| |
| |||||||
Log-Analyse und Auswertung: Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.12.2015, 00:59
| #1 |
| |  Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam Hallo liebes Trojaner-Board-Team  ich habe einen Laptop mit Windows 8.1, 64bit Version. In letzter Zeit habe ich massive Probleme im Internet (bei allen Browsern). Ständig werden Pop-ups aufgemacht oder Werbungen/Fotos auf der Seite eingebildet. Sätze/Wörte verwandeln sich in Links etc. Mir kommt es so vor, dass dies vor allem/verstärkt bei Google Chrome auftritt. Ich habe nachdem auch mehrere Bedrohungen durch den Virenscanner bei Chrome-Dateien gefunden wurden Chrome deinstalliert und verwende nun Firefox. Der Laptop wird hauptsächlich von meinem jüngeren Bruder verwendet. Ich vermute mal, dass er beim Herunterladen von irgendwelchen Programmen/Spielen etwas eingefangen hat. Ich habe den Rechner vor einigen Tagen bereits mit dem AdwCleaner und Malwarebytes überprüfen lassen. Heute habe ich den Rechner noch einmal überprüft und Malwarebytes hat nichts mehr angezeigt. Im Internet ist mir auch keine Werbung mehr aufgefallen. Es wäre super wenn sich jemand von euch die Logs anschauen könnte, ob da noch was da ist Da sich nicht alle Logs in einem Beitrag ausgehen, poste ich mal die lt. eurer Anleitung und nach der Antwort die bereits vorhandenen (AdwCleaner, Malwarebytes), damit es nicht so aussieht als wäre das Thema bereits in Arbeit. Defogger - keine Fehlermeldung FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015 durchgeführt von User (Administrator) auf AMMAR (05-12-2015 00:25:51) Gestartet von C:\Users\User\Downloads Geladene Profile: User (Verfügbare Profile: User) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{58856E55-A302-5D4E-A2A9-3DE6FB5F3A50}\YSearchUtilSVC.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mega Limited) C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.17994_x64__8wekyb3d8bbwe\glcnd.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [449024 2012-08-29] (Realtek Semiconductor Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-10] (Synaptics Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-23] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\MountPoints2: {4d786bf4-9471-11e5-bea5-6c71d902b968} - "E:\setup.exe" ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-12-02] ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{2BD78AC5-8536-41D0-910F-87651CDCCEBB}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{529FC467-EB76-4E39-A6EC-47637051F0E1}: [DhcpNameServer] 10.40.101.245 10.40.101.246 10.40.101.247 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130935658853419982&GUID=868FEB60-DB5A-8940-2052-53479423E232 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130935658853424095&GUID=868FEB60-DB5A-8940-2052-53479423E232 HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3455799945-794626198-3976200442-1001 -> {38DCA885-A7F3-4F85-8097-46F5B6A6EDAB} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-27] (Microsoft Corporation) BHO: MySearch App -> {41545533-2D43-3300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport_x64.dll" => Keine Datei BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-11-27] (Microsoft Corporation) BHO-x32: MySearch App -> {41545533-2D43-3300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport.dll" => Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-04] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-04] (Oracle Corporation) Toolbar: HKLM - MySearch App - {41545533-2D43-3300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport_x64.dll" Keine Datei Toolbar: HKLM-x32 - MySearch App - {41545533-2D43-3300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport.dll" Keine Datei DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default FF DefaultSearchEngine: Yahoo Web FF Homepage: hxxps://www.google.at/?gfe_rd=cr&ei=V_thVriUH-yk8weL5JWIDw&gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-13] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Keine Datei] FF Plugin HKU\S-1-5-21-3455799945-794626198-3976200442-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\searchplugins\yahoo-ysp.xml [2015-11-22] FF Extension: DiscountExt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\extensions\tnhsukhopwoujqzpmwd@ycsfpmfhqknlaigm.com [2015-05-21] [ist nicht signiert] FF Extension: AllDeaaLApp - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\Extensions\R7sXvm@ZV.net [2015-05-21] [ist nicht signiert] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-11-19] CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24] CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02] CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [38912 2012-09-13] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [48640 2012-08-29] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2015-11-11] (Microsoft Corporation) S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [Datei ist nicht signiert] S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [Datei ist nicht signiert] R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [35328 2012-09-13] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{58856E55-A302-5D4E-A2A9-3DE6FB5F3A50}\YSearchUtilSvc.exe [160536 2015-10-19] (Yahoo Inc.) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-28] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-28] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.) S3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [164720 2012-09-24] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-04] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2014-01-20] (Dritek System Inc.) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-09-06] (Realtek Semiconductor Corp.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [696976 2012-09-06] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software) S3 UCOREW64; C:\Windows\Setup\bit\UCOREW64.sys [14632 2010-08-13] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S1 rfdwozpn; \??\C:\WINDOWS\system32\drivers\rfdwozpn.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-05 00:25 - 2015-12-05 00:26 - 00024326 _____ C:\Users\User\Downloads\FRST.txt 2015-12-05 00:25 - 2015-12-05 00:25 - 02350080 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-12-05 00:25 - 2015-12-05 00:25 - 00000000 ____D C:\FRST 2015-12-05 00:24 - 2015-12-05 00:24 - 00000000 _____ C:\Users\User\defogger_reenable 2015-12-05 00:23 - 2015-12-05 00:23 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe 2015-12-05 00:16 - 2015-12-05 00:16 - 00040500 _____ C:\Users\User\Desktop\malwarebytes.txt 2015-12-04 23:05 - 2015-12-04 23:05 - 00001060 _____ C:\WINDOWS\wininit.ini 2015-12-04 22:03 - 2015-12-04 22:03 - 00568413 _____ C:\Users\User\Downloads\Preisblatt Strom Aqua Garant24.pdf 2015-12-04 21:17 - 2015-12-04 21:17 - 00026000 _____ C:\Users\User\AppData\Local\recently-used.xbel 2015-12-04 15:56 - 2015-12-04 15:56 - 00000000 ____D C:\Users\User\AppData\Local\YSearchUtil 2015-12-04 15:53 - 2015-12-04 15:53 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-12-04 15:53 - 2015-12-04 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-04 15:52 - 2015-12-04 15:52 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-04 15:51 - 2015-12-04 15:51 - 00584288 _____ (Oracle Corporation) C:\Users\User\Downloads\jxpiinstall.exe 2015-12-03 15:49 - 2015-12-03 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-03 15:14 - 2015-12-05 00:24 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-03 15:14 - 2015-12-04 21:24 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-03 15:14 - 2015-12-03 21:19 - 00003890 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-03 15:14 - 2015-12-03 21:19 - 00003654 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-03 15:13 - 2015-12-03 15:13 - 00929872 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe 2015-12-03 15:12 - 2015-12-03 15:12 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-12-03 15:12 - 2015-12-03 15:12 - 00001166 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-12-03 15:12 - 2015-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-02 23:21 - 2015-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-02 23:21 - 2015-12-02 23:21 - 00000000 ____D C:\Users\User\AppData\Local\AVG Web TuneUp 2015-12-02 23:20 - 2015-12-02 23:20 - 00000000 ____D C:\Program Files\AVG Web TuneUp 2015-12-02 23:20 - 2015-12-02 23:20 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2015-12-02 23:13 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-12-02 23:13 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-12-02 23:12 - 2015-12-02 23:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AVG 2015-12-02 23:08 - 2015-12-02 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-12-02 23:02 - 2015-12-02 23:02 - 00000000 ___HD C:\$AVG 2015-12-02 23:01 - 2015-12-04 23:44 - 00000000 ____D C:\ProgramData\MFAData 2015-12-02 23:01 - 2015-12-02 23:01 - 00000000 ____D C:\Users\User\AppData\Local\MFAData 2015-12-02 23:00 - 2015-12-02 23:02 - 00000000 ____D C:\ProgramData\Avg 2015-12-02 23:00 - 2015-12-02 23:01 - 00000000 ____D C:\Program Files (x86)\AVG 2015-12-02 22:59 - 2015-12-02 23:12 - 00000000 ____D C:\Users\User\AppData\Local\Avg 2015-12-02 22:59 - 2015-12-02 23:00 - 00000000 ____D C:\Users\User\AppData\Local\AvgSetupLog 2015-12-02 22:45 - 2015-12-02 22:46 - 01466656 _____ C:\Users\User\Downloads\HijackThis - CHIP-Installer (1).exe 2015-12-02 22:42 - 2015-12-02 22:43 - 01466656 _____ C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe 2015-12-02 22:25 - 2015-12-02 23:11 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-02 22:17 - 2015-12-02 22:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2015-12-02 22:16 - 2015-12-04 23:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-02 22:16 - 2015-12-02 23:30 - 00001410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-12-02 22:16 - 2015-12-02 22:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-12-02 22:16 - 2015-12-02 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-12-02 22:16 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-12-02 22:15 - 2015-12-04 23:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-02 22:10 - 2015-12-02 23:39 - 00000000 ____D C:\Users\User\Desktop\ANTI VIRUS 2015-12-02 22:08 - 2015-12-02 22:09 - 01466656 _____ C:\Users\User\Downloads\AVG AntiVirus Free 64 Bit - CHIP-Installer.exe 2015-12-02 22:06 - 2015-12-02 22:06 - 01466656 _____ C:\Users\User\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe 2015-12-02 22:05 - 2015-12-02 22:06 - 01466656 _____ C:\Users\User\Downloads\SpyBot Search Destroy - CHIP-Installer.exe 2015-12-02 21:59 - 2015-12-02 21:59 - 00000000 ____D C:\Users\User\AppData\Roaming\VSRevoGroup 2015-12-02 21:54 - 2015-12-02 21:55 - 01736704 _____ C:\Users\User\Downloads\adwcleaner_5.023.exe 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ___HD C:\Program Files\CanonBJ 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2100 series 2015-11-30 16:36 - 2015-11-30 16:36 - 00444817 _____ C:\Users\User\Downloads\5 4 3 2 1 countdown + voice.mp4 2015-11-30 15:45 - 2015-11-30 15:45 - 00178925 _____ C:\Users\User\Downloads\DAAAMN!!! ᴴᴰ.mp4 2015-11-30 14:47 - 2015-11-30 14:47 - 00385591 _____ C:\Users\User\Downloads\BOOM BITCH GET OUT THE WAY! - Vine - Funny.mp4 2015-11-30 14:23 - 2015-11-30 14:23 - 33179398 _____ C:\Users\User\Downloads\IntroTamplate.zip 2015-11-30 14:08 - 2015-11-30 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Publish Providers 2015-11-30 14:04 - 2015-11-30 14:04 - 00000000 ____D C:\Users\User\Tracing 2015-11-30 14:03 - 2015-11-30 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-29 22:25 - 2015-11-29 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-11-29 22:25 - 2015-11-29 22:25 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-11-29 22:10 - 2015-12-02 23:29 - 00001287 _____ C:\Users\User\Desktop\Revo Uninstaller.lnk 2015-11-29 22:10 - 2015-11-29 22:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-11-29 22:07 - 2015-11-29 22:08 - 01466656 _____ C:\Users\User\Downloads\Revo Uninstaller - CHIP-Installer.exe 2015-11-29 12:33 - 2015-11-29 12:33 - 00938324 _____ C:\Users\User\Downloads\Thumbnail Rahmen Pack (by Exa).rar 2015-11-29 12:21 - 2015-12-03 22:10 - 00000000 ____D C:\Users\User\AppData\Local\Sony 2015-11-29 12:20 - 2015-11-30 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony 2015-11-29 12:14 - 2015-11-29 12:15 - 411073984 _____ (Sony Creative Software Inc.) C:\Users\User\Downloads\Sony Vegas Pro 13.exe 2015-11-28 22:04 - 2015-11-28 22:04 - 00000000 ____D C:\Users\User\AppData\Local\EMU 2015-11-28 22:02 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2015-11-28 21:55 - 2015-11-28 21:55 - 00047160 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2015-11-28 21:51 - 2015-11-28 21:57 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite 2015-11-28 21:51 - 2015-11-28 21:55 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2015-11-28 21:51 - 2015-11-28 21:55 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-11-28 21:51 - 2015-11-28 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-11-28 21:41 - 2015-11-28 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\User\Downloads\DT101LiteInstaller.exe 2015-11-28 20:01 - 2015-11-28 21:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-11-28 19:58 - 2015-11-28 19:59 - 13146016 _____ (Disc Soft Ltd) C:\Users\User\Downloads\DTLite501-0406.exe 2015-11-28 19:56 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2015-11-28 19:56 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2015-11-28 19:55 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2015-11-28 19:55 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2015-11-28 19:55 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2015-11-28 19:55 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll 2015-11-28 19:55 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll 2015-11-28 19:55 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll 2015-11-28 19:55 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll 2015-11-28 19:22 - 2015-11-28 19:46 - 1849327616 _____ C:\Users\User\Downloads\flt-role.iso 2015-11-28 19:08 - 2015-11-28 19:08 - 00000000 ____D C:\ProgramData\LumaEmu_SteamCloud 2015-11-28 19:07 - 2015-11-28 19:07 - 00000000 ___SH C:\Users\User\AppData\Local\LumaEmu 2015-11-28 18:27 - 2015-11-28 18:58 - 1913126389 _____ C:\Users\User\Downloads\GMOD 13.2(2).rar 2015-11-28 11:05 - 2015-11-28 11:05 - 00452426 _____ C:\Users\User\Downloads\Ha GAY!!! (1).mp4 2015-11-28 11:04 - 2015-11-28 11:05 - 01167415 _____ C:\Users\User\Downloads\epic black man crying.mp4 2015-11-28 11:03 - 2015-11-28 11:03 - 05560509 _____ C:\Users\User\Downloads\Black People React.mp4 2015-11-28 11:02 - 2015-11-28 11:02 - 00088903 _____ C:\Users\User\Downloads\Facepalm Scene Original.mp4 2015-11-28 11:00 - 2015-11-28 11:00 - 00310728 _____ C:\Users\User\Downloads\Alter Mann sagt WoW - Wally.mp4 2015-11-27 22:22 - 2015-12-04 21:03 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0 2015-11-27 22:18 - 2015-12-04 21:17 - 00000000 ____D C:\Users\User\.gimp-2.8 2015-11-27 22:18 - 2015-12-02 23:30 - 00000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-11-27 22:18 - 2015-11-27 22:18 - 00000000 ____D C:\Users\User\AppData\Local\gegl-0.2 2015-11-27 22:18 - 2015-11-27 22:18 - 00000000 ____D C:\Users\User\AppData\Local\fontconfig 2015-11-27 22:16 - 2015-11-27 22:18 - 00000000 ____D C:\Program Files\GIMP 2 2015-11-27 22:14 - 2015-11-27 22:16 - 96819488 _____ (The GIMP Team ) C:\Users\User\Downloads\gimp-2.8.16-setup.exe 2015-11-27 21:55 - 2015-11-29 17:34 - 00000000 ____D C:\Users\User\Desktop\Adian 2015-11-25 20:57 - 2015-11-25 20:57 - 00000000 ____D C:\Users\User\AppData\LocalLow\PlayfulCorp 2015-11-25 20:57 - 2015-11-25 20:57 - 00000000 ____D C:\ProgramData\.mono 2015-11-25 15:22 - 2015-11-25 15:22 - 02696192 _____ C:\Users\User\Downloads\DirtyHooah_[www.unknowncheats.me]_ (1).dll 2015-11-24 22:08 - 2015-11-24 22:08 - 02719232 _____ C:\Users\User\Downloads\DirtyHooah_[www.unknowncheats.me]_.dll 2015-11-24 19:09 - 2015-11-24 19:10 - 01820422 _____ C:\Users\User\Downloads\Breeze 2.zip 2015-11-24 19:05 - 2015-11-24 19:07 - 08718628 _____ C:\Users\User\Downloads\minecraft_server.1.8.8 (1).exe 2015-11-24 18:24 - 2015-12-02 22:24 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape 2015-11-24 17:17 - 2015-11-24 17:20 - 08173005 _____ C:\Users\User\Downloads\Huzuni 3.5.zip 2015-11-24 16:49 - 2015-11-24 16:51 - 05225026 _____ C:\Users\User\Downloads\huzuni.zip 2015-11-23 15:17 - 2015-11-23 15:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Shooter 2015-11-23 15:07 - 2015-11-28 22:04 - 00000000 ____D C:\Users\User\Documents\My Games 2015-11-22 21:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2015-11-22 21:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2015-11-22 20:55 - 2015-12-02 22:13 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2015-11-22 20:49 - 2015-11-22 20:52 - 50495272 _____ (Hi-Rez Studios) C:\Users\User\Downloads\InstallPaladins.exe 2015-11-22 18:12 - 2015-11-22 18:12 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Agarp 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\.oracle_jre_usage 2015-11-22 18:04 - 2015-11-22 18:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle 2015-11-22 18:02 - 2015-11-22 18:02 - 00471479 _____ () C:\Users\User\Downloads\agarp.exe 2015-11-21 18:13 - 2015-11-21 18:13 - 00002449 _____ C:\Users\User\Downloads\SkypeVoiceChanger132 (1).zip 2015-11-21 17:16 - 2015-11-21 17:16 - 01466656 _____ C:\Users\User\Downloads\Skype Voice Changer - CHIP-Installer.exe 2015-11-21 17:16 - 2015-11-21 17:16 - 00002449 _____ C:\Users\User\Downloads\SkypeVoiceChanger132.zip 2015-11-21 17:12 - 2015-12-04 14:33 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi 2015-11-21 17:12 - 2015-11-21 17:12 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn 2015-11-21 17:12 - 2015-11-21 17:12 - 00000000 ____D C:\ProgramData\LogMeIn 2015-11-21 17:07 - 2015-11-21 17:09 - 08716288 _____ C:\Users\User\Downloads\hamachi220383.msi 2015-11-20 21:01 - 2015-11-20 21:01 - 01247112 _____ (Mojang) C:\Users\User\Downloads\Minecraft.exe 2015-11-20 20:38 - 2015-12-04 20:58 - 00000000 ____D C:\Users\User\Desktop\AMMAR 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\Documents\FlashIntegro 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\AppData\Roaming\VideoEditor 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\AppData\Roaming\FlashIntegro 2015-11-20 09:35 - 2014-12-09 12:21 - 00081792 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter2.ax 2015-11-20 09:35 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll 2015-11-20 09:35 - 2005-08-01 18:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax 2015-11-20 09:35 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2015-11-20 09:35 - 2004-09-06 15:06 - 00053248 _____ C:\WINDOWS\SysWOW64\xvid.ax 2015-11-20 09:35 - 2004-07-03 20:08 - 00139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll 2015-11-20 09:35 - 2004-07-03 19:59 - 00524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll 2015-11-20 09:35 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm 2015-11-20 09:35 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll 2015-11-20 09:35 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax 2015-11-20 09:35 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll 2015-11-20 09:35 - 2003-05-21 22:50 - 00156910 _____ C:\WINDOWS\WMSysPr8.prx 2015-11-20 09:35 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm 2015-11-20 09:35 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm 2015-11-20 09:35 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2015-11-20 09:35 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX 2015-11-20 09:35 - 2003-03-18 22:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2015-11-20 09:35 - 2003-02-21 02:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2015-11-20 09:35 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll 2015-11-20 09:35 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm 2015-11-20 09:13 - 2015-11-20 09:13 - 01466656 _____ C:\Users\User\Downloads\VSDC Free Video Editor - CHIP-Installer.exe 2015-11-19 18:50 - 2015-11-19 18:57 - 02726840 _____ C:\Users\User\Downloads\0000-0300.avi 2015-11-19 18:41 - 2015-11-19 18:43 - 02266784 _____ C:\Users\User\Downloads\TEMPLATE WITH TROWN2.blend 2015-11-19 17:13 - 2015-12-02 23:29 - 00000000 ____D C:\Users\User\AppData\Roaming\Nico Mak Computing 2015-11-19 17:12 - 2015-11-19 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2015-11-19 17:12 - 2015-11-19 17:12 - 00000000 ____D C:\Program Files (x86)\Bandicam 2015-11-19 17:12 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL 2015-11-19 17:04 - 2015-11-19 17:09 - 15708072 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup_2.4.1.903.exe 2015-11-19 17:03 - 2015-11-19 17:08 - 17089408 _____ (DsNET Corp ) C:\Users\User\Downloads\aTube_Catcher_3.8.7980.exe 2015-11-17 17:45 - 2015-11-17 17:45 - 21301260 _____ C:\Users\User\Downloads\Banner Vorlage BaumBlau.psd 2015-11-17 17:21 - 2015-11-17 17:21 - 25123276 _____ C:\Users\User\Downloads\intro template by BlockArts Blendaa only.blend 2015-11-17 17:11 - 2015-11-17 17:11 - 01298936 _____ C:\Users\User\Downloads\StorepoxArts TEMPLATE19.rar 2015-11-15 18:49 - 2015-11-15 18:49 - 00017069 _____ C:\Users\User\Downloads\00702054222_20140101_20141231.csv 2015-11-15 18:48 - 2015-11-15 18:48 - 00015505 _____ C:\Users\User\Downloads\00702054222_20150101_20151115 (1).csv 2015-11-15 18:47 - 2015-11-15 18:47 - 00015505 _____ C:\Users\User\Downloads\00702054222_20150101_20151115.csv 2015-11-15 18:40 - 2015-11-15 18:40 - 00000000 ____D C:\Program Files (x86)\Samsung 2015-11-15 18:39 - 2015-11-15 18:39 - 15073546 _____ C:\Users\User\Downloads\AllShare_Control_PC_SW_EN_32bit.zip 2015-11-15 18:15 - 2015-11-15 18:22 - 626223629 _____ C:\Users\User\Downloads\ArchiDroid_V3.0.2-i9300.zip 2015-11-15 18:02 - 2015-11-15 18:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2015-11-15 14:08 - 2015-11-15 14:10 - 19556711 _____ C:\Users\User\Downloads\spigot_server.jar 2015-11-15 13:41 - 2015-11-15 13:41 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia 2015-11-14 10:58 - 2015-11-14 11:08 - 93142312 _____ C:\Users\User\Downloads\Top_Body.rar 2015-11-13 22:42 - 2015-11-13 22:42 - 00000000 ____D C:\Program Files\Pixum 2015-11-13 22:36 - 2015-11-13 22:37 - 01631584 _____ C:\Users\User\Downloads\setup_Pixum_Fotowelt.exe 2015-11-13 22:35 - 2015-12-05 00:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-13 22:35 - 2015-11-13 22:35 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-11-13 21:17 - 2015-11-13 21:38 - 329097008 _____ C:\Users\User\Downloads\HOFER_Bestellsoftware_Setup.exe 2015-11-13 15:29 - 2015-11-13 15:34 - 08718628 _____ C:\Users\User\Downloads\minecraft_server.1.8.8.exe 2015-11-12 21:39 - 2015-11-12 21:40 - 01316185 _____ C:\Users\User\Downloads\worldguard-6.1.jar 2015-11-12 21:39 - 2015-11-12 21:39 - 01583804 _____ C:\Users\User\Downloads\worldedit-bukkit-6.1.jar 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-11-12 21:29 - 2015-11-12 21:31 - 04103179 _____ C:\Users\User\Downloads\npp.6.8.6.Installer.exe 2015-11-12 15:10 - 2015-11-12 15:10 - 77881318 _____ C:\Users\User\Downloads\Null Leak by PreHacker.zip 2015-11-12 14:39 - 2015-11-12 14:39 - 00000000 ____D C:\Users\User\Icarus 2015-11-12 14:31 - 2015-11-12 14:31 - 07321270 _____ C:\Users\User\Downloads\Icarus Leak by PreHacker.zip 2015-11-12 14:28 - 2015-11-12 14:28 - 00000824 _____ C:\Users\User\Documents\hosts.txt 2015-11-12 14:27 - 2015-11-12 14:27 - 00000000 ____D C:\Users\User\Documents\MEGAsync Downloads 2015-11-12 14:26 - 2015-11-12 21:45 - 00000000 ___RD C:\Users\User\Documents\MEGA 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Local\MEGAsync 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Local\Mega Limited 2015-11-12 14:19 - 2015-11-12 14:19 - 00000273 _____ C:\Users\User\Downloads\ICarus Crack.bat 2015-11-12 14:16 - 2015-11-12 14:19 - 09989712 _____ (MEGA Limited) C:\Users\User\Downloads\MEGAsyncSetup.exe 2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys 2015-11-11 21:38 - 2015-11-11 21:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-11-11 21:35 - 2015-11-11 21:37 - 63340400 _____ C:\Users\User\Downloads\Minecraft launcher Team Extreme.rar 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\system32\msmq 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2015-11-11 15:26 - 2015-11-11 15:27 - 10776447 _____ C:\Users\User\Downloads\Minecraft_HD_64x1.8.8..zip 2015-11-10 20:31 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-10 20:31 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-10 20:31 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2015-11-10 20:31 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-11-10 20:31 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-11-10 20:31 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-11-10 20:31 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-11-10 20:31 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-11-10 20:31 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-11-10 20:31 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-11-10 20:31 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-11-10 20:31 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-11-10 20:31 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2015-11-10 20:31 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-11-10 20:31 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-11-10 20:31 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-11-10 20:31 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-11-10 20:31 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2015-11-10 20:31 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-11-10 20:31 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-11-10 20:31 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2015-11-10 20:31 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2015-11-10 20:30 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-10 20:30 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-11-10 20:30 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-11-10 20:30 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-11-10 20:30 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-11-10 20:30 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-11-10 20:30 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-11-10 20:30 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-10 20:30 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-10 20:30 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-10 20:30 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-11-10 20:30 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-11-10 20:30 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-11-10 20:30 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-11-10 20:30 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-11-10 20:29 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-10 20:29 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-11-10 20:29 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-11-10 20:29 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-10 20:29 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-10 20:29 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-11-10 20:29 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-10 20:29 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-11-10 20:29 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-10 20:29 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-11-10 20:29 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-11-10 20:29 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-10 20:29 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-11-10 20:29 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-11-10 20:29 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-11-10 20:29 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-11-10 20:29 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-10 20:29 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-10 20:29 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-11-10 20:29 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-11-10 20:29 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-10 20:29 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-11-10 20:28 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-11-10 20:28 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-11-10 20:28 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-11-10 20:28 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-11-10 20:28 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-11-10 20:28 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-11-10 20:28 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-11-10 20:28 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-11-09 17:27 - 2015-11-27 22:21 - 00000000 ____D C:\Users\User\.thumbnails 2015-11-09 17:27 - 2015-11-09 17:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Blender Foundation 2015-11-09 17:25 - 2015-11-09 17:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2015-11-09 17:25 - 2015-11-09 17:25 - 00000000 ____D C:\Program Files\Blender Foundation 2015-11-09 17:23 - 2015-11-09 17:23 - 83674076 _____ C:\Users\User\Downloads\blender-2.76b-windows64.msi 2015-11-09 17:20 - 2015-11-09 17:21 - 31691811 _____ C:\Users\User\Downloads\BEST Blender Intro Template By WakashawMotionDesign 2.zip 2015-11-09 17:16 - 2015-11-09 17:17 - 11983670 _____ C:\Users\User\Downloads\5 Free Intro Templates (Windows Movie Maker).mp4 2015-11-08 20:41 - 2015-12-02 23:30 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-11-08 20:21 - 2015-11-08 20:21 - 00000000 ____D C:\Users\User\Documents\MAGIX Downloads 2015-11-08 19:45 - 2015-11-08 20:21 - 00000000 ____D C:\Users\User\AppData\Roaming\MAGIX 2015-11-08 19:44 - 2015-11-08 20:22 - 00000000 ___RD C:\Users\User\Documents\MAGIX 2015-11-08 19:43 - 2015-11-29 23:14 - 00000000 ____D C:\ProgramData\MAGIX 2015-11-08 19:43 - 2015-11-08 19:43 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2015-11-08 19:32 - 2015-11-08 20:45 - 00679896 _____ C:\Users\User\Downloads\Nicht bestätigt 66316.crdownload 2015-11-08 19:32 - 2015-11-08 19:38 - 435272856 _____ (MAGIX Software GmbH) C:\Users\User\Downloads\music_maker_2016_dlv_chip_de_20150917_16-00.exe 2015-11-08 19:29 - 2015-11-08 20:45 - 119252368 _____ (MAGIX AG) C:\Users\User\Downloads\Nicht bestätigt 895426.crdownload 2015-11-08 19:22 - 2015-11-08 20:45 - 361419726 _____ (Image-Line) C:\Users\User\Downloads\Nicht bestätigt 621655.crdownload 2015-11-08 19:22 - 2015-11-08 20:45 - 05147216 _____ (Image-Line) C:\Users\User\Downloads\Nicht bestätigt 701303.crdownload 2015-11-08 13:40 - 2015-11-08 13:40 - 01383844 _____ C:\Users\User\Downloads\usb_nicht_erkannt.pdf 2015-11-07 18:26 - 2015-11-07 18:27 - 00000000 ____D C:\Users\User\Documents\OneNote-Notizbücher 2015-11-07 17:38 - 2015-12-04 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-07 17:37 - 2015-12-04 14:15 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-11-07 17:37 - 2015-11-07 17:37 - 01107136 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.de-DE_O365ProPlusRetail_405e2c1e-adf5-4c39-804a-8d0c54a951b6_TX_PR_b_3_.exe 2015-11-07 09:14 - 2015-12-02 22:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera Software 2015-11-07 09:14 - 2015-12-02 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Opera Software ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-05 00:25 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-04 21:08 - 2014-09-02 10:43 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001 2015-12-04 19:41 - 2014-09-05 16:27 - 00000000 ____D C:\Users\User\OneDrive 2015-12-04 19:40 - 2014-01-20 21:20 - 00000000 ____D C:\ProgramData\Realtek 2015-12-04 15:55 - 2014-09-02 11:04 - 00000000 ____D C:\ProgramData\Oracle 2015-12-04 15:38 - 2014-09-09 13:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity 2015-12-04 14:55 - 2014-09-09 12:26 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft 2015-12-04 14:32 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-04 14:32 - 2013-08-22 15:44 - 00555584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-04 14:31 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-04 14:19 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-04 14:18 - 2014-09-02 11:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-03 22:00 - 2015-01-14 19:43 - 00000000 ____D C:\AdwCleaner 2015-12-03 19:55 - 2015-01-17 18:36 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2015-12-03 19:10 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-03 16:06 - 2014-09-02 12:34 - 00000000 ____D C:\WINDOWS\AutoKMS 2015-12-02 23:48 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2015-12-02 23:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\addins 2015-12-02 23:30 - 2015-02-20 13:39 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2015-12-02 23:30 - 2015-02-17 11:02 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-12-02 23:30 - 2015-02-17 11:02 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-12-02 23:30 - 2015-02-13 17:41 - 00002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2015-12-02 23:30 - 2015-02-13 17:38 - 00001555 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-12-02 23:30 - 2015-02-13 17:38 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-12-02 23:30 - 2015-01-17 18:36 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-02 23:30 - 2014-09-02 11:15 - 00000938 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-12-02 23:30 - 2014-09-02 10:36 - 00001457 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-12-02 23:30 - 2014-09-02 10:26 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-02 23:30 - 2014-09-02 10:22 - 00000469 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-12-02 23:30 - 2014-09-02 10:22 - 00000467 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-12-02 23:29 - 2015-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\SystemContinue 2015-12-02 23:29 - 2014-09-02 11:05 - 00000000 ____D C:\ProgramData\Adobe 2015-12-02 23:29 - 2014-09-02 11:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-02 23:16 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-02 23:08 - 2015-02-13 17:41 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software 2015-12-02 23:07 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-02 22:54 - 2014-09-02 07:27 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore 2015-12-02 22:38 - 2015-06-08 15:51 - 00000000 ____D C:\Program Files (x86)\PageEdit 2015-12-02 22:25 - 2014-09-05 16:33 - 00000000 ____D C:\Users\User\AppData\Local\Deployment 2015-12-02 22:24 - 2015-01-17 18:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-02 22:14 - 2015-01-14 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-02 