| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
21.12.2015, 16:12
| #1 |
 |  Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Wie oben beschrieben habe ich in letzter Zeit eine relativ hohe RAM-Auslastung, auch wenn ich keine Programme geöffnet habe... Sobald ich meinen Computer hochfahre habe ich schon Auslastungen von 2,7 GB oder mehr, s.d ich mit meinen 6 GB RAM teilweise noch nicht einmal 1080p Videos im Browser sehen kann, bevor mir Windows den Thread abknallt... Ich manage meine Autostart-Programme mit Soluto und habe Advanced System Care 9 installiert, welches ich aber nicht so oft verwende. Meine Frage ist nun, ob ich mir da nicht vllt. einen Virus o.ä. gefangen haben könnte (Ich hatte vor einigen Wochen Probleme mit angeblich von meiner Email-Adresse abgeschickten Spam-Mails, konnte aber nicht so richtig herausfinden, ob die Adresse gehackt oder gescammt wurde...). Im Anhang ist ein Screenshot meines Ressourcen-Monitors (lustigerweise komme ich durch Aufaddieren der einzelnen Auslastungen nie und nimmer auf 2,7 GB) Ich würde mich sehr über Hilfe beim Lösen dieses Problems freuen. Vielen Dank im Voraus, TheKaltur ----------------------------- Meine Computer-Specs: Dell Studio 1558 Laptop Intel i5 520M 6GB RAM DDR3 Radeon Mobility 5000er Series HD Graka Betriebssystem: Win 7 64bit Professional Antivirensoftware: Avast Free Antivirus |
|
21.12.2015, 16:32
| #2 |
| Ruhe in Frieden † 2019     | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist. Posten in Code Tags Bitte füge die Logs immer in Code-Tags ein. Wenn Du das nicht machst, erschwert es mir sehr das Auswerten. Danke. Dazu:
Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.12.2015, 17:55
| #3 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hallo Sandra,
__________________vielen Dank für deine Hilfe  Hier die Logfiles:FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von <user> (Administrator) auf <user>-PC (21-12-2015 17:50:50)
Gestartet von C:\Users\<user>\Desktop
Geladene Profile: <user> (Verfügbare Profile: <user>)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
() C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
(brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [SamsungRapidApp] => C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [281776 2014-09-16] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [FreeFallProtection] => C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe [2384896 2009-07-22] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2009-08-20] (AVAST Software)
HKLM\...\Winlogon: [Userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\Run: [Dropbox Update] => C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-15] (Dropbox, Inc.)
HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-30] (IObit)
HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\MountPoints2: {7d07b8eb-e139-11e4-a280-b8ac6f577d74} - H:\setup.exe
HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\MountPoints2: {92c0fd50-e045-11e4-af40-806e6f6e6963} - "E:\Install Navigator.exe"
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-11] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86400 2014-12-30] (Zemana Ltd.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2009-08-20] (AVAST Software)
BootExecute: autocheck autochk /k:C *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9197A16C-B2B7-469C-A744-E10920D918CE}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B17C1BB3-1754-4C40-A64A-690A00BD739A}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2015-11-12] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-06] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-06] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
FireFox:
========
FF ProfilePath: C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default
FF Session Restore: -> ist aktiviert.
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\user.js [2015-12-14]
FF Extension: Vimperator - C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\extensions\vimperator@mozdev.org.xpi [2015-12-06]
FF Extension: Amazon Price Tracker - Keepa.com - C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\extensions\amptra@keepa.com.xpi [2015-12-12]
FF Extension: Ghostery - C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\Extensions\firefox@ghostery.com.xpi [2015-11-06]
FF Extension: TrackMeNot - C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\Extensions\trackmenot@mrl.nyu.edu.xpi [2015-11-01]
FF Extension: Adblock Plus - C:\Users\<user>\AppData\Roaming\Mozilla\Firefox\Profiles\f8mwa45e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2009-08-20]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2009-08-20]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-06]
Opera:
=======
OPR Extension: (Ghostery) - C:\Users\<user>\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2015-09-23]
OPR Extension: (Adblock Plus) - C:\Users\<user>\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-12-08]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2009-08-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [5561368 2009-08-20] (Avast Software)
R3 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-13] (brother Industries Ltd)
S3 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [65640 2015-11-05] (CyberGhost S.R.L)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-22] (EasyAntiCheat Ltd)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 InstallFilterService; C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe [60928 2009-06-23] () [Datei ist nicht signiert]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2009-09-21] ()
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [28848 2014-09-16] (Samsung Electronics Co., Ltd.)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.) [Datei ist nicht signiert]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2009-08-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2009-08-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2009-08-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2009-08-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2009-08-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2009-08-20] (AVAST Software)
R3 cpuz138; C:\Users\<user>\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [27320 2015-12-21] (CPUID)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-04-12] (REALiX(tm))
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
R3 NETwNs64; C:\Windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-08-20] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2009-08-20] (AVAST Software)
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [268976 2014-09-16] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111280 2014-09-16] (Samsung Electronics Co., Ltd.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [32936 2015-12-02] (Synaptics Incorporated)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [310904 2009-08-20] (Avast Software)
R3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2015-01-28] (Cisco Systems, Inc.)
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\C:\Users\<user>\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-21 17:50 - 2015-12-21 17:51 - 00018552 _____ C:\Users\<user>\Desktop\FRST.txt
2015-12-21 17:50 - 2015-12-21 17:50 - 02370560 _____ (Farbar) C:\Users\<user>\Desktop\FRST64.exe
2015-12-21 17:50 - 2015-12-21 17:50 - 00000000 ____D C:\FRST
2015-12-20 22:17 - 2015-12-20 22:34 - 00000078 _____ C:\Users\<user>\Desktop\CyberGhost.txt
2015-12-19 16:09 - 2015-12-19 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-19 16:09 - 2015-12-19 16:09 - 00000000 ____D C:\Program Files\iTunes
2015-12-19 16:09 - 2015-12-19 16:09 - 00000000 ____D C:\Program Files\iPod
2015-12-19 16:09 - 2015-12-19 16:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-19 16:07 - 2015-12-19 16:07 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-12-19 16:07 - 2015-12-19 16:07 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-19 16:06 - 2015-12-19 16:06 - 00000000 ____D C:\Program Files\Bonjour
2015-12-19 16:06 - 2015-12-19 16:06 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-12-19 15:57 - 2015-12-19 15:57 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-19 15:57 - 2015-12-19 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-17 21:37 - 2015-12-17 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameRoyale
2015-12-17 21:37 - 2015-12-17 21:37 - 00000000 ____D C:\Program Files (x86)\GameRoyale
2015-12-14 23:24 - 2015-12-14 23:24 - 00000000 ____D C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-14 18:32 - 2015-12-14 18:32 - 00003180 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2015-12-14 18:32 - 2015-12-14 18:32 - 00002868 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_<user>
2015-12-14 18:32 - 2015-12-14 18:32 - 00001379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller.lnk
2015-12-14 18:32 - 2015-12-14 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller
2015-12-14 18:32 - 2015-12-14 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-12-10 18:43 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-10 18:43 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-10 18:43 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-10 18:43 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-10 18:43 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-10 18:43 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-10 18:43 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-10 18:43 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-10 18:43 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-10 18:43 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-10 18:43 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-10 18:43 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-10 18:43 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-10 18:43 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-10 18:43 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-10 18:43 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-10 18:43 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-10 18:43 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-10 18:43 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-10 18:43 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-10 18:43 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-10 18:43 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-10 18:43 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-10 18:43 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-10 18:43 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-10 18:43 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-10 18:43 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-10 18:43 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-10 18:43 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-10 18:43 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-10 18:43 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-10 18:43 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-10 18:43 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-10 18:43 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-10 18:43 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-10 18:43 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-10 18:43 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-10 18:43 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-10 18:43 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-10 18:43 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-10 18:43 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-10 18:43 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-10 18:43 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-10 18:43 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-10 18:43 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-10 18:43 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-10 18:43 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-10 18:43 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-10 18:43 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-10 18:43 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-10 18:43 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-10 18:43 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-10 18:43 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-10 18:43 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-10 18:43 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-10 18:43 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-10 18:43 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-10 18:43 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-10 18:43 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-10 18:43 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-10 18:43 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-10 18:43 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-10 18:43 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-10 18:43 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-10 18:43 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-10 18:43 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-10 18:43 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-10 18:43 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-10 18:43 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-10 18:43 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-10 18:43 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-10 18:43 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-10 18:43 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-10 18:43 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-10 18:43 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-10 18:43 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-10 18:43 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-10 18:43 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-10 18:43 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-10 18:43 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-10 18:43 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-10 18:43 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-10 18:43 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 11:13 - 2015-12-08 11:13 - 01222693 _____ C:\Users\<user>\Downloads\Woche_1.pdf
