16:30:25.0585 0x1700  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:30:25.0616 0x1700  NdisCap - ok
16:30:25.0632 0x1700  [ 270B10B8BD822DD4673781E0A1935DFB, 63D644B2E9AA14E0DA7660C00343C3597385EE2ACCCC61EFC3CD9A765CD35EFF ] ndisrd          C:\Windows\system32\DRIVERS\ndisrd.sys
16:30:25.0632 0x1700  ndisrd - ok
16:30:25.0647 0x1700  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:30:25.0679 0x1700  NdisTapi - ok
16:30:25.0679 0x1700  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:30:25.0710 0x1700  Ndisuio - ok
16:30:25.0710 0x1700  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:30:25.0741 0x1700  NdisWan - ok
16:30:25.0741 0x1700  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:30:25.0772 0x1700  NDProxy - ok
16:30:25.0772 0x1700  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:30:25.0788 0x1700  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:30:26.0303 0x1700  Detect skipped due to KSN trusted
16:30:26.0303 0x1700  Net Driver HPZ12 - ok
16:30:26.0318 0x1700  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:30:26.0334 0x1700  NetBIOS - ok
16:30:26.0349 0x1700  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:30:26.0381 0x1700  NetBT - ok
16:30:26.0381 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon        C:\Windows\system32\lsass.exe
16:30:26.0396 0x1700  Netlogon - ok
16:30:26.0412 0x1700  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:30:26.0443 0x1700  Netman - ok
16:30:26.0443 0x1700  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:26.0459 0x1700  NetMsmqActivator - ok
16:30:26.0474 0x1700  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:26.0490 0x1700  NetPipeActivator - ok
16:30:26.0505 0x1700  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:30:26.0537 0x1700  netprofm - ok
16:30:26.0537 0x1700  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:26.0552 0x1700  NetTcpActivator - ok
16:30:26.0568 0x1700  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:30:26.0583 0x1700  NetTcpPortSharing - ok
16:30:26.0583 0x1700  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:30:26.0599 0x1700  nfrd960 - ok
16:30:26.0599 0x1700  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:30:26.0630 0x1700  NlaSvc - ok
16:30:26.0630 0x1700  [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF             C:\Windows\system32\drivers\npf.sys
16:30:26.0646 0x1700  NPF - ok
16:30:26.0646 0x1700  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:30:26.0677 0x1700  Npfs - ok
16:30:26.0693 0x1700  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:30:26.0708 0x1700  nsi - ok
16:30:26.0724 0x1700  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:30:26.0739 0x1700  nsiproxy - ok
16:30:26.0771 0x1700  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:30:26.0802 0x1700  Ntfs - ok
16:30:26.0817 0x1700  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:30:26.0849 0x1700  Null - ok
16:30:26.0849 0x1700  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:30:26.0864 0x1700  NVHDA - ok
16:30:27.0005 0x1700  [ 23860E0BE05DF15970B9C0A141076080, 79DFB92E872AE108FFD47C577F96099C8FB03BA61A491B0CF3A5C8A2F3CAD17F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:30:27.0145 0x1700  nvlddmkm - ok
16:30:27.0176 0x1700  [ FF23D09C29FBC3AC854692CE4535EBC0, A309606A7DD6771E505532E56C77EA94BCC34C6A485C083B2C259F152A50666D ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:30:27.0207 0x1700  NvNetworkService - ok
16:30:27.0223 0x1700  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:30:27.0239 0x1700  nvraid - ok
16:30:27.0239 0x1700  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:30:27.0270 0x1700  nvstor - ok
16:30:27.0270 0x1700  [ 6DB62AA6DF3CAA4E2D9DBEBD0D554035, 5C4A61E605F703468132AC0EB4B8058C8FE328D1C8A7919E2B1CC564F2FD7003 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:30:27.0285 0x1700  NvStreamKms - ok
16:30:27.0348 0x1700  [ 30524DD64CF6E47D093FAF5DD22BEB4D, F929FF5C6089709EEE02A3971D571C7F391F89622833DB79984D99D115656DC3 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:30:27.0426 0x1700  NvStreamSvc - ok
16:30:27.0457 0x1700  [ F4D36838C25AB847D1A759150B5E992F, AB7BB99A90112F559AD4B4D33F53FFC2DBC7B1E85FCED90A9FCCA694A0BD9934 ] nvsvc           C:\Windows\system32\nvvsvc.exe
16:30:27.0473 0x1700  nvsvc - ok
16:30:27.0488 0x1700  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:30:27.0504 0x1700  nvvad_WaveExtensible - ok
16:30:27.0504 0x1700  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:30:27.0519 0x1700  nv_agp - ok
16:30:27.0519 0x1700  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:30:27.0551 0x1700  ohci1394 - ok
16:30:27.0551 0x1700  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:30:27.0566 0x1700  ose - ok
16:30:27.0629 0x1700  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:30:27.0707 0x1700  osppsvc - ok
16:30:27.0722 0x1700  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:30:27.0753 0x1700  p2pimsvc - ok
16:30:27.0753 0x1700  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:30:27.0785 0x1700  p2psvc - ok
16:30:27.0785 0x1700  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
16:30:27.0816 0x1700  Parport - ok
16:30:27.0816 0x1700  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:30:27.0831 0x1700  partmgr - ok
16:30:27.0847 0x1700  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:30:27.0863 0x1700  PcaSvc - ok
16:30:27.0878 0x1700  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:30:27.0894 0x1700  pci - ok