22:14 - 2015-01-14 20:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-02 22:13 - 2014-01-20 21:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-30 14:14 - 2014-09-02 12:34 - 00003510 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2015-11-30 14:03 - 2015-01-17 18:36 - 00000000 ____D C:\ProgramData\Skype 2015-11-29 23:05 - 2015-05-25 07:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-29 23:05 - 2015-05-25 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-29 22:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries 2015-11-29 21:46 - 2014-09-09 13:28 - 00000000 ____D C:\Users\User\Documents\Bandicam 2015-11-28 11:58 - 2014-03-18 11:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-28 11:58 - 2014-03-18 10:25 - 00765542 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-28 11:58 - 2014-03-18 10:25 - 00159362 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-23 14:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-22 21:29 - 2015-05-25 13:34 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-21 16:53 - 2015-03-28 11:54 - 00000000 ____D C:\Users\User\AppData\Roaming\.technic 2015-11-20 21:01 - 2015-02-13 15:48 - 00001186 _____ C:\Users\User\Downloads\nativelog.txt 2015-11-20 21:01 - 2015-02-13 15:48 - 00000000 ____D C:\Users\User\Downloads\game 2015-11-19 22:41 - 2015-02-13 17:50 - 00004597 _____ C:\Users\User\FreeYouTubeToMP3Converter.xml 2015-11-19 22:14 - 2015-02-13 17:38 - 00000240 _____ C:\Users\User\updhelper.xml 2015-11-15 13:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2015-11-13 22:35 - 2014-09-02 11:11 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2015-11-12 22:23 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-11-12 21:43 - 2015-02-20 13:05 - 00000102 _____ C:\Users\User\AppData\default.pls 2015-11-12 20:24 - 2014-01-20 22:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-12 20:13 - 2014-01-20 22:37 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-11 15:31 - 2015-05-17 18:57 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll 2015-11-11 15:31 - 2015-05-17 18:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll 2015-11-11 15:31 - 2015-05-17 18:56 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll 2015-11-11 15:31 - 2015-05-17 18:53 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2015-11-11 15:31 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2015-11-11 15:31 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2015-11-11 15:31 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2015-11-11 15:31 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2015-11-11 15:31 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2015-11-11 15:31 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2015-11-11 15:31 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2015-11-11 15:31 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2015-11-11 15:31 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2015-11-11 15:31 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2015-11-11 15:31 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2015-11-11 15:31 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-11-11 15:31 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2015-11-11 15:31 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-11-11 15:31 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2015-11-11 15:31 - 2013-08-22 00:55 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2015-11-11 15:30 - 2015-05-17 18:57 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll 2015-11-11 15:30 - 2015-05-17 18:56 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll 2015-11-11 15:30 - 2015-05-17 18:54 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2015-11-11 15:30 - 2015-05-17 18:51 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll 2015-11-11 15:30 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2015-11-11 15:30 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2015-11-11 15:30 - 2013-08-22 07:59 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2015-11-08 20:42 - 2014-09-09 13:12 - 00000000 ____D C:\Program Files (x86)\Audacity 2015-11-08 19:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help 2015-11-07 09:15 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-22 15:41 - 2015-08-13 20:11 - 0000024 _____ () C:\Users\User\AppData\Roaming\appdataFr25.bin 2014-09-02 07:27 - 2015-12-04 19:41 - 0054111 _____ () C:\Users\User\AppData\Local\BTServer.log 2015-01-12 20:53 - 2015-01-12 20:53 - 0000010 _____ () C:\Users\User\AppData\Local\DSI.DAT 2015-11-28 19:07 - 2015-11-28 19:07 - 0000000 ___SH () C:\Users\User\AppData\Local\LumaEmu 2014-12-27 11:01 - 2014-12-27 11:01 - 0613057 _____ (CMI Limited) C:\Users\User\AppData\Local\nsb17DC.tmp 2014-12-27 11:19 - 2014-12-27 11:19 - 0613057 _____ (CMI Limited) C:\Users\User\AppData\Local\nsm3885.tmp 2015-12-04 21:17 - 2015-12-04 21:17 - 0026000 _____ () C:\Users\User\AppData\Local\recently-used.xbel 2015-01-12 20:34 - 2015-01-13 20:53 - 0761485 _____ () C:\ProgramData\ChromeTabExtension.crx Einige Dateien in TEMP: ==================== C:\Users\User\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-28 17:58 ==================== Ende von FRST.txt ============================ Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von User (2015-12-05 00:27:29)
Gestartet von C:\Users\User\Downloads
Windows 8.1 (X64) (2014-09-02 09:35:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3455799945-794626198-3976200442-500 - Administrator - Disabled)
Gast (S-1-5-21-3455799945-794626198-3976200442-501 - Limited - Disabled)
User (S-1-5-21-3455799945-794626198-3976200442-1001 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
AVG (Version: 16.7.7226 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4477 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.7.7226 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.1.951 - AVG Technologies)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.4.1.903 - Bandisoft.com)
Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - Canon Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3455799945-794626198-3976200442-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
20-11-2015 09:35:26 Uniblue PC Mechanic installation
21-11-2015 17:10:29 Installed LogMeIn Hamachi
22-11-2015 20:54:29 Installed Hi-Rez Studios Games
28-11-2015 19:53:19 DirectX wurde installiert
29-11-2015 22:32:28 Revo Uninstaller's restore point - HOFER Bestellsoftware
02-12-2015 22:00:45 Revo Uninstaller's restore point - Bandisoft MPEG-1 Decoder
03-12-2015 22:07:08 Removed Java 7 Update 75 (64-bit)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2015-11-12 14:32 - 00000970 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.andrewthehax0r.xyz
127.0.0.1 andrewshost.net
127.0.0.1 www.andrewthehax0r.xyz
127.0.0.1 andrewshost.net
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {12E43200-F07B-4626-B40B-90BB2A22658B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-11-27] (Microsoft Corporation)
Task: {2584B5DE-9418-42B8-A3BE-1560FAE88DEE} - System32\Tasks\{E6331D2A-8572-416E-9B07-7020739809E6} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/go/help.faq.installer?LastError=1638
Task: {2F1A789E-0676-4401-9518-AC923CD0F8E3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {4E1FBD54-C3B5-4A17-B5BF-C3751F14C615} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {4EE3072A-7ADD-4CD5-9735-E75FD9027B49} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {7636670B-6A31-4F9D-9FBA-53BE0851C4B7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {79F60833-359B-400C-9003-E4081E922996} - System32\Tasks\{032808C4-ED07-4B5E-93E3-D7158C989DA0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/go/help.faq.installer?LastError=1638
Task: {818D70D9-4037-4EB0-8AAF-3F0EACCA7576} - System32\Tasks\{5AE09AAF-97CC-4094-B99D-9CFF5603E4B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/go/help.faq.installer?LastError=1638
Task: {94675CA2-7E6F-4205-A692-6DE72ED4A4A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {9BF165CC-1F9C-43E6-9CE4-AE9955E0869D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {A8405224-7BF4-4654-B714-D683AE60108C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation)
Task: {D1AD50F6-7737-410B-814E-D277E53DECBB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {D37D25B3-6A85-4645-8705-436FFE7051A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {F58F1F65-0FB0-4D33-B3E5-B27CE81B070A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-27] (Microsoft Corporation)
Task: {F688A3AA-552C-45A2-8234-2B06D146E069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {F91DE262-2696-40D6-AEA4-4F54DC7FB31E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-27] (Microsoft Corporation)
Task: {FEB5D689-9CE3-436F-BA5A-3B4987F27CC8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-20 21:20 - 2012-08-29 23:40 - 00048640 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2015-12-04 14:14 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-02 22:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-02 22:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-02 22:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-02 22:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-02 22:16 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-20 21:11 - 2012-07-18 09:07 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-02 23:00 - 2015-04-07 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{58C187DA-18A2-4B2A-8C9E-08CAF47D4BE3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{223DD61C-72C5-4532-98C0-82216BC686D0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B4E18897-C917-468D-83C1-E6BE7C322E3C}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{2508526D-2FC6-4E13-8328-AF9E4FD2BFDD}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{CBE1091A-DBE7-436E-9E4C-E0FF9A451A26}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D8FE2524-1F11-46D9-8822-23AD23E095C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FFC34173-5916-4C82-AEEB-164979ACF172}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{FB503E07-BC29-44D6-A64F-0C1B514B9151}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{FEC860B5-FBF6-4A0D-AB9D-477F3770F219}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{2F0EA8EB-F9DE-4624-A8D3-7151794C0F44}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{D8010B3F-2ECB-4423-95E9-63336922828A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{4436741F-D4FD-471D-BF09-8CA421428E3F}] => (Allow) LPort=2869
FirewallRules: [{A9772732-0246-421D-9BE8-93A0BA4BE5AE}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{718E41D1-81C1-4BEE-A685-E80C0FA747F6}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5984CA82-DB59-464D-B4A5-0C9AD6B12E6F}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{98FEB0DD-2026-4198-958F-5F413311DAE3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{71BC2BB0-17E7-4DFE-8AD9-DF3B1A49932F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{6E05720F-AE34-453D-88C4-A9BA14EE475B}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{C935A717-5A55-45CD-9606-07C971FB54D0}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{24D7E573-437D-4CE0-A936-64717EF9351C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{902E764F-8497-41A6-96B1-922B3BF4DEEA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{29FBCE7E-1805-409D-A2F6-B96FCB38C47D}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{C9CDE5B9-5AD8-4B7F-9B5A-63E304A11C8A}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C09E88DB-B46B-469E-85A4-F6B3A145AB56}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{05EBD917-8B65-418E-9AFA-B762564CAD27}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{DA4706C5-60D9-4760-97E4-364DDD4B2FD9}] => (Allow) LPort=7878
FirewallRules: [{EBAA4B51-E821-4DB9-A3ED-442E8D3CE4D8}] => (Allow) LPort=20102
FirewallRules: [{4A6FD496-D1D1-4469-988C-F1D6B8B527CD}] => (Allow) LPort=1900
FirewallRules: [{EF9A280A-029E-424E-849D-A92B63D4495D}] => (Allow) C:\Program Files (x86)\Samsung\AllShare Control\AllShare Control PC.exe
FirewallRules: [{D34DF3B8-3553-4132-9656-25690E8C6625}] => (Allow) C:\Program Files (x86)\Samsung\AllShare Control\AllShare Control PC.exe
FirewallRules: [TCP Query User{2586573C-A035-4F12-8086-15E734F1FE22}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{95795CBE-E9AB-4B87-BC69-A1F68B8D3E50}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{BDA140B1-0F1E-43E1-9E2A-80EE988A2EA4}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{1FE2EF0A-F432-48E8-A245-686477C78C3A}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{1B74168E-0676-4F59-B15A-9C690ECC29B0}C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe] => (Allow) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe
FirewallRules: [UDP Query User{16E9EDA2-2BCB-40E4-92DC-892574522064}C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe] => (Allow) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe
FirewallRules: [{71C0A67E-7B91-43F2-B385-CC96C1A436D5}] => (Block) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe
FirewallRules: [{2DDD642B-5C8B-4D7E-802D-255913758C52}] => (Block) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe
FirewallRules: [{D4A739FD-F5D6-4BE5-942B-4B550D5D4E1F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{954080D7-1800-4C9D-A183-16BD51F62F5A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{681E195D-CB8B-45C8-86C2-BDE08C33B85E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{6EC1C995-CE20-4A9B-9BCC-5FA008AFDC48}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{CA490777-BCBE-4D63-AF44-B1FAFBC47FB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{B1ABA552-AE94-4F28-A80B-7EE3304755AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{01F6481E-B06E-485D-89B5-FE5337B6CE7C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{ECBF50EA-6952-4E92-8A62-F4717EFC8C00}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{1D3C5076-EC29-472E-8317-6E55FD7E4067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8DD545C2-C2B1-4E8E-8E11-7D48B20ED59F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B70B2C20-72E9-479F-87B6-A6335FD31724}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C28AF11A-3A70-48D7-B131-C7F61AADFBCA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{A19424E3-0351-4941-9B25-C573EB85B16B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F1B2EF0E-536F-4D22-AEB1-6C0CD2020248}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/04/2015 11:22:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (12/04/2015 09:41:13 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (12/04/2015 03:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0
Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b6001
ID des fehlerhaften Prozesses: 0x10b4
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5
Error: (12/04/2015 03:33:26 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.660.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 10d8
Startzeit: 01d12e9ffe0d8759
Endzeit: 201
Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
Berichts-ID: f59f6f67-9a93-11e5-beac-6c71d902b968
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/04/2015 03:27:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.660.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1268
Startzeit: 01d12e9dc5c67cff
Endzeit: 18
Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
Berichts-ID: 2e8ac933-9a93-11e5-beac-6c71d902b968
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/04/2015 03:12:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0
Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b6001
ID des fehlerhaften Prozesses: 0x18e4
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5
Error: (12/04/2015 03:07:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0
Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001b6001
ID des fehlerhaften Prozesses: 0x12c8
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3
Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5
Error: (12/03/2015 10:05:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller, Version: 4.2.1.951, Zeitstempel: 0x564dd806
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5904
ID des fehlerhaften Prozesses: 0x1398
Startzeit der fehlerhaften Anwendung: 0xUNINSTALL.exe_AVG Uninstaller0
Pfad der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller1
Pfad des fehlerhaften Moduls: UNINSTALL.exe_AVG Uninstaller2
Berichtskennung: UNINSTALL.exe_AVG Uninstaller3
Vollständiger Name des fehlerhaften Pakets: UNINSTALL.exe_AVG Uninstaller4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UNINSTALL.exe_AVG Uninstaller5
Error: (12/03/2015 10:05:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller, Version: 4.2.1.951, Zeitstempel: 0x564dd806
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e
Ausnahmecode: 0xc0000374
Fehleroffset: 0x000e5904
ID des fehlerhaften Prozesses: 0x20d0
Startzeit der fehlerhaften Anwendung: 0xUNINSTALL.exe_AVG Uninstaller0
Pfad der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller1
Pfad des fehlerhaften Moduls: UNINSTALL.exe_AVG Uninstaller2
Berichtskennung: UNINSTALL.exe_AVG Uninstaller3
Vollständiger Name des fehlerhaften Pakets: UNINSTALL.exe_AVG Uninstaller4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UNINSTALL.exe_AVG Uninstaller5
Error: (12/03/2015 08:45:37 PM) (Source: MsiInstaller) (EventID: 10021) (User: AMMAR)
Description: Produkt: Adobe Photoshop Elements 8.0 -- Das Gerät ist nicht bereit.