2015-12-06 12:47 - 2015-12-06 21:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-05 20:45 - 2015-12-05 20:45 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-05 20:45 - 2015-12-05 20:45 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-02 12:10 - 2015-12-02 12:10 - 01026304 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-12-02 12:10 - 2015-12-02 12:10 - 00082544 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-12-02 12:10 - 2015-12-02 12:10 - 00073216 _____ (REDC) C:\Windows\system32\Drivers\rimspe64.sys
2015-12-02 12:10 - 2015-12-02 12:10 - 00053760 _____ (REDC) C:\Windows\system32\Drivers\rixdpe64.sys
2015-12-02 12:09 - 2015-12-02 12:09 - 00032936 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2015-12-02 09:38 - 2015-12-02 09:38 - 00001257 _____ C:\Users\<user>\AppData\Local\recently-used.xbel
2015-12-02 08:59 - 2015-12-02 08:59 - 00000000 ____H C:\asc_rdflag
2015-12-01 20:04 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-01 20:04 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-01 20:04 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-01 20:04 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-01 20:04 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-01 20:04 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-01 20:04 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-01 20:04 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-01 20:04 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-22 12:01 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-11-22 12:01 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-11-22 12:01 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-11-22 12:01 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-11-22 12:01 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-11-22 12:01 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-11-22 12:01 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-11-22 12:01 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-11-22 12:01 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-11-22 12:01 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-21 17:50 - 2015-04-11 15:07 - 00000000 ____D C:\Users\<user>\AppData\Roaming\NetSpeedMonitor
2015-12-21 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-21 17:49 - 2015-09-19 11:56 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A9D18566-F8F9-4CC4-8FAF-7A77DBBA63E5}
2015-12-21 17:49 - 2015-09-15 08:18 - 00001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000UA.job
2015-12-21 17:49 - 2015-04-12 22:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-21 16:00 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-21 16:00 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-21 15:55 - 2015-04-12 19:32 - 00007603 _____ C:\Users\<user>\AppData\Local\resmon.resmoncfg
2015-12-21 15:32 - 2015-04-11 23:22 - 00699342 _____ C:\Windows\system32\perfh007.dat
2015-12-21 15:32 - 2015-04-11 23:22 - 00149450 _____ C:\Windows\system32\perfc007.dat
2015-12-21 15:32 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-21 15:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-21 15:31 - 2015-10-25 13:36 - 00003242 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2015-12-21 15:31 - 2015-04-12 17:37 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (<user>)
2015-12-21 15:29 - 2015-04-11 13:31 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-12-21 15:29 - 2015-04-11 13:31 - 00000000 ____D C:\Windows\system32\vbox
2015-12-21 15:28 - 2015-04-12 17:37 - 00000000 ____D C:\ProgramData\ProductData
2015-12-21 15:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-21 00:13 - 2015-04-12 18:57 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-21 00:13 - 2015-04-12 17:04 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-21 00:13 - 2015-04-12 17:04 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-20 14:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-19 16:09 - 2015-04-11 14:53 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-19 16:07 - 2015-04-11 15:26 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-19 15:58 - 2015-04-12 17:33 - 00000000 ____D C:\Users\<user>\AppData\Roaming\Skype
2015-12-19 15:57 - 2015-04-12 17:32 - 00000000 ____D C:\ProgramData\Skype
2015-12-19 15:28 - 2015-04-11 13:31 - 00451040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2015-12-19 15:28 - 2015-04-11 13:31 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2015-12-17 21:37 - 2015-04-11 13:44 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 20:46 - 2015-04-12 17:37 - 00000000 ____D C:\Program Files (x86)\IObit
2015-12-14 23:24 - 2015-04-12 22:37 - 00000000 ____D C:\Users\<user>\AppData\Roaming\Dropbox
2015-12-14 18:32 - 2015-04-12 17:38 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_<user>
2015-12-14 18:32 - 2015-04-12 17:37 - 00000000 ____D C:\Users\<user>\AppData\Roaming\IObit
2015-12-14 18:32 - 2015-04-12 17:37 - 00000000 ____D C:\Users\<user>\AppData\LocalLow\IObit
2015-12-14 18:32 - 2015-04-12 17:37 - 00000000 ____D C:\ProgramData\IObit
2015-12-13 15:36 - 2015-09-15 08:18 - 00001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000Core.job
2015-12-13 15:26 - 2015-04-11 13:31 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-12 16:36 - 2009-07-14 05:45 - 00348408 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-10 22:07 - 2015-08-13 07:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-10 22:07 - 2015-04-11 14:08 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-10 22:05 - 2015-08-13 07:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 22:05 - 2015-08-13 07:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 21:57 - 2015-04-11 14:49 - 00000000 ____D C:\Windows\system32\MRT
2015-12-10 21:56 - 2015-04-11 14:49 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-10 20:46 - 2015-04-12 22:38 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-10 20:46 - 2015-04-12 22:38 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-10 20:46 - 2015-04-12 22:38 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-10 18:29 - 2015-11-19 15:20 - 00000018 _____ C:\Users\<user>\Desktop\Todo.txt
2015-12-08 18:55 - 2015-04-11 13:29 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1428755396
2015-12-08 18:55 - 2015-04-11 13:29 - 00000000 ____D C:\Program Files (x86)\Opera
2015-12-08 18:50 - 2015-04-12 17:33 - 00000000 ____D C:\Users\<user>\AppData\Local\Skype
2015-12-02 13:18 - 2015-04-11 14:45 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-02 12:10 - 2015-04-11 14:09 - 00116304 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-12-02 08:59 - 2015-11-02 17:51 - 68517888 _____ C:\Windows\system32\config\COMPONENTS.iodefrag.bak
2015-12-02 08:59 - 2015-11-02 17:51 - 124076032 _____ C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-12-02 08:59 - 2015-11-02 17:51 - 124076032 _____ C:\Windows\system32\config\SOFTWARE.iodefrag
2015-12-02 08:59 - 2015-11-02 17:51 - 09023488 _____ C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-12-02 08:59 - 2015-11-02 17:51 - 09023488 _____ C:\Windows\system32\config\DEFAULT.iodefrag
2015-12-02 08:59 - 2015-11-02 17:51 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag.bak
2015-12-02 08:59 - 2015-11-02 17:51 - 00065536 _____ C:\Windows\system32\config\SAM.iodefrag
2015-12-02 08:59 - 2015-11-02 17:51 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-12-02 08:59 - 2015-11-02 17:51 - 00024576 _____ C:\Windows\system32\config\SECURITY.iodefrag
2015-11-29 18:51 - 2015-04-12 17:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-29 17:15 - 2015-04-11 23:23 - 00000000 ____D C:\Windows\Panther
2015-11-28 19:48 - 2015-07-08 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-11-28 19:48 - 2015-07-08 15:11 - 00000000 ____D C:\Program Files\7-Zip
2015-11-28 19:11 - 2015-10-25 13:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2015-11-22 12:02 - 2015-04-12 22:36 - 00000000 ___RD C:\Users\<user>\OneDrive
2015-11-21 13:00 - 2015-04-13 18:17 - 00000000 ____D C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-10-18 14:37 - 2015-10-28 10:06 - 0000431 _____ () C:\Users\<user>\AppData\Roaming\gnuplot_history
2015-12-02 09:38 - 2015-12-02 09:38 - 0001257 _____ () C:\Users\<user>\AppData\Local\recently-used.xbel
2015-04-12 19:32 - 2015-12-21 15:55 - 0007603 _____ () C:\Users\<user>\AppData\Local\resmon.resmoncfg
2015-04-12 18:42 - 2015-04-12 18:42 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-20 14:14
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von <user> (2015-12-21 17:51:28)
Gestartet von C:\Users\<user>\Desktop
Windows 7 Professional Service Pack 1 (X64) (2015-04-11 12:27:20)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3193139891-1624554104-2808068426-500 - Administrator - Disabled)
Gast (S-1-5-21-3193139891-1624554104-2808068426-501 - Limited - Disabled)
<user> (S-1-5-21-3193139891-1624554104-2808068426-1000 - Administrator - Enabled) => C:\Users\<user>
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov)
Accelerometer (HKLM-x32\...\{87434D51-51DB-4109-B68F-A829ECDCF380}) (Version: 1.06.08.17 - STMicroelectronics)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
AMD Catalyst Install Manager (HKLM\...\{8F3C9854-8EB9-3D28-4AD7-E3ADD800C7E3}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AntiLogger Free version 1.8.2.198 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.198 - Zemana Ltd.)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite DCP-115C (HKLM-x32\...\{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.06079 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.06079 - Cisco Systems, Inc.) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
doubleTwist Sync (HKLM-x32\...\doubleTwist) (Version: 4.0.4.19773 - doubleTwist Corporation)
Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
Dropbox (HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
f.lux (HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\Flux) (Version: - )
FreeFileSync 7.1 (HKLM-x32\...\FreeFileSync) (Version: 7.1 - www.FreeFileSync.org)
FreeHDL 0.0.8 binary package for Win32 (HKLM-x32\...\FreeHDL_is1) (Version: - the Qucs team)
Game Royale Version 1.1 (HKLM-x32\...\{BED1C00F-3FC6-4380-AA86-7AF2D570C9EE}_is1) (Version: 1.1 - btf GmbH)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GNU Octave 3.6.4 (HKLM-x32\...\GNU Octave - 3.6.4) (Version: 3.6.4 - )
gnuplot 5.1 patchlevel 0 (HKLM-x32\...\{AB419AC3-9BC1-4EC5-A75B-4D8870DD651F}_is1) (Version: 5.1 patchlevel 0 - gnuplot development team)
HexChat (HKLM\...\HexChat_is1) (Version: 2.10.2 - HexChat)
Icarus Verilog 20130827 (HKLM-x32\...\Icarus Verilog 20130827_is1) (Version: 20130827 - Icarus)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6267.0 - IDT)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{CCAFF072-4DDB-4846-963D-15F02A8E9472}) (Version: 13.00.0000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.00.1030 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 5.1.0.21 - IObit)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mingw-w64 4.8.2 for Win32 (HKLM-x32\...\Mingw-w64_is1) (Version: - the Qucs Team)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software)
Origin 2015 (HKLM-x32\...\{919C759D-DA8F-4B02-A9F1-75CE8B31CBDB}) (Version: 9.20.00 - OriginLab Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python 3.4 pyreadline-2.0 (HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\pyreadline-py3.4) (Version: - )
Python 3.4.3 (Anaconda3 2.3.0 64-bit) (HKLM\...\Python 3.4.3 (Anaconda3 2.3.0 64-bit)) (Version: 2.3.0 - Continuum Analytics, Inc.)
