| |
| |||||||
Alles rund um Windows: xxx ist keine zulässige Win32 AnwendungWindows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
 |
| |
07.10.2015, 12:23
| #1 |
 |  Problem: xxx ist keine zulässige Win32 Anwendung hi ich habe ein neues spiel gekauft,es ist alt aber es ist ne neuauflage aus diesem jahr 2015. es heisst "Age of Empires II Remastered in HD" so die installation hat auch gut geklappt und wenn ich es jetzt starten will steht da: C:\Program Files (x86)\Age of Empires II HD\AoK HD.exe ist keine zulässige Win32-Anwendung. dann kann ich nurnoch auf OK klicken und es kommt nix  habe nen bisschen gegoogelt und manche vermuten einen virus... habe Windows 7 Ultimate 64 bit version falss das hilft. wie behebt man diesen fehler  mfg. |
|
07.10.2015, 12:28
| #2 |
| /// Malwareteam  |  xxx ist keine zulässige Win32 Anwendung Anleitung / Hilfe Ich habe dein Thema in Arbeit und melde mich so schnell als möglich mit weiteren Anweisungen. Bitte beachte, dass alle meine Antworten zuerst von einem Ausbilder freigegeben werden müssen, bevor ich diese hier posten darf. Dies garantiert, dass Du Hilfe von einem ausgebildeten Helfer bekommst. Ich bedanke mich für deine Geduld  Ob da Malware dahinter sitzt können wir ja mal nachchecken Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: Bitte Posten
__________________ |
|
07.10.2015, 12:37
| #3 |
| | xxx ist keine zulässige Win32 Anwendung Details ok hier das FRST logfile:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-10-2015 durchgeführt von admin (Administrator) auf PC (07-10-2015 13:33:24) Gestartet von C:\Users\admin\Desktop Geladene Profile: admin (Verfügbare Profile: admin) Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1793736 2015-05-19] (NVIDIA Corporation) HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1427648 2015-08-07] (COMODO) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [114368 2015-07-01] (VMware, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-09-02] (Oracle Corporation) HKLM\...\RunOnce: [*EmptyTemp] => cmd /c rd /q/s C:\FRST\Temp HKLM-x32\...\RunOnce: [{f255478c-ebfa-426d-a975-4a8d1f9432a4}] => C:\ProgramData\Package Cache\{f255478c-ebfa-426d-a975-4a8d1f9432a4}\vs_langpack.exe [1016624 2015-08-15] (Microsoft Corporation) HKU\S-1-5-21-560193511-1957534509-1735208640-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2015-05-19] (Nero AG) HKU\S-1-5-21-560193511-1957534509-1735208640-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-06-24] (Piriform Ltd) HKU\S-1-5-21-560193511-1957534509-1735208640-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC) HKU\S-1-5-21-560193511-1957534509-1735208640-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-09-13] (Disc Soft Ltd) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 11 Keine Datei Winsock: Catalog9 12 Keine Datei Winsock: Catalog9-x64 11 Keine Datei Winsock: Catalog9-x64 12 Keine Datei Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{92F26E54-F45F-436B-AB09-400A4B3518BA}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-560193511-1957534509-1735208640-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-02] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-02] (Oracle Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\tjc4nckf.default FF Homepage: www.google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-23] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-02] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN) StartMenuInternet: FIREFOX.EXE - firefox.exe ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) "BFE" => Dienst konnte nicht entsperrt werden. <===== ACHTUNG U2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5542472 2015-09-08] (COMODO) U2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) U3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2015-07-21] (Microsoft Corporation) U3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265792 2015-08-07] (COMODO) U3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-09-13] (Disc Soft Ltd) U3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2015-07-21] (Microsoft Corporation) [Datei ist nicht signiert] U4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-09-15] (Malwarebytes Corporation) U2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-09-15] (Malwarebytes Corporation) U3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2015-05-19] (Nero AG) U2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2015-05-19] (Prolific Technology Inc.) [Datei ist nicht signiert] U2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC) U3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2015-07-21] (Microsoft Corporation) [Datei ist nicht signiert] U2 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [12732608 2015-07-01] () U3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2015-07-21] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [21184 2015-08-05] (COMODO) U1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [806032 2015-08-05] (COMODO) U1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45856 2015-08-05] (COMODO) U3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-13] (Disc Soft Ltd) U3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) U1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105096 2015-08-05] (COMODO) U3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-09-15] (Malwarebytes Corporation) U3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-16] (Malwarebytes Corporation) U3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-09-15] (Malwarebytes Corporation) U3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] () U3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-07-29] (NVIDIA Corporation) U3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC) U0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-09-13] (Duplex Secure Ltd.) U2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-05-31] (VMware, Inc.) U0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.) U2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.) S5 BFE; <===== ACHTUNG: Gesperrter Dienst U3 athr; system32\DRIVERS\athrx.sys [X] U3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-07 13:33 - 2015-10-07 13:33 - 00011735 _____ C:\Users\admin\Desktop\FRST.txt 2015-10-07 13:32 - 2015-10-07 13:32 - 02193920 _____ (Farbar) C:\Users\admin\Desktop\FRST64.exe 2015-10-07 13:04 - 2015-10-07 13:04 - 00001079 _____ C:\Users\admin\Desktop\Age of Empires II HD.lnk 2015-10-07 13:04 - 2015-10-07 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Age of Empires II HD 2015-10-07 13:02 - 2015-10-07 13:03 - 00000000 ____D C:\Program Files (x86)\Age of Empires II HD 2015-10-07 12:57 - 2015-10-07 13:02 - 00000000 ____D C:\Users\admin\Desktop\AOE 2015-09-29 15:00 - 2015-10-05 21:58 - 00000000 ____D C:\Users\admin\Downloads\trans 2015-09-23 03:28 - 2015-09-23 03:28 - 00000000 ____D C:\Program Files (x86)\Workflow Manager Tools 2015-09-23 03:27 - 2015-09-23 03:27 - 00000000 ____D C:\Program Files (x86)\Microsoft Web Tools 2015-09-23 03:26 - 2015-09-23 03:26 - 00000000 ____D C:\ProgramData\NuGet 2015-09-23 03:26 - 2015-09-23 03:26 - 00000000 ____D C:\Program Files (x86)\NuGet 2015-09-23 00:51 - 2015-09-23 00:53 - 00000000 ____D C:\Users\admin\Downloads\VS2013_RTM_PRO_ENU 2015-09-20 19:17 - 2015-09-20 20:49 - 796501410 _____ C:\Users\admin\Downloads\GGG Sperma trifft Riesentitten.avi 2015-09-20 18:06 - 2015-09-20 21:18 - 687151104 _____ C:\Users\admin\Downloads\Porco Rosso (Manga) Spanish Divx.avi 2015-09-20 06:40 - 2015-09-20 06:40 - 79648908 _____ C:\Users\admin\Downloads\Destruction-Derby-2.rar 2015-09-19 19:56 - 2015-09-23 02:34 - 00000000 ____D C:\Users\admin\AppData\LocalLow\BitTorrent 2015-09-16 22:59 - 2015-09-16 22:59 - 00002105 _____ C:\Users\admin\Desktop\Gothic II spielen.lnk 2015-09-16 04:54 - 2015-09-16 04:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Zombi 2015-09-16 04:54 - 2015-09-16 04:54 - 00000000 ____D C:\Users\admin\AppData\Roaming\Zombi 2015-09-16 04:28 - 2015-09-16 04:30 - 00000000 ____D C:\Program Files (x86)\Zombies 2015-09-16 04:17 - 2015-09-16 04:17 - 00001140 _____ C:\Users\admin\Desktop\Zombi.lnk 2015-09-16 01:54 - 2015-09-16 03:03 - 00000000 ____D C:\Users\admin\Downloads\[R.G. Mechanics] ZOMBI 2015-09-16 01:38 - 2015-09-16 01:38 - 00001294 _____ C:\Users\admin\Desktop\Continue installation .lnk 2015-09-14 20:50 - 2015-09-14 20:50 - 00000000 ___SD C:\ComboFix 2015-09-14 20:50 - 2015-09-14 20:50 - 00000000 ___SD C:\ComboFix 2015-09-14 20:48 - 2015-09-14 20:50 - 00000000 ____D C:\Qoobox 2015-09-14 20:48 - 2015-09-14 20:50 - 00000000 ____D C:\Qoobox 2015-09-14 20:48 - 2015-09-14 20:48 - 00000000 ____D C:\Windows\erdnt 2015-09-13 23:53 - 2015-09-16 22:47 - 00000000 ____D C:\Users\admin\AppData\Local\8930 2015-09-13 23:35 - 2015-10-07 12:53 - 00002184 _____ C:\Windows\setupact.log 2015-09-13 23:35 - 2015-09-13 23:35 - 00000000 _____ C:\Windows\setuperr.log 2015-09-13 23:34 - 2015-09-17 18:06 - 00087692 _____ C:\Windows\PFRO.log 2015-09-13 23:12 - 2015-09-13 23:12 - 00000000 ____D C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-09-13 23:11 - 2015-09-13 23:12 - 61520736 _____ (Ubisoft) C:\Users\admin\Downloads\UplayInstaller.exe 2015-09-13 23:10 - 2015-09-13 23:10 - 00000000 ____D C:\Users\admin\AppData\Local\Disc_Soft_Ltd 2015-09-13 23:01 - 2015-09-13 23:01 - 00381608 _____ (Duplex Secure Ltd.) C:\Windows\system32\Drivers\sptd.sys 2015-09-13 23:00 - 2015-09-13 23:00 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2015-09-13 23:00 - 2015-09-13 23:00 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images 2015-09-13 23:00 - 2015-09-13 23:00 - 00000000 ____D C:\ProgramData\Documents\Daemon Tools Images 2015-09-13 22:54 - 2015-09-13 22:58 - 00000000 ____D C:\Users\admin\AppData\Roaming\DAEMON Tools Lite 2015-09-13 22:54 - 2015-09-13 22:56 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-09-13 22:54 - 2015-09-13 22:55 - 00030264 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys 2015-09-13 22:54 - 2015-09-13 22:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-09-13 22:54 - 2015-09-13 22:54 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-09-13 22:52 - 2015-09-13 22:52 - 01709792 _____ (Disc Soft Ltd.) C:\Users\admin\Downloads\DT101LiteInstaller.exe 2015-09-13 22:48 - 2015-09-13 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IsoBuster 2015-09-13 22:48 - 2015-09-13 22:48 - 00000000 ____D C:\Program Files (x86)\IsoBuster 2015-09-11 22:11 - 2015-09-13 21:59 - 00000000 ____D C:\Users\admin\Downloads\339230 - ZOMBI 2015-09-09 18:29 - 2015-09-09 18:29 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-09-09 18:29 - 2015-09-09 18:29 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-09-09 18:29 - 2015-09-09 18:29 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-09-09 18:29 - 2015-09-09 18:29 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-09-09 18:29 - 2015-09-09 18:29 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-09-09 18:29 - 2015-09-09 18:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-09-09 18:29 - 2015-09-09 18:29 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-09-09 18:29 - 2015-09-09 18:29 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-09-09 18:29 - 2015-09-09 18:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-09-09 18:29 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-09-09 18:29 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-09-09 18:29 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-09-09 18:29 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-09-09 18:28 - 2015-09-09 18:28 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-09-09 18:28 - 2015-09-09 18:28 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-09-09 18:28 - 2015-09-09 18:28 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-09-09 18:28 - 2015-09-09 18:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-09-09 18:28 - 2015-09-09 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2015-09-09 18:28 - 2015-09-09 18:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2015-09-08 16:47 - 2015-09-08 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ubisoft 2015-09-08 02:51 - 2015-09-08 02:51 - 00000000 ____D C:\Users\admin\Downloads\Hitman.Agent.47.2015.German.TS.MD.x264-MULTiPLEX ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-07 13:33 - 2015-06-24 01:52 - 01474832 _____ C:\Windows\system32\Drivers\sfi.dat 2015-10-07 13:32 - 2015-06-24 03:15 - 00069686 _____ C:\Windows\system32\Drivers\fvstore.dat 2015-10-07 13:11 - 2015-05-19 13:27 - 01156621 _____ C:\Windows\WindowsUpdate.log 2015-10-07 13:01 - 2009-07-14 06:45 - 00037264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-07 13:01 - 2009-07-14 06:45 - 00037264 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-07 12:53 - 2015-06-24 01:08 - 00000000 ____D C:\ProgramData\VMware 2015-10-07 12:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-05 21:58 - 2015-09-03 22:20 - 00000000 ____D C:\Users\admin\AppData\Local\JDownloader 2.0 2015-10-04 14:23 - 2015-05-23 18:32 - 00000000 ____D C:\Users\admin\AppData\Roaming\vlc 2015-10-04 14:14 - 2015-06-25 02:04 - 00001710 _____ C:\Windows\Sandboxie.ini 2015-09-28 08:59 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-09-23 11:16 - 2015-06-25 04:16 - 00000000 ____D C:\Users\admin\Desktop\Sachen 2015-09-23 11:13 - 2009-07-14 06:45 - 00270720 _____ C:\Windows\system32\FNTCACHE.DAT 2015-09-23 03:31 - 2015-07-21 16:18 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-23 03:29 - 2015-07-21 16:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0 2015-09-23 03:28 - 2015-07-21 16:22 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs 2015-09-23 03:28 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\MSBuild 2015-09-23 03:27 - 2015-07-21 16:43 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET 2015-09-23 03:23 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared 2015-09-23 03:13 - 2015-05-19 18:50 - 01760532 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-09-23 03:13 - 2011-04-12 09:43 - 00794108 _____ C:\Windows\system32\perfh007.dat 2015-09-23 03:13 - 2011-04-12 09:43 - 00215074 _____ C:\Windows\system32\perfc007.dat 2015-09-23 03:12 - 2009-07-14 07:13 - 01760532 _____ C:\Windows\system32\PerfStringBackup.INI 2015-09-23 02:51 - 2015-07-21 16:57 - 00000000 ____D C:\Users\admin\Documents\Visual Studio 2013 2015-09-23 02:34 - 2015-05-19 19:37 - 00000000 ____D C:\Users\admin\AppData\Roaming\BitTorrent 2015-09-23 02:05 - 2015-05-19 14:14 - 00059616 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-23 02:05 - 2015-05-19 14:14 - 00059616 _____ C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT 2015-09-21 20:22 - 2015-06-25 23:14 - 00000000 ____D C:\FRST 2015-09-21 20:15 - 2015-06-24 01:10 - 00000000 ____D C:\Users\admin\AppData\Roaming\VMware 2015-09-21 20:15 - 2015-06-24 01:10 - 00000000 ____D C:\Users\admin\AppData\Local\VMware 2015-09-21 19:12 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2015-09-18 18:16 - 2015-05-19 13:27 - 00000000 ____D C:\Users\admin 2015-09-17 00:40 - 2015-08-25 16:46 - 00000000 ____D C:\Users\admin\Downloads\nt 2015-09-16 22:58 - 2015-08-11 01:31 - 00002153 _____ C:\Users\admin\Desktop\Gothic II - Die Nacht des Raben.lnk 2015-09-16 08:04 - 2015-06-24 02:14 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-16 01:01 - 2015-08-04 13:08 - 00000000 ____D C:\Tor Browser 2015-09-16 00:23 - 2015-06-24 22:36 - 00000000 ____D C:\AdwCleaner 2015-09-16 00:11 - 2015-06-27 20:26 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MakeTorrent 2.lnk 2015-09-16 00:11 - 2015-05-19 21:32 - 00002699 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lumac.lnk 2015-09-16 00:11 - 2015-05-19 13:51 - 00001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-09-16 00:11 - 2012-03-14 13:15 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2015-09-16 00:11 - 2012-03-14 13:15 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2015-09-16 00:11 - 2009-07-14 07:01 - 00001218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk 2015-09-16 00:11 - 2009-07-14 06:57 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-09-16 00:11 - 2009-07-14 06:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2015-09-16 00:11 - 2009-07-14 06:57 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk 2015-09-16 00:11 - 2009-07-14 06:54 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk 2015-09-16 00:11 - 2009-07-14 06:49 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk 2015-09-16 00:10 - 2015-08-04 13:09 - 00000823 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2015-09-16 00:10 - 2015-05-20 22:36 - 00001173 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Sims 4 by BuZeR.lnk 2015-09-16 00:10 - 2015-05-19 13:28 - 00001325 _____ C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-09-15 23:46 - 2015-06-24 02:14 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-15 23:46 - 2015-06-24 02:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-15 23:46 - 2015-06-24 02:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-15 23:46 - 2015-06-24 02:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-15 23:46 - 2015-06-24 02:14 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-14 18:07 - 2015-06-25 05:37 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2015-09-13 23:16 - 2015-09-02 11:05 - 00000000 ____D C:\Users\admin\AppData\Local\Ubisoft Game Launcher 2015-09-13 23:12 - 2015-09-02 11:05 - 00000000 ____D C:\Program Files (x86)\Ubisoft 2015-09-11 18:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-09-11 16:46 - 2011-04-12 09:54 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-11 16:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-09-10 01:37 - 2015-05-19 16:27 - 00000000 ____D C:\Windows\system32\MRT 2015-09-08 22:04 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-09-08 22:04 - 2011-04-12 09:54 - 00000000 ___RD C:\Users\Public\Recorded TV 2015-09-08 17:20 - 2015-08-20 16:39 - 00000000 ____D C:\Users\admin\Downloads\DZ 2015-09-08 01:40 - 2015-09-03 22:17 - 00000000 ____D C:\Users\admin\Downloads\JDownloader ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-20 22:51 - 2015-06-05 16:58 - 0000001 _____ () C:\Users\admin\AppData\Roaming\update.dat Einige Dateien in TEMP: ==================== C:\Users\admin\AppData\Local\Temp\proxy_vole8168121948444514148.dll C:\Users\admin\AppData\Local\Temp\proxy_vole8968001149385323670.dll C:\Users\admin\AppData\Local\Temp\CmdLineExt02.dll C:\Users\admin\AppData\Local\Temp\SIntf16.dll C:\Users\admin\AppData\Local\Temp\SIntf32.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-02 10:20 ==================== Ende von FRST.txt ============================ |