(NULL)(NULL)(NULL)(NULL)(NULL)
Systemfehler:
=============
Error: (12/04/2015 04:11:06 PM) (Source: DCOM) (EventID: 10010) (User: AMMAR)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (12/04/2015 02:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/04/2015 02:30:53 PM) (Source: DCOM) (EventID: 10010) (User: AMMAR)
Description: {BEBA2AA5-B5A7-4DD3-9AD6-43B24CDD3B7D}
Error: (12/04/2015 02:29:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 10:52:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 09:50:47 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 09:50:47 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 09:50:44 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 09:50:44 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/03/2015 09:50:43 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2015-12-04 23:47:00.298
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:59.836
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:59.371
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:58.900
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:58.435
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:57.965
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:46:57.491
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 23:14:39.480
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 21:46:48.273
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-04 21:46:47.773
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 43%
Installierter physikalischer RAM: 8071.27 MB
Verfügbarer physikalischer RAM: 4576.99 MB
Summe virtueller Speicher: 9415.27 MB
Verfügbarer virtueller Speicher: 5850.93 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:464.65 GB) (Free:356.22 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: EC43DB7C)
Partition: GPT.
==================== Ende von Addition.txt ============================
Beim Starten von GMER kam folgende Fehlermeldung: C\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Nach Bestätigen dieser Fehlermeldung kam die Meldung, dass GMER nicht mehr funktioniert. Virenscanner war deaktiviert und auch sonst alle Programme geschlossen. Ich habe den Rechner neu gestartet und GMER noch einmal gestartet – mit demselben Ergebnis. Vielen Dank und lg |
|
05.12.2015, 09:42
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
06.12.2015, 22:23
| #3 |
| | Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam Hallo schrauber,
__________________zuerst einmal vielen Dank, dass du dich um meinen Fall kümmerst MBAR hat beim ersten Durchgang etwas gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.06.02
rootkit: v2015.11.26.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18098
User :: AMMAR [administrator]
06.12.2015 12:10:54
mbar-log-2015-12-06 (12-10-54).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 353007
Time elapsed: 1 hour(s), 37 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\User\Desktop\AMMAR\hckng\Extreme Injector v3.exe (RiskWare.Injector.DC) -> Delete on reboot. [b426fba644474cea2c01f12e11f03ec2]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Beim zweiten Durchgang wurde nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.06.02
rootkit: v2015.11.26.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18098
User :: AMMAR [administrator]
06.12.2015 13:25:00
mbar-log-2015-12-06 (13-25-00).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 353131
Time elapsed: 59 minute(s), 24 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
lg |
|
06.12.2015, 22:26
| #4 |
| | Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam Der TDSSKiller hat nichts gefunden: Code:
ATTFilter 22:10:32.0425 0x1a8c TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
22:10:32.0425 0x1a8c UEFI system
22:10:43.0174 0x1a8c ============================================================
22:10:43.0174 0x1a8c Current date / time: 2015/12/06 22:10:43.0174
22:10:43.0174 0x1a8c SystemInfo:
22:10:43.0174 0x1a8c
22:10:43.0174 0x1a8c OS Version: 6.3.9600 ServicePack: 0.0
22:10:43.0174 0x1a8c Product type: Workstation
22:10:43.0174 0x1a8c ComputerName: AMMAR
22:10:43.0174 0x1a8c UserName: User
22:10:43.0174 0x1a8c Windows directory: C:\WINDOWS
22:10:43.0174 0x1a8c System windows directory: C:\WINDOWS
22:10:43.0174 0x1a8c Running under WOW64
22:10:43.0174 0x1a8c Processor architecture: Intel x64
22:10:43.0174 0x1a8c Number of processors: 8
22:10:43.0174 0x1a8c Page size: 0x1000
22:10:43.0174 0x1a8c Boot type: Normal boot
22:10:43.0174 0x1a8c ============================================================
22:10:44.0028 0x1a8c KLMD registered as C:\WINDOWS\system32\drivers\15364191.sys
22:10:45.0034 0x1a8c System UUID: {BB9B5351-8540-90DC-1EFC-6DBA2C1CEDAB}
22:10:46.0800 0x1a8c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:10:46.0818 0x1a8c ============================================================
22:10:46.0818 0x1a8c \Device\Harddisk0\DR0:
22:10:46.0818 0x1a8c GPT partitions:
22:10:46.0819 0x1a8c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {80254728-868F-4103-8EE8-01EA5C84076A}, Name: , StartLBA 0x22, BlocksNum 0x40000
22:10:46.0819 0x1a8c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0E3ADD44-9703-458B-9E38-49F2CFB326AF}, Name: , StartLBA 0x40800, BlocksNum 0x96000
22:10:46.0819 0x1a8c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DEB6739B-44D6-49F9-94FA-893951B170F8}, Name: , StartLBA 0xD6800, BlocksNum 0x82000
22:10:46.0820 0x1a8c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {67716D20-A0F6-4FDA-BA0F-E2FC2B5C6033}, Name: , StartLBA 0x158800, BlocksNum 0x3A14C800
22:10:46.0820 0x1a8c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CA96ADE6-19C6-422B-85F2-027CE2EFC941}, Name: , StartLBA 0x3A2A5000, BlocksNum 0xE1000
22:10:46.0820 0x1a8c MBR partitions:
22:10:46.0820 0x1a8c ============================================================
22:10:46.0838 0x1a8c C: <-> \Device\Harddisk0\DR0\Partition4
22:10:46.0838 0x1a8c ============================================================
22:10:46.0839 0x1a8c Initialize success
22:10:46.0839 0x1a8c ============================================================
22:11:08.0870 0x0b18 ============================================================
22:11:08.0870 0x0b18 Scan started
22:11:08.0870 0x0b18 Mode: Manual; SigCheck; TDLFS;
22:11:08.0870 0x0b18 ============================================================
22:11:08.0870 0x0b18 KSN ping started
22:11:11.0412 0x0b18 KSN ping finished: true
22:11:15.0038 0x0b18 ================ Scan system memory ========================
22:11:15.0038 0x0b18 System memory - ok
22:11:15.0039 0x0b18 ================ Scan services =============================
22:11:15.0589 0x0b18 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:11:15.0766 0x0b18 1394ohci - ok
22:11:15.0855 0x0b18 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:11:15.0880 0x0b18 3ware - ok
22:11:15.0938 0x0b18 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:11:15.0984 0x0b18 ACPI - ok
22:11:16.0003 0x0b18 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:11:16.0037 0x0b18 acpiex - ok
22:11:16.0067 0x0b18 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:11:16.0111 0x0b18 acpipagr - ok
22:11:16.0141 0x0b18 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:11:16.0186 0x0b18 AcpiPmi - ok
22:11:16.0210 0x0b18 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:11:16.0254 0x0b18 acpitime - ok
22:11:16.0399 0x0b18 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:11:16.0426 0x0b18 AdobeFlashPlayerUpdateSvc - ok
22:11:16.0507 0x0b18 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:11:16.0581 0x0b18 ADP80XX - ok
22:11:16.0629 0x0b18 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
22:11:16.0694 0x0b18 AeLookupSvc - ok
22:11:16.0778 0x0b18 [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:11:16.0849 0x0b18 AFD - ok
22:11:16.0896 0x0b18 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
22:11:16.0920 0x0b18 agp440 - ok
22:11:16.0951 0x0b18 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:11:17.0020 0x0b18 ahcache - ok
22:11:17.0051 0x0b18 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
22:11:17.0097 0x0b18 ALG - ok
22:11:17.0156 0x0b18 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:11:17.0201 0x0b18 AmdK8 - ok
22:11:17.0236 0x0b18 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:11:17.0289 0x0b18 AmdPPM - ok
22:11:17.0327 0x0b18 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:11:17.0350 0x0b18 amdsata - ok
22:11:17.0384 0x0b18 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:11:17.0418 0x0b18 amdsbs - ok
22:11:17.0432 0x0b18 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:11:17.0452 0x0b18 amdxata - ok
22:11:17.0482 0x0b18 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:11:17.0545 0x0b18 AppID - ok
22:11:17.0579 0x0b18 [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:11:17.0619 0x0b18 AppIDSvc - ok
22:11:17.0681 0x0b18 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:11:17.0745 0x0b18 Appinfo - ok
22:11:17.0798 0x0b18 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:11:17.0893 0x0b18 AppReadiness - ok
22:11:18.0064 0x0b18 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:11:18.0162 0x0b18 AppXSvc - ok
22:11:18.0190 0x0b18 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:11:18.0216 0x0b18 arcsas - ok
22:11:18.0254 0x0b18 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:11:18.0307 0x0b18 AsyncMac - ok
22:11:18.0344 0x0b18 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:11:18.0364 0x0b18 atapi - ok
22:11:18.0405 0x0b18 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:11:18.0455 0x0b18 AudioEndpointBuilder - ok
22:11:18.0510 0x0b18 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:11:18.0595 0x0b18 Audiosrv - ok
22:11:19.0155 0x0b18 [ 381ACF5D04BE19C77EB76FB40BF18401, 618D6C3A0416B0454369F9EA565652EE7EA4F8B26C22A06B737195721BBC1C68 ] AvgAMPS C:\Program Files (x86)\AVG\Av\avgamps.exe
22:11:19.0220 0x0b18 AvgAMPS - ok
22:11:19.0301 0x0b18 [ CB0316E55674D69AF814250FD6EAEAB2, 488334E7E4D65D3B739A58C196E3F7FDBC531E0C3B1DCE1F92AA5D50688F7962 ] Avgboota C:\WINDOWS\system32\DRIVERS\avgboota.sys
22:11:19.0343 0x0b18 Avgboota - ok
22:11:19.0376 0x0b18 [ FF641C4AD6F27902A7D3CA57BEAA8E80, D5CC8F8BFAE3FFAF9E6FB8130337BACCCC2DB9AE04C8D01A3B7F9037EE3A0ED2 ] Avgdiska C:\WINDOWS\system32\DRIVERS\avgdiska.sys
22:11:19.0427 0x0b18 Avgdiska - ok
22:11:19.0458 0x0b18 [ 7D869864BDA9C5B3D97B77F3FACC24BC, FF148BF9D81C641D9659A57C99E8518CF7D8B2EF75B99CAAA723474122C06F1E ] Avgfwfd C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys
22:11:19.0503 0x0b18 Avgfwfd - ok
22:11:19.0615 0x0b18 [ C78C5D1739BE857ACDB1246A9A77F972, 158B11E3E0EFDFD704F63B31134960028C8768CD73D2CD23343431FFD2C2206C ] avgfws C:\Program Files (x86)\AVG\Av\avgfws.exe
22:11:19.0712 0x0b18 avgfws - ok
22:11:19.0913 0x0b18 [ 5DA084E973407AFC5E74CBC2FEAF81A8, ACA1869A78B5D4FE40D658EDE9F48202FD0E925042D7EEBBC84FEBF12C872214 ] AVGIDSAgent C:\Program Files (x86)\AVG\Av\avgidsagent.exe
22:11:20.0102 0x0b18 AVGIDSAgent - ok
22:11:20.0161 0x0b18 [ 39AB843A621CC62355D7C5CE6B376B47, 9ADA58BD8BD176FA799BFE4D04890A68848F6C8CACD92BAF542380629AE0955D ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys
22:11:20.0192 0x0b18 AVGIDSDriver - ok
22:11:20.0225 0x0b18 [ E9796E2C69DC0D3AEE77EC82B80F83F3, E89011A5CC74AE9FDCCD094C50289E7875A014E537A05338EA6B0152B6E992F4 ] AVGIDSHA C:\WINDOWS\system32\DRIVERS\avgidsha.sys
22:11:20.0255 0x0b18 AVGIDSHA - ok
22:11:20.0286 0x0b18 [ D2E83AA008426FC9408272035E50D40B, 6F3B3385C5E1BDBF29343737C5A72A3C8B671016BC805EC51B4C0728807726E3 ] Avgldx64 C:\WINDOWS\system32\DRIVERS\avgldx64.sys
22:11:20.0318 0x0b18 Avgldx64 - ok
22:11:20.0364 0x0b18 [ 6BB3E78DE490503540DD93B9A733794D, 18832B066A10EF2CF0A02F0B834B91771DD95CC3FAB24CBACB7B60E46D280B25 ] Avgloga C:\WINDOWS\system32\DRIVERS\avgloga.sys
22:11:20.0398 0x0b18 Avgloga - ok
22:11:20.0456 0x0b18 [ 30F6E5131FE7C385726DE45CDF686002, AF91984816A7647F11B20FA61591D1E463C48B12C92B0132BB961F5E0A61DB5E ] Avgmfx64 C:\WINDOWS\system32\DRIVERS\avgmfx64.sys
22:11:20.0484 0x0b18 Avgmfx64 - ok
22:11:20.0515 0x0b18 [ B4551FA74295B9629B8F63B1D54EF4FB, 3C0C798D98AC8B50098ACE634ED4733A2A245D2C03B8C92397899767C11C24DD ] Avgrkx64 C:\WINDOWS\system32\DRIVERS\avgrkx64.sys
22:11:20.0535 0x0b18 Avgrkx64 - ok
22:11:20.0759 0x0b18 [ 5E3C595A18B70417858BB37A3B3F6039, 374D76D2D7C684881501A48FF00CE6E0742FE75E411212EAA72543CC94CE184F ] avgsvc C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
22:11:20.0820 0x0b18 avgsvc - ok
22:11:20.0867 0x0b18 [ 799759F0F6825875A7178C15CD2D7E8D, B40DF8F31281FC6C7212C26BB8C1E76DD92A9B2B92A8C1E55B0AB7A200A5F43A ] avgwd C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
22:11:20.0923 0x0b18 avgwd - ok
22:11:20.0977 0x0b18 [ 84BCAB9AFA9E787D94E08346F27AB711, BEC8A755CDE397ABC15BE0A57B7DBB8B45BAB8BE6942EF2BDF1FAD7906C3EE57 ] Avgwfpa C:\WINDOWS\system32\DRIVERS\avgwfpa.sys
22:11:21.0009 0x0b18 Avgwfpa - ok
22:11:21.0039 0x0b18 [ C4C59B119069B0DEEA584E13B34C817C, 06B0E0135EE486746144531CA3657E48DEF7F6C0D6B8108BABE08F06BDF0E1A3 ] AvrcpService C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe
22:11:21.0086 0x0b18 AvrcpService - detected UnsignedFile.Multi.Generic ( 1 )
22:11:23.0589 0x0b18 Detect skipped due to KSN trusted
22:11:23.0589 0x0b18 AvrcpService - ok
22:11:23.0621 0x0b18 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:11:23.0691 0x0b18 AxInstSV - ok
22:11:23.0761 0x0b18 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
22:11:23.0831 0x0b18 b06bdrv - ok
22:11:23.0865 0x0b18 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:11:23.0907 0x0b18 BasicDisplay - ok
22:11:23.0952 0x0b18 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:11:23.0993 0x0b18 BasicRender - ok
22:11:24.0031 0x0b18 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:11:24.0046 0x0b18 bcmfn2 - ok
22:11:24.0087 0x0b18 [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:11:24.0133 0x0b18 BDESVC - ok
22:11:24.0168 0x0b18 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:11:24.0212 0x0b18 Beep - ok
22:11:24.0285 0x0b18 [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\WINDOWS\System32\bfe.dll
22:11:24.0358 0x0b18 BFE - ok
22:11:24.0544 0x0b18 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
22:11:24.0788 0x0b18 BITS - ok
22:11:24.0819 0x0b18 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:11:24.0865 0x0b18 bowser - ok