Python 3.4.3 (HKLM-x32\...\{CCD588A7-8D55-49F1-A30C-47FAB40889ED}) (Version: 3.4.16490 - Python Software Foundation)
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Quite Universal Circuit Simulator 0.0.18 binary package for Win32 (HKLM-x32\...\Qucs_is1) (Version: - the Qucs team)
RAPID Mode (Version: 1.0.1.81 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
RICOH Media Driver ver.2.07.01.04 (HKLM-x32\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.20.0 - Synaptics Incorporated)
System Requirements Lab Detection (HKLM-x32\...\{66C61E83-F6D3-4B1C-90B7-29129CB96A3D}) (Version: 6.1.6.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - Firaxis Games)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\<user>\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\<user>\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\<user>\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
16-12-2015 20:52:52 Windows Update
17-12-2015 21:37:29 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
17-12-2015 21:37:44 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
19-12-2015 15:55:51 ASU_MSI_TRAN
19-12-2015 16:05:12 ASU_MSI_TRAN
19-12-2015 16:07:29 Installed iTunes
20-12-2015 14:13:24 Windows Update
21-12-2015 00:13:36 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0978D354-20D5-4A76-A25C-9CC7A982BAA3} - System32\Tasks\ASC9_SkipUac_<user> => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-30] (IObit)
Task: {0D6FB223-D601-46A7-A92C-369B17074471} - System32\Tasks\Microsoft\Windows\Time Synchronization\Actually Synchronize Time => Sc.exe start w32time task_started
Task: {2A051D44-A3CE-41BF-B2F2-BDA9D9580F7C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2009-08-20] (AVAST Software)
Task: {2F0FED68-2E83-4A03-9CBF-C71803D69705} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {41A046A1-249C-4FB0-A7C2-80070C194DA4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {45D6526C-33AF-4D94-A36A-6CE6AA176771} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-10] (Adobe Systems Incorporated)
Task: {4997B429-1A89-4905-BDDE-6F084AECAB5A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8F601016-AC30-4311-A826-B125B2F903EA} - System32\Tasks\Driver Booster SkipUAC (<user>) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-11-18] (IObit)
Task: {B9635660-BC16-4C0C-96CB-EE6143BC979F} - System32\Tasks\{AA78EA8F-A9D1-4DC0-9808-9BA7F11BC090} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe"
Task: {C6225F36-EE31-4DAC-844C-5A4DC2B80CAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000Core => C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-15] (Dropbox, Inc.)
Task: {C6746703-81DF-4FC6-9CE5-57993BA13007} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {CFE34563-B7F9-47DB-9007-E5E03AD6F103} - System32\Tasks\Uninstaller_SkipUac_<user> => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-11-23] (IObit)
Task: {DF79A7CA-B6BC-4052-A387-17B6E63F5A76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000UA => C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-15] (Dropbox, Inc.)
Task: {E88B51CF-803C-420F-96B8-24F7FD946FCB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {E8CF0D3E-0CF7-486F-9DBA-E71A545BE576} - System32\Tasks\Opera scheduled Autoupdate 1428755396 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software)
Task: {EFB17399-881E-4CB6-A403-CE85DB45E287} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-11-18] (IObit)
Task: {F27CC346-D0EE-4D62-98FF-4783743C68BF} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2015-12-03] (IObit)
Task: {FD15B2CE-1ED3-4C63-BAF1-7A1D137FE582} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000Core.job => C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3193139891-1624554104-2808068426-1000UA.job => C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2009-09-21 14:04 - 2009-09-21 14:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-06-11 08:48 - 2015-06-11 08:48 - 00022528 _____ () C:\Windows\System32\sst9clm.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-17 00:56 - 2009-06-23 15:02 - 00060928 _____ () C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
2015-04-17 00:56 - 2009-07-22 07:52 - 02384896 _____ () C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
2015-06-11 08:48 - 2015-06-11 08:48 - 01604096 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\sst9cdu.dll
2009-09-21 14:04 - 2009-09-21 14:04 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2015-04-12 18:43 - 2015-04-12 18:43 - 03672064 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\147a38a7653169860dd6816e35e37384\PCGPreCompiled.ni.dll
2015-05-14 19:43 - 2015-05-14 19:43 - 00267264 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\3f80ad34dcd710fe9739569fc1e8d775\PCGAppControlPluginLoader.ni.dll
2015-05-14 19:44 - 2015-05-14 19:44 - 00068096 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\fb566be116bfeba5c2e85714c3707a5b\SignalRWrapper.ni.dll
2013-11-14 13:26 - 2013-11-14 13:26 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2015-12-14 18:32 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2015-12-14 18:32 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2015-12-14 18:32 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2009-08-20 00:03 - 2009-08-20 00:03 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2009-08-20 00:03 - 2009-08-20 00:03 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-20 21:56 - 2015-12-20 21:56 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122001\algo.dll
2009-08-20 00:03 - 2009-08-20 00:03 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2009-08-20 00:03 - 2009-08-20 00:03 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2009-08-20 00:03 - 2009-08-20 00:03 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-12 17:38 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl
2015-04-12 17:38 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl
2015-04-12 17:38 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl
2015-04-12 19:54 - 2015-04-12 19:54 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3d576cbc4ffc5ad06fd61510c5d8f326\IsdiInterop.ni.dll
2015-04-12 19:54 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-12-06 12:47 - 2015-12-06 12:47 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-06 12:47 - 2015-12-06 12:47 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3193139891-1624554104-2808068426-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\<user>\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6D7589C5-883A-43D7-B2D1-42D102D02C49}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{80266E9A-36A4-4058-9F80-554F10769A0C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C7060683-A8B8-477E-8714-35DF5E25DFC6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F873340D-3A87-46B3-8B33-A16E428CF507}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{786D6849-F144-4344-9DCC-4411AF6BBB23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D889CA0-E4CF-4C12-A356-34B0B9FE8AE1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B1AC79D-CD4D-4819-BF0C-FF0A9F0F64B1}] => (Allow) C:\Program Files\Soluto\SolutoRemoteDirect.exe
FirewallRules: [{E1301A2D-25AD-4CCD-968B-27AD14218F80}] => (Allow) C:\Program Files\Soluto\Soluto.exe
FirewallRules: [{F3EC953C-B038-496F-9D07-0C7D71AB9AD4}] => (Allow) C:\Program Files\Soluto\SolutoCleanup.exe
FirewallRules: [{9B2EF1C5-DB16-4E0B-B452-34D3F34DB022}] => (Allow) C:\Program Files\Soluto\SolutoConsole.exe
FirewallRules: [{1FBED986-7E71-4C37-AFB5-C1EA54BE7EF2}] => (Allow) C:\Program Files\Soluto\SolutoUpdateService.exe
FirewallRules: [{13CF0207-5F05-4B40-85F5-BE07B9601143}] => (Allow) C:\Program Files\Soluto\SolutoService.exe
FirewallRules: [{D14AAEFD-1901-4E08-AADD-12F1DA376C6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0CC8EB48-70F3-4B82-BB33-0E6ECFD326CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE006C15-5C2A-428A-BC90-B9525F4EC838}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{289CB62F-C98D-468B-AA86-1278ED11FC62}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1391C629-E76E-4A58-8F66-35F903B5AF24}] => (Allow) C:\Users\<user>\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{5421B5A7-EA16-4248-B9B8-B1A512B2CCB9}] => (Allow) C:\Users\<user>\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3F098B11-B6DF-4D52-B9B5-AE1F486EDA7E}] => (Allow) C:\Users\<user>\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{E76138DB-A6B3-4CB4-B12A-C1DA972BE016}] => (Allow) C:\Users\<user>\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DB1CF7E7-7650-41A5-8E1F-43E9BC806042}] => (Allow) C:\Users\<user>\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FADC133A-00C8-491D-8A9D-348356090C70}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{6F663646-778F-4142-A068-35EA6A6AFA9C}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [TCP Query User{C4B99769-F051-4E2C-96DA-3FFEAC7A8533}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{1923DCD8-D54E-41DC-BEBB-C638E1E787A7}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{4035844F-891D-4927-8A23-2B9C85AE8F62}] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{81C66F5C-DEDA-45DE-AE56-8E2ED88338E1}] => (Block) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{3D91FAE4-C776-4C62-B1CE-F6A1E111D803}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{49CBEC66-DD56-47B1-8856-A894DE2074CE}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{8749B2F6-2EDB-4E09-A6BD-C407404343BC}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{85F8EE8F-125B-4537-9410-C624BB0BA6E2}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{45DA03FF-F531-4C71-A0CD-7D72C850E910}] => (Allow) D:\Spiele\SteamLibrary\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{FAE9CCF6-808E-4CDB-AD02-260CE528A8E5}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [UDP Query User{0DF9EAD0-C28E-46D5-A027-C1A8CD1692A7}C:\program files\hexchat\hexchat.exe] => (Allow) C:\program files\hexchat\hexchat.exe
FirewallRules: [{903BEEE0-5B82-43FF-826D-96FBEA3A14E2}] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [{3956AF3C-F510-44BA-838E-127E289186DB}] => (Block) C:\program files\hexchat\hexchat.exe
FirewallRules: [{7F408ED9-5FA1-4D6D-9B8C-836E9CD48C57}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D774C045-DD08-45DD-82F4-40E967B2E35C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{641D3EA6-9D88-4680-8445-96526705BFF8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{55163BFC-35E0-41DB-8F16-EDE770489830}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{31B13C62-0B16-4B15-976A-C682AC23B341}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{DE8FBF84-4873-45C8-9F21-7DB71A06053E}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{D90F555B-7A9D-4F7D-B3AA-962B3E08DBD2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{C95FB64B-A7C8-4DC8-8645-BEF1C19C7098}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{326D889F-4E4E-432E-A301-DD8BB8D1C3D9}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{E62794A9-31A9-4EF0-9EBE-8A71307D75B2}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{5F2BE5F1-13EC-465D-8748-4F191A9A2EBC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9E145FF6-54C7-410E-A2B2-841522E68FFE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FCFF34F6-DD6C-444F-8756-4737336F57F8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CE712F80-B7D4-4C1E-AAC4-C24E138AC887}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{405F6019-9FC2-49DA-BCDB-51F3947A816E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C077411C-336A-4111-B751-29FB59A7BB7C}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{51400BA5-D821-448F-BE64-E5CB1F68956E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{47F5F235-E0BB-4F1A-B28D-66680A989E95}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Integrated Webcam
Description: USB-Videogerät
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/17/2015 11:37:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WLANExt.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bcc33
Name des fehlerhaften Moduls: ccxplugin.dll, Version: 13.0.0.2, Zeitstempel: 0x4ab80649
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000452e0
ID des fehlerhaften Prozesses: 0x73c
Startzeit der fehlerhaften Anwendung: 0xWLANExt.exe0
Pfad der fehlerhaften Anwendung: WLANExt.exe1
Pfad des fehlerhaften Moduls: WLANExt.exe2
Berichtskennung: WLANExt.exe3
Error: (12/12/2015 04:37:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -528.