|
07.10.2015, 12:39
| #4 |
| | Lösung: xxx ist keine zulässige Win32 Anwendung und hier addition logfile: hat nicht beides reingepasst in einen beitrag... Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-10-2015
durchgeführt von admin (2015-10-07 13:34:37)
Gestartet von C:\Users\admin\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2015-05-19 11:27:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
admin (S-1-5-21-560193511-1957534509-1735208640-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-560193511-1957534509-1735208640-500 - Administrator - Disabled)
Gast (S-1-5-21-560193511-1957534509-1735208640-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-560193511-1957534509-1735208640-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Age of Conan: Hyborian Adventures (HKLM-x32\...\Age of Conan_is1) (Version: - Funcom)
Age of Empires II HD (HKLM-x32\...\Age of Empires II HD_is1) (Version: 1.0 - PLAZA)
ArcaniA - Fall of Setarrif (HKLM-x32\...\{BA1F2D65-B22F-47C7-A3D0-A7827DF20272}_is1) (Version: - Nordic Games GmbH)
ArcaniA - Gothic 4 (HKLM-x32\...\{EE74D039-45D7-44E9-BF95-B9CFB015964F}_is1) (Version: - Nordic Games GmbH)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
BitTorrent (HKU\S-1-5-21-560193511-1957534509-1735208640-1001\...\BitTorrent) (Version: 7.9.5.41074 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
COMODO Internet Security Premium (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Gothic II - Die Nacht des Raben (HKLM-x32\...\Gothic II - Die Nacht des Raben) (Version: - JoWooD Productions Software AG)
Gothic II (HKLM-x32\...\Gothic II) (Version: - JoWooD Productions Software AG)
Icons from File 5.0.6 (HKLM-x32\...\Icons from File_is1) (Version: 5.0.6 - Vitaliy Levchenko)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java SE Development Kit 8 Update 45 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180450}) (Version: 8.0.450.15 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Lumac (HKLM-x32\...\InstallShield_{5DE11949-2B11-4F13-BAD5-1C237122CFDB}) (Version: 1.1.92.0 - Firstload)
Lumac (x32 Version: 1.1.92.0 - Firstload) Hidden
MakeTorrent v2.1 (HKLM-x32\...\MakeTorrent 2) (Version: - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{6dff50d0-3bc3-4a92-b724-bf6d6a99de4f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{69A998C5-00A9-42CA-AB4E-C31CFFCD9251}) (Version: 3.1237.1763 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21031}) (Version: 7.03.1357 - Nero AG)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.74 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Postal III (HKLM-x32\...\Postal III_is1) (Version: - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Rayman 3 Hoodlum Havoc Version 1.0 (HKLM-x32\...\Rayman 3 Hoodlum Havoc_is1) (Version: 1.0 - Ubisoft)
Rayman Legends, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Rayman Legends_is1) (Version: 1.0.0.0 - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 4.20 (64-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Sims 4 by BuZeR version 1.5.139.1020 (HKLM-x32\...\{ED118F10-E516-4245-160F-6F13F508F71F}_is1) (Version: 1.5.139.1020 - )
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: - ) <==== ACHTUNG
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 7.5 - Ubisoft)
Usenet.nl (HKLM-x32\...\Usenet.nl_is1) (Version: - )
VirtualDJ 8 (HKLM-x32\...\{90AE6F39-3EE1-45A1-90D5-FB6C82391EDF}) (Version: 8.0.2338.0 - Atomix Productions)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.2 - VMware, Inc)
VMware Workstation (Version: 11.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
Zombi (HKLM-x32\...\Zombi_R.G. Mechanics_is1) (Version: - R.G. Mechanics, markfiter)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
Wiederherstellungspunkte konnten nicht aufgelistet werden
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08609CA5-AA36-4788-AEEC-A11898B235BD} - kein Pfad
Task: {1A4BC754-33BC-494B-8F77-3E7B4736BAA6} - kein Pfad
Task: {1C09C8A0-E499-406C-80E0-520E00F1936F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
Task: {2211FB0C-FECE-4278-B168-A8FE88EAF404} - kein Pfad
Task: {34249658-9DD4-487A-AE7F-6BA53E1348AC} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-19] (Microsoft Corporation)
Task: {37C10430-6650-4F41-9D17-C7F56091B351} - kein Pfad
Task: {3E862320-224B-422A-B2F9-4C37BF9883A7} - kein Pfad
Task: {414984BB-CD47-4E0A-BA5D-125D827AF850} - kein Pfad
Task: {46D0B116-4B77-4400-9D5C-75589895F7EC} - kein Pfad
Task: {4EF299B5-522B-440A-82A3-51964A6A2FFE} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
Task: {51000FED-3EB2-4A64-8AC9-C09A72C2F330} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-24] (Piriform Ltd)
Task: {6A53FD57-EE34-450A-8B31-DC4E916A4A64} - kein Pfad
Task: {708CB597-66A2-475F-A59A-7CBD04D849BC} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
Task: {807F0029-3273-4FBC-81FC-55037A44C58C} - System32\Tasks\{23620CA1-CC87-49ED-BB6E-44277012C1B0} => pcalua.exe -a "C:\ProgramData\VMware\VMware Player\Uninstaller\\uninstall.exe" -c -x -S "C:\ProgramData\VMware\VMware Player\Uninstaller\"
Task: {9B52632A-A969-40A6-B830-FDE6D3C8C80E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-19] (Microsoft Corporation)
Task: {A460D382-66EA-4D05-B2EE-4A3C575F6EEB} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-05-19] (Microsoft)
Task: {AB2144B0-DE80-4E51-8A55-288D7860BD0F} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-08-07] (COMODO)
Task: {AEFB686A-57A1-47B5-B70A-8659B852F45B} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-08-07] (COMODO)
Task: {B0DD3DB1-00DF-4CDE-9ABF-8AD09FF19531} - kein Pfad
Task: {C13F68C8-8678-4B06-AC4B-91DC0500947C} - kein Pfad
Task: {DE9E383F-27C4-49C3-8DF3-E326443204F7} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-05-19] (Microsoft Corporation)
Task: {E64C6729-054E-41F0-B244-E9C5B277279E} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-05-19] (Microsoft Corporation)
Task: {1D290CE2-8968-490C-ACA9-5CC52D603838} - System32\Tasks\{2D8ECF9C-61FD-4ACC-8CF2-FAA2A8027CDD} => C:\Users\admin\Desktop\Bifrost.exe
Task: {79CC19AA-C0E1-4CFA-BF19-4C4592D5F616} - System32\Tasks\{84428AE9-0A90-41D9-A9EA-B64252541EAC} => C:\Users\admin\Desktop\Neuer Ordner\Bifrost Stub Customizer v2.0.exe
Task: {9A379F76-0C84-4067-9F96-247265550159} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {A0A50D1C-ACCC-44F9-A66F-023F2D313B22} - System32\Tasks\{EDED2321-2278-4C8B-AF8E-023C0A6238E9} => pcalua.exe -a C:\Users\admin\Desktop\dd2\INSTALL.EXE -d C:\Users\admin\Desktop\dd2
Task: {B454D397-B4BE-49A9-8CF4-BACC8DB37F25} - System32\Tasks\{7971804C-8CAA-4D0F-BCBD-664B3155E6E8} => C:\Users\admin\Desktop\Neuer Ordner\Bifrost Stub Customizer v2.0.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\AmiUpdXp.job => <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-19 15:30 - 2015-08-18 02:07 - 00115376 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-08 23:02 - 2015-01-08 23:02 - 00067808 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2015-05-31 07:36 - 2015-07-01 20:50 - 12732608 _____ () C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
2015-05-31 07:59 - 2015-05-31 07:59 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2015-05-31 07:36 - 2015-05-31 07:36 - 00191680 _____ () C:\Program Files (x86)\VMware\VMware Workstation\LIBEXPAT.dll
2015-05-31 07:36 - 2015-05-31 07:36 - 00388288 _____ () C:\Program Files (x86)\VMware\VMware Workstation\ssoClient.dll
2015-05-31 07:36 - 2015-05-31 07:36 - 00194752 _____ () C:\Program Files (x86)\VMware\VMware Workstation\nfc-types.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\autoexec.bat:$CmdTcID
AlternateDataStreams: C:\vstdlib_s.dll:$CmdZnID
AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\splwow64.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UNNeroBackItUp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UNNeroMediaHome.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UNNeroShowTime.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UNNeroVision.exe:$CmdTcID
AlternateDataStreams: C:\Windows\UNRecode.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\acmigration.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aeinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepdu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\aepic.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidcertstorecheck.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidpolicyconverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appidsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appinfo.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appraiser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\appverif.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\browcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\browser.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cdd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cdosys.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certenc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\certutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\charmap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\coin95itp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\CompatTelRunner.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\conhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\consent.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptdlg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\cscript.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\csrsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d2d1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\devinv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dpnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxcap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxcpl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\FWPUCLNT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\generaltel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ie4uinit.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollector.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwcollectorres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IEUDINIT.EXE:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IKEEXT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\invagent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\iologmsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jnwmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\localspl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsasrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\lsass.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mcupdate_GenuineIntel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\microsoft.windows.softwarelogo.showdesktop.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmmsp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsRdpWebAccess.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\netapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nshwfp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvaudcap64v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6434144.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6434174.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6434181.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6434144.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6434174.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6434181.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OxpsConverter.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\packager.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rastls.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorekmts.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpcorets.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpendp_winip.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpudd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdpwsx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdrmemptylst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\rstrui.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\schedsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\scrrun.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\setbcdlocale.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shdocvw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\smss.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spoolsv.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\srcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sspisrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\synceng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\taskhost.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tier0_s.dll:$CmdZnID
AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbGDCoInstaller.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\uplay_r1_loader.dll:$CmdZnID
AlternateDataStreams: C:\Windows\system32\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vmnetbridge.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vnetinst.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vsgraphicsremoteengine.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vsjitdebugger.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\vstdlib_s.dll:$CmdZnID