22:11:24.0911 0x0b18 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:11:24.0974 0x0b18 BrokerInfrastructure - ok
22:11:25.0005 0x0b18 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
22:11:25.0060 0x0b18 Browser - ok
22:11:25.0084 0x0b18 [ A77975A47396CAB71F929D3ACAD01CFB, 52340F6BF66E6E6D086412542ABB94B2CFC5B4EB2BA89A5C0FE8E304534847DA ] BTDevManager C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
22:11:25.0113 0x0b18 BTDevManager - detected UnsignedFile.Multi.Generic ( 1 )
22:11:27.0625 0x0b18 Detect skipped due to KSN trusted
22:11:27.0625 0x0b18 BTDevManager - ok
22:11:27.0657 0x0b18 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:11:27.0696 0x0b18 BthAvrcpTg - ok
22:11:27.0733 0x0b18 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
22:11:27.0781 0x0b18 BthEnum - ok
22:11:27.0819 0x0b18 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:11:27.0882 0x0b18 BthHFEnum - ok
22:11:27.0961 0x0b18 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:11:28.0011 0x0b18 bthhfhid - ok
22:11:28.0064 0x0b18 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:11:28.0136 0x0b18 BthHFSrv - ok
22:11:28.0176 0x0b18 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
22:11:28.0211 0x0b18 BthLEEnum - ok
22:11:28.0259 0x0b18 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:11:28.0303 0x0b18 BTHMODEM - ok
22:11:28.0357 0x0b18 [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
22:11:28.0405 0x0b18 BthPan - ok
22:11:28.0569 0x0b18 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
22:11:28.0671 0x0b18 BTHPORT - ok
22:11:28.0727 0x0b18 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
22:11:28.0789 0x0b18 bthserv - ok
22:11:28.0907 0x0b18 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
22:11:28.0941 0x0b18 BTHUSB - ok
22:11:28.0992 0x0b18 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:11:29.0053 0x0b18 cdfs - ok
22:11:29.0204 0x0b18 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:11:29.0235 0x0b18 cdrom - ok
22:11:29.0337 0x0b18 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:11:29.0395 0x0b18 CertPropSvc - ok
22:11:29.0476 0x0b18 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:11:29.0549 0x0b18 circlass - ok
22:11:29.0666 0x0b18 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:11:29.0704 0x0b18 CLFS - ok
22:11:31.0467 0x0b18 [ 92547C9A6C5E9A3BEC689486C4885C4B, AB56F0BB2CBAB9AA6EA2E12F04F192271762DEBD7F6FBFB8CFAB6BA23121C295 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
22:11:31.0885 0x0b18 ClickToRunSvc - ok
22:11:31.0923 0x0b18 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:11:31.0979 0x0b18 CmBatt - ok
22:11:32.0050 0x0b18 [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:11:32.0118 0x0b18 CNG - ok
22:11:32.0180 0x0b18 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
22:11:32.0221 0x0b18 CompositeBus - ok
22:11:32.0228 0x0b18 COMSysApp - ok
22:11:32.0268 0x0b18 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:11:32.0309 0x0b18 condrv - ok
22:11:32.0511 0x0b18 [ 15FBADDC84ED202E59A4F1B201CC692C, A50092155B18DAD51049A72503002F08C1BB2DFDA239C4D3555360C163F2F782 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
22:11:32.0640 0x0b18 cphs - ok
22:11:32.0697 0x0b18 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:11:32.0752 0x0b18 CryptSvc - ok
22:11:32.0792 0x0b18 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
22:11:32.0815 0x0b18 dam - ok
22:11:32.0877 0x0b18 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:11:32.0982 0x0b18 DcomLaunch - ok
22:11:33.0038 0x0b18 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:11:33.0090 0x0b18 defragsvc - ok
22:11:33.0153 0x0b18 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:11:33.0244 0x0b18 DeviceAssociationService - ok
22:11:33.0275 0x0b18 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:11:33.0323 0x0b18 DeviceInstall - ok
22:11:33.0383 0x0b18 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:11:33.0423 0x0b18 Dfsc - ok
22:11:33.0461 0x0b18 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:11:33.0504 0x0b18 dg_ssudbus - ok
22:11:33.0553 0x0b18 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:11:33.0629 0x0b18 Dhcp - ok
22:11:33.0762 0x0b18 [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:11:33.0988 0x0b18 DiagTrack - ok
22:11:34.0146 0x0b18 [ B1DF13DA9B64FCBDFA40198EF622BCB0, 56CD3F812E06664465685730E8A39CB5947519CAE096A5437B32EB1FABE1F600 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
22:11:34.0257 0x0b18 Disc Soft Lite Bus Service - ok
22:11:34.0305 0x0b18 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:11:34.0330 0x0b18 disk - ok
22:11:34.0375 0x0b18 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:11:34.0416 0x0b18 dmvsc - ok
22:11:34.0463 0x0b18 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:11:34.0513 0x0b18 Dnscache - ok
22:11:34.0576 0x0b18 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:11:34.0634 0x0b18 dot3svc - ok
22:11:34.0674 0x0b18 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
22:11:34.0740 0x0b18 DPS - ok
22:11:34.0787 0x0b18 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:11:34.0834 0x0b18 drmkaud - ok
22:11:34.0878 0x0b18 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:11:34.0937 0x0b18 DsmSvc - ok
22:11:34.0985 0x0b18 [ 679FF716052109392D870F6A6C4A3535, BEF1784448CCA4AF1D67ED68BD0C7CFE01A7719E98CACF92C2DCBFAA916DC57E ] dtlitescsibus C:\WINDOWS\System32\drivers\dtlitescsibus.sys
22:11:35.0003 0x0b18 dtlitescsibus - ok
22:11:35.0065 0x0b18 [ C0CF632820DB5F283562E049D929AE49, 37DB5892568FE908BADBF96F41B2EB411FC990BB68DB50800206069ECC517A3C ] dtliteusbbus C:\WINDOWS\System32\drivers\dtliteusbbus.sys
22:11:35.0083 0x0b18 dtliteusbbus - ok
22:11:35.0194 0x0b18 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:11:35.0344 0x0b18 DXGKrnl - ok
22:11:35.0371 0x0b18 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
22:11:35.0424 0x0b18 Eaphost - ok
22:11:35.0698 0x0b18 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
22:11:35.0920 0x0b18 ebdrv - ok
22:11:36.0014 0x0b18 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
22:11:36.0038 0x0b18 EFS - ok
22:11:36.0089 0x0b18 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:11:36.0128 0x0b18 EhStorClass - ok
22:11:36.0180 0x0b18 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:11:36.0205 0x0b18 EhStorTcgDrv - ok
22:11:36.0237 0x0b18 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:11:36.0287 0x0b18 ErrDev - ok
22:11:36.0374 0x0b18 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
22:11:36.0445 0x0b18 EventSystem - ok
22:11:36.0486 0x0b18 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:11:36.0551 0x0b18 exfat - ok
22:11:36.0581 0x0b18 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:11:36.0612 0x0b18 fastfat - ok
22:11:36.0688 0x0b18 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
22:11:36.0773 0x0b18 Fax - ok
22:11:36.0798 0x0b18 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:11:36.0826 0x0b18 fdc - ok
22:11:36.0849 0x0b18 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:11:36.0893 0x0b18 fdPHost - ok
22:11:36.0927 0x0b18 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:11:36.0974 0x0b18 FDResPub - ok
22:11:37.0014 0x0b18 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:11:37.0043 0x0b18 fhsvc - ok
22:11:37.0099 0x0b18 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:11:37.0122 0x0b18 FileInfo - ok
22:11:37.0141 0x0b18 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:11:37.0189 0x0b18 Filetrace - ok
22:11:37.0254 0x0b18 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:11:37.0303 0x0b18 flpydisk - ok
22:11:37.0351 0x0b18 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:11:37.0399 0x0b18 FltMgr - ok
22:11:37.0487 0x0b18 [ 1E93CBB75D167CDF85501A8C790097A8, C9E5DD090C94E7855939CE1F416460DB408EFF897C2CD52E0D52A734D8ED18B7 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:11:37.0584 0x0b18 FontCache - ok
22:11:37.0734 0x0b18 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:11:37.0753 0x0b18 FontCache3.0.0.0 - ok
22:11:37.0790 0x0b18 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:11:37.0819 0x0b18 FsDepends - ok
22:11:37.0877 0x0b18 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:11:37.0897 0x0b18 Fs_Rec - ok
22:11:37.0954 0x0b18 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:11:38.0023 0x0b18 fvevol - ok
22:11:38.0044 0x0b18 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
22:11:38.0093 0x0b18 FxPPM - ok
22:11:38.0125 0x0b18 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
22:11:38.0157 0x0b18 gagp30kx - ok
22:11:38.0188 0x0b18 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:11:38.0231 0x0b18 gencounter - ok
22:11:38.0277 0x0b18 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:11:38.0303 0x0b18 GPIOClx0101 - ok
22:11:38.0385 0x0b18 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:11:38.0505 0x0b18 gpsvc - ok
22:11:38.0553 0x0b18 gupdate - ok
22:11:38.0557 0x0b18 gupdatem - ok
22:11:38.0614 0x0b18 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
22:11:38.0638 0x0b18 Hamachi - ok
22:11:38.0820 0x0b18 [ C0EF69A59C13D9204D1D70434AA3D00C, 56BD4F7C74B2A36665677C32F30C4E1839DB9AAAC82FFA4A2622B4D261D865F2 ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:11:38.0989 0x0b18 Hamachi2Svc - ok
22:11:39.0038 0x0b18 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:11:39.0080 0x0b18 HDAudBus - ok
22:11:39.0111 0x0b18 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:11:39.0151 0x0b18 HidBatt - ok
22:11:39.0182 0x0b18 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:11:39.0208 0x0b18 HidBth - ok
22:11:39.0217 0x0b18 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:11:39.0256 0x0b18 hidi2c - ok
22:11:39.0293 0x0b18 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:11:39.0339 0x0b18 HidIr - ok
22:11:39.0372 0x0b18 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:11:39.0422 0x0b18 hidserv - ok
22:11:39.0457 0x0b18 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:11:39.0503 0x0b18 HidUsb - ok
22:11:39.0537 0x0b18 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
22:11:39.0599 0x0b18 hkmsvc - ok
22:11:39.0641 0x0b18 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:11:39.0695 0x0b18 HomeGroupListener - ok
22:11:39.0754 0x0b18 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:11:39.0813 0x0b18 HomeGroupProvider - ok
22:11:39.0843 0x0b18 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:11:39.0868 0x0b18 HpSAMD - ok
22:11:39.0996 0x0b18 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:11:40.0067 0x0b18 HTTP - ok
22:11:40.0099 0x0b18 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:11:40.0118 0x0b18 hwpolicy - ok
22:11:40.0137 0x0b18 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:11:40.0170 0x0b18 hyperkbd - ok
22:11:40.0178 0x0b18 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:11:40.0215 0x0b18 HyperVideo - ok
22:11:40.0256 0x0b18 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:11:40.0284 0x0b18 i8042prt - ok
22:11:40.0324 0x0b18 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
22:11:40.0340 0x0b18 iaLPSSi_GPIO - ok
22:11:40.0375 0x0b18 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
22:11:40.0394 0x0b18 iaLPSSi_I2C - ok
22:11:40.0475 0x0b18 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:11:40.0520 0x0b18 iaStorAV - ok
22:11:40.0587 0x0b18 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:11:40.0631 0x0b18 iaStorV - ok
22:11:40.0939 0x0b18 [ 829EA5ECCAA623279D94EAEE3B5AD140, 2D40536146203079BDD31B0A86E442CE896DAF08F8AC7ACF77E38BC85BB179A4 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
22:11:41.0103 0x0b18 IconMan_R - ok
22:11:41.0113 0x0b18 IEEtwCollectorService - ok
22:11:41.0354 0x0b18 [ C38AFE18A40ADF005647090DD3AC24F3, 302810C31B005DD4C9143233AB5B4F332C62AD866A7C7AB0E8F8F81AE1766B11 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
22:11:41.0714 0x0b18 igfx - ok
22:11:41.0772 0x0b18 [ 7A510A9AFC7955DEE63F8DC243E31292, 13906F6212F4C116BE224F2A8AFFF089ACFED8F543E26FC6208FF38463366173 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
22:11:41.0802 0x0b18 igfxCUIService1.0.0.0 - ok
22:11:41.0885 0x0b18 [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:11:41.0994 0x0b18 IKEEXT - ok
22:11:42.0032 0x0b18 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
22:11:42.0056 0x0b18 intaud_WaveExtensible - ok
22:11:42.0315 0x0b18 [ E0B2C982CA743CE8B3CBD7DD50AB82B0, 04B65ED97DD747BAF4A1110836DBCEDB1F1971FDFAFB06BD003B2950393513EA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:11:42.0551 0x0b18 IntcAzAudAddService - ok
22:11:42.0628 0x0b18 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:11:42.0687 0x0b18 IntcDAud - ok
22:11:42.0784 0x0b18 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:11:42.0835 0x0b18 Intel(R) Capability Licensing Service Interface - ok
22:11:42.0872 0x0b18 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:11:42.0891 0x0b18 intelide - ok
22:11:42.0928 0x0b18 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:11:42.0948 0x0b18 intelpep - ok
22:11:42.0987 0x0b18 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:11:43.0025 0x0b18 intelppm - ok
22:11:43.0060 0x0b18 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:11:43.0114 0x0b18 IpFilterDriver - ok
22:11:43.0181 0x0b18 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:11:43.0262 0x0b18 iphlpsvc - ok
22:11:43.0309 0x0b18 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:11:43.0353 0x0b18 IPMIDRV - ok
22:11:43.0385 0x0b18 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:11:43.0418 0x0b18 IPNAT - ok
22:11:43.0457 0x0b18 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:11:43.0508 0x0b18 IRENUM - ok
22:11:43.0536 0x0b18 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:11:43.0559 0x0b18 isapnp - ok
22:11:43.0608 0x0b18 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:11:43.0648 0x0b18 iScsiPrt - ok
22:11:43.0688 0x0b18 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
22:11:43.0706 0x0b18 iwdbus - ok
22:11:43.0784 0x0b18 [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:11:43.0804 0x0b18 jhi_service - ok
22:11:43.0832 0x0b18 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:11:43.0854 0x0b18 kbdclass - ok
22:11:43.0875 0x0b18 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:11:43.0912 0x0b18 kbdhid - ok