16:30:27.0894 0x1700  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:30:27.0909 0x1700  pciide - ok
16:30:27.0925 0x1700  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:30:27.0941 0x1700  pcmcia - ok
16:30:27.0956 0x1700  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:30:27.0972 0x1700  pcw - ok
16:30:27.0987 0x1700  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:30:28.0003 0x1700  PEAUTH - ok
16:30:28.0034 0x1700  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:30:28.0050 0x1700  PerfHost - ok
16:30:28.0081 0x1700  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:30:28.0128 0x1700  pla - ok
16:30:28.0143 0x1700  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:30:28.0159 0x1700  PlugPlay - ok
16:30:28.0175 0x1700  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:30:28.0175 0x1700  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:30:28.0617 0x1700  Detect skipped due to KSN trusted
16:30:28.0617 0x1700  Pml Driver HPZ12 - ok
16:30:28.0633 0x1700  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:30:28.0649 0x1700  PNRPAutoReg - ok
16:30:28.0664 0x1700  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:30:28.0680 0x1700  PNRPsvc - ok
16:30:28.0695 0x1700  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:30:28.0727 0x1700  PolicyAgent - ok
16:30:28.0742 0x1700  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:30:28.0758 0x1700  Power - ok
16:30:28.0773 0x1700  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:30:28.0805 0x1700  PptpMiniport - ok
16:30:28.0805 0x1700  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:30:28.0820 0x1700  Processor - ok
16:30:28.0836 0x1700  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:30:28.0857 0x1700  ProfSvc - ok
16:30:28.0863 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
16:30:28.0878 0x1700  ProtectedStorage - ok
16:30:28.0878 0x1700  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:30:28.0910 0x1700  Psched - ok
16:30:28.0941 0x1700  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:30:28.0972 0x1700  ql2300 - ok
16:30:28.0988 0x1700  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:30:29.0003 0x1700  ql40xx - ok
16:30:29.0003 0x1700  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:30:29.0034 0x1700  QWAVE - ok
16:30:29.0034 0x1700  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:30:29.0050 0x1700  QWAVEdrv - ok
16:30:29.0050 0x1700  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:30:29.0081 0x1700  RasAcd - ok
16:30:29.0097 0x1700  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:30:29.0112 0x1700  RasAgileVpn - ok
16:30:29.0128 0x1700  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:30:29.0159 0x1700  RasAuto - ok
16:30:29.0159 0x1700  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:30:29.0190 0x1700  Rasl2tp - ok
16:30:29.0206 0x1700  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:30:29.0237 0x1700  RasMan - ok
16:30:29.0237 0x1700  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:30:29.0274 0x1700  RasPppoe - ok
16:30:29.0281 0x1700  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:30:29.0308 0x1700  RasSstp - ok
16:30:29.0317 0x1700  [ 170C5DE900F60768C380ECD8A812512F, BFD085C32CF25E8261EF4BCFA5903A496785BCDA08037F4EB580BBDEDF42B656 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
16:30:29.0333 0x1700  Razer Game Scanner Service - ok
16:30:29.0343 0x1700  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:30:29.0361 0x1700  rdbss - ok
16:30:29.0377 0x1700  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:30:29.0393 0x1700  rdpbus - ok
16:30:29.0393 0x1700  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:30:29.0424 0x1700  RDPCDD - ok
16:30:29.0439 0x1700  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:30:29.0455 0x1700  RDPENCDD - ok
16:30:29.0471 0x1700  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:30:29.0502 0x1700  RDPREFMP - ok
16:30:29.0502 0x1700  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:30:29.0533 0x1700  RdpVideoMiniport - ok
16:30:29.0533 0x1700  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:30:29.0549 0x1700  RDPWD - ok
16:30:29.0564 0x1700  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:30:29.0580 0x1700  rdyboost - ok
16:30:29.0580 0x1700  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:30:29.0611 0x1700  RemoteAccess - ok
16:30:29.0627 0x1700  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:30:29.0658 0x1700  RemoteRegistry - ok
16:30:29.0658 0x1700  [ 9C3AC71A9934B884FAC567A8807E9C4D, 0B6B2970098E3C21E1E54A25785544903E8CD415B527FCEF86ABC7B33BEC83E7 ] Revoflt         C:\Windows\system32\DRIVERS\revoflt.sys
16:30:29.0673 0x1700  Revoflt - ok
16:30:29.0673 0x1700  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
16:30:29.0689 0x1700  rpcapd - ok
16:30:29.0705 0x1700  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:30:29.0736 0x1700  RpcEptMapper - ok
16:30:29.0736 0x1700  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:30:29.0751 0x1700  RpcLocator - ok
16:30:29.0767 0x1700  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:30:29.0806 0x1700  RpcSs - ok
16:30:29.0813 0x1700  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:30:29.0829 0x1700  rspndr - ok
16:30:29.0845 0x1700  [ 8295DB01432C1D1F3D0F4A27AB349730, 7FE8CC442829B8136A96E19F17070C29DA2C5F1B9EA2B5EBACCB965783F96356 ] rzendpt         C:\Windows\system32\DRIVERS\rzendpt.sys