AlternateDataStreams: C:\Windows\system32\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32k.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\win32spl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winload.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winlogon.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winresume.efi:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WinSetupUI.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\winsta.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wksprtPS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64cpu.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wow64win.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wscript.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wshom.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuauclt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuaueng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wucltux.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wups2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\adtschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\advapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apisetschema.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appidapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\appverif.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmfd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\atmlib.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\auditpol.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\authui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\browcli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cdosys.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certenc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\certutil.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\charmap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\credssp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\crypt32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptbase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptdlg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cryptsvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\cscript.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d2d1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dciman32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dpnet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxcap.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxcpl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxmasf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtmsft.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\dxtrans.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\fontsub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FWPUCLNT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\gdi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieapfltr.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iedkcs32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieetwproxystub.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieframe.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iernonce.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iertutil.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iesetup.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieui.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ieUnatt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\inetcpl.cpl:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\instnm.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\IoctlSvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\iologmsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jscript9diag.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\jsproxy.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDBASH.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDRU1.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDTAT.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KBDYAK.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kerberos.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\kernel32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\KernelBase.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\lpk.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msaudite.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msctf.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msdxm.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msfeeds.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtml.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MshtmlDac.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmled.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msiexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msihnd.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msimsg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msobjs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msrating.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\MsRdpWebAccess.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstsc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msv1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml3r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\msxml6r.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ncrypt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\netapi32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nshwfp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntkrnlpa.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntoskrnl.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ntvdm64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvaudcap32v.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\ole32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\oleaut32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\packager.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\pku2u.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rastls.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rdpendp_winip.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scesrv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\schannel.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\scrrun.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\secur32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\setup16.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shdocvw.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shell32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\spwmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\srclient.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\sspicli.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\synceng.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tier0_s.dll:$CmdZnID
AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\TSpkg.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\tzres.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\uplay_r1_loader.dll:$CmdZnID
AlternateDataStreams: C:\Windows\SysWOW64\urlmon.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\user.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vbscript.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vmnat.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vmnetdhcp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vsgraphicsremoteengine.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vsjitdebugger.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\vstdlib_s.dll:$CmdZnID
AlternateDataStreams: C:\Windows\SysWOW64\wdigest.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\win32spl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wininet.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\winsta.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wintrust.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wksprtPS.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmp.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wmploc.DLL:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wow32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wscript.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wshom.ocx:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuapp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wudriver.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wups.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\wuwebv.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\appid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\Diskdump.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\dtlitescsibus.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\dxgkrnl.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\dxgmms1.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\fvevol.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\http.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecdd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ksecpkg.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\L1E62x64.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb10.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mrxsmb20.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\msiscsi.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\ntfs.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvvad64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\partmgr.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rdpvideominiport.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\rdpwd.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\storport.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\terminpt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\tssecsrv.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbFlt.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\TsUsbGD.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\vmci.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\vmnetadapter.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\vmnetbridge.sys:$CmdTcID
AlternateDataStreams: C:\Users\admin\Desktop\FRST64.exe:$CmdTcID
AlternateDataStreams: C:\Users\admin\Desktop\FRST64.exe:$CmdZnID
AlternateDataStreams: C:\Users\admin\Downloads\Destruction-Derby-2.rar:$CmdZnID
AlternateDataStreams: C:\Users\admin\Downloads\DT101LiteInstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\admin\Downloads\DT101LiteInstaller.exe:$CmdZnID
AlternateDataStreams: C:\Users\admin\Downloads\UplayInstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\admin\Downloads\UplayInstaller.exe:$CmdZnID
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-560193511-1957534509-1735208640-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
bfe => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{3945C57F-279A-459C-A8FE-AE5138F72912}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4BC426F-536B-4BA2-8D3B-5207990745E7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{25D6673A-33B2-4C67-A33E-723BAEE6ECEC}] => (Allow) C:\Users\admin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{CBCAFFDA-F86E-444E-B797-9E93A6B6B82F}] => (Allow) C:\Users\admin\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{E07A3B24-AF55-45EB-987F-28E099A44A28}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{04006571-C299-4D1F-BDDA-40FCB9484846}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{CBE6A3C2-CF81-45CA-A87B-806229BAAC38}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [TCP Query User{FCCD3125-2FB2-497F-A74D-CCA8149904DC}C:\users\admin\desktop\dc\darkcomet.exe] => (Allow) C:\users\admin\desktop\dc\darkcomet.exe
FirewallRules: [UDP Query User{CE4E2128-F169-42D6-8AD3-0B35FDAF1544}C:\users\admin\desktop\dc\darkcomet.exe] => (Allow) C:\users\admin\desktop\dc\darkcomet.exe
FirewallRules: [TCP Query User{D427572D-88C9-43D9-BC3B-859CE73B107A}C:\users\admin\desktop\bifrost(win7)\bifrost.exe] => (Allow) C:\users\admin\desktop\bifrost(win7)\bifrost.exe
FirewallRules: [UDP Query User{2B20F3F9-83D3-41B0-BB8E-F02BA2391FEB}C:\users\admin\desktop\bifrost(win7)\bifrost.exe] => (Allow) C:\users\admin\desktop\bifrost(win7)\bifrost.exe
FirewallRules: [{E26E7D8C-7236-43C7-A3DE-02807DD62CEB}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{89A7298D-2ED6-4E53-9FF4-9ED5615646FC}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{9D3479CF-1495-49B0-93B9-A16A0D76F674}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{C1AD0EC3-C8BA-468C-9DB7-BBFD317C4847}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{93B58B63-40E3-4BC8-9F1E-3FD8AAEA2DF4}C:\program files (x86)\funcom\age of conan\conanpatcher.exe] => (Allow) C:\program files (x86)\funcom\age of conan\conanpatcher.exe
FirewallRules: [UDP Query User{64D620FC-2CCB-4565-A435-37C95559A567}C:\program files (x86)\funcom\age of conan\conanpatcher.exe] => (Allow) C:\program files (x86)\funcom\age of conan\conanpatcher.exe
FirewallRules: [TCP Query User{FCAC87B2-8FF0-424C-BF98-5BFD98DCC366}C:\program files (x86)\funcom\age of conan\ageofconan.exe] => (Allow) C:\program files (x86)\funcom\age of conan\ageofconan.exe
FirewallRules: [UDP Query User{3B2AE6C9-C6CD-4F91-A08E-B9D7C55DD86E}C:\program files (x86)\funcom\age of conan\ageofconan.exe] => (Allow) C:\program files (x86)\funcom\age of conan\ageofconan.exe
FirewallRules: [{16B94FD7-47B1-42AD-96C9-A523C6E7E6B7}] => (Allow) C:\Program Files (x86)\WinSCP\WinSCP.exe
FirewallRules: [{6EDA7CA2-B5B5-4E2A-A40A-F2B6AFCB8C81}] => (Allow) C:\Program Files (x86)\WinSCP\WinSCP.exe
FirewallRules: [{25B57D77-E17D-4AE1-BFCB-95D9DAAE0085}] => (Allow) C:\Program Files (x86)\WinSCP\WinSCP.exe
FirewallRules: [{BD8E7152-5240-4893-8B0E-3512E5A664D2}] => (Allow) C:\Program Files (x86)\WinSCP\WinSCP.exe
FirewallRules: [TCP Query User{3D88B679-5C8F-4D3A-AB2A-9609E5EADE4D}C:\users\admin\desktop\epsxe\epsxe 1.70\epsxe.exe] => (Allow) C:\users\admin\desktop\epsxe\epsxe 1.70\epsxe.exe
FirewallRules: [UDP Query User{BF6D2823-C955-4805-BFD3-83B6BD25B82F}C:\users\admin\desktop\epsxe\epsxe 1.70\epsxe.exe] => (Allow) C:\users\admin\desktop\epsxe\epsxe 1.70\epsxe.exe
FirewallRules: [{091724C2-F5CB-4C57-AEE9-1DCF8C1D7926}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{C2F61917-20C7-4335-BB7B-8B8E219DD2BC}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{D2F55E05-CCC3-4B7A-A813-B2B220742836}C:\users\admin\desktop\dolphin-x64\dolphin.exe] => (Block) C:\users\admin\desktop\dolphin-x64\dolphin.exe
FirewallRules: [UDP Query User{5334C742-FA3B-44DC-837B-4289D2C7AEA9}C:\users\admin\desktop\dolphin-x64\dolphin.exe] => (Block) C:\users\admin\desktop\dolphin-x64\dolphin.exe
FirewallRules: [TCP Query User{7FDAA97A-89F5-4045-BBCF-A144602B47A0}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [UDP Query User{95DC43D7-389D-4224-8732-2D48DD747533}C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_60\bin\javaw.exe
FirewallRules: [TCP Query User{47B4D1B5-7DA2-41DA-8458-6463B2783B17}C:\users\admin\desktop\dd\fgd.exe] => (Allow) C:\users\admin\desktop\dd\fgd.exe
FirewallRules: [UDP Query User{EBF310ED-4973-439A-A743-0F5B0E2C7F36}C:\users\admin\desktop\dd\fgd.exe] => (Allow) C:\users\admin\desktop\dd\fgd.exe
FirewallRules: [{CC1587B9-385F-4523-AC1A-3F0BB2F52764}] => (Allow) LPort=12292
==================== Fehlerhafte Geräte im Gerätemanager =============
Konnte Geräte nicht auflisten. Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Der Dienst der Ereignisanzeige konnte nicht gestartet werden, Einträge konnten nicht gelesen werden.
Systemfehler 123 aufgetreten.
Die Syntax f�r den Dateinamen, Verzeichnisnamen oder die Datentr�gerbezeichnung ist falsch.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 CPU 6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 44%
Installierter physikalischer RAM: 3071.12 MB
Verfügbarer physikalischer RAM: 1710.3 MB
Summe virtueller Speicher: 6440.44 MB
Verfügbarer virtueller Speicher: 4380.48 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931.41 GB) (Free:522.58 GB) NTFS
Drive d: (Disk) (CDROM) (Total:6.55 GB) (Free:0 GB) CDFS
Drive e: (VS2013_RTM_PRO_ENU) (CDROM) (Total:2.76 GB) (Free:0 GB) CDFS
Drive f: (20150110_181328) (CDROM) (Total:4.06 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3941A79A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
07.10.2015, 14:42
| #5 |
| /// Malwareteam | Wie xxx ist keine zulässige Win32 Anwendung Hi, Schritt # 1: Revo Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Schritt # 2: FRST Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: C:\Windows\Tasks\AmiUpdXp.job => <==== ACHTUNG
Winsock: Catalog9 11 Keine Datei
Winsock: Catalog9 12 Keine Datei
Winsock: Catalog9-x64 11 Keine Datei
Winsock: Catalog9-x64 12 Keine Datei
cmd: netsh winsock reset
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt # 3: Windows Repair Tool Bitte Windows Repair Tool nach folgender Anleitung durchführen: Windows reparieren - so geht's - Anleitungen Schritt # 4: FSS Downloade dir bitte  Farbar's Service Scanner
Schritt # 5: Bitte Posten
|
|
07.10.2015, 16:09
| #6 |
| | Wo xxx ist keine zulässige Win32 Anwendung Lösung! hi, also habe den revo-uninstaller gestartet aber da steht nirgends ein programm mit dem namen "Software Version Updater" soll ich trozdem schritt 2 bis 5 noch machen? weil..., ich habe das spiel mal neu installiert und hatte beim ersten installieren vergessen die laufzeitkomponenten zu installieren und das habe ich jetzt nachgehollt,z.b. direktX und microsoft visual c++ und wie die alle heissen...... jetzt startet das game,zwar nicht vom desktop aus aber ausm C:\ verzeichnis wenn ich die datei "Launscher.exe" anklicke.aber wenn das erste fenster dann aufgeht und ich auf "Play" drücke dann schließt sich das fenster wieder und auch der prozess...halt alles.  |
|
07.10.2015, 16:27
| #7 |
| /// Malwareteam | xxx ist keine zulässige Win32 Anwendung Versuchs über die Systemsteuerung zu deinstallieren. Wenn dort auch nicht ist, einfach überspringen Ist das Spiel gecrackt? Geändert von Deathkid535 (07.10.2015 um 16:41 Uhr) |
|
07.10.2015, 21:49
| #8 |
| | xxx ist keine zulässige Win32 Anwendung in der systemsteuerung ist es auch nicht da ist noch nicht mal das spiel zu sehen  vielleicht ist das ja ein virus der nicht zum spiel gehört oder was suchen wir hier eigendlich??? was meins du genau mit gecrackt?habe mich noch nie mit dem gedanken befasst was das eigendlich genau so bedeuten soll genau.....erklär mal  |
|
07.10.2015, 21:51
| #9 |
| /// Malwareteam | xxx ist keine zulässige Win32 Anwendung |
|
07.10.2015, 22:01
| #10 |
| | xxx ist keine zulässige Win32 Anwendung [gelöst] was für ein zufall!!!,die seite hatte ich auch vorhin bei google gefunden und alles nach anweisung in DIESEM THREAD!!!! gemacht. habe das "All In One" geladen und alles installiert auf der seite www.sereby.org/site/aio. geht aber immer nocht nicht was könnte jetzt noch helfen? |
|
07.10.2015, 22:05
| #11 |
| /// Malwareteam | xxx ist keine zulässige Win32 Anwendung [gelöst] Hast du jetzt schon die Sachen von mir von oben gemacht? Wenn ja, brauch ich die Logs bitte... |
|
08.10.2015, 00:10
| #12 |
| | xxx ist keine zulässige Win32 Anwendung [gelöst] hier ist schonmal das fixlog: der rest kommt gleich....  Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-10-2015
durchgeführt von admin (2015-10-07 23:13:16) Run:3
Gestartet von C:\Users\admin\Desktop
Geladene Profile: admin (Verfügbare Profile: admin)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: C:\Windows\Tasks\AmiUpdXp.job => <==== ACHTUNG
Winsock: Catalog9 11 Keine Datei
Winsock: Catalog9 12 Keine Datei
Winsock: Catalog9-x64 11 Keine Datei
Winsock: Catalog9-x64 12 Keine Datei
cmd: netsh winsock reset
EmptyTemp:
*****************
Konnte nicht verschoben werden "C:\Windows\Tasks\AmiUpdXp.job" => ist geplant bei Neustart verschoben zu werden.