22:11:43.0946 0x0b18 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
22:11:43.0992 0x0b18 kdnic - ok
22:11:44.0030 0x0b18 [ 1D6FF150496F190A6643E6879F7546C1, 9E76FA47F94B3120EF6933EAD968982D16A09E389C89E4A101987168C82D3A56 ] Ke2200 C:\WINDOWS\system32\DRIVERS\e22w8x64.sys
22:11:44.0060 0x0b18 Ke2200 - ok
22:11:44.0081 0x0b18 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
22:11:44.0105 0x0b18 KeyIso - ok
22:11:44.0132 0x0b18 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:11:44.0157 0x0b18 KSecDD - ok
22:11:44.0203 0x0b18 [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:11:44.0237 0x0b18 KSecPkg - ok
22:11:44.0284 0x0b18 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
22:11:44.0342 0x0b18 ksthunk - ok
22:11:44.0386 0x0b18 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:11:44.0430 0x0b18 KtmRm - ok
22:11:44.0475 0x0b18 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
22:11:44.0497 0x0b18 L1C - ok
22:11:44.0617 0x0b18 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:11:44.0680 0x0b18 LanmanServer - ok
22:11:44.0726 0x0b18 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:11:44.0800 0x0b18 LanmanWorkstation - ok
22:11:44.0882 0x0b18 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
22:11:44.0946 0x0b18 lfsvc - ok
22:11:44.0965 0x0b18 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
22:11:45.0009 0x0b18 lltdio - ok
22:11:45.0061 0x0b18 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:11:45.0108 0x0b18 lltdsvc - ok
22:11:45.0150 0x0b18 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:11:45.0196 0x0b18 lmhosts - ok
22:11:45.0242 0x0b18 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
22:11:45.0274 0x0b18 LMIGuardianSvc - ok
22:11:45.0319 0x0b18 [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:11:45.0343 0x0b18 LMS - ok
22:11:45.0398 0x0b18 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:11:45.0422 0x0b18 LSI_SAS - ok
22:11:45.0433 0x0b18 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
22:11:45.0456 0x0b18 LSI_SAS2 - ok
22:11:45.0466 0x0b18 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
22:11:45.0489 0x0b18 LSI_SAS3 - ok
22:11:45.0499 0x0b18 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:11:45.0522 0x0b18 LSI_SSS - ok
22:11:45.0634 0x0b18 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
22:11:45.0704 0x0b18 LSM - ok
22:11:45.0769 0x0b18 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:11:45.0818 0x0b18 luafv - ok
22:11:45.0868 0x0b18 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:11:45.0884 0x0b18 MBAMProtector - ok
22:11:46.0021 0x0b18 [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:11:46.0125 0x0b18 MBAMScheduler - ok
22:11:46.0210 0x0b18 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:11:46.0291 0x0b18 MBAMService - ok
22:11:46.0340 0x0b18 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
22:11:46.0362 0x0b18 MBAMSwissArmy - ok
22:11:46.0397 0x0b18 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
22:11:46.0414 0x0b18 MBAMWebAccessControl - ok
22:11:46.0446 0x0b18 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:11:46.0474 0x0b18 megasas - ok
22:11:46.0517 0x0b18 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:11:46.0581 0x0b18 megasr - ok
22:11:46.0629 0x0b18 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
22:11:46.0646 0x0b18 MEIx64 - ok
22:11:46.0766 0x0b18 Microsoft SharePoint Workspace Audit Service - ok
22:11:46.0808 0x0b18 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
22:11:46.0848 0x0b18 MMCSS - ok
22:11:46.0867 0x0b18 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:11:46.0919 0x0b18 Modem - ok
22:11:46.0975 0x0b18 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:11:47.0012 0x0b18 monitor - ok
22:11:47.0038 0x0b18 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:11:47.0061 0x0b18 mouclass - ok
22:11:47.0080 0x0b18 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:11:47.0122 0x0b18 mouhid - ok
22:11:47.0152 0x0b18 [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:11:47.0177 0x0b18 mountmgr - ok
22:11:47.0212 0x0b18 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:11:47.0235 0x0b18 MozillaMaintenance - ok
22:11:47.0273 0x0b18 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:11:47.0312 0x0b18 mpsdrv - ok
22:11:47.0388 0x0b18 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:11:47.0475 0x0b18 MpsSvc - ok
22:11:47.0523 0x0b18 [ 9054B51D656282CFF395F9F22E369DCC, 26ED08ADCEA48FC263AE58525B9FB7ED47DE58FD0E09BB89EC60EB68A265BDBF ] MQAC C:\WINDOWS\system32\drivers\mqac.sys
22:11:47.0559 0x0b18 MQAC - ok
22:11:47.0599 0x0b18 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:11:47.0644 0x0b18 MRxDAV - ok
22:11:47.0693 0x0b18 [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:11:47.0743 0x0b18 mrxsmb - ok
22:11:47.0786 0x0b18 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:11:47.0833 0x0b18 mrxsmb10 - ok
22:11:47.0866 0x0b18 [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:11:47.0916 0x0b18 mrxsmb20 - ok
22:11:47.0962 0x0b18 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
22:11:48.0000 0x0b18 MsBridge - ok
22:11:48.0037 0x0b18 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:11:48.0067 0x0b18 MSDTC - ok
22:11:48.0113 0x0b18 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:11:48.0137 0x0b18 Msfs - ok
22:11:48.0151 0x0b18 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:11:48.0172 0x0b18 msgpiowin32 - ok
22:11:48.0185 0x0b18 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:11:48.0225 0x0b18 mshidkmdf - ok
22:11:48.0275 0x0b18 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:11:48.0311 0x0b18 mshidumdf - ok
22:11:48.0329 0x0b18 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:11:48.0348 0x0b18 msisadrv - ok
22:11:48.0385 0x0b18 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:11:48.0451 0x0b18 MSiSCSI - ok
22:11:48.0459 0x0b18 msiserver - ok
22:11:48.0504 0x0b18 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:11:48.0539 0x0b18 MSKSSRV - ok
22:11:48.0578 0x0b18 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
22:11:48.0615 0x0b18 MsLldp - ok
22:11:48.0652 0x0b18 [ 8DB47E205BB11C2B9A9949DF369ADBCF, 93A6D757C7BFD9E18065B4B52E9DD382F2FAE8683DE290AE2DD2A0D9E82459A3 ] MSMQ C:\WINDOWS\system32\mqsvc.exe
22:11:48.0682 0x0b18 MSMQ - ok
22:11:48.0700 0x0b18 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:11:48.0738 0x0b18 MSPCLOCK - ok
22:11:48.0746 0x0b18 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:11:48.0785 0x0b18 MSPQM - ok
22:11:48.0841 0x0b18 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:11:48.0889 0x0b18 MsRPC - ok
22:11:48.0974 0x0b18 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:11:48.0994 0x0b18 mssmbios - ok
22:11:49.0039 0x0b18 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:11:49.0082 0x0b18 MSTEE - ok
22:11:49.0102 0x0b18 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:11:49.0140 0x0b18 MTConfig - ok
22:11:49.0158 0x0b18 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:11:49.0181 0x0b18 Mup - ok
22:11:49.0241 0x0b18 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:11:49.0277 0x0b18 mvumis - ok
22:11:49.0418 0x0b18 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
22:11:49.0673 0x0b18 napagent - ok
22:11:49.0751 0x0b18 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:11:49.0792 0x0b18 NativeWifiP - ok
22:11:49.0999 0x0b18 [ 89844C3D3A7AAE8999E229C88E452633, 63CA79A59D684B4AA2DEEC244FCD84A74746B47D733CE1CDB69DB825A13B7628 ] NBService C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
22:11:50.0100 0x0b18 NBService - detected UnsignedFile.Multi.Generic ( 1 )
22:11:52.0637 0x0b18 Detect skipped due to KSN trusted
22:11:52.0637 0x0b18 NBService - ok
22:11:52.0702 0x0b18 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:11:52.0776 0x0b18 NcaSvc - ok
22:11:52.0813 0x0b18 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:11:52.0864 0x0b18 NcbService - ok
22:11:52.0895 0x0b18 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:11:52.0926 0x0b18 NcdAutoSetup - ok
22:11:53.0089 0x0b18 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:11:53.0163 0x0b18 NDIS - ok
22:11:53.0211 0x0b18 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
22:11:53.0236 0x0b18 NdisCap - ok
22:11:53.0270 0x0b18 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
22:11:53.0297 0x0b18 NdisImPlatform - ok
22:11:53.0323 0x0b18 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:11:53.0348 0x0b18 NdisTapi - ok
22:11:53.0380 0x0b18 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:11:53.0428 0x0b18 Ndisuio - ok
22:11:53.0444 0x0b18 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:11:53.0487 0x0b18 NdisVirtualBus - ok
22:11:53.0513 0x0b18 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:11:53.0568 0x0b18 NdisWan - ok
22:11:53.0581 0x0b18 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:11:53.0617 0x0b18 NdisWanLegacy - ok
22:11:53.0693 0x0b18 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:11:53.0737 0x0b18 NDProxy - ok
22:11:53.0768 0x0b18 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:11:53.0816 0x0b18 Ndu - ok
22:11:53.0845 0x0b18 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:11:53.0884 0x0b18 NetBIOS - ok
22:11:53.0955 0x0b18 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:11:54.0010 0x0b18 NetBT - ok
22:11:54.0038 0x0b18 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
22:11:54.0068 0x0b18 Netlogon - ok
22:11:54.0141 0x0b18 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
22:11:54.0192 0x0b18 Netman - ok
22:11:54.0262 0x0b18 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:11:54.0311 0x0b18 netprofm - ok
22:11:54.0388 0x1c4c Object required for P2P: [ 92547C9A6C5E9A3BEC689486C4885C4B ] ClickToRunSvc
22:11:54.0461 0x0b18 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:11:54.0570 0x0b18 NetTcpPortSharing - ok
22:11:54.0607 0x0b18 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
22:11:54.0646 0x0b18 netvsc - ok
22:11:54.0719 0x0b18 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:11:54.0772 0x0b18 NlaSvc - ok
22:11:54.0937 0x0b18 [ 8DD0CDB0C700992D10169D8769EF5F43, B6C2EF2AB19B6107915FAFE172F73164DCCAD2A985C2C8B3E4CD1A084DC1046A ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
22:11:54.0975 0x0b18 NMIndexingService - detected UnsignedFile.Multi.Generic ( 1 )
22:11:56.0979 0x1c4c Object send P2P result: true
22:11:57.0505 0x0b18 Detect skipped due to KSN trusted
22:11:57.0506 0x0b18 NMIndexingService - ok
22:11:57.0622 0x0b18 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:11:57.0676 0x0b18 Npfs - ok
22:11:57.0718 0x0b18 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:11:57.0762 0x0b18 npsvctrig - ok
22:11:57.0795 0x0b18 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:11:57.0826 0x0b18 nsi - ok
22:11:57.0849 0x0b18 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:11:57.0897 0x0b18 nsiproxy - ok
22:11:58.0094 0x0b18 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:11:58.0257 0x0b18 Ntfs - ok
22:11:58.0308 0x0b18 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
22:11:58.0334 0x0b18 Null - ok
22:11:58.0358 0x0b18 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:11:58.0386 0x0b18 nvraid - ok
22:11:58.0418 0x0b18 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:11:58.0445 0x0b18 nvstor - ok
22:11:58.0484 0x0b18 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
22:11:58.0510 0x0b18 nv_agp - ok
22:11:58.0564 0x0b18 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:11:58.0589 0x0b18 ose - ok
22:11:58.0967 0x0b18 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:11:59.0318 0x0b18 osppsvc - ok
22:11:59.0391 0x0b18 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:11:59.0433 0x0b18 p2pimsvc - ok
22:11:59.0473 0x0b18 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:11:59.0532 0x0b18 p2psvc - ok
22:11:59.0576 0x0b18 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:11:59.0603 0x0b18 Parport - ok
22:11:59.0623 0x0b18 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:11:59.0647 0x0b18 partmgr - ok
22:11:59.0695 0x0b18 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:11:59.0750 0x0b18 PcaSvc - ok
22:11:59.0803 0x0b18 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
22:11:59.0840 0x0b18 pci - ok
22:11:59.0870 0x0b18 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:11:59.0891 0x0b18 pciide - ok
22:11:59.0908 0x0b18 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:11:59.0935 0x0b18 pcmcia - ok
22:11:59.0972 0x0b18 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:11:59.0993 0x0b18 pcw - ok
22:12:00.0019 0x0b18 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:12:00.0043 0x0b18 pdc - ok
22:12:00.0106 0x0b18 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:12:00.0186 0x0b18 PEAUTH - ok
22:12:00.0282 0x0b18 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
22:12:00.0399 0x0b18 PerfHost - ok
22:12:00.0743 0x0b18 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
22:12:00.0863 0x0b18 pla - ok
22:12:01.0120 0x0b18 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:12:01.0149 0x0b18 PlugPlay - ok
22:12:01.0179 0x0b18 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:12:01.0219 0x0b18 PNRPAutoReg - ok
22:12:01.0258 0x0b18 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:12:01.0297 0x0b18 PNRPsvc - ok
22:12:01.0341 0x0b18 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:12:01.0397 0x0b18 PolicyAgent - ok
22:12:01.0437 0x0b18 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
22:12:01.0477 0x0b18 Power - ok
22:12:01.0516 0x0b18 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:12:01.0554 0x0b18 PptpMiniport - ok
22:12:01.0875 0x0b18 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:12:02.0107 0x0b18 PrintNotify - ok
22:12:02.0153 0x0b18 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:12:02.0191 0x0b18 Processor - ok
22:12:02.0239 0x0b18 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:12:02.0272 0x0b18 ProfSvc - ok
22:12:02.0311 0x0b18 [ 138DBAE80F390B22297ACD861BDA996E, F0799F40266A11058710AD8ED5D8797A350DCB2A55D3DEF179C1D8C87AFB5208 ] Ps2Kb2Hid C:\WINDOWS\System32\drivers\aPs2Kb2Hid.sys
22:12:02.0326 0x0b18 Ps2Kb2Hid - ok
22:12:02.0363 0x0b18 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
22:12:02.0391 0x0b18 Psched - ok
22:12:02.0432 0x0b18 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:12:02.0483 0x0b18 QWAVE - ok