16:30:29.0860 0x1700  rzendpt - ok
16:30:29.0860 0x1700  [ 0C90E6CEA576095888E779E5BD9DD060, 8A13A92D5A8E577E2B919CC879FA8CFA1FAD0A6BFF0CF4FCC59B8E74AB22A673 ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
16:30:29.0876 0x1700  rzpmgrk - ok
16:30:29.0892 0x1700  [ 288471F132C7249F598032D03575F083, 9E3430D5E0E93BC4A5DCCC985053912065E65722BFC2EAF431BC1DA91410434C ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
16:30:29.0907 0x1700  rzpnk - ok
16:30:29.0907 0x1700  [ 5C20BEDEF80FDA657291A8ADA821D7E9, 1B755A3A5B911A701F62C8484702E3D77D679B59BE2EB7EF4B423C72627DDEC9 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
16:30:29.0923 0x1700  rzudd - ok
16:30:29.0938 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs           C:\Windows\system32\lsass.exe
16:30:29.0954 0x1700  SamSs - ok
16:30:29.0954 0x1700  [ EA9C5A00B1FCD8CC60245BD66B5120CE, 20699B583D3C60138D3FFFE5DD45F394A67820464928AC001BF8C1ED2DE66331 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
16:30:29.0985 0x1700  SamsungRapidDiskFltr - ok
16:30:29.0985 0x1700  [ 966D55C3EBE86897C2ADFC680A2F954A, FEFAADC4FEA30E228013CA67BD4B19C72985ABDE0A258330942B2BCE47E8D510 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
16:30:30.0001 0x1700  SamsungRapidFSFltr - ok
16:30:30.0001 0x1700  [ 534E728704E465B09F94548A54E9E38C, C613B69CBB41D932FF96C01E3B0E73F7FB021D31C62D63F939D4DA92945EC8CA ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
16:30:30.0016 0x1700  SamsungRapidSvc - ok
16:30:30.0032 0x1700  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:30:30.0048 0x1700  sbp2port - ok
16:30:30.0048 0x1700  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:30:30.0079 0x1700  SCardSvr - ok
16:30:30.0094 0x1700  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:30:30.0110 0x1700  scfilter - ok
16:30:30.0141 0x1700  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:30:30.0172 0x1700  Schedule - ok
16:30:30.0188 0x1700  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:30:30.0204 0x1700  SCPolicySvc - ok
16:30:30.0219 0x1700  SDHookDriver - ok
16:30:30.0219 0x1700  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:30:30.0250 0x1700  SDRSVC - ok
16:30:30.0250 0x1700  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:30:30.0282 0x1700  secdrv - ok
16:30:30.0282 0x1700  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:30:30.0313 0x1700  seclogon - ok
16:30:30.0328 0x1700  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:30:30.0360 0x1700  SENS - ok
16:30:30.0366 0x1700  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:30:30.0380 0x1700  SensrSvc - ok
16:30:30.0380 0x1700  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:30:30.0396 0x1700  Serenum - ok
16:30:30.0411 0x1700  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:30:30.0427 0x1700  Serial - ok
16:30:30.0427 0x1700  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:30:30.0442 0x1700  sermouse - ok
16:30:30.0474 0x1700  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:30:30.0505 0x1700  SessionEnv - ok
16:30:30.0505 0x1700  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:30:30.0520 0x1700  sffdisk - ok
16:30:30.0536 0x1700  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:30:30.0552 0x1700  sffp_mmc - ok
16:30:30.0552 0x1700  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:30:30.0567 0x1700  sffp_sd - ok
16:30:30.0583 0x1700  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:30:30.0598 0x1700  sfloppy - ok
16:30:30.0616 0x1700  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:30:30.0633 0x1700  SharedAccess - ok
16:30:30.0648 0x1700  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:30:30.0679 0x1700  ShellHWDetection - ok
16:30:30.0697 0x1700  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:30:30.0700 0x1700  SiSRaid2 - ok
16:30:30.0716 0x1700  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:30:30.0731 0x1700  SiSRaid4 - ok
16:30:30.0731 0x1700  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:30:30.0762 0x1700  Smb - ok
16:30:30.0778 0x1700  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:30:30.0797 0x1700  SNMPTRAP - ok
16:30:30.0812 0x1700  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:30:30.0812 0x1700  spldr - ok
16:30:30.0828 0x1700  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:30:30.0861 0x1700  Spooler - ok
16:30:30.0911 0x1700  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:30:30.0978 0x1700  sppsvc - ok
16:30:30.0978 0x1700  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:30:31.0011 0x1700  sppuinotify - ok
16:30:31.0027 0x1700  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:30:31.0042 0x1700  srv - ok
16:30:31.0058 0x1700  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:30:31.0074 0x1700  srv2 - ok
16:30:31.0089 0x1700  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:30:31.0105 0x1700  srvnet - ok
16:30:31.0120 0x1700  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:30:31.0152 0x1700  SSDPSRV - ok
16:30:31.0152 0x1700  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:30:31.0183 0x1700  SstpSvc - ok
16:30:31.0198 0x1700  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:30:31.0230 0x1700  Steam Client Service - ok
16:30:31.0230 0x1700  [ F6D78F5436918952F1CB24BC48DB5B72, DFD6DA8A72D5719A063BAB921B6870B4BDA75DA4D280492F110DF3F99627BDF7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:30:31.0261 0x1700  Stereo Service - ok