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000011" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries\000000000012" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000011" => Schlüssel erfolgreich entfernt
"HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\Protocol_Catalog9\Catalog_Entries64\000000000012" => Schlüssel erfolgreich entfernt
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 4.7 GB temporäre Dateien entfernt.
Ergebnis der geplanten Datei-Verschiebungen (Start-Modus: Normal) (Datum&Uhrzeit: 2015-10-07 23:30:25)
==> ACHTUNG: Das System wurde nicht neu gestartet.
"C:\Windows\Tasks\AmiUpdXp.job" => Konnte nicht verschoben werden
==== Ende von Fixlog 23:30:26 ====
 und hier das FSS logfile: Code:
ATTFilter Farbar Service Scanner Version: 26-07-2015
Ran by admin (administrator) on 08-10-2015 at 01:01:53
Running from "C:\Users\admin\Desktop"
Windows 7 Ultimate Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is OK.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.
Dhcp Service is not running. Checking service configuration:
The start type of Dhcp service is OK.
The ImagePath of Dhcp service is OK.
The ServiceDll of Dhcp service is OK.
Nsi Service is not running. Checking service configuration:
The start type of Nsi service is OK.
The ImagePath of Nsi service is OK.
The ServiceDll of Nsi service is OK.
nsiproxy Service is not running. Checking service configuration:
The start type of nsiproxy service is OK.
The ImagePath of nsiproxy service is OK.
tdx Service is not running. Checking service configuration:
The start type of tdx service is OK.
The ImagePath of tdx service is OK.
afd Service is not running. Checking service configuration:
The start type of afd service is OK.
The ImagePath of afd service is OK.
Tcpip Service is not running. Checking service configuration:
The start type of Tcpip service is OK.
The ImagePath of Tcpip service is OK.
Connection Status:
==============
Attempt to access Local Host IP returned error: Localhost is blocked: Destination is unreachable
LAN connected.
Attempt to access Google IP returned error. Google IP is unreachable
Attempt to access Google.com returned error: Google.com is unreachable
Attempt to access Yahoo.com returned error: Yahoo.com is unreachable
Windows Firewall:
=============
mpsdrv Service is not running. Checking service configuration:
The start type of mpsdrv service is OK.
The ImagePath of mpsdrv service is OK.
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.
bfe Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
Checking ImagePath: ATTENTION!=====> Unable to open bfe registry key. The service key does not exist.
The ServiceDll of bfe service is OK.
Firewall Disabled Policy:
==================
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Policy:
========================
Action Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
winmgmt Service is not running. Checking service configuration:
The start type of winmgmt service is OK.
The ImagePath of winmgmt: "%systemroot%\system32\svchost.exe -k netsvcs".
The ServiceDll of winmgmt service is OK.
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS service is OK.
EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem service is OK.
The ServiceDll of EventSystem service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
PlugPlay Service is not running. Checking service configuration:
The start type of PlugPlay service is OK.
The ImagePath of PlugPlay service is OK.
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
habe auch noch ein logfile von den all in one laufzeitkomponenten da war ein fehler,hier: Code:
ATTFilter Standard Programme
Adobe Flash Player - ActiveX: Fehlgeschlagen. Fehlercode: 1013 (0x000003F5)
das von der seite, nox.to was du mir gezigt hast ist das selbe spiel nur wi gesagt es geht einfach nicht,was jetzt? spiel geht immer noch nicht. Geändert von ottojack (08.10.2015 um 00:18 Uhr) |
|
08.10.2015, 18:45
| #13 |
| /// Malwareteam | xxx ist keine zulässige Win32 Anwendung [gelöst] Hi, Schritt # 1: MBAR Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Schritt # 2: TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 3: Bitte Posten
|
|
08.10.2015, 20:45
| #14 |
| | xxx ist keine zulässige Win32 Anwendung [gelöst] ok hier das mbar logfile: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.08.04
rootkit: v2015.10.06.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
admin :: PC [administrator]
08.10.2015 20:53:09
mbar-log-2015-10-08 (20-53-09).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 405212
Time elapsed: 22 minute(s), 1 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 31
C:\ProgramData\Comodo\Cis\Quarantine\data\{093B2A97-4841-477B-B9BC-2A4F865B2563} (Trojan.FakeMS.ED) -> Delete on reboot. [c0c42232ef9cdb5b256f94407d83fe02]
C:\ProgramData\Comodo\Cis\Quarantine\data\{119D45B3-9569-4816-B7F6-661C176BAD61} (Trojan.Backdoor) -> Delete on reboot. [285c93c1355688ae83631d7ce025ac54]
C:\ProgramData\Comodo\Cis\Quarantine\data\{132CA110-169F-48C4-B30C-811412562270} (Trojan.FakeMS.ED) -> Delete on reboot. [d5af3123513af93df1a3597b59a7956b]
C:\ProgramData\Comodo\Cis\Quarantine\data\{14F8C0B6-D0FB-49C2-A399-5CB7B484DD07} (Trojan.FakeMS.ED) -> Delete on reboot. [3b494c08216a2b0b34603c987f8103fd]
C:\ProgramData\Comodo\Cis\Quarantine\data\{1CFF1C10-675C-47DA-9AF4-3FFCF50A666F} (Trojan.Backdoor) -> Delete on reboot. [7c08a2b228638aac885e099015f048b8]
C:\ProgramData\Comodo\Cis\Quarantine\data\{85B6B5BD-4ED0-4A70-A3BE-1C75C34C01E6} (Trojan.FakeMS.ED) -> Delete on reboot. [04802f25404b25113262d7fd6c945fa1]
C:\ProgramData\Comodo\Cis\Quarantine\data\{8F394D6D-A6C0-4103-82DF-AEBFC566ED8B} (Trojan.FakeMS.ED) -> Delete on reboot. [6222b2a2b1da8ea8d8bc4a8a7987dd23]
C:\ProgramData\Comodo\Cis\Quarantine\data\{90867D52-27B9-416F-BEAA-75BEA38239E1} (Trojan.Backdoor) -> Delete on reboot. [3d474014abe0270f46a03b5e24e16b95]
C:\ProgramData\Comodo\Cis\Quarantine\data\{AAA98E1C-E2B2-4B35-9A7C-4C7797F0A5DF} (Trojan.FakeMS.ED) -> Delete on reboot. [ceb6a7ad96f55bdb9202e0f45da32dd3]
C:\ProgramData\Comodo\Cis\Quarantine\data\{AD3ED6D4-6C1A-4A5F-AEEE-1F091EB061E0} (Trojan.FakeMS.ED) -> Delete on reboot. [99eb4014d7b48fa7751f18bcf907c23e]
C:\ProgramData\Comodo\Cis\Quarantine\data\{B4758FB0-DE9D-4D06-BF79-927F7186A0B9} (Trojan.Backdoor) -> Delete on reboot. [6024391b5d2e3cfac71febae51b422de]
C:\ProgramData\Comodo\Cis\Quarantine\data\{B7F3E0CC-B083-4A71-8811-AF5215D23CA9} (Trojan.Backdoor) -> Delete on reboot. [7c0833211b703402489e0f8a53b2e020]
C:\ProgramData\Comodo\Cis\Quarantine\data\{2FDEAD06-822F-4174-B16C-43C6A861891D} (Trojan.FakeMS.ED) -> Delete on reboot. [97ed6de7c5c6ce68108414c0d12f25db]
C:\ProgramData\Comodo\Cis\Quarantine\data\{36D8F8D8-751E-4754-A8EF-1C4CBDD082B6} (Trojan.FakeMS.ED) -> Delete on reboot. [c3c192c2028994a22c68c70d2fd14ab6]
C:\ProgramData\Comodo\Cis\Quarantine\data\{60E898AD-86D6-4ED1-BDBC-EC4853A67D7C} (Trojan.FakeMS.ED) -> Delete on reboot. [5c289eb6bfcc92a4dbb9894ba0602dd3]
C:\ProgramData\Comodo\Cis\Quarantine\data\{68DA3F0B-6A9F-4C85-AFCE-528092FEA709} (Trojan.FakeMS.ED) -> Delete on reboot. [1d670b490982ce68dbb930a4b54bbf41]
C:\ProgramData\Comodo\Cis\Quarantine\data\{7E0286C4-958D-4628-AF8B-D5D388145307} (Trojan.FakeMS.ED) -> Delete on reboot. [5d27163ebfcc87af9df78e46946c738d]
C:\ProgramData\Comodo\Cis\Quarantine\data\{80168990-0D87-4880-B63B-B5A8EFC918B5} (Trojan.FakeMS.ED) -> Delete on reboot. [315361f3b1da70c6a6ee9044f20e718f]
C:\ProgramData\Comodo\Cis\Quarantine\data\{D94EF4FE-AB71-46D7-ABA4-EBAA3EAAEC0B} (Trojan.Backdoor) -> Delete on reboot. [50341e36aae18bab7d69f0a99b6a5ca4]
C:\ProgramData\Comodo\Cis\Quarantine\data\{E8D462F8-19EE-4B9E-925B-A90A03AA33F3} (Trojan.FakeMS.ED) -> Delete on reboot. [cbb9c193e9a2cf672272b81ce21e659b]
C:\ProgramData\Comodo\Cis\Quarantine\data\{EAEAFB77-AE0A-49E6-BE24-0E23FE379B4E} (Trojan.FakeMS.ED) -> Delete on reboot. [86fe14405833082e6c28b71d03fd8c74]
C:\ProgramData\Comodo\Cis\Quarantine\data\{EEF50BCB-C6A0-4573-AA26-905376A88FB3} (Trojan.FakeMS.ED) -> Delete on reboot. [582c441036550b2b682c399b867a768a]
C:\ProgramData\Comodo\Cis\Quarantine\data\{F0638874-823E-4C23-95D5-7D4E0C082B00} (Trojan.FakeMS.ED) -> Delete on reboot. [d5afd87cccbfce688d07953f946c44bc]
C:\ProgramData\Comodo\Cis\Quarantine\data\{F82E2AC7-E60C-4E0B-83EF-5FF23CAD61D3} (Trojan.FakeMS.ED) -> Delete on reboot. [8ff5005438536bcbf79d28ac7b85fe02]
C:\ProgramData\Comodo\Cis\Quarantine\data\{F8FEF7B9-B253-4C6F-A58F-022446642869} (Trojan.FakeMS.ED) -> Delete on reboot. [14702d27216abd79860e0bc90bf58779]
C:\ProgramData\Comodo\Cis\Quarantine\data\{1F8CF3AA-6BCD-4445-83AE-F31F9275EC07} (Trojan.FakeMS.ED) -> Delete on reboot. [20640d473754ab8b197be4f0669a41bf]
C:\ProgramData\Comodo\Cis\Quarantine\data\{22376ACE-CDC7-41D9-B98C-2D6687D6A55E} (Trojan.Backdoor) -> Delete on reboot. [651fb59f53380a2cbc2a8712bc494eb2]
C:\ProgramData\Comodo\Cis\Quarantine\data\{248C67E1-70DE-4863-9B84-DE17FD20E92A} (Trojan.Backdoor) -> Delete on reboot. [364e0d476b20f83ef4f2b5e4050042be]
C:\ProgramData\Comodo\Cis\Quarantine\data\{2601B84C-4432-4401-AAC5-520F3C5044E5} (Trojan.FakeMS.ED) -> Delete on reboot. [b5cff95b4744ae8810841eb631cfb848]
C:\ProgramData\Comodo\Cis\Quarantine\data\{26B22C53-86DF-47FF-914D-9074D7218729} (Trojan.Backdoor) -> Delete on reboot. [8cf8ee66b5d670c67c6a2a6ffe07ef11]
C:\ProgramData\Comodo\Cis\Quarantine\data\{280F0088-5B65-4C55-954D-84D6CC51C7C9} (Trojan.Backdoor) -> Delete on reboot. [d1b3fc58f398e84ed313663330d5ec14]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 21:31:29.0926 0x0f30 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:31:46.0265 0x0f30 ============================================================
21:31:46.0265 0x0f30 Current date / time: 2015/10/08 21:31:46.0265
21:31:46.0265 0x0f30 SystemInfo:
21:31:46.0265 0x0f30
21:31:46.0265 0x0f30 OS Version: 6.1.7601 ServicePack: 1.0
21:31:46.0265 0x0f30 Product type: Workstation
21:31:46.0265 0x0f30 ComputerName: PC
21:31:46.0266 0x0f30 UserName: admin
21:31:46.0266 0x0f30 Windows directory: C:\Windows
21:31:46.0266 0x0f30 System windows directory: C:\Windows
21:31:46.0266 0x0f30 Running under WOW64
21:31:46.0266 0x0f30 Processor architecture: Intel x64
21:31:46.0266 0x0f30 Number of processors: 2
21:31:46.0266 0x0f30 Page size: 0x1000
21:31:46.0266 0x0f30 Boot type: Normal boot
21:31:46.0266 0x0f30 ============================================================
21:31:54.0838 0x0f30 KLMD registered as C:\Windows\system32\drivers\30830674.sys
21:31:55.0180 0x0f30 System UUID: {3398C108-D621-0055-2D64-3BC9152926C7}
21:31:56.0052 0x0f30 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x700FC, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
21:31:56.0064 0x0f30 ============================================================
21:31:56.0065 0x0f30 \Device\Harddisk0\DR0:
21:31:56.0065 0x0f30 MBR partitions:
21:31:56.0065 0x0f30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:31:56.0065 0x0f30 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
21:31:56.0065 0x0f30 ============================================================
21:31:56.0097 0x0f30 C: <-> \Device\Harddisk0\DR0\Partition2
21:31:56.0098 0x0f30 ============================================================
21:31:56.0098 0x0f30 Initialize success
21:31:56.0098 0x0f30 ============================================================
21:34:19.0901 0x0efc ============================================================
21:34:19.0901 0x0efc Scan started
21:34:19.0901 0x0efc Mode: Manual; SigCheck; TDLFS;
21:34:19.0901 0x0efc ============================================================
21:34:19.0901 0x0efc KSN ping started
21:34:22.0336 0x0efc KSN ping finished: true
21:34:32.0400 0x0efc ================ Scan system memory ========================
21:34:32.0400 0x0efc System memory - ok
21:34:32.0400 0x0efc ================ Scan services =============================
21:34:32.0890 0x0efc [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:34:33.0158 0x0efc 1394ohci - ok
21:34:33.0205 0x0efc [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:34:33.0228 0x0efc ACPI - ok
21:34:33.0266 0x0efc [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:34:33.0475 0x0efc AcpiPmi - ok
21:34:33.0883 0x0efc [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:34:33.0903 0x0efc AdobeFlashPlayerUpdateSvc - ok
21:34:33.0939 0x0efc [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:34:33.0973 0x0efc adp94xx - ok
21:34:34.0026 0x0efc [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:34:34.0051 0x0efc adpahci - ok
21:34:34.0069 0x0efc [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:34:34.0087 0x0efc adpu320 - ok
21:34:34.0142 0x0efc [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:34:34.0192 0x0efc AeLookupSvc - ok
21:34:34.0246 0x0efc [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:34:34.0349 0x0efc AFD - ok
21:34:34.0375 0x0efc [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:34:34.0390 0x0efc agp440 - ok
21:34:34.0432 0x0efc [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:34:34.0496 0x0efc ALG - ok
21:34:34.0532 0x0efc [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:34:34.0557 0x0efc aliide - ok
21:34:34.0589 0x0efc [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:34:34.0611 0x0efc amdide - ok
21:34:34.0625 0x0efc [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:34:34.0681 0x0efc AmdK8 - ok