Error: (12/12/2015 04:37:14 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Catalog Database (1696) Catalog Database: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\Windows\system32\CatRoot2\edb.log.
Error: (12/08/2015 07:23:36 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Die Liste der eingeschlossenen und ausgeschlossenen Adressen konnte vvon Windows Search nicht verarbeitet werden. Fehler: <30, 0x80040d07, "iehistory://{S-1-5-21-3193139891-1624554104-2808068426-1000}/">.
Error: (12/06/2015 09:07:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.15.0.102, Zeitstempel: 0x564b5e27
Name des fehlerhaften Moduls: Skype.exe, Version: 7.15.0.102, Zeitstempel: 0x564b5e27
Ausnahmecode: 0x40000015
Fehleroffset: 0x00f9a305
ID des fehlerhaften Prozesses: 0xe54
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (12/06/2015 09:07:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Skype.exe, Version: 7.15.0.102, Zeitstempel: 0x564b5e27
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xe0fafafa
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0xe54
Startzeit der fehlerhaften Anwendung: 0xSkype.exe0
Pfad der fehlerhaften Anwendung: Skype.exe1
Pfad des fehlerhaften Moduls: Skype.exe2
Berichtskennung: Skype.exe3
Error: (12/06/2015 12:27:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 89c
Startzeit: 01d1300c743b2ecb
Endzeit: 19
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: 515d1c61-9c0c-11e5-9e5b-00059a3c7a00
Error: (12/03/2015 05:01:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WLANExt.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bcc33
Name des fehlerhaften Moduls: ccxplugin.dll, Version: 13.0.0.2, Zeitstempel: 0x4ab80649
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000450ef
ID des fehlerhaften Prozesses: 0x740
Startzeit der fehlerhaften Anwendung: 0xWLANExt.exe0
Pfad der fehlerhaften Anwendung: WLANExt.exe1
Pfad des fehlerhaften Moduls: WLANExt.exe2
Berichtskennung: WLANExt.exe3
Error: (11/29/2015 06:51:44 PM) (Source: MsiInstaller) (EventID: 1024) (User: <user>-PC)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (08/20/2009 12:08:56 AM) (Source: AdvancedSystemCareService8) (EventID: 0) (User: )
Description: Das Handle ist ungültig
Systemfehler:
=============
Error: (12/21/2015 03:31:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/21/2015 03:28:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/21/2015 02:44:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/23/2015 02:41:41 PM) (Source: Microsoft-Windows-Time-Service) (EventID: 34) (User: NT-AUTORITÄT)
Description: Der Zeitdienst hat festgestellt, dass die Systemzeit um 26006453 Sekunden geändert werden muss. Die Systemzeit kann durch den Zeitdienst um maximal 54000 Sekunden geändert werden. Stellen Sie sicher, dass die Uhrzeit und Zeitzone richtig sind und dass die Zeitquelle time.windows.com,0x9 (ntp.m|0x9|0.0.0.0:123->23.102.23.44:123) ordnungsgemäß ausgeführt wird.
Error: (02/21/2015 12:00:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/21/2015 12:13:33 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (12/20/2015 10:10:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/20/2015 10:10:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (12/19/2015 03:41:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.
Error: (12/19/2015 03:37:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Wireless PAN DHCP Server" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 58%
Installierter physikalischer RAM: 6004.52 MB
Verfügbarer physikalischer RAM: 2491.98 MB
Summe virtueller Speicher: 6202.73 MB
Verfügbarer virtueller Speicher: 2236.88 MB
==================== Laufwerke ================================
Drive c: (Programme) (Fixed) (Total:195.21 GB) (Free:125.5 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Daten) (Fixed) (Total:221.62 GB) (Free:87.14 GB) NTFS
Drive f: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00A47C1B)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=195.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=48.8 GB) - (Type=05)
==================== Ende von Addition.txt ============================
|
|
21.12.2015, 22:32
| #4 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hallo, hast du mal im Taskmanager geschaut, was da soviel verbraucht, alternativ dazu: ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen). Schritt 1 Bitte deinstalliere folgende Programme (falls vorhanden) : Advanced SystemCare 9 Dazu gehe auf: den Windowsbutton in der Taskleiste --> Systemsteuerung --> Programme (Unterpunkt Programme deinstallieren) --> Programm auswählen --> entfernen Falls du ein Programm nicht deinstallieren kannst, lade dir von hier den Revo-uninstaller herunter und deinstalliere es damit, wähle dabei den moderaten Modus. Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
21.12.2015, 22:54
| #5 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hi Sandra, erst einmal vielen Dank für die Anleitung. Diese bezieht sich jedoch auf hohe CPU-Usage, ich habe jedoch das Problem von hoher RAM-Belegung, was soll ich da genau machen bzw. welche Spalten soll ich aktivieren? (Möchte hier nichts falsch machen...) Und ja, wie beschrieben habe ich versucht nachzuvollziehen, woher die hohe RAM-Belegung kommt (via Ressourcenmonitor), konnte aber weder einen Thread finden, der dafür verantwortlich ist, noch überhaupt auf die Größe des belegten Speichers kommen indem ich die einzelnen Angaben zusammengezählt habe. Vielen Dank und liebe Grüße, Lukas |
|
21.12.2015, 22:55
| #6 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Ahh, sry. Memtest hattest du schon mal gemacht? Arbeitsspeicher überprüfen Lade dir vonhier MemTest herunter
__________________ --> Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? |
|
22.12.2015, 00:21
| #7 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Ja, Memorytest habe ich schon gemacht... habe auch jetzt noch mal den von dir beschriebenen durchgeführt (musste ihn in 2 Threads starten, die jeweils 1541 MB scannen, weil ein einziger nicht funktioniert hat) Der Test lief komischerweise über die 100% hinaus, bei 120% habe ich ihn dann abgebrochen (s. Anhang)... Bis dahin hat er keine Fehler gefunden. Logfiles wurden afaik auch nicht erstellt... Liebe Grüße, TheKaltur |
|
22.12.2015, 20:33
| #8 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hallo, ja das ist normal, das der Test über 100% geht. Kannst du bitte in deinem Taskmanager nachschauen, Reiter Leistung und dort bitte auf Ressourcenmoitor und dort schauen was da genau so den Arbeitsspeicher belastet und mach bitte noch den TDSS-Killer. (s. meinen anderen Post, danke.) |
|
23.12.2015, 00:03
| #9 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hi Sandra, der TDSSKiller hat eine Threat gefunden: Code:
ATTFilter 23:10:47.0501 0x1e9c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:10:51.0597 0x1e9c ============================================================
23:10:51.0597 0x1e9c Current date / time: 2015/12/22 23:10:51.0597
23:10:51.0597 0x1e9c SystemInfo:
23:10:51.0597 0x1e9c
23:10:51.0597 0x1e9c OS Version: 6.1.7601 ServicePack: 1.0
23:10:51.0597 0x1e9c Product type: Workstation
23:10:51.0597 0x1e9c ComputerName: <user>-PC
23:10:51.0597 0x1e9c UserName: <user>
23:10:51.0597 0x1e9c Windows directory: C:\Windows
23:10:51.0597 0x1e9c System windows directory: C:\Windows
23:10:51.0597 0x1e9c Running under WOW64
23:10:51.0597 0x1e9c Processor architecture: Intel x64
23:10:51.0597 0x1e9c Number of processors: 4
23:10:51.0597 0x1e9c Page size: 0x1000
23:10:51.0597 0x1e9c Boot type: Normal boot
23:10:51.0597 0x1e9c ============================================================
23:10:53.0519 0x1e9c KLMD registered as C:\Windows\system32\drivers\51575532.sys
23:10:53.0624 0x1e9c System UUID: {717EE7CC-C55B-664B-6B23-15A929BC4459}
23:10:54.0018 0x1e9c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:10:54.0023 0x1e9c ============================================================
23:10:54.0023 0x1e9c \Device\Harddisk0\DR0:
23:10:54.0023 0x1e9c MBR partitions:
23:10:54.0023 0x1e9c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:10:54.0023 0x1e9c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1866D800
23:10:54.0023 0x1e9c \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x186A0000, BlocksNum 0x1BB3D800
23:10:54.0023 0x1e9c ============================================================
23:10:54.0024 0x1e9c C: <-> \Device\Harddisk0\DR0\Partition2
23:10:54.0025 0x1e9c D: <-> \Device\Harddisk0\DR0\Partition3
23:10:54.0025 0x1e9c F: <-> \Device\Harddisk0\DR0\Partition1
23:10:54.0025 0x1e9c ============================================================
23:10:54.0026 0x1e9c Initialize success
23:10:54.0026 0x1e9c ============================================================
23:55:38.0241 0x2324 ============================================================
23:55:38.0241 0x2324 Scan started
23:55:38.0241 0x2324 Mode: Manual; SigCheck; TDLFS;
23:55:38.0241 0x2324 ============================================================