22:12:02.0510 0x0b18 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:12:02.0553 0x0b18 QWAVEdrv - ok
22:12:02.0591 0x0b18 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:12:02.0626 0x0b18 RasAcd - ok
22:12:02.0660 0x0b18 [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
22:12:02.0700 0x0b18 RasAgileVpn - ok
22:12:02.0738 0x0b18 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:12:02.0794 0x0b18 RasAuto - ok
22:12:02.0815 0x0b18 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:12:02.0846 0x0b18 Rasl2tp - ok
22:12:02.0922 0x0b18 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:12:02.0975 0x0b18 RasMan - ok
22:12:03.0004 0x0b18 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:12:03.0036 0x0b18 RasPppoe - ok
22:12:03.0083 0x0b18 [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
22:12:03.0125 0x0b18 RasSstp - ok
22:12:03.0180 0x0b18 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:12:03.0257 0x0b18 rdbss - ok
22:12:03.0296 0x0b18 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:12:03.0333 0x0b18 rdpbus - ok
22:12:03.0383 0x0b18 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:12:03.0436 0x0b18 RDPDR - ok
22:12:03.0480 0x0b18 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:12:03.0500 0x0b18 RdpVideoMiniport - ok
22:12:03.0547 0x0b18 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:12:03.0578 0x0b18 rdyboost - ok
22:12:03.0678 0x0b18 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
22:12:03.0777 0x0b18 ReFS - ok
22:12:03.0833 0x0b18 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:12:03.0869 0x0b18 RemoteAccess - ok
22:12:03.0899 0x0b18 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:12:03.0947 0x0b18 RemoteRegistry - ok
22:12:03.0999 0x0b18 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
22:12:04.0029 0x0b18 RFCOMM - ok
22:12:04.0035 0x0b18 rfdwozpn - ok
22:12:04.0068 0x0b18 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:12:04.0113 0x0b18 RpcEptMapper - ok
22:12:04.0147 0x0b18 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
22:12:04.0171 0x0b18 RpcLocator - ok
22:12:04.0238 0x0b18 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:12:04.0305 0x0b18 RpcSs - ok
22:12:04.0355 0x0b18 [ 366B5B685988C0AB33C7EAECFDB10DFC, D6E51DC74388D0ED10B350C99CDC2E5794F941D5987579ADE99709389DF681CF ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
22:12:04.0380 0x0b18 RSP2STOR - ok
22:12:04.0414 0x0b18 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:12:04.0471 0x0b18 rspndr - ok
22:12:04.0558 0x0b18 [ D251D7852B91E91FE82ECAE678166A1D, 661AC62DE22C7DEF7968177496495A2CB0D769C7EA44487325AE64EE0D759694 ] RtkBleServ C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe
22:12:04.0568 0x0b18 RtkBleServ - detected UnsignedFile.Multi.Generic ( 1 )
22:12:07.0056 0x0b18 Detect skipped due to KSN trusted
22:12:07.0056 0x0b18 RtkBleServ - ok
22:12:07.0129 0x0b18 [ 959849F688E57B50636D01BD3192DA19, 5AFFB63DA57BD524EE0A84FF99432ADE8446B96F6BA651DC3CB2E2413DE2F105 ] RtkBtFilter C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys
22:12:07.0214 0x0b18 RtkBtFilter - ok
22:12:07.0468 0x0b18 [ A307450FE19F99CC8AC750EB13959F94, D74B054B116C8E4295AFE1826D3E560D7F6885980C711F692CCDF4D9A87978AB ] RTWlanE C:\WINDOWS\system32\DRIVERS\rtwlane.sys
22:12:07.0587 0x0b18 RTWlanE - ok
22:12:07.0651 0x0b18 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:12:07.0673 0x0b18 s3cap - ok
22:12:07.0704 0x0b18 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
22:12:07.0726 0x0b18 SamSs - ok
22:12:07.0785 0x0b18 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:12:07.0810 0x0b18 sbp2port - ok
22:12:07.0889 0x0b18 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:12:07.0941 0x0b18 SCardSvr - ok
22:12:08.0003 0x0b18 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:12:08.0038 0x0b18 ScDeviceEnum - ok
22:12:08.0067 0x0b18 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:12:08.0109 0x0b18 scfilter - ok
22:12:08.0329 0x0b18 [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:12:08.0435 0x0b18 Schedule - ok
22:12:08.0490 0x0b18 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:12:08.0525 0x0b18 SCPolicySvc - ok
22:12:08.0571 0x0b18 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:12:08.0605 0x0b18 sdbus - ok
22:12:08.0915 0x0b18 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
22:12:09.0032 0x0b18 SDScannerService - ok
22:12:09.0102 0x0b18 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:12:09.0125 0x0b18 sdstor - ok
22:12:09.0244 0x0b18 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
22:12:09.0496 0x0b18 SDUpdateService - ok
22:12:09.0536 0x0b18 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
22:12:09.0559 0x0b18 SDWSCService - ok
22:12:09.0599 0x0b18 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
22:12:09.0636 0x0b18 secdrv - ok
22:12:09.0666 0x0b18 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
22:12:09.0708 0x0b18 seclogon - ok
22:12:09.0737 0x0b18 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
22:12:09.0766 0x0b18 SENS - ok
22:12:09.0797 0x0b18 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:12:09.0842 0x0b18 SensrSvc - ok
22:12:09.0885 0x0b18 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:12:09.0909 0x0b18 SerCx - ok
22:12:09.0941 0x0b18 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:12:09.0967 0x0b18 SerCx2 - ok
22:12:09.0987 0x0b18 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:12:10.0012 0x0b18 Serenum - ok
22:12:10.0050 0x0b18 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:12:10.0096 0x0b18 Serial - ok
22:12:10.0127 0x0b18 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:12:10.0153 0x0b18 sermouse - ok
22:12:10.0193 0x0b18 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:12:10.0256 0x0b18 SessionEnv - ok
22:12:10.0279 0x0b18 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:12:10.0302 0x0b18 sfloppy - ok
22:12:10.0345 0x0b18 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:12:10.0400 0x0b18 SharedAccess - ok
22:12:10.0472 0x0b18 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:12:10.0549 0x0b18 ShellHWDetection - ok
22:12:10.0582 0x0b18 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:12:10.0607 0x0b18 SiSRaid2 - ok
22:12:10.0633 0x0b18 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:12:10.0661 0x0b18 SiSRaid4 - ok
22:12:10.0763 0x0b18 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:12:10.0797 0x0b18 SkypeUpdate - ok
22:12:10.0840 0x0b18 [ B7332D40EE0B52CE18D321DF8AB01008, 5C1CED23FB5594473AD4314EBE3FBAB18487CB6B6787C91433D95A5DF6051CF1 ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
22:12:10.0855 0x0b18 SmbDrvI - ok
22:12:10.0895 0x0b18 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
22:12:10.0919 0x0b18 smphost - ok
22:12:10.0948 0x0b18 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:12:10.0988 0x0b18 SNMPTRAP - ok
22:12:11.0042 0x0b18 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:12:11.0087 0x0b18 spaceport - ok
22:12:11.0126 0x0b18 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:12:11.0149 0x0b18 SpbCx - ok
22:12:11.0220 0x0b18 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:12:11.0293 0x0b18 Spooler - ok
22:12:11.0607 0x0b18 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:12:11.0956 0x0b18 sppsvc - ok
22:12:12.0020 0x0b18 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:12:12.0077 0x0b18 srv - ok
22:12:12.0136 0x0b18 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:12:12.0195 0x0b18 srv2 - ok
22:12:12.0281 0x0b18 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:12:12.0353 0x0b18 srvnet - ok
22:12:12.0403 0x0b18 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:12:12.0452 0x0b18 SSDPSRV - ok
22:12:12.0491 0x0b18 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:12:12.0539 0x0b18 SstpSvc - ok
22:12:12.0610 0x0b18 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:12:12.0633 0x0b18 ssudmdm - ok
22:12:12.0695 0x0b18 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:12:12.0770 0x0b18 Steam Client Service - ok
22:12:12.0809 0x0b18 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:12:12.0829 0x0b18 stexstor - ok
22:12:12.0894 0x0b18 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
22:12:12.0971 0x0b18 stisvc - ok
22:12:12.0993 0x0b18 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:12:13.0016 0x0b18 storahci - ok
22:12:13.0042 0x0b18 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:12:13.0063 0x0b18 storflt - ok
22:12:13.0094 0x0b18 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:12:13.0115 0x0b18 stornvme - ok
22:12:13.0161 0x0b18 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:12:13.0206 0x0b18 StorSvc - ok
22:12:13.0241 0x0b18 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:12:13.0263 0x0b18 storvsc - ok
22:12:13.0305 0x0b18 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
22:12:13.0332 0x0b18 svsvc - ok
22:12:13.0360 0x0b18 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:12:13.0379 0x0b18 swenum - ok
22:12:13.0437 0x0b18 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
22:12:13.0513 0x0b18 swprv - ok
22:12:13.0579 0x0b18 [ 9C741E8688FAC7CF72E06A3036253881, F926A984B212A910560B122ED3730E0ABF675F9FBD7913C4954FE92F8CD655A2 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:12:13.0611 0x0b18 SynTP - ok
22:12:13.0687 0x0b18 [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\WINDOWS\system32\sysmain.dll
22:12:13.0762 0x0b18 SysMain - ok
22:12:13.0801 0x0b18 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:12:13.0839 0x0b18 SystemEventsBroker - ok
22:12:13.0864 0x0b18 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:12:13.0912 0x0b18 TabletInputService - ok
22:12:13.0946 0x0b18 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:12:14.0003 0x0b18 TapiSrv - ok
22:12:14.0133 0x0b18 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:12:14.0303 0x0b18 Tcpip - ok
22:12:14.0424 0x0b18 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:12:14.0568 0x0b18 TCPIP6 - ok
22:12:14.0649 0x0b18 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:12:14.0691 0x0b18 tcpipreg - ok
22:12:14.0729 0x0b18 [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:12:14.0755 0x0b18 tdx - ok
22:12:14.0781 0x0b18 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:12:14.0802 0x0b18 terminpt - ok
22:12:14.0882 0x0b18 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
22:12:14.0967 0x0b18 TermService - ok
22:12:14.0989 0x0b18 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
22:12:15.0019 0x0b18 Themes - ok
22:12:15.0052 0x0b18 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
22:12:15.0079 0x0b18 THREADORDER - ok
22:12:15.0099 0x0b18 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
22:12:15.0150 0x0b18 TimeBroker - ok
22:12:15.0232 0x0b18 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
22:12:15.0275 0x0b18 TPM - ok
22:12:15.0302 0x0b18 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:12:15.0331 0x0b18 TrkWks - ok
22:12:15.0378 0x0b18 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:12:15.0404 0x0b18 TrustedInstaller - ok
22:12:15.0446 0x0b18 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
22:12:15.0485 0x0b18 TsUsbFlt - ok
22:12:15.0528 0x0b18 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:12:15.0552 0x0b18 TsUsbGD - ok
22:12:15.0695 0x0b18 [ 258C050D197D923668B36C8D3F6A2353, 9A8CDC8FDCF24986FE963566591E2B535653837A8A63EE462126D336E6F94E97 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
22:12:15.0824 0x0b18 TuneUp.UtilitiesSvc - ok
22:12:15.0845 0x0b18 [ 45427C4B8CAC6B241478F149B935CD80, 7F772D6D00D1ADD394F5907804661C75780EE9F8DF21EF0719D3E4ABA00092B7 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys
22:12:15.0860 0x0b18 TuneUpUtilitiesDrv - ok
22:12:15.0909 0x0b18 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
22:12:15.0954 0x0b18 tunnel - ok
22:12:15.0992 0x0b18 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
22:12:16.0014 0x0b18 uagp35 - ok
22:12:16.0049 0x0b18 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:12:16.0111 0x0b18 UASPStor - ok
22:12:16.0182 0x0b18 [ A17C58C0582EE560C72F60764ED63224, A7C8F4FAF3CBB088CAC7753D81F8EC4C38CCB97CD9DA817741F49272E8D01200 ] UCOREW64 C:\Windows\Setup\bit\UCOREW64.sys
22:12:16.0196 0x0b18 UCOREW64 - ok
22:12:16.0232 0x0b18 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
22:12:16.0278 0x0b18 UCX01000 - ok
22:12:16.0329 0x0b18 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:12:16.0374 0x0b18 udfs - ok
22:12:16.0405 0x0b18 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:12:16.0426 0x0b18 UEFI - ok
22:12:16.0453 0x0b18 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:12:16.0489 0x0b18 UI0Detect - ok
22:12:16.0509 0x0b18 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
22:12:16.0558 0x0b18 uliagpkx - ok
22:12:16.0575 0x0b18 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:12:16.0612 0x0b18 umbus - ok
22:12:16.0643 0x0b18 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:12:16.0686 0x0b18 UmPass - ok
22:12:16.0736 0x0b18 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:12:16.0785 0x0b18 UmRdpService - ok
22:12:16.0873 0x0b18 [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:12:16.0901 0x0b18 UNS - ok
22:12:16.0949 0x0b18 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:12:17.0001 0x0b18 upnphost - ok
22:12:17.0036 0x0b18 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:12:17.0086 0x0b18 usbaudio - ok
22:12:17.0131 0x0b18 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:12:17.0159 0x0b18 usbccgp - ok
22:12:17.0196 0x0b18 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:12:17.0234 0x0b18 usbcir - ok
22:12:17.0256 0x0b18 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:12:17.0280 0x0b18 usbehci - ok
22:12:17.0328 0x0b18 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:12:17.0373 0x0b18 usbhub - ok
22:12:17.0420 0x0b18 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:12:17.0468 0x0b18 USBHUB3 - ok
22:12:17.0507 0x0b18 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:12:17.0531 0x0b18 usbohci - ok
22:12:17.0539 0x0b18 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:12:17.0578 0x0b18 usbprint - ok
22:12:17.0607 0x0b18 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:12:17.0651 0x0b18 usbscan - ok