21:34:34.0712 0x0efc [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:34:34.0748 0x0efc AmdPPM - ok
21:34:34.0776 0x0efc [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:34:34.0793 0x0efc amdsata - ok
21:34:34.0855 0x0efc [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:34:34.0883 0x0efc amdsbs - ok
21:34:34.0907 0x0efc [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:34:34.0921 0x0efc amdxata - ok
21:34:34.0962 0x0efc [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\Windows\system32\drivers\appid.sys
21:34:35.0049 0x0efc AppID - ok
21:34:35.0079 0x0efc [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:34:35.0108 0x0efc AppIDSvc - ok
21:34:35.0150 0x0efc [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
21:34:35.0212 0x0efc Appinfo - ok
21:34:35.0253 0x0efc [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
21:34:35.0346 0x0efc AppMgmt - ok
21:34:35.0369 0x0efc [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:34:35.0384 0x0efc arc - ok
21:34:35.0413 0x0efc [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:34:35.0428 0x0efc arcsas - ok
21:34:35.0530 0x0efc [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:34:35.0586 0x0efc aspnet_state - ok
21:34:35.0618 0x0efc [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:34:35.0728 0x0efc AsyncMac - ok
21:34:35.0759 0x0efc [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:34:35.0772 0x0efc atapi - ok
21:34:35.0778 0x0efc athr - ok
21:34:35.0811 0x0efc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:34:35.0887 0x0efc AudioEndpointBuilder - ok
21:34:35.0909 0x0efc [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:34:35.0948 0x0efc AudioSrv - ok
21:34:36.0018 0x0efc [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:34:36.0084 0x0efc AxInstSV - ok
21:34:36.0122 0x0efc [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:34:36.0194 0x0efc b06bdrv - ok
21:34:36.0246 0x0efc [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:34:36.0268 0x0efc b57nd60a - ok
21:34:36.0290 0x0efc [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:34:36.0334 0x0efc BDESVC - ok
21:34:36.0353 0x0efc [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:34:36.0413 0x0efc Beep - ok
21:34:36.0486 0x0efc [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:34:36.0559 0x0efc BFE - ok
21:34:36.0722 0x0efc [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
21:34:36.0924 0x0efc BITS - ok
21:34:36.0949 0x0efc [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:34:36.0980 0x0efc blbdrive - ok
21:34:37.0021 0x0efc [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:34:37.0087 0x0efc bowser - ok
21:34:37.0106 0x0efc [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:34:37.0144 0x0efc BrFiltLo - ok
21:34:37.0169 0x0efc [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:34:37.0225 0x0efc BrFiltUp - ok
21:34:37.0288 0x0efc [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:34:37.0347 0x0efc BridgeMP - ok
21:34:37.0425 0x0efc [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:34:37.0483 0x0efc Browser - ok
21:34:37.0537 0x0efc [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:34:37.0604 0x0efc Brserid - ok
21:34:37.0622 0x0efc [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:34:37.0650 0x0efc BrSerWdm - ok
21:34:37.0659 0x0efc [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:34:37.0690 0x0efc BrUsbMdm - ok
21:34:37.0720 0x0efc [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:34:37.0748 0x0efc BrUsbSer - ok
21:34:37.0775 0x0efc [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:34:37.0816 0x0efc BTHMODEM - ok
21:34:37.0864 0x0efc [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:34:37.0918 0x0efc bthserv - ok
21:34:37.0990 0x0efc c2wts - ok
21:34:38.0016 0x0efc [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:34:38.0069 0x0efc cdfs - ok
21:34:38.0138 0x0efc [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:34:38.0156 0x0efc cdrom - ok
21:34:38.0175 0x0efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:34:38.0213 0x0efc CertPropSvc - ok
21:34:38.0259 0x0efc [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:34:38.0282 0x0efc circlass - ok
21:34:38.0432 0x0efc [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
21:34:38.0477 0x0efc CLFS - ok
21:34:38.0533 0x0efc [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:34:38.0589 0x0efc clr_optimization_v2.0.50727_32 - ok
21:34:38.0640 0x0efc [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:34:38.0656 0x0efc clr_optimization_v2.0.50727_64 - ok
21:34:38.0804 0x0efc [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:34:38.0987 0x0efc clr_optimization_v4.0.30319_32 - ok
21:34:39.0020 0x0efc [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:34:39.0059 0x0efc clr_optimization_v4.0.30319_64 - ok
21:34:39.0082 0x0efc [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:34:39.0115 0x0efc CmBatt - ok
21:34:39.0655 0x0efc [ 848B4EBA6C41F33D8B26B909A612BEBD, 3AC44D6A2B864DA9A17D6AB5581257359E961C4AFC627080C3168C8B5D65A00D ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
21:34:39.0864 0x0efc CmdAgent - ok
21:34:39.0924 0x0efc [ F33404455DBD79B7C85B8969C70537B5, B8975B0F748F02E3178C1148F9F0C5B71726ACBB88ED5C9351779F37001D377A ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
21:34:39.0936 0x0efc cmderd - ok
21:34:39.0993 0x0efc [ 347C6F4A0A2B51BB651DDDE0CA7E300B, 5722CEBEEF87A7BCFB20C9B5C24C8628130A5FF0BF6F6AB3A19CE60313EF4BBA ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
21:34:40.0026 0x0efc cmdGuard - ok
21:34:40.0043 0x0efc [ 12944DDE0FBE29DAE48B2FFE740F3C36, 6B8381131AFFCE362D9D9583B35EFB76FD983EF97A939F4EBEF52E167B72F14F ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
21:34:40.0058 0x0efc cmdHlp - ok
21:34:40.0074 0x0efc [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:34:40.0087 0x0efc cmdide - ok
21:34:40.0157 0x0efc [ 7906367DCA033F747F7F0426A9F7C97E, 855BCFF8F71C692AA9B15B0378C4C257104078F0D435F3649C84A1068B568FAB ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
21:34:40.0232 0x0efc cmdvirth - ok
21:34:40.0274 0x0efc [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
21:34:40.0312 0x0efc CNG - ok
21:34:40.0337 0x0efc [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:34:40.0372 0x0efc Compbatt - ok
21:34:40.0409 0x0efc [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:34:40.0453 0x0efc CompositeBus - ok
21:34:40.0477 0x0efc COMSysApp - ok
21:34:40.0490 0x0efc [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:34:40.0508 0x0efc crcdisk - ok
21:34:40.0611 0x0efc [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:34:40.0689 0x0efc CryptSvc - ok
21:34:40.0779 0x0efc [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
21:34:40.0870 0x0efc CSC - ok
21:34:40.0932 0x0efc [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
21:34:41.0005 0x0efc CscService - ok
21:34:41.0086 0x0efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:34:41.0151 0x0efc DcomLaunch - ok
21:34:41.0202 0x0efc [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:34:41.0252 0x0efc defragsvc - ok
21:34:41.0290 0x0efc [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:34:41.0394 0x0efc DfsC - ok
21:34:41.0461 0x0efc [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:34:41.0572 0x0efc Dhcp - ok
21:34:41.0678 0x0efc [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
21:34:41.0791 0x0efc DiagTrack - ok
21:34:42.0037 0x0efc [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
21:34:42.0110 0x0efc Disc Soft Lite Bus Service - ok
21:34:42.0173 0x0efc [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:34:42.0286 0x0efc discache - ok
21:34:42.0353 0x0efc [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:34:42.0375 0x0efc Disk - ok
21:34:42.0429 0x0efc [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
21:34:42.0551 0x0efc dmvsc - ok
21:34:42.0624 0x0efc [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:34:42.0681 0x0efc Dnscache - ok
21:34:42.0767 0x0efc [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:34:42.0851 0x0efc dot3svc - ok
21:34:42.0919 0x0efc [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:34:43.0000 0x0efc DPS - ok
21:34:43.0056 0x0efc [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:34:43.0112 0x0efc drmkaud - ok
21:34:43.0159 0x0efc [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\Windows\system32\DRIVERS\dtlitescsibus.sys
21:34:43.0176 0x0efc dtlitescsibus - ok
21:34:43.0254 0x0efc [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:34:43.0295 0x0efc DXGKrnl - ok
21:34:43.0330 0x0efc [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:34:43.0406 0x0efc EapHost - ok
21:34:43.0619 0x0efc [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:34:43.0751 0x0efc ebdrv - ok
21:34:43.0809 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS C:\Windows\System32\lsass.exe
21:34:43.0860 0x0efc EFS - ok
21:34:43.0912 0x0efc [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:34:43.0971 0x0efc ehRecvr - ok
21:34:43.0997 0x0efc [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:34:44.0015 0x0efc ehSched - ok
21:34:44.0061 0x0efc [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:34:44.0089 0x0efc elxstor - ok
21:34:44.0196 0x0efc [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:34:44.0246 0x0efc ErrDev - ok
21:34:44.0390 0x0efc [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:34:44.0509 0x0efc EventSystem - ok
21:34:44.0541 0x0efc [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:34:44.0654 0x0efc exfat - ok
21:34:44.0764 0x0efc [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:34:44.0806 0x0efc fastfat - ok
21:34:44.0954 0x0efc [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:34:45.0110 0x0efc Fax - ok
21:34:45.0141 0x0efc [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:34:45.0175 0x0efc fdc - ok
21:34:45.0203 0x0efc [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:34:45.0268 0x0efc fdPHost - ok
21:34:45.0290 0x0efc [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:34:45.0334 0x0efc FDResPub - ok
21:34:45.0348 0x0efc [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:34:45.0364 0x0efc FileInfo - ok
21:34:45.0374 0x0efc [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:34:45.0429 0x0efc Filetrace - ok
21:34:45.0458 0x0efc [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:34:45.0494 0x0efc flpydisk - ok
21:34:45.0540 0x0efc [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:34:45.0561 0x0efc FltMgr - ok
21:34:45.0651 0x0efc [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
21:34:45.0723 0x0efc FontCache - ok
21:34:45.0762 0x0efc [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:34:45.0777 0x0efc FontCache3.0.0.0 - ok
21:34:45.0792 0x0efc [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:34:45.0806 0x0efc FsDepends - ok
21:34:45.0829 0x0efc [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:34:45.0846 0x0efc Fs_Rec - ok
21:34:46.0009 0x0efc [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
21:34:46.0056 0x0efc fussvc - detected UnsignedFile.Multi.Generic ( 1 )
21:34:48.0454 0x0efc Detect skipped due to KSN trusted
21:34:48.0454 0x0efc fussvc - ok
21:34:48.0495 0x0efc [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:34:48.0518 0x0efc fvevol - ok
21:34:48.0546 0x0efc [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:34:48.0561 0x0efc gagp30kx - ok
21:34:48.0596 0x0efc [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:34:48.0669 0x0efc gpsvc - ok
21:34:48.0718 0x0efc [ 3F95931AEEA6DEF9FC02C565D2EFC145, A77CE97B0143A035D7C2655C2BF31008D4D555EF63CCF188EC58D5611782E635 ] hcmon C:\Windows\system32\drivers\hcmon.sys
21:34:48.0731 0x0efc hcmon - ok
21:34:48.0746 0x0efc [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:34:48.0777 0x0efc hcw85cir - ok
21:34:48.0815 0x0efc [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:34:48.0842 0x0efc HdAudAddService - ok
21:34:48.0862 0x0efc [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:34:48.0886 0x0efc HDAudBus - ok
21:34:48.0903 0x0efc [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:34:48.0925 0x0efc HidBatt - ok
21:34:48.0936 0x0efc [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:34:48.0971 0x0efc HidBth - ok
21:34:49.0014 0x0efc [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:34:49.0057 0x0efc HidIr - ok
21:34:49.0107 0x0efc [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
21:34:49.0145 0x0efc hidserv - ok
21:34:49.0182 0x0efc [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
21:34:49.0216 0x0efc HidUsb - ok
21:34:49.0251 0x0efc [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:34:49.0307 0x0efc hkmsvc - ok
21:34:49.0333 0x0efc [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:34:49.0383 0x0efc HomeGroupListener - ok
21:34:49.0412 0x0efc [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:34:49.0450 0x0efc HomeGroupProvider - ok
21:34:49.0476 0x0efc [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:34:49.0492 0x0efc HpSAMD - ok
21:34:49.0541 0x0efc [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:34:49.0595 0x0efc HTTP - ok
21:34:49.0615 0x0efc [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:34:49.0632 0x0efc hwpolicy - ok
21:34:49.0647 0x0efc [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:34:49.0665 0x0efc i8042prt - ok
21:34:49.0700 0x0efc [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:34:49.0723 0x0efc iaStorV - ok