16:30:31.0261 0x1700  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:30:31.0276 0x1700  stexstor - ok
16:30:31.0292 0x1700  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:30:31.0323 0x1700  stisvc - ok
16:30:31.0323 0x1700  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:30:31.0339 0x1700  swenum - ok
16:30:31.0354 0x1700  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:30:31.0386 0x1700  swprv - ok
16:30:31.0417 0x1700  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
16:30:31.0448 0x1700  SysMain - ok
16:30:31.0464 0x1700  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:30:31.0486 0x1700  TabletInputService - ok
16:30:31.0497 0x1700  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:30:31.0527 0x1700  TapiSrv - ok
16:30:31.0527 0x1700  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:30:31.0558 0x1700  TBS - ok
16:30:31.0589 0x1700  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:30:31.0620 0x1700  Tcpip - ok
16:30:31.0652 0x1700  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:30:31.0683 0x1700  TCPIP6 - ok
16:30:31.0698 0x1700  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:30:31.0714 0x1700  tcpipreg - ok
16:30:31.0730 0x1700  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:30:31.0745 0x1700  TDPIPE - ok
16:30:31.0761 0x1700  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:30:31.0776 0x1700  TDTCP - ok
16:30:31.0776 0x1700  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:30:31.0808 0x1700  tdx - ok
16:30:31.0808 0x1700  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:30:31.0823 0x1700  TermDD - ok
16:30:31.0839 0x1700  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:30:31.0854 0x1700  TermService - ok
16:30:31.0870 0x1700  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:30:31.0886 0x1700  Themes - ok
16:30:31.0901 0x1700  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:30:31.0932 0x1700  THREADORDER - ok
16:30:31.0932 0x1700  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:30:31.0964 0x1700  TrkWks - ok
16:30:31.0979 0x1700  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:30:31.0995 0x1700  TrustedInstaller - ok
16:30:32.0022 0x1700  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:30:32.0039 0x1700  tssecsrv - ok
16:30:32.0047 0x1700  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:30:32.0064 0x1700  TsUsbFlt - ok
16:30:32.0071 0x1700  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:30:32.0086 0x1700  TsUsbGD - ok
16:30:32.0118 0x1700  [ 82B220AAC7079DBD34F014589E5A5886, F5F82C0C9BB13F041CA3750A478E2062BCF1A64AC901655413A61A719DFC34F2 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
16:30:32.0161 0x1700  TuneUp.UtilitiesSvc - ok
16:30:32.0161 0x1700  [ DB3C912A851FCA6358FED4D53DAA7E91, B35375EC9AF61D829489D9B278605E2098D6402419E79EB24C65D3B65816AEBC ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
16:30:32.0177 0x1700  TuneUpUtilitiesDrv - ok
16:30:32.0192 0x1700  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:30:32.0208 0x1700  tunnel - ok
16:30:32.0224 0x1700  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:30:32.0239 0x1700  uagp35 - ok
16:30:32.0255 0x1700  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:30:32.0286 0x1700  udfs - ok
16:30:32.0310 0x1700  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:30:32.0328 0x1700  UI0Detect - ok
16:30:32.0329 0x1700  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:30:32.0344 0x1700  uliagpkx - ok
16:30:32.0344 0x1700  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:30:32.0375 0x1700  umbus - ok
16:30:32.0375 0x1700  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:30:32.0391 0x1700  UmPass - ok
16:30:32.0407 0x1700  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
16:30:32.0407 0x1700  UnlockerDriver5 - ok
16:30:32.0422 0x1700  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:30:32.0453 0x1700  upnphost - ok
16:30:32.0472 0x1700  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:30:32.0478 0x1700  usbccgp - ok
16:30:32.0494 0x1700  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:30:32.0509 0x1700  usbcir - ok
16:30:32.0509 0x1700  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:30:32.0527 0x1700  usbehci - ok
16:30:32.0542 0x1700  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:30:32.0560 0x1700  usbhub - ok
16:30:32.0576 0x1700  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:30:32.0591 0x1700  usbohci - ok
16:30:32.0591 0x1700  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:30:32.0615 0x1700  usbprint - ok
16:30:32.0630 0x1700  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
16:30:32.0646 0x1700  USBSTOR - ok
16:30:32.0646 0x1700  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:30:32.0662 0x1700  usbuhci - ok
16:30:32.0677 0x1700  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:30:32.0708 0x1700  UxSms - ok
16:30:32.0708 0x1700  [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc        C:\Windows\system32\lsass.exe
16:30:32.0724 0x1700  VaultSvc - ok
16:30:32.0740 0x1700  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:30:32.0755 0x1700  vdrvroot - ok
16:30:32.0755 0x1700  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:30:32.0788 0x1700  vds - ok
16:30:32.0804 0x1700  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:30:32.0820 0x1700  vga - ok
16:30:32.0837 0x1700  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:30:32.0861 0x1700  VgaSave - ok