23:55:38.0241 0x2324 KSN ping started
23:55:41.0034 0x2324 KSN ping finished: true
23:55:41.0299 0x2324 ================ Scan system memory ========================
23:55:41.0299 0x2324 System memory - ok
23:55:41.0299 0x2324 ================ Scan services =============================
23:55:41.0346 0x2324 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:55:41.0439 0x2324 1394ohci - ok
23:55:41.0455 0x2324 [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler C:\Windows\system32\DRIVERS\Acceler.sys
23:55:41.0470 0x2324 Acceler - ok
23:55:41.0486 0x2324 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:55:41.0517 0x2324 ACPI - ok
23:55:41.0517 0x2324 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:55:41.0548 0x2324 AcpiPmi - ok
23:55:41.0564 0x2324 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
23:55:41.0595 0x2324 acsock - ok
23:55:41.0595 0x2324 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:55:41.0611 0x2324 AdobeARMservice - ok
23:55:41.0658 0x2324 [ BC9CB5E2A6C7FC587CAC3E1658F8462C, 785DE220AC906C30E9853E7DE94C5330529472C9B4ABF5F99F124A8D516EB33C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:55:41.0673 0x2324 AdobeFlashPlayerUpdateSvc - ok
23:55:41.0704 0x2324 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:55:41.0751 0x2324 adp94xx - ok
23:55:41.0767 0x2324 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:55:41.0798 0x2324 adpahci - ok
23:55:41.0814 0x2324 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:55:41.0845 0x2324 adpu320 - ok
23:55:41.0860 0x2324 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:55:41.0876 0x2324 AeLookupSvc - ok
23:55:41.0892 0x2324 [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
23:55:41.0907 0x2324 AESTFilters - ok
23:55:41.0923 0x2324 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
23:55:41.0970 0x2324 AFD - ok
23:55:41.0985 0x2324 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:55:42.0001 0x2324 agp440 - ok
23:55:42.0016 0x2324 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:55:42.0032 0x2324 ALG - ok
23:55:42.0032 0x2324 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:55:42.0063 0x2324 aliide - ok
23:55:42.0063 0x2324 [ 606C8F129FE18D6E3EA2FD542D43D72D, 1BDB9B1C3C8345429FFF25189DCA16F4174F29B5C5DFD5AEB5C277CD4E6EBCA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:55:42.0094 0x2324 AMD External Events Utility - ok
23:55:42.0094 0x2324 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:55:42.0126 0x2324 amdide - ok
23:55:42.0126 0x2324 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:55:42.0157 0x2324 AmdK8 - ok
23:55:42.0157 0x2324 amdkmdag - ok
23:55:42.0172 0x2324 [ C0C27A1094F6EA978FB2CAACFDE0E594, 9B481D55ED3D55A975CB1EB32DD0DB9AD032D592585A5799F81918EFB7843AAE ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:55:42.0219 0x2324 amdkmdap - ok
23:55:42.0219 0x2324 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:55:42.0250 0x2324 AmdPPM - ok
23:55:42.0266 0x2324 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:55:42.0282 0x2324 amdsata - ok
23:55:42.0297 0x2324 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:55:42.0328 0x2324 amdsbs - ok
23:55:42.0328 0x2324 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:55:42.0360 0x2324 amdxata - ok
23:55:42.0360 0x2324 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
23:55:42.0375 0x2324 AppID - ok
23:55:42.0391 0x2324 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:55:42.0406 0x2324 AppIDSvc - ok
23:55:42.0406 0x2324 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
23:55:42.0422 0x2324 Appinfo - ok
23:55:42.0438 0x2324 [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:55:42.0438 0x2324 Apple Mobile Device Service - ok
23:55:42.0453 0x2324 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
23:55:42.0484 0x2324 AppMgmt - ok
23:55:42.0484 0x2324 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
23:55:42.0516 0x2324 arc - ok
23:55:42.0516 0x2324 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:55:42.0547 0x2324 arcsas - ok
23:55:42.0562 0x2324 [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:55:42.0578 0x2324 aspnet_state - ok
23:55:42.0578 0x2324 [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
23:55:42.0609 0x2324 aswHwid - ok
23:55:42.0609 0x2324 [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
23:55:42.0640 0x2324 aswMonFlt - ok
23:55:42.0640 0x2324 [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
23:55:42.0672 0x2324 aswRdr - ok
23:55:42.0672 0x2324 [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
23:55:42.0687 0x2324 aswRvrt - ok
23:55:42.0718 0x2324 [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
23:55:42.0781 0x2324 aswSnx - ok
23:55:42.0796 0x2324 [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP C:\Windows\system32\drivers\aswSP.sys
23:55:42.0843 0x2324 aswSP - ok
23:55:42.0843 0x2324 [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm C:\Windows\system32\drivers\aswStm.sys
23:55:42.0859 0x2324 aswStm - ok
23:55:42.0874 0x2324 [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
23:55:42.0906 0x2324 aswVmm - ok
23:55:42.0906 0x2324 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:55:42.0952 0x2324 AsyncMac - ok
23:55:42.0968 0x2324 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:55:42.0984 0x2324 atapi - ok
23:55:42.0984 0x2324 [ 36779BF5739484CBE11F474A740E9B78, AF61F1828A10C3A44620B55E17CE6647C0807F9BAD5A5990F10EAC639DE2D3AE ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:55:43.0015 0x2324 AtiHDAudioService - ok
23:55:43.0062 0x2324 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:55:43.0077 0x2324 AudioEndpointBuilder - ok
23:55:43.0108 0x2324 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:55:43.0140 0x2324 AudioSrv - ok
23:55:43.0155 0x2324 [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
23:55:43.0171 0x2324 avast! Antivirus - ok
23:55:43.0296 0x2324 [ 074E25153CC60B082462E762CB3CEF67, 7840039523680AF8FEED018F6AE7B393832FD834D4F41D6112BA3DBA491D5A76 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
23:55:43.0452 0x2324 AvastVBoxSvc - ok
23:55:43.0467 0x2324 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:55:43.0498 0x2324 AxInstSV - ok
23:55:43.0514 0x2324 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:55:43.0561 0x2324 b06bdrv - ok
23:55:43.0576 0x2324 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:55:43.0608 0x2324 b57nd60a - ok
23:55:43.0623 0x2324 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:55:43.0639 0x2324 BDESVC - ok
23:55:43.0654 0x2324 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:55:43.0686 0x2324 Beep - ok
23:55:43.0732 0x2324 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:55:43.0764 0x2324 BFE - ok
23:55:43.0810 0x2324 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:55:43.0857 0x2324 BITS - ok
23:55:43.0873 0x2324 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:55:43.0888 0x2324 blbdrive - ok
23:55:43.0935 0x2324 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:55:43.0951 0x2324 Bonjour Service - ok
23:55:43.0966 0x2324 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:55:43.0998 0x2324 bowser - ok
23:55:43.0998 0x2324 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:55:44.0029 0x2324 BrFiltLo - ok
23:55:44.0029 0x2324 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:55:44.0044 0x2324 BrFiltUp - ok
23:55:44.0091 0x2324 [ C711ED965009BDCFF9AA62CEB6FF1AAD, 083E981F983653329C2B8361963CA81D5D88E164C7738035F701A10CCB1C85CC ] Brother XP spl Service C:\Windows\SysWOW64\brsvc01a.exe
23:55:44.0091 0x2324 Brother XP spl Service - ok
23:55:44.0107 0x2324 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:55:44.0122 0x2324 Browser - ok
23:55:44.0138 0x2324 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:55:44.0185 0x2324 Brserid - ok
23:55:44.0185 0x2324 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:55:44.0216 0x2324 BrSerWdm - ok
23:55:44.0216 0x2324 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:55:44.0247 0x2324 BrUsbMdm - ok
23:55:44.0247 0x2324 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:55:44.0278 0x2324 BrUsbSer - ok
23:55:44.0278 0x2324 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:55:44.0310 0x2324 BTHMODEM - ok
23:55:44.0325 0x2324 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:55:44.0372 0x2324 bthserv - ok
23:55:44.0372 0x2324 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:55:44.0419 0x2324 cdfs - ok
23:55:44.0434 0x2324 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:55:44.0481 0x2324 cdrom - ok
23:55:44.0481 0x2324 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:55:44.0528 0x2324 CertPropSvc - ok
23:55:44.0528 0x2324 [ 6FED735D3B808D51C725C886E8F53116, 7DABDFA995C1323E222D7D5AE7F3AE28E11703E21430EA7B7B16B12DF0102B86 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
23:55:44.0544 0x2324 CGVPNCliService - ok
23:55:44.0559 0x2324 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:55:44.0575 0x2324 circlass - ok