21:34:49.0823 0x0efc [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:34:49.0871 0x0efc idsvc - ok
21:34:49.0901 0x0efc IEEtwCollectorService - ok
21:34:50.0089 0x0efc [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
21:34:50.0322 0x0efc igfx - ok
21:34:50.0368 0x0efc [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:34:50.0384 0x0efc iirsp - ok
21:34:50.0422 0x0efc [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:34:50.0462 0x0efc IKEEXT - ok
21:34:50.0513 0x0efc [ 0FFA95F1171F64F2A51F69A75B1EFF4A, 1F0001D519756DE74477D9398F300187665EBDF1AD902F68A967C2F95C4F85DF ] inspect C:\Windows\system32\DRIVERS\inspect.sys
21:34:50.0529 0x0efc inspect - ok
21:34:50.0547 0x0efc [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:34:50.0561 0x0efc intelide - ok
21:34:50.0586 0x0efc [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:34:50.0620 0x0efc intelppm - ok
21:34:50.0647 0x0efc [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:34:50.0688 0x0efc IPBusEnum - ok
21:34:50.0719 0x0efc [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:34:50.0771 0x0efc IpFilterDriver - ok
21:34:50.0808 0x0efc [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:34:50.0863 0x0efc iphlpsvc - ok
21:34:50.0885 0x0efc [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:34:50.0922 0x0efc IPMIDRV - ok
21:34:50.0946 0x0efc [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:34:51.0003 0x0efc IPNAT - ok
21:34:51.0025 0x0efc [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:34:51.0046 0x0efc IRENUM - ok
21:34:51.0059 0x0efc [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:34:51.0073 0x0efc isapnp - ok
21:34:51.0088 0x0efc [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:34:51.0117 0x0efc iScsiPrt - ok
21:34:51.0137 0x0efc [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
21:34:51.0155 0x0efc kbdclass - ok
21:34:51.0162 0x0efc [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:34:51.0199 0x0efc kbdhid - ok
21:34:51.0218 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso C:\Windows\system32\lsass.exe
21:34:51.0234 0x0efc KeyIso - ok
21:34:51.0272 0x0efc [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:34:51.0301 0x0efc KSecDD - ok
21:34:51.0328 0x0efc [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:34:51.0346 0x0efc KSecPkg - ok
21:34:51.0353 0x0efc [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:34:51.0390 0x0efc ksthunk - ok
21:34:51.0445 0x0efc [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:34:51.0504 0x0efc KtmRm - ok
21:34:51.0545 0x0efc [ B8E670D7EF61615FA03104552854FAC9, 4037B5A5D1E6E0310B73D5AF8E40A5C0ED4AD238F0EDAFF6AC6F392A2886197F ] L1E C:\Windows\system32\DRIVERS\L1E62x64.sys
21:34:51.0580 0x0efc L1E - ok
21:34:51.0614 0x0efc [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:34:51.0676 0x0efc LanmanServer - ok
21:34:51.0732 0x0efc [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:34:51.0797 0x0efc LanmanWorkstation - ok
21:34:51.0828 0x0efc [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:34:51.0881 0x0efc lltdio - ok
21:34:51.0910 0x0efc [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:34:51.0979 0x0efc lltdsvc - ok
21:34:52.0003 0x0efc [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:34:52.0054 0x0efc lmhosts - ok
21:34:52.0099 0x0efc [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:34:52.0116 0x0efc LSI_FC - ok
21:34:52.0130 0x0efc [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:34:52.0146 0x0efc LSI_SAS - ok
21:34:52.0157 0x0efc [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:34:52.0175 0x0efc LSI_SAS2 - ok
21:34:52.0189 0x0efc [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:34:52.0205 0x0efc LSI_SCSI - ok
21:34:52.0222 0x0efc [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:34:52.0262 0x0efc luafv - ok
21:34:52.0309 0x0efc [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon C:\Windows\system32\drivers\mbamchameleon.sys
21:34:52.0324 0x0efc mbamchameleon - ok
21:34:52.0373 0x0efc [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
21:34:52.0384 0x0efc MBAMProtector - ok
21:34:52.0494 0x0efc [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
21:34:52.0591 0x0efc MBAMScheduler - ok
21:34:52.0632 0x0efc [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
21:34:52.0690 0x0efc MBAMService - ok
21:34:52.0721 0x0efc [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:34:52.0749 0x0efc MBAMWebAccessControl - ok
21:34:52.0785 0x0efc [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:34:52.0822 0x0efc Mcx2Svc - ok
21:34:52.0869 0x0efc [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:34:52.0917 0x0efc megasas - ok
21:34:52.0936 0x0efc [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:34:52.0957 0x0efc MegaSR - ok
21:34:52.0980 0x0efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:34:53.0032 0x0efc MMCSS - ok
21:34:53.0055 0x0efc [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:34:53.0099 0x0efc Modem - ok
21:34:53.0133 0x0efc [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:34:53.0149 0x0efc monitor - ok
21:34:53.0170 0x0efc [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
21:34:53.0188 0x0efc mouclass - ok
21:34:53.0194 0x0efc [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:34:53.0230 0x0efc mouhid - ok
21:34:53.0278 0x0efc [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:34:53.0294 0x0efc mountmgr - ok
21:34:53.0344 0x0efc [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:34:53.0407 0x0efc MozillaMaintenance - ok
21:34:53.0421 0x0efc [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:34:53.0442 0x0efc mpio - ok
21:34:53.0460 0x0efc [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:34:53.0501 0x0efc mpsdrv - ok
21:34:53.0535 0x0efc [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:34:53.0617 0x0efc MpsSvc - ok
21:34:53.0653 0x0efc [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:34:53.0695 0x0efc MRxDAV - ok
21:34:53.0753 0x0efc [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:34:53.0867 0x0efc mrxsmb - ok
21:34:53.0900 0x0efc [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:34:53.0946 0x0efc mrxsmb10 - ok
21:34:53.0979 0x0efc [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:34:54.0059 0x0efc mrxsmb20 - ok
21:34:54.0126 0x0efc [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:34:54.0168 0x0efc msahci - ok
21:34:54.0205 0x0efc [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:34:54.0222 0x0efc msdsm - ok
21:34:54.0233 0x0efc [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:34:54.0266 0x0efc MSDTC - ok
21:34:54.0305 0x0efc [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:34:54.0342 0x0efc Msfs - ok
21:34:54.0366 0x0efc [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:34:54.0417 0x0efc mshidkmdf - ok
21:34:54.0441 0x0efc [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:34:54.0459 0x0efc msisadrv - ok
21:34:54.0484 0x0efc [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:34:54.0553 0x0efc MSiSCSI - ok
21:34:54.0558 0x0efc msiserver - ok
21:34:54.0613 0x0efc [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:34:54.0673 0x0efc MSKSSRV - ok
21:34:54.0697 0x0efc [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:34:54.0773 0x0efc MSPCLOCK - ok
21:34:54.0778 0x0efc [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:34:54.0837 0x0efc MSPQM - ok
21:34:54.0914 0x0efc [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:34:54.0937 0x0efc MsRPC - ok
21:34:54.0958 0x0efc [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:34:54.0971 0x0efc mssmbios - ok
21:34:54.0992 0x0efc [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:34:55.0042 0x0efc MSTEE - ok
21:34:55.0062 0x0efc [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:34:55.0095 0x0efc MTConfig - ok
21:34:55.0127 0x0efc [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
21:34:55.0167 0x0efc MTsensor - ok
21:34:55.0182 0x0efc [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:34:55.0197 0x0efc Mup - ok
21:34:55.0227 0x0efc [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:34:55.0294 0x0efc napagent - ok
21:34:55.0342 0x0efc [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:34:55.0369 0x0efc NativeWifiP - ok
21:34:55.0453 0x0efc [ 3BAE2BFCB6D69E19C8373F635DD544DC, A32DB5282ED5AFC1650883B1870E46FDC029EF9225075E6916D2E371F18D8B9E ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
21:34:55.0569 0x0efc NBService - ok
21:34:55.0617 0x0efc [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:34:55.0655 0x0efc NDIS - ok
21:34:55.0672 0x0efc [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:34:55.0711 0x0efc NdisCap - ok
21:34:55.0729 0x0efc [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:34:55.0783 0x0efc NdisTapi - ok
21:34:55.0816 0x0efc [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:34:55.0853 0x0efc Ndisuio - ok
21:34:55.0874 0x0efc [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:34:55.0956 0x0efc NdisWan - ok
21:34:55.0982 0x0efc [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:34:56.0017 0x0efc NDProxy - ok
21:34:56.0055 0x0efc [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:34:56.0156 0x0efc NetBIOS - ok
21:34:56.0266 0x0efc [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:34:56.0411 0x0efc NetBT - ok
21:34:56.0495 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon C:\Windows\system32\lsass.exe
21:34:56.0583 0x0efc Netlogon - ok
21:34:56.0736 0x0efc [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:34:56.0887 0x0efc Netman - ok
21:34:57.0000 0x0efc [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:57.0120 0x0efc NetMsmqActivator - ok
21:34:57.0136 0x0efc [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:57.0154 0x0efc NetPipeActivator - ok
21:34:57.0189 0x0efc [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:34:57.0256 0x0efc netprofm - ok
21:34:57.0280 0x0efc [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:57.0298 0x0efc NetTcpActivator - ok
21:34:57.0305 0x0efc [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:34:57.0322 0x0efc NetTcpPortSharing - ok
21:34:57.0348 0x0efc [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:34:57.0363 0x0efc nfrd960 - ok
21:34:57.0384 0x0efc [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
21:34:57.0439 0x0efc NlaSvc - ok
21:34:57.0534 0x0efc [ 193FA51DDDD0BFFDED1C340F0434999A, C05CA0A8568E9CBDA15633ED420C29F52082114B2B9F24EB61369E42C480C080 ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
21:34:57.0609 0x0efc NMIndexingService - ok
21:34:57.0663 0x0efc [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:34:57.0711 0x0efc Npfs - ok
21:34:57.0743 0x0efc [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:34:57.0783 0x0efc nsi - ok
21:34:57.0807 0x0efc [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:34:57.0846 0x0efc nsiproxy - ok
21:34:58.0085 0x0efc [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:34:58.0231 0x0efc Ntfs - ok
21:34:58.0273 0x0efc [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:34:58.0382 0x0efc Null - ok
21:34:59.0164 0x0efc [ C22FADC26662FC182ACB89D082B6999A, D91AF8F8125701AA1FA03499AD5CC199832EB13E06D445EE766DE3773CF7BF7B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:34:59.0596 0x0efc nvlddmkm - ok
21:34:59.0712 0x0efc [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:34:59.0746 0x0efc nvraid - ok
21:34:59.0786 0x0efc [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:34:59.0804 0x0efc nvstor - ok
21:34:59.0886 0x0efc [ 8EE5AA5E63D70E3A073A98E3E6CEFE5B, 68BBBEF6FBF2288DF18C66E00D2FBD74C4DDE9FAF909B1947D00DF60EE3D57E9 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:34:59.0920 0x0efc nvsvc - ok
21:34:59.0966 0x0efc [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:34:59.0981 0x0efc nvvad_WaveExtensible - ok
21:35:00.0005 0x0efc [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:35:00.0037 0x0efc nv_agp - ok
21:35:00.0063 0x0efc [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:35:00.0108 0x0efc ohci1394 - ok
21:35:00.0166 0x0efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:35:00.0324 0x0efc p2pimsvc - ok
21:35:00.0503 0x0efc [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:35:00.0653 0x0efc p2psvc - ok
21:35:00.0671 0x0efc [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
21:35:00.0711 0x0efc Parport - ok
21:35:00.0814 0x0efc [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:35:00.0857 0x0efc partmgr - ok
21:35:00.0910 0x0efc [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
21:35:01.0066 0x0efc PcaSvc - ok
21:35:01.0195 0x0efc [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:35:01.0242 0x0efc pci - ok
21:35:01.0304 0x0efc [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:35:01.0325 0x0efc pciide - ok
21:35:01.0386 0x0efc [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:35:01.0413 0x0efc pcmcia - ok
21:35:01.0429 0x0efc [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:35:01.0446 0x0efc pcw - ok
21:35:01.0498 0x0efc [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:35:01.0559 0x0efc PEAUTH - ok
21:35:01.0624 0x0efc [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:35:01.0720 0x0efc PeerDistSvc - ok
21:35:01.0777 0x0efc [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:35:01.0815 0x0efc PerfHost - ok
21:35:01.0926 0x0efc [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:35:02.0016 0x0efc pla - ok