16:30:32.0861 0x1700  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:30:32.0876 0x1700  vhdmp - ok
16:30:32.0899 0x1700  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:30:32.0912 0x1700  viaide - ok
16:30:32.0912 0x1700  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:30:32.0928 0x1700  volmgr - ok
16:30:32.0943 0x1700  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:30:32.0959 0x1700  volmgrx - ok
16:30:32.0974 0x1700  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:30:32.0990 0x1700  volsnap - ok
16:30:32.0990 0x1700  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:30:33.0012 0x1700  vsmraid - ok
16:30:33.0043 0x1700  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:30:33.0090 0x1700  VSS - ok
16:30:33.0090 0x1700  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:30:33.0105 0x1700  vwifibus - ok
16:30:33.0121 0x1700  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:30:33.0136 0x1700  vwififlt - ok
16:30:33.0158 0x1700  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:30:33.0178 0x1700  W32Time - ok
16:30:33.0193 0x1700  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:30:33.0209 0x1700  WacomPen - ok
16:30:33.0224 0x1700  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:30:33.0256 0x1700  WANARP - ok
16:30:33.0256 0x1700  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:30:33.0287 0x1700  Wanarpv6 - ok
16:30:33.0302 0x1700  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:30:33.0337 0x1700  WatAdminSvc - ok
16:30:33.0368 0x1700  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:30:33.0399 0x1700  wbengine - ok
16:30:33.0415 0x1700  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:30:33.0430 0x1700  WbioSrvc - ok
16:30:33.0446 0x1700  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:30:33.0461 0x1700  wcncsvc - ok
16:30:33.0477 0x1700  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:30:33.0493 0x1700  WcsPlugInService - ok
16:30:33.0493 0x1700  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:30:33.0508 0x1700  Wd - ok
16:30:33.0524 0x1700  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:30:33.0555 0x1700  Wdf01000 - ok
16:30:33.0571 0x1700  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:30:33.0586 0x1700  WdiServiceHost - ok
16:30:33.0586 0x1700  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:30:33.0617 0x1700  WdiSystemHost - ok
16:30:33.0617 0x1700  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
16:30:33.0649 0x1700  WebClient - ok
16:30:33.0649 0x1700  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:30:33.0682 0x1700  Wecsvc - ok
16:30:33.0697 0x1700  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:30:33.0729 0x1700  wercplsupport - ok
16:30:33.0729 0x1700  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:30:33.0760 0x1700  WerSvc - ok
16:30:33.0760 0x1700  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:30:33.0791 0x1700  WfpLwf - ok
16:30:33.0807 0x1700  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:30:33.0823 0x1700  WIMMount - ok
16:30:33.0830 0x1700  WinDefend - ok
16:30:33.0845 0x1700  WinHttpAutoProxySvc - ok
16:30:33.0861 0x1700  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:30:33.0892 0x1700  Winmgmt - ok
16:30:33.0923 0x1700  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:30:33.0954 0x1700  WinRM - ok
16:30:34.0001 0x1700  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:30:34.0017 0x1700  WinUsb - ok
16:30:34.0032 0x1700  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:30:34.0064 0x1700  Wlansvc - ok
16:30:34.0079 0x1700  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:30:34.0095 0x1700  WmiAcpi - ok
16:30:34.0110 0x1700  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:30:34.0126 0x1700  wmiApSrv - ok
16:30:34.0142 0x1700  WMPNetworkSvc - ok
16:30:34.0142 0x1700  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:30:34.0157 0x1700  WPCSvc - ok
16:30:34.0173 0x1700  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:30:34.0188 0x1700  WPDBusEnum - ok
16:30:34.0204 0x1700  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:30:34.0220 0x1700  ws2ifsl - ok
16:30:34.0235 0x1700  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:30:34.0251 0x1700  wscsvc - ok
16:30:34.0266 0x1700  WSearch - ok
16:30:34.0313 0x1700  [ 499034D7F1F6AF49F9EE12F8822793CB, 55D591C4861AF66C6B9201BF78808B2ECE7B79D95C6BB07FF0ED87EFE63DD99E ] wuauserv        C:\Windows\system32\wuaueng.dll
16:30:34.0362 0x1700  wuauserv - ok
16:30:34.0362 0x1700  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:30:34.0377 0x1700  WudfPf - ok
16:30:34.0393 0x1700  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:30:34.0409 0x1700  WUDFRd - ok
16:30:34.0430 0x1700  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:30:34.0445 0x1700  wudfsvc - ok
16:30:34.0445 0x1700  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:30:34.0476 0x1700  WwanSvc - ok
16:30:34.0492 0x1700  ================ Scan global ===============================
16:30:34.0492 0x1700  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
16:30:34.0492 0x1700  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
16:30:34.0508 0x1700  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
16:30:34.0508 0x1700  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:30:34.0523 0x1700  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:30:34.0523 0x1700  [ Global ] - ok
16:30:34.0523 0x1700  ================ Scan MBR ==================================