23:55:44.0606 0x2324 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
23:55:44.0637 0x2324 CLFS - ok
23:55:44.0653 0x2324 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:55:44.0668 0x2324 clr_optimization_v2.0.50727_32 - ok
23:55:44.0668 0x2324 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:55:44.0684 0x2324 clr_optimization_v2.0.50727_64 - ok
23:55:44.0700 0x2324 [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:55:44.0731 0x2324 clr_optimization_v4.0.30319_32 - ok
23:55:44.0746 0x2324 [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:55:44.0762 0x2324 clr_optimization_v4.0.30319_64 - ok
23:55:44.0778 0x2324 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:55:44.0793 0x2324 CmBatt - ok
23:55:44.0809 0x2324 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:55:44.0824 0x2324 cmdide - ok
23:55:44.0840 0x2324 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
23:55:44.0887 0x2324 CNG - ok
23:55:44.0887 0x2324 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:55:44.0918 0x2324 Compbatt - ok
23:55:44.0918 0x2324 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:55:44.0949 0x2324 CompositeBus - ok
23:55:44.0949 0x2324 COMSysApp - ok
23:55:44.0965 0x2324 cpuz136 - ok
23:55:44.0980 0x2324 cpuz137 - ok
23:55:44.0980 0x2324 [ 8741E6DF191C805028B92CEC44B1BA88, 8CF0CBBDC43F9B977F0FB79E0A0DD0E1ADABE08A67D0F40D727C717C747DE775 ] cpuz138 C:\Users\<user>\AppData\Local\Temp\cpuz138\cpuz138_x64.sys
23:55:44.0996 0x2324 cpuz138 - ok
23:55:45.0012 0x2324 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:55:45.0027 0x2324 crcdisk - ok
23:55:45.0043 0x2324 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:55:45.0058 0x2324 CryptSvc - ok
23:55:45.0090 0x2324 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
23:55:45.0136 0x2324 CSC - ok
23:55:45.0168 0x2324 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
23:55:45.0199 0x2324 CscService - ok
23:55:45.0230 0x2324 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:55:45.0277 0x2324 DcomLaunch - ok
23:55:45.0292 0x2324 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:55:45.0355 0x2324 defragsvc - ok
23:55:45.0355 0x2324 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:55:45.0402 0x2324 DfsC - ok
23:55:45.0417 0x2324 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:55:45.0448 0x2324 dg_ssudbus - ok
23:55:45.0464 0x2324 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:55:45.0480 0x2324 Dhcp - ok
23:55:45.0511 0x2324 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
23:55:45.0558 0x2324 DiagTrack - ok
23:55:45.0573 0x2324 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:55:45.0620 0x2324 discache - ok
23:55:45.0620 0x2324 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:55:45.0651 0x2324 Disk - ok
23:55:45.0667 0x2324 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:55:45.0682 0x2324 Dnscache - ok
23:55:45.0698 0x2324 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:55:45.0745 0x2324 dot3svc - ok
23:55:45.0760 0x2324 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:55:45.0792 0x2324 DPS - ok
23:55:45.0807 0x2324 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:55:45.0823 0x2324 drmkaud - ok
23:55:45.0870 0x2324 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:55:45.0932 0x2324 DXGKrnl - ok
23:55:45.0948 0x2324 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:55:45.0979 0x2324 EapHost - ok
23:55:45.0994 0x2324 EasyAntiCheat - ok
23:55:46.0119 0x2324 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:55:46.0260 0x2324 ebdrv - ok
23:55:46.0275 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
23:55:46.0291 0x2324 EFS - ok
23:55:46.0291 0x2324 [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:55:46.0306 0x2324 ElbyCDIO - ok
23:55:46.0338 0x2324 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:55:46.0384 0x2324 elxstor - ok
23:55:46.0384 0x2324 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:55:46.0400 0x2324 ErrDev - ok
23:55:46.0431 0x2324 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:55:46.0478 0x2324 EventSystem - ok
23:55:46.0540 0x2324 [ 51643EE2712D9212E1E53CA7E8D8EB4A, A365245D1F0354E57FDD23925259787ECE63E6B0C29F3DC2D43BD7027F06D906 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:55:46.0587 0x2324 EvtEng - ok
23:55:46.0603 0x2324 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:55:46.0665 0x2324 exfat - ok
23:55:46.0665 0x2324 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:55:46.0728 0x2324 fastfat - ok
23:55:46.0743 0x2324 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:55:46.0759 0x2324 fdc - ok
23:55:46.0759 0x2324 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:55:46.0806 0x2324 fdPHost - ok
23:55:46.0806 0x2324 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:55:46.0852 0x2324 FDResPub - ok
23:55:46.0852 0x2324 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:55:46.0884 0x2324 FileInfo - ok
23:55:46.0884 0x2324 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:55:46.0930 0x2324 Filetrace - ok
23:55:46.0946 0x2324 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:55:46.0962 0x2324 flpydisk - ok
23:55:46.0977 0x2324 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:55:47.0008 0x2324 FltMgr - ok
23:55:47.0040 0x2324 [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
23:55:47.0071 0x2324 FontCache - ok
23:55:47.0086 0x2324 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:55:47.0102 0x2324 FontCache3.0.0.0 - ok
23:55:47.0102 0x2324 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:55:47.0118 0x2324 FsDepends - ok
23:55:47.0133 0x2324 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:55:47.0149 0x2324 Fs_Rec - ok
23:55:47.0164 0x2324 [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
23:55:47.0164 0x2324 fussvc - detected UnsignedFile.Multi.Generic ( 1 )
23:55:49.0941 0x2324 Detect skipped due to KSN trusted
23:55:49.0941 0x2324 fussvc - ok
23:55:49.0957 0x2324 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:55:49.0988 0x2324 fvevol - ok
23:55:50.0004 0x2324 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:55:50.0019 0x2324 gagp30kx - ok
23:55:50.0035 0x2324 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:55:50.0051 0x2324 GEARAspiWDM - ok
23:55:50.0097 0x2324 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:55:50.0144 0x2324 gpsvc - ok
23:55:50.0160 0x2324 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:55:50.0175 0x2324 hcw85cir - ok
23:55:50.0191 0x2324 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:55:50.0238 0x2324 HdAudAddService - ok
23:55:50.0238 0x2324 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:55:50.0269 0x2324 HDAudBus - ok
23:55:50.0285 0x2324 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
23:55:50.0300 0x2324 HECIx64 - ok
23:55:50.0300 0x2324 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:55:50.0331 0x2324 HidBatt - ok
23:55:50.0331 0x2324 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:55:50.0363 0x2324 HidBth - ok
23:55:50.0378 0x2324 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:55:50.0394 0x2324 HidIr - ok
23:55:50.0409 0x2324 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:55:50.0441 0x2324 hidserv - ok
23:55:50.0456 0x2324 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:55:50.0472 0x2324 HidUsb - ok
23:55:50.0487 0x2324 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:55:50.0534 0x2324 hkmsvc - ok
23:55:50.0534 0x2324 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:55:50.0565 0x2324 HomeGroupListener - ok
23:55:50.0581 0x2324 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:55:50.0597 0x2324 HomeGroupProvider - ok
23:55:50.0612 0x2324 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:55:50.0628 0x2324 HpSAMD - ok
23:55:50.0675 0x2324 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:55:50.0737 0x2324 HTTP - ok
23:55:50.0784 0x2324 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
23:55:50.0799 0x2324 HWiNFO32 - ok
23:55:50.0799 0x2324 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:55:50.0815 0x2324 hwpolicy - ok
23:55:50.0831 0x2324 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:55:50.0846 0x2324 i8042prt - ok
23:55:50.0877 0x2324 [ ABBF174CB394F5C437410A788B7E404A, 95554F675329E7062F0936E4E902FEFF2456CAD95D6C9B60DCC213EF6E4C62D8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:55:50.0924 0x2324 iaStor - ok
23:55:50.0924 0x2324 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:55:50.0940 0x2324 IAStorDataMgrSvc - ok
23:55:50.0955 0x2324 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:55:50.0987 0x2324 iaStorV - ok
23:55:51.0018 0x2324 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:55:51.0049 0x2324 idsvc - ok
23:55:51.0065 0x2324 IEEtwCollectorService - ok
23:55:51.0065 0x2324 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:55:51.0096 0x2324 iirsp - ok
23:55:51.0127 0x2324 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:55:51.0174 0x2324 IKEEXT - ok
23:55:51.0189 0x2324 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
23:55:51.0205 0x2324 Impcd - ok