21:35:02.0087 0x0efc [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\SysWOW64\IoctlSvc.exe
21:35:02.0174 0x0efc PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic ( 1 )
21:35:04.0730 0x0efc Detect skipped due to KSN trusted
21:35:04.0730 0x0efc PLFlash DeviceIoControl Service - ok
21:35:04.0774 0x0efc [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:35:04.0836 0x0efc PlugPlay - ok
21:35:04.0861 0x0efc [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:35:04.0891 0x0efc PNRPAutoReg - ok
21:35:04.0951 0x0efc [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:35:04.0975 0x0efc PNRPsvc - ok
21:35:05.0029 0x0efc [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:35:05.0079 0x0efc PolicyAgent - ok
21:35:05.0110 0x0efc [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:35:05.0175 0x0efc Power - ok
21:35:05.0214 0x0efc [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:35:05.0268 0x0efc PptpMiniport - ok
21:35:05.0297 0x0efc [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:35:05.0337 0x0efc Processor - ok
21:35:05.0382 0x0efc [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
21:35:05.0426 0x0efc ProfSvc - ok
21:35:05.0446 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:35:05.0462 0x0efc ProtectedStorage - ok
21:35:05.0503 0x0efc [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:35:05.0572 0x0efc Psched - ok
21:35:05.0724 0x0efc [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:35:05.0792 0x0efc ql2300 - ok
21:35:05.0821 0x0efc [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:35:05.0843 0x0efc ql40xx - ok
21:35:05.0869 0x0efc [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:35:05.0896 0x0efc QWAVE - ok
21:35:05.0910 0x0efc [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:35:05.0949 0x0efc QWAVEdrv - ok
21:35:05.0979 0x0efc [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:35:06.0049 0x0efc RasAcd - ok
21:35:06.0164 0x0efc [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:35:06.0201 0x0efc RasAgileVpn - ok
21:35:06.0240 0x0efc [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:35:06.0294 0x0efc RasAuto - ok
21:35:06.0353 0x0efc [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:35:06.0415 0x0efc Rasl2tp - ok
21:35:06.0441 0x0efc [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:35:06.0486 0x0efc RasMan - ok
21:35:06.0519 0x0efc [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:35:06.0557 0x0efc RasPppoe - ok
21:35:06.0567 0x0efc [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:35:06.0621 0x0efc RasSstp - ok
21:35:06.0662 0x0efc [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:35:06.0706 0x0efc rdbss - ok
21:35:06.0721 0x0efc [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
21:35:06.0738 0x0efc rdpbus - ok
21:35:06.0744 0x0efc [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:35:06.0783 0x0efc RDPCDD - ok
21:35:06.0822 0x0efc [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:35:06.0876 0x0efc RDPDR - ok
21:35:06.0913 0x0efc [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:35:06.0951 0x0efc RDPENCDD - ok
21:35:06.0962 0x0efc [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:35:07.0011 0x0efc RDPREFMP - ok
21:35:07.0061 0x0efc [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:35:07.0167 0x0efc RdpVideoMiniport - ok
21:35:07.0204 0x0efc [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:35:07.0240 0x0efc RDPWD - ok
21:35:07.0278 0x0efc [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:35:07.0296 0x0efc rdyboost - ok
21:35:07.0322 0x0efc [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:35:07.0381 0x0efc RemoteAccess - ok
21:35:07.0421 0x0efc [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:35:07.0515 0x0efc RemoteRegistry - ok
21:35:07.0562 0x0efc [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:35:07.0616 0x0efc RpcEptMapper - ok
21:35:07.0643 0x0efc [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:35:07.0677 0x0efc RpcLocator - ok
21:35:07.0707 0x0efc [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:35:07.0756 0x0efc RpcSs - ok
21:35:07.0799 0x0efc [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:35:07.0838 0x0efc rspndr - ok
21:35:07.0859 0x0efc [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
21:35:07.0890 0x0efc s3cap - ok
21:35:07.0913 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs C:\Windows\system32\lsass.exe
21:35:07.0947 0x0efc SamSs - ok
21:35:08.0018 0x0efc [ 4752E1DBF5671A941CFA6DFC4C840EB7, FEA249AA3F153398161DA8A43165E5B76C291B690C3DDF5D496099771842E273 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
21:35:08.0034 0x0efc SbieDrv - ok
21:35:08.0046 0x0efc [ 208D06C26717783E07104F30B9D3F301, 0F020277740B5AC03DC46592896B7B83AE658DAEDD796EDD1109AE4B7C14DF22 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
21:35:08.0062 0x0efc SbieSvc - ok
21:35:08.0074 0x0efc [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:35:08.0091 0x0efc sbp2port - ok
21:35:08.0115 0x0efc [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:35:08.0174 0x0efc SCardSvr - ok
21:35:08.0195 0x0efc [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:35:08.0231 0x0efc scfilter - ok
21:35:08.0397 0x0efc [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
21:35:08.0480 0x0efc Schedule - ok
21:35:08.0506 0x0efc [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:35:08.0555 0x0efc SCPolicySvc - ok
21:35:08.0600 0x0efc [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:35:08.0639 0x0efc SDRSVC - ok
21:35:08.0659 0x0efc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:35:08.0689 0x0efc secdrv - ok
21:35:08.0720 0x0efc [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:35:08.0757 0x0efc seclogon - ok
21:35:08.0772 0x0efc [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
21:35:08.0815 0x0efc SENS - ok
21:35:08.0830 0x0efc [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:35:08.0868 0x0efc SensrSvc - ok
21:35:08.0873 0x0efc [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
21:35:08.0899 0x0efc Serenum - ok
21:35:08.0921 0x0efc [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
21:35:08.0939 0x0efc Serial - ok
21:35:08.0950 0x0efc [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:35:08.0966 0x0efc sermouse - ok
21:35:08.0990 0x0efc [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:35:09.0031 0x0efc SessionEnv - ok
21:35:09.0049 0x0efc [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:35:09.0067 0x0efc sffdisk - ok
21:35:09.0080 0x0efc [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:35:09.0110 0x0efc sffp_mmc - ok
21:35:09.0134 0x0efc [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:35:09.0152 0x0efc sffp_sd - ok
21:35:09.0162 0x0efc [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:35:09.0178 0x0efc sfloppy - ok
21:35:09.0206 0x0efc [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:35:09.0254 0x0efc SharedAccess - ok
21:35:09.0276 0x0efc [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:35:09.0346 0x0efc ShellHWDetection - ok
21:35:09.0386 0x0efc [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:35:09.0400 0x0efc SiSRaid2 - ok
21:35:09.0414 0x0efc [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:35:09.0429 0x0efc SiSRaid4 - ok
21:35:09.0448 0x0efc [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:35:09.0504 0x0efc Smb - ok
21:35:09.0529 0x0efc [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:35:09.0547 0x0efc SNMPTRAP - ok
21:35:09.0556 0x0efc [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:35:09.0570 0x0efc spldr - ok
21:35:09.0619 0x0efc [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:35:09.0664 0x0efc Spooler - ok
21:35:09.0778 0x0efc [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:35:09.0929 0x0efc sppsvc - ok
21:35:09.0945 0x0efc [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:35:10.0008 0x0efc sppuinotify - ok
21:35:10.0064 0x0efc [ FEB80A9EC320569CC82D4DB9F4AC78BC, E6340CDA9B5F59DBE68128356E357FEDA3655A296BFE4B7F44944F2DE5DA9765 ] sptd C:\Windows\System32\Drivers\sptd.sys
21:35:10.0092 0x0efc sptd - ok
21:35:10.0176 0x0efc [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
21:35:10.0199 0x0efc SQLWriter - ok
21:35:10.0224 0x0efc [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:35:10.0292 0x0efc srv - ok
21:35:10.0319 0x0efc [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:35:10.0361 0x0efc srv2 - ok
21:35:10.0382 0x0efc [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:35:10.0400 0x0efc srvnet - ok
21:35:10.0432 0x0efc [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:35:10.0487 0x0efc SSDPSRV - ok
21:35:10.0509 0x0efc [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:35:10.0555 0x0efc SstpSvc - ok
21:35:10.0574 0x0efc [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:35:10.0597 0x0efc stexstor - ok
21:35:10.0649 0x0efc [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:35:10.0688 0x0efc stisvc - ok
21:35:10.0722 0x0efc [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
21:35:10.0737 0x0efc storflt - ok
21:35:10.0747 0x0efc [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:35:10.0761 0x0efc storvsc - ok
21:35:10.0774 0x0efc [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:35:10.0788 0x0efc swenum - ok
21:35:10.0812 0x0efc [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:35:10.0865 0x0efc swprv - ok
21:35:10.0887 0x0efc [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
21:35:10.0912 0x0efc Synth3dVsc - ok
21:35:11.0143 0x0efc [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
21:35:11.0239 0x0efc SysMain - ok
21:35:11.0266 0x0efc [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:35:11.0316 0x0efc TabletInputService - ok
21:35:11.0348 0x0efc [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:35:11.0427 0x0efc TapiSrv - ok
21:35:11.0451 0x0efc [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:35:11.0508 0x0efc TBS - ok
21:35:11.0584 0x0efc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:35:11.0649 0x0efc Tcpip - ok
21:35:11.0710 0x0efc [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:35:11.0774 0x0efc TCPIP6 - ok
21:35:11.0799 0x0efc [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:35:11.0817 0x0efc tcpipreg - ok
21:35:11.0837 0x0efc [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:35:11.0884 0x0efc TDPIPE - ok
21:35:11.0889 0x0efc [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:35:11.0905 0x0efc TDTCP - ok
21:35:11.0958 0x0efc [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:35:12.0023 0x0efc tdx - ok
21:35:12.0156 0x0efc [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
21:35:12.0191 0x0efc Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
21:35:14.0619 0x0efc Detect skipped due to KSN trusted
21:35:14.0619 0x0efc Te.Service - ok
21:35:14.0656 0x0efc [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:35:14.0671 0x0efc TermDD - ok
21:35:14.0697 0x0efc [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt C:\Windows\system32\drivers\terminpt.sys
21:35:14.0735 0x0efc terminpt - ok
21:35:14.0788 0x0efc [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
21:35:14.0838 0x0efc TermService - ok
21:35:14.0876 0x0efc [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:35:14.0900 0x0efc Themes - ok
21:35:14.0942 0x0efc [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:35:14.0982 0x0efc THREADORDER - ok
21:35:15.0021 0x0efc [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:35:15.0068 0x0efc TrkWks - ok
21:35:15.0111 0x0efc [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:35:15.0171 0x0efc TrustedInstaller - ok
21:35:15.0207 0x0efc [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:35:15.0243 0x0efc tssecsrv - ok
21:35:15.0281 0x0efc [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:35:15.0321 0x0efc TsUsbFlt - ok
21:35:15.0340 0x0efc [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:35:15.0393 0x0efc TsUsbGD - ok
21:35:15.0430 0x0efc [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
21:35:15.0466 0x0efc tsusbhub - ok
21:35:15.0497 0x0efc [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:35:15.0550 0x0efc tunnel - ok
21:35:15.0575 0x0efc [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:35:15.0590 0x0efc uagp35 - ok
21:35:15.0607 0x0efc [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:35:15.0651 0x0efc udfs - ok
21:35:15.0674 0x0efc [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:35:15.0695 0x0efc UI0Detect - ok
21:35:15.0717 0x0efc [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:35:15.0735 0x0efc uliagpkx - ok
21:35:15.0776 0x0efc [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:35:15.0818 0x0efc umbus - ok
21:35:15.0838 0x0efc [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:35:15.0865 0x0efc UmPass - ok
21:35:15.0899 0x0efc [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
21:35:15.0935 0x0efc UmRdpService - ok
21:35:15.0970 0x0efc [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:35:16.0028 0x0efc upnphost - ok
21:35:16.0058 0x0efc [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:35:16.0144 0x0efc usbccgp - ok
21:35:16.0283 0x0efc [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:35:16.0386 0x0efc usbcir - ok
21:35:16.0470 0x0efc [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
21:35:16.0496 0x0efc usbehci - ok