16:30:34.0523 0x1700  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
16:30:34.0554 0x1700  \Device\Harddisk4\DR4 - ok
16:30:35.0172 0x1700  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:30:35.0194 0x1700  \Device\Harddisk0\DR0 - ok
16:30:35.0194 0x1700  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:30:35.0241 0x1700  \Device\Harddisk1\DR1 - ok
16:30:35.0256 0x1700  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:30:35.0477 0x1700  \Device\Harddisk2\DR2 - ok
16:30:35.0493 0x1700  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
16:30:36.0142 0x1700  \Device\Harddisk3\DR3 - ok
16:30:36.0142 0x1700  ================ Scan VBR ==================================
16:30:36.0142 0x1700  [ EE5EAF49A1272212BEB7CF261243F383 ] \Device\Harddisk0\DR0\Partition1
16:30:36.0212 0x1700  \Device\Harddisk0\DR0\Partition1 - ok
16:30:36.0214 0x1700  [ 7B6A6FD2BAA5DA1436BB1E4D5D9C86C7 ] \Device\Harddisk1\DR1\Partition1
16:30:36.0216 0x1700  \Device\Harddisk1\DR1\Partition1 - ok
16:30:36.0216 0x1700  [ 6F5CDB1494367656F6FDCAAA3FD64380 ] \Device\Harddisk1\DR1\Partition2
16:30:36.0216 0x1700  \Device\Harddisk1\DR1\Partition2 - ok
16:30:36.0216 0x1700  [ AFC0B98976302D6279C4F5490F8660A6 ] \Device\Harddisk2\DR2\Partition1
16:30:36.0216 0x1700  \Device\Harddisk2\DR2\Partition1 - ok
16:30:36.0216 0x1700  [ 4C49DA7EB63018F772579A983B02EC74 ] \Device\Harddisk2\DR2\Partition2
16:30:36.0216 0x1700  \Device\Harddisk2\DR2\Partition2 - ok
16:30:36.0216 0x1700  [ 11C0478984D5BFD763A9CC3817BC30CA ] \Device\Harddisk2\DR2\Partition3
16:30:36.0231 0x1700  \Device\Harddisk2\DR2\Partition3 - ok
16:30:36.0231 0x1700  [ 62597228214E18A2A9BCA892FDB4F4F0 ] \Device\Harddisk3\DR3\Partition1
16:30:36.0294 0x1700  \Device\Harddisk3\DR3\Partition1 - ok
16:30:36.0294 0x1700  ================ Scan generic autorun ======================
16:30:36.0325 0x1700  [ A202423724FAA9524036A2741FABB623, 17C48FBA1E1AC3F1E11209C77DC81AD49614337CF8C79D35F0466CEB9265D142 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:30:36.0376 0x1700  NvBackend - ok
16:30:36.0376 0x1700  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:30:36.0391 0x1700  ShadowPlay - ok
16:30:36.0499 0x1700  [ A15FF7FFA54109281D5742D396271DFC, 2551B6203E594087858FA514FD73DC652AEC45AAAADDFC50240F4AC2BF5C1879 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:30:36.0603 0x1700  RTHDVCPL - ok
16:30:36.0618 0x1700  [ 813006C133576159EBB6DE770D55267D, B3FAA5B7943EC3C8B76B3D203A4C7F1F990F048BA28DF5C04F7A95235AA2EA2E ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
16:30:36.0650 0x1700  RtHDVBg_DTS - ok
16:30:36.0665 0x1700  [ F14327BA386AAA2246585BFADD8FE8E8, 2804D7985B116C808942B4501362D4F4BAE4B540E9A6AC9B176B30DD448BA5AC ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
16:30:36.0665 0x1700  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
16:30:37.0124 0x1700  Detect skipped due to KSN trusted
16:30:37.0124 0x1700  IAStorIcon - ok
16:30:37.0124 0x1700  [ 6F4E71A0C3817FC8F36532796632A259, 3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 ] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
16:30:37.0145 0x1700  SamsungRapidApp - ok
16:30:37.0192 0x1700  [ 9842FC6CCC11A7704CD5DA7FA2F425E8, A18403C746E9B4C5BD8856F87B95DEF5A753747B5FDF1A474FDA9D8413FBE7C4 ] C:\Program Files (x86)\Stardock\Fences\Fences.exe
16:30:37.0260 0x1700  Fences - ok
16:30:37.0276 0x1700  [ C2C935DB4D88C5CFF1F4C8DCF940743B, 2457C7EC9273BC59051EA0D2DF1013F71E4C1E2A8469C02653E4215EC062C43E ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
16:30:37.0307 0x1700  COMODO Internet Security - ok
16:30:37.0307 0x1700  [ 26443C4332B966C44481D1DE8D1BCBB4, 2407EE6A227D2F52AE0AB270FCBECB00242F715B4A63CE2E0362D388740FB67B ] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
16:30:37.0343 0x1700  ASUS AiChargerPlus Execute - ok
16:30:37.0344 0x1700  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:37.0391 0x1700  Sidebar - ok
16:30:37.0391 0x1700  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:37.0407 0x1700  mctadmin - ok
16:30:37.0422 0x1700  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:30:37.0454 0x1700  Sidebar - ok
16:30:37.0454 0x1700  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:30:37.0469 0x1700  mctadmin - ok
16:30:37.0519 0x1700  [ E3217365E90B7ABAA21D369B64EF9B5B, F0B88B4C1D4032F6436494F12B8F159F3C18477C032D670D155DA7176657E180 ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
16:30:37.0581 0x1700  IDMan - ok
16:30:37.0581 0x1700  [ 0702C1A9B0322DC333E4E459268071D2, A1646AD576674CDDF521AC846E7AFDA75ABE5A2DEA2F531A84F317609A406FA0 ] D:\Dual Monitor\DualMonitor.exe
16:30:37.0597 0x1700  dualmonitor - detected UnsignedFile.Multi.Generic ( 1 )
16:30:38.0248 0x1700  Detect skipped due to KSN trusted
16:30:38.0248 0x1700  dualmonitor - ok
16:30:38.0248 0x1700  Waiting for KSN requests completion. In queue: 126
16:30:39.0278 0x1700  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 10.0.0.5641 ), 0x40000 ( disabled : updated )
16:30:39.0278 0x1700  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61010 ( enabled )
16:30:39.0793 0x1700  ============================================================
16:30:39.0793 0x1700  Scan finished
16:30:39.0793 0x1700  ============================================================
16:30:39.0793 0x1434  Detected object count: 0
16:30:39.0793 0x1434  Actual detected object count: 0
16:31:14.0390 0x1608  Deinitialize success
         