23:55:51.0221 0x2324 [ FD5EF1D0210CB9C0773BBA7CA360D762, F07BEF8FFF4455FC44964EEB002F87636958810248EB4FD40009C0C97206A5C8 ] InstallFilterService C:\Program Files (x86)\STMicroelectronics\Accelerometer\InstallFilterService.exe
23:55:51.0221 0x2324 InstallFilterService - detected UnsignedFile.Multi.Generic ( 1 )
23:55:54.0013 0x2324 Detect skipped due to KSN trusted
23:55:54.0013 0x2324 InstallFilterService - ok
23:55:54.0029 0x2324 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:55:54.0044 0x2324 intelide - ok
23:55:54.0060 0x2324 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:55:54.0075 0x2324 intelppm - ok
23:55:54.0091 0x2324 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:55:54.0122 0x2324 IPBusEnum - ok
23:55:54.0138 0x2324 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:55:54.0200 0x2324 IpFilterDriver - ok
23:55:54.0231 0x2324 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:55:54.0263 0x2324 iphlpsvc - ok
23:55:54.0278 0x2324 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:55:54.0309 0x2324 IPMIDRV - ok
23:55:54.0309 0x2324 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:55:54.0356 0x2324 IPNAT - ok
23:55:54.0387 0x2324 [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:55:54.0403 0x2324 iPod Service - ok
23:55:54.0419 0x2324 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:55:54.0434 0x2324 IRENUM - ok
23:55:54.0450 0x2324 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:55:54.0465 0x2324 isapnp - ok
23:55:54.0481 0x2324 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:55:54.0512 0x2324 iScsiPrt - ok
23:55:54.0528 0x2324 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:55:54.0543 0x2324 kbdclass - ok
23:55:54.0559 0x2324 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:55:54.0575 0x2324 kbdhid - ok
23:55:54.0575 0x2324 [ 249B4AB4EA96E333AA0F01BF67209817, EEA976B7BAC3B49B52D2E1A3D308D9C5EF81DA4483DEC29CC4056319FA08E5DC ] keycrypt C:\Windows\system32\DRIVERS\KeyCrypt64.sys
23:55:54.0606 0x2324 keycrypt - ok
23:55:54.0606 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
23:55:54.0621 0x2324 KeyIso - ok
23:55:54.0621 0x2324 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:55:54.0653 0x2324 KSecDD - ok
23:55:54.0653 0x2324 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:55:54.0684 0x2324 KSecPkg - ok
23:55:54.0699 0x2324 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:55:54.0731 0x2324 ksthunk - ok
23:55:54.0762 0x2324 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:55:54.0809 0x2324 KtmRm - ok
23:55:54.0824 0x2324 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:55:54.0871 0x2324 LanmanServer - ok
23:55:54.0871 0x2324 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:55:54.0918 0x2324 LanmanWorkstation - ok
23:55:54.0980 0x2324 [ 5100AE7C075C9436E9DD45F96A4A74FC, 1301B7DABAEBBF3134C459BE2DC359BC2CAF6AA59C86A1030D0B28CAFA950F5B ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
23:55:55.0074 0x2324 LiveUpdateSvc - ok
23:55:55.0089 0x2324 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:55:55.0136 0x2324 lltdio - ok
23:55:55.0152 0x2324 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:55:55.0199 0x2324 lltdsvc - ok
23:55:55.0199 0x2324 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:55:55.0245 0x2324 lmhosts - ok
23:55:55.0261 0x2324 [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
23:55:55.0277 0x2324 LMS - ok
23:55:55.0292 0x2324 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:55:55.0323 0x2324 LSI_FC - ok
23:55:55.0323 0x2324 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:55:55.0355 0x2324 LSI_SAS - ok
23:55:55.0355 0x2324 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:55:55.0386 0x2324 LSI_SAS2 - ok
23:55:55.0401 0x2324 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:55:55.0417 0x2324 LSI_SCSI - ok
23:55:55.0433 0x2324 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:55:55.0479 0x2324 luafv - ok
23:55:55.0495 0x2324 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:55:55.0511 0x2324 megasas - ok
23:55:55.0526 0x2324 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:55:55.0557 0x2324 MegaSR - ok
23:55:55.0573 0x2324 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:55:55.0620 0x2324 MMCSS - ok
23:55:55.0620 0x2324 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:55:55.0667 0x2324 Modem - ok
23:55:55.0682 0x2324 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:55:55.0698 0x2324 monitor - ok
23:55:55.0713 0x2324 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:55:55.0729 0x2324 mouclass - ok
23:55:55.0729 0x2324 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:55:55.0760 0x2324 mouhid - ok
23:55:55.0760 0x2324 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:55:55.0791 0x2324 mountmgr - ok
23:55:55.0807 0x2324 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:55:55.0823 0x2324 MozillaMaintenance - ok
23:55:55.0823 0x2324 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:55:55.0854 0x2324 mpio - ok
23:55:55.0869 0x2324 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:55:55.0916 0x2324 mpsdrv - ok
23:55:55.0947 0x2324 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:55:56.0010 0x2324 MpsSvc - ok
23:55:56.0010 0x2324 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:55:56.0041 0x2324 MRxDAV - ok
23:55:56.0057 0x2324 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:55:56.0072 0x2324 mrxsmb - ok
23:55:56.0088 0x2324 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:55:56.0119 0x2324 mrxsmb10 - ok
23:55:56.0135 0x2324 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:55:56.0150 0x2324 mrxsmb20 - ok
23:55:56.0166 0x2324 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:55:56.0197 0x2324 msahci - ok
23:55:56.0197 0x2324 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:55:56.0228 0x2324 msdsm - ok
23:55:56.0244 0x2324 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:55:56.0259 0x2324 MSDTC - ok
23:55:56.0275 0x2324 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:55:56.0322 0x2324 Msfs - ok
23:55:56.0322 0x2324 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:55:56.0369 0x2324 mshidkmdf - ok
23:55:56.0369 0x2324 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:55:56.0384 0x2324 msisadrv - ok
23:55:56.0400 0x2324 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:55:56.0447 0x2324 MSiSCSI - ok
23:55:56.0447 0x2324 msiserver - ok
23:55:56.0447 0x2324 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:55:56.0493 0x2324 MSKSSRV - ok
23:55:56.0509 0x2324 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:55:56.0540 0x2324 MSPCLOCK - ok
23:55:56.0556 0x2324 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:55:56.0603 0x2324 MSPQM - ok
23:55:56.0618 0x2324 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:55:56.0649 0x2324 MsRPC - ok
23:55:56.0649 0x2324 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:55:56.0665 0x2324 mssmbios - ok
23:55:56.0681 0x2324 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:55:56.0727 0x2324 MSTEE - ok
23:55:56.0727 0x2324 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:55:56.0759 0x2324 MTConfig - ok
23:55:56.0759 0x2324 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:55:56.0790 0x2324 Mup - ok
23:55:56.0790 0x2324 [ D285D0539016BE299A55FF997B44DA33, 06E79462A537C4267F9A0428932C64DEA5EB46728E536A5C2270DC3FA5C22652 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
23:55:56.0805 0x2324 MyWiFiDHCPDNS - ok
23:55:56.0837 0x2324 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:55:56.0883 0x2324 napagent - ok
23:55:56.0915 0x2324 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:55:56.0961 0x2324 NativeWifiP - ok
23:55:56.0977 0x2324 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:55:57.0039 0x2324 NDIS - ok
23:55:57.0039 0x2324 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:55:57.0086 0x2324 NdisCap - ok
23:55:57.0102 0x2324 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:55:57.0149 0x2324 NdisTapi - ok
23:55:57.0149 0x2324 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:55:57.0195 0x2324 Ndisuio - ok
23:55:57.0211 0x2324 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:55:57.0258 0x2324 NdisWan - ok
23:55:57.0273 0x2324 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:55:57.0320 0x2324 NDProxy - ok
23:55:57.0320 0x2324 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:55:57.0367 0x2324 NetBIOS - ok
23:55:57.0383 0x2324 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:55:57.0445 0x2324 NetBT - ok
23:55:57.0445 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
23:55:57.0461 0x2324 Netlogon - ok
23:55:57.0492 0x2324 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:55:57.0539 0x2324 Netman - ok
23:55:57.0539 0x2324 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:55:57.0570 0x2324 NetMsmqActivator - ok
23:55:57.0570 0x2324 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:55:57.0585 0x2324 NetPipeActivator - ok