21:35:16.0570 0x0efc [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:35:16.0611 0x0efc usbhub - ok
21:35:16.0635 0x0efc [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:35:16.0667 0x0efc usbohci - ok
21:35:16.0707 0x0efc [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:35:16.0725 0x0efc usbprint - ok
21:35:16.0745 0x0efc [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:35:16.0834 0x0efc USBSTOR - ok
21:35:16.0863 0x0efc [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
21:35:16.0905 0x0efc usbuhci - ok
21:35:16.0943 0x0efc [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:35:17.0008 0x0efc usbvideo - ok
21:35:17.0054 0x0efc [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:35:17.0121 0x0efc UxSms - ok
21:35:17.0140 0x0efc [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc C:\Windows\system32\lsass.exe
21:35:17.0158 0x0efc VaultSvc - ok
21:35:17.0218 0x0efc [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:35:17.0252 0x0efc vdrvroot - ok
21:35:17.0344 0x0efc [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:35:17.0453 0x0efc vds - ok
21:35:17.0510 0x0efc [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:35:17.0536 0x0efc vga - ok
21:35:17.0565 0x0efc [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:35:17.0652 0x0efc VgaSave - ok
21:35:17.0656 0x0efc VGPU - ok
21:35:17.0686 0x0efc [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:35:17.0706 0x0efc vhdmp - ok
21:35:17.0730 0x0efc [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:35:17.0745 0x0efc viaide - ok
21:35:17.0815 0x0efc [ 225E1E03B2AABE2D493FCDB459303701, 6123280A48E973AC9696954879CF5F791E6D52CBE0BD07F291437D1A82413891 ] VMAuthdService C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
21:35:17.0827 0x0efc VMAuthdService - ok
21:35:17.0865 0x0efc [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:35:17.0883 0x0efc vmbus - ok
21:35:17.0895 0x0efc [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
21:35:17.0928 0x0efc VMBusHID - ok
21:35:17.0961 0x0efc [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci C:\Windows\system32\DRIVERS\vmci.sys
21:35:17.0976 0x0efc vmci - ok
21:35:18.0004 0x0efc [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:35:18.0018 0x0efc VMnetAdapter - ok
21:35:18.0032 0x0efc [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:35:18.0047 0x0efc VMnetBridge - ok
21:35:18.0772 0x0efc [ 98E73D79FCD3D48E31EE999B5DF1B0ED, FBDC884BD9376C7E8727BACCF6482207166634F4B2644C8C794295094B29426E ] VMnetDHCP C:\Windows\SysWOW64\vmnetdhcp.exe
21:35:18.0792 0x0efc VMnetDHCP - ok
21:35:18.0802 0x0efc [ B564A598B9B31E9358B2D6C9BC96D710, 19A9EFC08AE11A31169F712C577EBAFFF0A37311271FD46F02873286C8281DB7 ] VMnetuserif C:\Windows\system32\drivers\vmnetuserif.sys
21:35:18.0814 0x0efc VMnetuserif - ok
21:35:18.0833 0x0efc [ 1507AD521DA518B289DF349791EB702C, 601DA4133A9F6AB7C9CD3EC48544D4A14F0CCAD4C867DED4C368A353D7F079B7 ] VMparport C:\Windows\system32\drivers\VMparport.sys
21:35:18.0845 0x0efc VMparport - ok
21:35:18.0914 0x0efc [ 15D702F235BD1077007A180EEFB9DBB8, 610794EB9AF68789F46D193EF11B406D190096DF9EC557563798D625806D5704 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:35:18.0972 0x0efc VMUSBArbService - ok
21:35:19.0011 0x0efc [ 0769FDF4C15D9EDD3CAAC148A8EDC2E5, 65E5CA9461C47491E83EBD755C10AE1665E71D2B73F2CE97A59B9E7380D42E8D ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
21:35:19.0047 0x0efc VMware NAT Service - ok
21:35:19.0386 0x0efc [ 3EEEA5B5EDB54E2969CE2B8599D45983, F9AB57B13DA4330B9BD31611CC968F1B5E6AB1EA7AE3E08CA2E6F5DDBFA28674 ] VMwareHostd C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
21:35:22.0540 0x0efc VMwareHostd - ok
21:35:22.0608 0x0efc [ 8FCCBE30DC217C244CE38DD7F9B673C3, C1E6E65A435D764695C4B9411ED623D626D8A744E3E09752FBB66260D9ACE8D6 ] vmx86 C:\Windows\system32\drivers\vmx86.sys
21:35:22.0645 0x0efc vmx86 - ok
21:35:22.0703 0x0efc [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:35:22.0734 0x0efc volmgr - ok
21:35:22.0847 0x0efc [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:35:22.0895 0x0efc volmgrx - ok
21:35:22.0932 0x0efc [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:35:23.0006 0x0efc volsnap - ok
21:35:23.0139 0x0efc [ ED1F4BDF68C649C6F79A02502BB6C9BC, 3D2830822D4A2C7B3676100B27DEC7B1C2EF640DA36C6543365A9CF2A61BF68E ] VsEtwService120 C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe
21:35:23.0186 0x0efc VsEtwService120 - ok
21:35:23.0224 0x0efc [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:35:23.0252 0x0efc vsmraid - ok
21:35:23.0310 0x0efc [ 1C7DC94FDCABD06D24C3A532DC33FB34, 5403724E70ABBE1070958CA58496DB2237F35CAB37296E1ECB64D4A0FE432AC1 ] vsock C:\Windows\system32\drivers\vsock.sys
21:35:23.0342 0x0efc vsock - ok
21:35:23.0404 0x0efc [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:35:23.0512 0x0efc VSS - ok
21:35:23.0573 0x0efc [ C279CC22288F277A14620EB949F0E1B9, 8E158D7C930EA6B3ACD7194062AFB562DE8D392A32E4F93E64D06F4A20739E69 ] vstor2-mntapi20-shared C:\Windows\syswow64\drivers\vstor2-mntapi20-shared.sys
21:35:23.0587 0x0efc vstor2-mntapi20-shared - ok
21:35:23.0650 0x0efc [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
21:35:23.0684 0x0efc vwifibus - ok
21:35:23.0735 0x0efc [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:35:23.0756 0x0efc vwififlt - ok
21:35:23.0787 0x0efc [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:35:23.0836 0x0efc W32Time - ok
21:35:23.0856 0x0efc [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:35:23.0873 0x0efc WacomPen - ok
21:35:23.0901 0x0efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:35:23.0957 0x0efc WANARP - ok
21:35:23.0962 0x0efc [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:35:24.0002 0x0efc Wanarpv6 - ok
21:35:24.0098 0x0efc [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:35:24.0190 0x0efc wbengine - ok
21:35:24.0246 0x0efc [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:35:24.0310 0x0efc WbioSrvc - ok
21:35:24.0341 0x0efc [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:35:24.0398 0x0efc wcncsvc - ok
21:35:24.0410 0x0efc [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:35:24.0489 0x0efc WcsPlugInService - ok
21:35:24.0529 0x0efc [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:35:24.0543 0x0efc Wd - ok
21:35:24.0638 0x0efc [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:35:24.0688 0x0efc Wdf01000 - ok
21:35:24.0718 0x0efc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:35:24.0774 0x0efc WdiServiceHost - ok
21:35:24.0788 0x0efc [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:35:24.0805 0x0efc WdiSystemHost - ok
21:35:24.0909 0x0efc [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
21:35:24.0981 0x0efc WebClient - ok
21:35:25.0018 0x0efc [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:35:25.0061 0x0efc Wecsvc - ok
21:35:25.0090 0x0efc [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:35:25.0605 0x0efc wercplsupport - ok
21:35:25.0628 0x0efc [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:35:25.0683 0x0efc WerSvc - ok
21:35:25.0711 0x0efc [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:35:25.0747 0x0efc WfpLwf - ok
21:35:25.0761 0x0efc [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:35:25.0774 0x0efc WIMMount - ok
21:35:25.0787 0x0efc WinDefend - ok
21:35:25.0794 0x0efc WinHttpAutoProxySvc - ok
21:35:25.0836 0x0efc [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:35:25.0913 0x0efc Winmgmt - ok
21:35:25.0996 0x0efc [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
21:35:26.0102 0x0efc WinRM - ok
21:35:26.0162 0x0efc [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:35:26.0207 0x0efc Wlansvc - ok
21:35:26.0223 0x0efc [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
21:35:26.0240 0x0efc WmiAcpi - ok
21:35:26.0269 0x0efc [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:35:26.0289 0x0efc wmiApSrv - ok
21:35:26.0298 0x0efc WMPNetworkSvc - ok
21:35:26.0318 0x0efc [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:35:26.0353 0x0efc WPCSvc - ok
21:35:26.0374 0x0efc [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:35:26.0403 0x0efc WPDBusEnum - ok
21:35:26.0417 0x0efc [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:35:26.0454 0x0efc ws2ifsl - ok
21:35:26.0470 0x0efc [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:35:26.0497 0x0efc wscsvc - ok
21:35:26.0502 0x0efc WSearch - ok
21:35:26.0629 0x0efc [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv C:\Windows\system32\wuaueng.dll
21:35:26.0755 0x0efc wuauserv - ok
21:35:26.0787 0x0efc [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:35:26.0819 0x0efc WudfPf - ok
21:35:26.0860 0x0efc [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:35:26.0899 0x0efc WUDFRd - ok
21:35:26.0926 0x0efc [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:35:26.0944 0x0efc wudfsvc - ok
21:35:26.0965 0x0efc [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:35:27.0013 0x0efc WwanSvc - ok
21:35:27.0043 0x0efc ================ Scan global ===============================
21:35:27.0077 0x0efc [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:35:27.0123 0x0efc [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
21:35:27.0141 0x0efc [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
21:35:27.0169 0x0efc [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:35:27.0192 0x0efc [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:35:27.0203 0x0efc [ Global ] - ok
21:35:27.0204 0x0efc ================ Scan MBR ==================================
21:35:27.0213 0x0efc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:35:27.0732 0x0efc \Device\Harddisk0\DR0 - ok
21:35:27.0733 0x0efc ================ Scan VBR ==================================
21:35:27.0752 0x0efc [ CF9A178FCC73C6FA5DAD1A262E970F5F ] \Device\Harddisk0\DR0\Partition1
21:35:27.0806 0x0efc \Device\Harddisk0\DR0\Partition1 - ok
21:35:27.0809 0x0efc [ A2B3E58F131D3CB6AA948D00FCBC80D4 ] \Device\Harddisk0\DR0\Partition2
21:35:27.0868 0x0efc \Device\Harddisk0\DR0\Partition2 - ok
21:35:27.0868 0x0efc ================ Scan generic autorun ======================
21:35:27.0963 0x0efc [ A082DE38AC82C5099692ADAA0AEFDDD4, F4D472490CC3E9013C0C740D8D94BA371960C05F2B86659A63A6CA69CAC0671C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:35:28.0088 0x0efc NvBackend - ok
21:35:28.0220 0x0efc [ C2C935DB4D88C5CFF1F4C8DCF940743B, 2457C7EC9273BC59051EA0D2DF1013F71E4C1E2A8469C02653E4215EC062C43E ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
21:35:28.0267 0x0efc COMODO Internet Security - ok
21:35:28.0289 0x0efc [ 191210884CB10B17DA4D627EB2DE9270, 249AA2449BCE5D61747EE2078E154B8676D26676EE39941F0E00261496C660F4 ] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
21:35:28.0352 0x0efc vmware-tray.exe - ok
21:35:28.0400 0x0efc [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:35:28.0488 0x0efc SunJavaUpdateSched - ok
21:35:28.0542 0x0efc [ 1B31D1266691EDD4224B0036449F14B4, A03D67AEF16351D3A4C410759EF58B179DA01A1160F220966510BCA6DCA95AAD ] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
21:35:28.0609 0x0efc BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
21:35:28.0858 0x0efc [ 09266319529C342813EA013E24200568, DEC1DCC14CD08304CF502FE4AD5CC188982705BF7D642A8E0EA239F6CB0CE57D ] C:\Program Files\CCleaner\CCleaner64.exe
21:35:29.0120 0x0efc CCleaner Monitoring - ok
21:35:29.0199 0x0efc [ 9DA1393F5C9350A3CFB039B6EB71A28F, 21DBC6ACFFBDEDAEB97690B83068B054DA9C3C117DF47135CFAA06E91916DBA8 ] C:\Program Files\Sandboxie\SbieCtrl.exe
21:35:29.0234 0x0efc SandboxieControl - ok
21:35:29.0367 0x0efc [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
21:35:29.0514 0x0efc DAEMON Tools Lite Automount - ok
21:35:29.0522 0x0efc Waiting for KSN requests completion. In queue: 52
21:35:30.0522 0x0efc Waiting for KSN requests completion. In queue: 52
21:35:31.0523 0x0efc Waiting for KSN requests completion. In queue: 52
21:35:32.0611 0x0efc AV detected via SS2: COMODO Antivirus, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61000 ( enabled : updated )
21:35:32.0613 0x0efc FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4674 ), 0x61010 ( enabled )
21:35:35.0040 0x0efc ============================================================
21:35:35.0040 0x0efc Scan finished
21:35:35.0040 0x0efc ============================================================
21:35:35.0050 0x12dc Detected object count: 0
21:35:35.0050 0x12dc Actual detected object count: 0
|
|
10.10.2015, 00:18
| #15 |
| /// Malwareteam | xxx ist keine zulässige Win32 Anwendung [gelöst] Hi, Schritt # 1: Services Fixen Downloade dir folgende 2 Dateien auf den Desktop: http://download.bleepingcomputer.com...ices/7/BFE.reg http://download.bleepingcomputer.com.../7/Winmgmt.reg Deaktiviere deinen AV, führe beide Dateien aus und bestätige die Warndialoge. Starte danach den Rechner neu. Schritt # 2: FRST Bitte noch ein frisches FRST Log, mit Additions.txt angehakerlt. Schritt # 3: Fragen Schon mal versucht das Spiel zu de- und neinstallieren? Schon mal versucht mit abgeschaltetem AV das Spiel zu starten? Schritt # 4: Bitte Posten
|
|
| Themen zu xxx ist keine zulässige Win32 Anwendung |
| anwendung, arten, fehler, files, gekauft, geklappt, installation, klicke, klicken, neuauflage, neues, nurnoch, program, spiel, starte, starten, ultima, ultimate, vermute, version, win, win32, windows, windows 7, zulässige |
dann auf 
und dann auf 
. 
Hybrid-Darstellung