22:12:17.0694 0x0b18 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:12:17.0723 0x0b18 USBSTOR - ok
22:12:17.0746 0x0b18 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:12:17.0782 0x0b18 usbuhci - ok
22:12:17.0825 0x0b18 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
22:12:17.0857 0x0b18 usbvideo - ok
22:12:17.0907 0x0b18 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:12:17.0945 0x0b18 USBXHCI - ok
22:12:17.0959 0x0b18 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:12:17.0981 0x0b18 VaultSvc - ok
22:12:18.0012 0x0b18 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:12:18.0033 0x0b18 vdrvroot - ok
22:12:18.0111 0x0b18 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
22:12:18.0222 0x0b18 vds - ok
22:12:18.0265 0x0b18 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:12:18.0293 0x0b18 VerifierExt - ok
22:12:18.0345 0x0b18 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:12:18.0400 0x0b18 vhdmp - ok
22:12:18.0420 0x0b18 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
22:12:18.0440 0x0b18 viaide - ok
22:12:18.0464 0x0b18 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:12:18.0487 0x0b18 vmbus - ok
22:12:18.0508 0x0b18 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:12:18.0532 0x0b18 VMBusHID - ok
22:12:18.0586 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:12:18.0643 0x0b18 vmicguestinterface - ok
22:12:18.0686 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
22:12:18.0731 0x0b18 vmicheartbeat - ok
22:12:18.0764 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:12:18.0807 0x0b18 vmickvpexchange - ok
22:12:18.0843 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
22:12:18.0886 0x0b18 vmicrdv - ok
22:12:18.0921 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
22:12:18.0964 0x0b18 vmicshutdown - ok
22:12:18.0998 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
22:12:19.0041 0x0b18 vmictimesync - ok
22:12:19.0076 0x0b18 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
22:12:19.0121 0x0b18 vmicvss - ok
22:12:19.0159 0x0b18 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:12:19.0182 0x0b18 volmgr - ok
22:12:19.0233 0x0b18 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:12:19.0271 0x0b18 volmgrx - ok
22:12:19.0313 0x0b18 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:12:19.0351 0x0b18 volsnap - ok
22:12:19.0375 0x0b18 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
22:12:19.0399 0x0b18 vpci - ok
22:12:19.0424 0x0b18 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:12:19.0455 0x0b18 vsmraid - ok
22:12:19.0546 0x0b18 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
22:12:19.0665 0x0b18 VSS - ok
22:12:19.0698 0x0b18 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:12:19.0732 0x0b18 VSTXRAID - ok
22:12:19.0778 0x0b18 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:12:19.0812 0x0b18 vwifibus - ok
22:12:19.0854 0x0b18 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
22:12:19.0899 0x0b18 vwififlt - ok
22:12:19.0919 0x0b18 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
22:12:19.0960 0x0b18 vwifimp - ok
22:12:20.0013 0x0b18 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
22:12:20.0056 0x0b18 W32Time - ok
22:12:20.0076 0x0b18 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:12:20.0120 0x0b18 WacomPen - ok
22:12:20.0152 0x0b18 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] WANARP C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:12:20.0177 0x0b18 WANARP - ok
22:12:20.0184 0x0b18 [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:12:20.0207 0x0b18 Wanarpv6 - ok
22:12:20.0301 0x0b18 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
22:12:20.0411 0x0b18 wbengine - ok
22:12:20.0459 0x0b18 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:12:20.0501 0x0b18 WbioSrvc - ok
22:12:20.0533 0x0b18 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:12:20.0574 0x0b18 Wcmsvc - ok
22:12:20.0608 0x0b18 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:12:20.0657 0x0b18 wcncsvc - ok
22:12:20.0684 0x0b18 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:12:20.0718 0x0b18 WcsPlugInService - ok
22:12:20.0755 0x0b18 [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:12:20.0812 0x0b18 WdBoot - ok
22:12:20.0904 0x0b18 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:12:21.0023 0x0b18 Wdf01000 - ok
22:12:21.0068 0x0b18 [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:12:21.0101 0x0b18 WdFilter - ok
22:12:21.0124 0x0b18 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:12:21.0171 0x0b18 WdiServiceHost - ok
22:12:21.0179 0x0b18 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:12:21.0211 0x0b18 WdiSystemHost - ok
22:12:21.0269 0x0b18 [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:12:21.0294 0x0b18 WdNisDrv - ok
22:12:21.0330 0x0b18 WdNisSvc - ok
22:12:21.0380 0x0b18 [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\WINDOWS\System32\webclnt.dll
22:12:21.0416 0x0b18 WebClient - ok
22:12:21.0452 0x0b18 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:12:21.0521 0x0b18 Wecsvc - ok
22:12:21.0557 0x0b18 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:12:21.0602 0x0b18 WEPHOSTSVC - ok
22:12:21.0632 0x0b18 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:12:21.0693 0x0b18 wercplsupport - ok
22:12:21.0730 0x0b18 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:12:21.0784 0x0b18 WerSvc - ok
22:12:21.0904 0x0b18 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
22:12:21.0930 0x0b18 WFPLWFS - ok
22:12:21.0954 0x0b18 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:12:22.0002 0x0b18 WiaRpc - ok
22:12:22.0033 0x0b18 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:12:22.0053 0x0b18 WIMMount - ok
22:12:22.0057 0x0b18 WinDefend - ok
22:12:22.0203 0x0b18 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:12:22.0284 0x0b18 WinHttpAutoProxySvc - ok
22:12:22.0411 0x0b18 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:12:22.0468 0x0b18 Winmgmt - ok
22:12:22.0642 0x0b18 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:12:22.0824 0x0b18 WinRM - ok
22:12:22.0862 0x0b18 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUSB C:\WINDOWS\System32\drivers\WinUSB.sys
22:12:22.0900 0x0b18 WinUSB - ok
22:12:22.0982 0x0b18 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:12:23.0070 0x0b18 WlanSvc - ok
22:12:23.0161 0x0b18 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:12:23.0298 0x0b18 wlidsvc - ok
22:12:23.0334 0x0b18 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:12:23.0393 0x0b18 WmiAcpi - ok
22:12:23.0434 0x0b18 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:12:23.0480 0x0b18 wmiApSrv - ok
22:12:23.0509 0x0b18 WMPNetworkSvc - ok
22:12:23.0561 0x0b18 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:12:23.0588 0x0b18 Wof - ok
22:12:23.0688 0x0b18 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:12:23.0800 0x0b18 workfolderssvc - ok
22:12:23.0831 0x0b18 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:12:23.0853 0x0b18 wpcfltr - ok
22:12:23.0878 0x0b18 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
22:12:23.0903 0x0b18 WPCSvc - ok
22:12:23.0920 0x0b18 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:12:23.0949 0x0b18 WPDBusEnum - ok
22:12:23.0980 0x0b18 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:12:24.0001 0x0b18 WpdUpFltr - ok
22:12:24.0035 0x0b18 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:12:24.0075 0x0b18 ws2ifsl - ok
22:12:24.0119 0x0b18 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:12:24.0149 0x0b18 wscsvc - ok
22:12:24.0156 0x0b18 WSearch - ok
22:12:24.0330 0x0b18 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
22:12:24.0528 0x0b18 WSService - ok
22:12:24.0841 0x0b18 [ 4BD3138EF061E24F9FDC722B49274B40, F9339F6AA8822E5E1334E41BE4140F9E8E5B24D1CD85B4C746D714AFDD485B49 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:12:25.0052 0x0b18 wuauserv - ok
22:12:25.0090 0x0b18 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:12:25.0135 0x0b18 WudfPf - ok
22:12:25.0169 0x0b18 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
22:12:25.0212 0x0b18 WUDFRd - ok
22:12:25.0225 0x0b18 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys
22:12:25.0254 0x0b18 WUDFSensorLP - ok
22:12:25.0315 0x0b18 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:12:25.0367 0x0b18 wudfsvc - ok
22:12:25.0402 0x0b18 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
22:12:25.0431 0x0b18 WUDFWpdFs - ok
22:12:25.0462 0x0b18 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:12:25.0491 0x0b18 WUDFWpdMtp - ok
22:12:25.0571 0x0b18 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:12:25.0651 0x0b18 WwanSvc - ok
22:12:25.0793 0x0b18 [ 9BF442087645375A192137781E9C7282, 7BA4D22DD9030AE23F18B0258844FAD9074E66E4961B7A055BDB170D86B5B4F0 ] YSearchUtilSvc C:\Program Files (x86)\Yahoo!\yset\{58856E55-A302-5D4E-A2A9-3DE6FB5F3A50}\YSearchUtilSvc.exe
22:12:25.0815 0x0b18 YSearchUtilSvc - ok
22:12:25.0842 0x0b18 ================ Scan global ===============================
22:12:25.0895 0x0b18 [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
22:12:25.0931 0x0b18 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
22:12:25.0972 0x0b18 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
22:12:26.0019 0x0b18 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
22:12:26.0040 0x0b18 [ Global ] - ok
22:12:26.0041 0x0b18 ================ Scan MBR ==================================
22:12:26.0058 0x0b18 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:12:26.0330 0x0b18 \Device\Harddisk0\DR0 - ok
22:12:26.0331 0x0b18 ================ Scan VBR ==================================
22:12:26.0335 0x0b18 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
22:12:26.0336 0x0b18 \Device\Harddisk0\DR0\Partition1 - ok
22:12:26.0389 0x0b18 [ 5D85BBCE17A2B3391D9A0E6D2D82EFD1 ] \Device\Harddisk0\DR0\Partition2
22:12:26.0445 0x0b18 \Device\Harddisk0\DR0\Partition2 - ok
22:12:26.0456 0x0b18 [ B206969CF731A57CD85548C416878DCB ] \Device\Harddisk0\DR0\Partition3
22:12:26.0483 0x0b18 \Device\Harddisk0\DR0\Partition3 - ok
22:12:26.0497 0x0b18 [ 0947070C5A1BFFFBD8E84BF2EB2C4CCE ] \Device\Harddisk0\DR0\Partition4
22:12:26.0504 0x0b18 \Device\Harddisk0\DR0\Partition4 - ok
22:12:26.0532 0x0b18 [ 3FC006B0CBA9177363B2246C5E06F7B2 ] \Device\Harddisk0\DR0\Partition5
22:12:26.0561 0x0b18 \Device\Harddisk0\DR0\Partition5 - ok
22:12:26.0562 0x0b18 ================ Scan generic autorun ======================
22:12:27.0588 0x0b18 [ 330A516D1B1ACCF74228EE33F8D19CEC, 9033150EE8347FAEB5DB240D30DB1FFC799BD8D7C8C741B2DE39E90B8A1CE3D8 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:12:28.0126 0x0b18 RTHDVCPL - ok
22:12:28.0214 0x0b18 [ 6C8E6190E347D37F38DB624B7D57D7A7, CB6641B2681012EF347A38A57F908D359A5AE327176857BA17CD0BC3373CA8E0 ] C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe
22:12:28.0264 0x0b18 BtServer - detected UnsignedFile.Multi.Generic ( 1 )
22:12:30.0836 0x0b18 Detect skipped due to KSN trusted
22:12:30.0836 0x0b18 BtServer - ok
22:12:30.0837 0x0b18 SynTPEnh - ok
22:12:31.0409 0x0b18 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
22:12:31.0585 0x0b18 SDTray - ok
22:12:31.0781 0x0b18 [ B2D3666199175389D771DD94F5C98594, 4238DC200F718DC425F2CF4C2716289845EF207ADFDB1CAC154271FFF8528D9B ] C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
22:12:31.0841 0x0b18 AvgUi - ok
22:12:32.0612 0x0b18 [ 87AD93CC767C9C7AB84635DB64564566, 17F4953C8D9125EC61073C20F98780207395AEF6A3BD52D29A9E9450E744B35B ] C:\Program Files (x86)\AVG\Av\avgui.exe
22:12:32.0781 0x0b18 AVG_UI - ok
22:12:33.0009 0x0b18 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
22:12:33.0029 0x0b18 BCSSync - ok
22:12:33.0123 0x0b18 [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:12:33.0169 0x0b18 SunJavaUpdateSched - ok
22:12:33.0348 0x0b18 [ 928130E85250808BDB45694983AEDF65, AB74C335756F1A6A98C64E2CF59D37F7D6CF1AB88FDED7B1CE8B1BDD91673AF3 ] C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
22:12:33.0391 0x0b18 BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - detected UnsignedFile.Multi.Generic ( 1 )
22:12:35.0848 0x0b18 Detect skipped due to KSN trusted
22:12:35.0848 0x0b18 BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - ok
22:12:36.0655 0x0b18 [ BFD07A0ADC58DEB79A496BB666A43061, F8FBA5FBCBD0111D8EDAB4DF2A2AB0999EAEEEDB056F9F682605FC7F87D56B0E ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe
22:12:36.0836 0x0b18 DAEMON Tools Lite Automount - ok
22:12:37.0012 0x0b18 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:12:37.0075 0x0b18 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
22:12:38.0270 0x22cc Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:12:39.0549 0x0b18 Detect skipped due to KSN trusted
22:12:39.0549 0x0b18 SpybotPostWindows10UpgradeReInstall - ok
22:12:40.0146 0x0b18 [ B1949628130F192DA27FDBAEA516BB6E, 13E5A2EBF0FDAB29CEA1E7FAEB3141233198D9A28353BDBB6FDB03602BE32AC6 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe
22:12:40.0341 0x0b18 Spybot-S&D Cleaning - ok
22:12:40.0347 0x0b18 Waiting for KSN requests completion. In queue: 3
22:12:40.0857 0x22cc Object send P2P result: true
22:12:41.0349 0x0b18 Waiting for KSN requests completion. In queue: 2
22:12:42.0350 0x0b18 Waiting for KSN requests completion. In queue: 1
22:12:43.0448 0x0b18 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
22:12:43.0464 0x0b18 AV detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.12.0.7294 ), 0x41000 ( enabled : updated )
22:12:43.0474 0x0b18 FW detected via SS2: AVG Internet Security, C:\Program Files (x86)\AVG\Av\avgwsc.exe ( 16.12.0.7294 ), 0x41010 ( enabled )
22:12:45.0983 0x0b18 ============================================================
22:12:45.0983 0x0b18 Scan finished
22:12:45.0983 0x0b18 ============================================================
22:12:45.0995 0x1cf4 Detected object count: 0
22:12:45.0995 0x1cf4 Actual detected object count: 0
|
|
07.12.2015, 21:47
| #5 |
| /// the machine /// TB-Ausbilder | Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam |
| antivirus, browser, desktop, device driver, dnsapi.dll, flash player, google, hijack, hijackthis, homepage, iexplore.exe, installation, internet, langsam, mozilla, mp3, npdicihegicnhaangkdmcgbjceoemeoo, office 365, prozesse, realtek, registry, safer networking, scan, security, software, starten, super, svchost.exe, system, werbefenster, windows, windowsapps |
Linear-Darstellung