Router auf Werkseinstellungen zurücksetzen, dann auf dem Rechner:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

Tcpip\Parameters: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [NameServer] 46.166.179.34 46.166.179.35 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [DhcpNameServer] 46.166.179.34 46.166.179.35
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Jetzt müsste Ruhe sein.

Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-08-2015
durchgeführt von Kostik (2015-08-30 13:38:28) Run:1
Gestartet von C:\Users\Kostik\Desktop\Neuer Ordner (2)
Geladene Profile: Kostik (Verfügbare Profile: Kostik)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Tcpip\Parameters: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}: [DhcpNameServer] 141.1.1.1 8.8.8.8
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [NameServer] 46.166.179.34 46.166.179.35 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}: [DhcpNameServer] 46.166.179.34 46.166.179.35
*****************

HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}\\NameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{0774DA56-3214-4D79-AC8A-3D2CA425C806}\\DhcpNameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}\\NameServer => Wert erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EF8D9D45-A5D9-4C30-8025-E66A70E97339}\\DhcpNameServer => Wert erfolgreich entfernt

==== Ende von Fixlog 13:38:35 ====

noch Probleme?

hey
also habe meine ip dort rausgenommen aber heute war die ip wieder dort drine mit der meldung

IP Address ***********is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2015-08-31 07:00 GMT (+/- 30 minutes), approximately 7 hours, 30 minutes ago.

soll ich mir da sorgen machen oder kann ich drüber weg sehen ?

auf jeden fahl vielen dank

Meckert sonst irgend eine Seite?

hallo

nein es mekert keine seite und auch sonst schein alles zu laufen wie sonst
danke dir

Merkwürdig. Haben die ein Kontaktformular?

IP Address IP******** is listed in the CBL. It shows signs of being infected with a spam sending trojan, malicious link or some other form of botnet.

It was last detected at 2015-09-05 18:00 GMT (+/- 30 minutes), approximately 4 hours, 30 minutes ago.

It has been relisted following a previous removal at 2015-08-29 14:35 GMT (7 days, 7 hours, 58 minutes ago)

This IP is infected (or NATting for a computer that is infected) with the Conficker botnet.

More information about Conficker can be obtained from Wikipedia

Please follow these instructions.
Dshield has a diary item containing many third party resources, especially removal tools such as Norton Power Eraser, Stinger, MSRT etc.

One of the most critical items is to make sure that all of your computers have the MS08-067 patch installed. But even with the patch installed, machines can get reinfected.

There are several ways to identify Conficker infections remotely. For a fairly complete approach, see Sophos.

If you have full firewall logs turned on at the time of detection, this may be sufficient to find the infection on a NAT:

Your IP was observed making connections to TCP/IP IP address 104.244.14.252 (a conficker sinkhole) with a destination port 80, source port (for this detection) of 1706 at exactly 2015-09-05 18:10:14 (UTC). All of our detection systems use NTP for time synchronization, so the timestamp should be accurate within one second.

If you don't have full firewall logging, perhaps you can set up a firewall block/log of all access (any port) to IP address 104.244.14.252 and keep watch for hits.

WARNING: DO NOT simply block access to 104.244.14.252 and expect to not get listed again. There are many conficker sinkholes - some move around and even we don't know where they all are. Blocking access to just one sinkhole does not mean that you have blocked all sinkholes, so relistings are possible. You have to monitor your firewall logs, identify the infected machine, and repair them if you wish to remain delisted.

Recent versions of NMap can detect Conficker, but it's not 100% reliable at finding every infection. Nmap is available for Linux, xxxBSD, Windows and Mac. Nessus can also find Conficker infections remotely. Several other scanners are available here.

Enigma Software's scanner is apparently good at finding Conficker A.

University of Bonn has a number of scan/removal tools.

If you're unable to find the infection, consider:

If you used a network scanner, make sure that the network specification you used to check your network was right, and you understand how to interpret a conficker detection.
Some network conficker scanners only detect some varieties of conficker. For example, nmap misses some. If you can't find it with nmap, try other scanners like McAfee's. In other words, try at least two.
Are you sure you have found _all_ computers in your network? Sometimes there are machines quietly sitting in back rooms somewhere that got forgotten about. It would be a good idea to run
nmap -sP <ALL of your network specifications>
which should list all your computers, printers and other network devices. Did you see all the computers you expected to see?
The infected computer may be turned off at the time you ran the scan or not on the network. Double-check everything was turned on during the scan.
If you have wireless, make sure it's secured with WPA or WPA2, and that "strangers" can't connect. WEP security is NOT good enough.
Many versions of Conficker propagate via infected thumbdrives/USB keys. When an infected machine is found, ALL such devices associated with the machine should be considered suspect, and either destroyed or completely reformatted.
Conficker also propagates by file and printer shares.
If you simply remove the listing without ensuring that the infection is removed (or the NAT secured), it will probably relist again.

How to resolve future problems and prevent relisting

Norton Power Eraser is a free tool and doesn't require installation. It just needs to be downloaded and run. One of our team has tested the tool with Zeus, Ice-X, Citadel, ZeroAccess and Cutwail. It was able to detect and clean up the system in each case. It probably works with many other infections.

Is this IP address a NAT gateway/firewall/router? In other words, is this IP address shared with other computers? See NAT for further information about NATs and how to secure them.

If this IP address is shared with other computers, only the administrator of this IP address can prevent this happening again by following the instructions in NAT to secure the NAT against future infections. In this way, no matter how badly infected the network behind the NAT is, the network can't spam the Internet. The administrator can also refer to Advanced BOT detection for hints and tips on how to find the infected computer behind a NAT.

What affect is this listing having on you?

The CBL is intended to be used only on inbound email from the Internet.

If you are being blocked from IRC, Chat, web sites, web email interfaces (eg: you're using Internet Explorer or Firefox to send email) or anything other than basic email with a mail reader like Exchange, Thunderbird etc, the provider of this service is using the CBL against our recommendations. Contact the provider and refer them to hxxp://cbl.abuseat.org/tandc.html and refer them to item 2 and 7.

If you are an end user: If you get an immediate popup indicating your email was blocked when you attempt to send email, this means one of two things:

You aren't using your provider's preferred configuration for sending email. This is most frequent with roaming users (eg: you're using an Internet Cafe, and are using your home provider to send email). A provider will normally give you instructions on how your mail reader should authenticate to their mail servers, perhaps on a different port (usually 587). Make sure that you comply with the provider's instructions on mail reader configuration where it refers to "SMTP relay server", "SMTP authentication" etc.
If you are complying with your provider's instructions, your provider is violating the CBL Terms and Conditions and blocking their own users. Contact your provider and refer them to hxxp://cbl.abuseat.org/tandc.html and refer them to item 6 and 7.
If you get the blocking email message by return email (instead of by immediate popup), your provider is listed in the CBL, not you. Contact your provider and tell them that their IP address is listed by the CBL.

Note that the CBL is not responsible for how providers misuse the CBL. This is their problem, not ours.

If your IP address changes periodically (such as with reconnecting to your provider, connecting through an Internet Cafe etc), this is usually a dynamic (DHCP) IP address, meaning that it's most likely not you that is infected. As above, make sure that your mail reader is configured correctly as per your provider. In this case, delisting the IP address will probably not do anything useful.

If this listing is of an unshared IP address, and the affected access is email, then, the computer corresponding to this IP address at time of detection (see above) is infected with a spambot, or, if it's a mail server, in some rare cases this can be a severe misconfiguration or bug.

The first step is to run at least one (preferably more) reputable anti-spam/spyware tools on your computer. If you're lucky, one of them will find and remove the infection.

If you are unable to find it using anti-virus tools, you may want to take a close look at the discussions of netstat or tcpview in the "Per-machine methods" section of Finding BOTs in a LAN.

If the above does not help, you may have to resort to taking your computer to a computer dealer/service company and have them clean it.

If all else fails, you may need to have your machine's software re-installed from scratch.

WARNING: If you continually delist 212.68.95.193 without fixing the problem, the CBL will eventually stop allowing the delisting of 212.68.95.193.
If you have resolved the problem shown above and delisted the IP yourself, there is no need to contact us.

nun wird mir das gesagt

der Router hat aber auch immer eine IP
wenn der Router die ip ändern würde ,wäre das problem gelöst oder würde sich dran nix ändern

Der Router bekommt ne neue IP alle 24h.

Zitat:

Enigma Software's scanner is apparently good at finding Conficker A.

Alleine der Satz disqualifiziert die Seite schon

Router wurde schon komplett zurück gesetzt?