23:55:57.0617 0x2324 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:55:57.0663 0x2324 netprofm - ok
23:55:57.0679 0x2324 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:55:57.0679 0x2324 NetTcpActivator - ok
23:55:57.0695 0x2324 [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:55:57.0710 0x2324 NetTcpPortSharing - ok
23:55:57.0944 0x2324 [ 4D85A450EDEF10C38882182753A49AAE, FB6C2D91B2CF834315498BB31F931E2A49066A3158A588FD705F59628DF2F8FC ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
23:55:58.0272 0x2324 NETw5s64 - ok
23:55:58.0553 0x2324 [ 6C6EBA531144A54AE4E5F3AFB08582FF, BD362AEC10B7E28B5C528CA18D5A22FF62EAB8A5C5FECFBB5703CAF88FA883AD ] NETwNs64 C:\Windows\system32\DRIVERS\NETwsw01.sys
23:55:59.0005 0x2324 NETwNs64 - ok
23:55:59.0021 0x2324 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:55:59.0036 0x2324 nfrd960 - ok
23:55:59.0052 0x2324 [ 106C6E31F54E7C973E903508A27F26FC, A39CE7057E92BCC7ECECD86B0EE956CA5C275FFC5CB04FA181D6995894EF9FBD ] ngvss C:\Windows\system32\drivers\ngvss.sys
23:55:59.0083 0x2324 ngvss - ok
23:55:59.0083 0x2324 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
23:55:59.0114 0x2324 NlaSvc - ok
23:55:59.0114 0x2324 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:55:59.0161 0x2324 Npfs - ok
23:55:59.0177 0x2324 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:55:59.0208 0x2324 nsi - ok
23:55:59.0208 0x2324 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:55:59.0255 0x2324 nsiproxy - ok
23:55:59.0317 0x2324 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:55:59.0426 0x2324 Ntfs - ok
23:55:59.0426 0x2324 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:55:59.0473 0x2324 Null - ok
23:55:59.0473 0x2324 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:55:59.0504 0x2324 nvraid - ok
23:55:59.0520 0x2324 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:55:59.0551 0x2324 nvstor - ok
23:55:59.0551 0x2324 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:55:59.0582 0x2324 nv_agp - ok
23:55:59.0582 0x2324 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:55:59.0613 0x2324 ohci1394 - ok
23:55:59.0613 0x2324 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:55:59.0645 0x2324 ose - ok
23:55:59.0801 0x2324 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:55:59.0925 0x2324 osppsvc - ok
23:55:59.0957 0x2324 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:55:59.0988 0x2324 p2pimsvc - ok
23:56:00.0003 0x2324 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:56:00.0050 0x2324 p2psvc - ok
23:56:00.0050 0x2324 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:56:00.0081 0x2324 Parport - ok
23:56:00.0081 0x2324 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:56:00.0113 0x2324 partmgr - ok
23:56:00.0128 0x2324 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:56:00.0144 0x2324 PcaSvc - ok
23:56:00.0144 0x2324 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:56:00.0175 0x2324 pci - ok
23:56:00.0175 0x2324 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:56:00.0206 0x2324 pciide - ok
23:56:00.0222 0x2324 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:56:00.0253 0x2324 pcmcia - ok
23:56:00.0253 0x2324 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:56:00.0269 0x2324 pcw - ok
23:56:00.0315 0x2324 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:56:00.0362 0x2324 PEAUTH - ok
23:56:00.0425 0x2324 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
23:56:00.0503 0x2324 PeerDistSvc - ok
23:56:00.0549 0x2324 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:56:00.0565 0x2324 PerfHost - ok
23:56:00.0612 0x2324 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:56:00.0705 0x2324 pla - ok
23:56:00.0721 0x2324 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:56:00.0752 0x2324 PlugPlay - ok
23:56:00.0752 0x2324 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:56:00.0783 0x2324 PNRPAutoReg - ok
23:56:00.0799 0x2324 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:56:00.0815 0x2324 PNRPsvc - ok
23:56:00.0846 0x2324 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:56:00.0908 0x2324 PolicyAgent - ok
23:56:00.0924 0x2324 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:56:00.0971 0x2324 Power - ok
23:56:00.0971 0x2324 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:56:01.0017 0x2324 PptpMiniport - ok
23:56:01.0033 0x2324 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:56:01.0049 0x2324 Processor - ok
23:56:01.0064 0x2324 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
23:56:01.0080 0x2324 ProfSvc - ok
23:56:01.0095 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:56:01.0111 0x2324 ProtectedStorage - ok
23:56:01.0111 0x2324 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:56:01.0158 0x2324 Psched - ok
23:56:01.0220 0x2324 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:56:01.0329 0x2324 ql2300 - ok
23:56:01.0329 0x2324 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:56:01.0361 0x2324 ql40xx - ok
23:56:01.0376 0x2324 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:56:01.0407 0x2324 QWAVE - ok
23:56:01.0407 0x2324 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:56:01.0439 0x2324 QWAVEdrv - ok
23:56:01.0439 0x2324 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:56:01.0485 0x2324 RasAcd - ok
23:56:01.0501 0x2324 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:56:01.0548 0x2324 RasAgileVpn - ok
23:56:01.0548 0x2324 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:56:01.0595 0x2324 RasAuto - ok
23:56:01.0610 0x2324 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:56:01.0657 0x2324 Rasl2tp - ok
23:56:01.0673 0x2324 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:56:01.0719 0x2324 RasMan - ok
23:56:01.0735 0x2324 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:56:01.0782 0x2324 RasPppoe - ok
23:56:01.0782 0x2324 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:56:01.0844 0x2324 RasSstp - ok
23:56:01.0860 0x2324 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:56:01.0907 0x2324 rdbss - ok
23:56:01.0922 0x2324 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:56:01.0938 0x2324 rdpbus - ok
23:56:01.0953 0x2324 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:56:02.0000 0x2324 RDPCDD - ok
23:56:02.0000 0x2324 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
23:56:02.0031 0x2324 RDPDR - ok
23:56:02.0047 0x2324 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:56:02.0078 0x2324 RDPENCDD - ok
23:56:02.0094 0x2324 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:56:02.0141 0x2324 RDPREFMP - ok
23:56:02.0141 0x2324 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:56:02.0172 0x2324 RdpVideoMiniport - ok
23:56:02.0187 0x2324 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:56:02.0219 0x2324 RDPWD - ok
23:56:02.0234 0x2324 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:56:02.0250 0x2324 rdyboost - ok
23:56:02.0281 0x2324 [ 3B71B5B91E7DCA93585D5A86C897ADC4, F0A17C1282F7613B35932226598AF7B3F653FF74DB0107EBB63BC5F1DCFC757B ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:56:02.0312 0x2324 RegSrvc - ok
23:56:02.0312 0x2324 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:56:02.0359 0x2324 RemoteAccess - ok
23:56:02.0375 0x2324 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:56:02.0421 0x2324 RemoteRegistry - ok
23:56:02.0421 0x2324 [ 8C74A4FB940F7BCE60A683DAD3BD2873, AF5F69DF4162037EA9589FD08686DA7D2FC8397C699A941D20862CAF52DAED82 ] rimspci C:\Windows\system32\DRIVERS\rimspe64.sys
23:56:02.0453 0x2324 rimspci - ok
23:56:02.0453 0x2324 [ A6DA2B0C8F5BB3F9F5423CFF8D6A02D9, 1841364D1ADC7DFD107AE3533BD8E37AD1E176EE5822D1B354A9E8E865029996 ] risdpcie C:\Windows\system32\DRIVERS\risdpe64.sys
23:56:02.0484 0x2324 risdpcie - ok
23:56:02.0484 0x2324 [ 78DC3BDD48AC2F36208A244CA2E263BD, D72220D3D3CDFAB2A8747DE5EDD79261D68C2E9154EEBF10E0F7F62211A4CB89 ] rixdpcie C:\Windows\system32\DRIVERS\rixdpe64.sys
23:56:02.0515 0x2324 rixdpcie - ok
23:56:02.0515 0x2324 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:56:02.0562 0x2324 RpcEptMapper - ok
23:56:02.0562 0x2324 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:56:02.0577 0x2324 RpcLocator - ok
23:56:02.0593 0x2324 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:56:02.0655 0x2324 RpcSs - ok
23:56:02.0655 0x2324 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:56:02.0718 0x2324 rspndr - ok
23:56:02.0733 0x2324 [ 7C03368FBF69FABEC01B036558B5A990, 1333A4E51A20DADAAFB0435FDA5B7C51E06870F5D9156D5906E52B43C310C4FC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
23:56:02.0796 0x2324 RTL8167 - ok
23:56:02.0796 0x2324 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
23:56:02.0827 0x2324 s3cap - ok
23:56:02.0827 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
23:56:02.0843 0x2324 SamSs - ok
23:56:02.0858 0x2324 [ EA9C5A00B1FCD8CC60245BD66B5120CE, 20699B583D3C60138D3FFFE5DD45F394A67820464928AC001BF8C1ED2DE66331 ] SamsungRapidDiskFltr C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys
23:56:02.0889 0x2324 SamsungRapidDiskFltr - ok
23:56:02.0905 0x2324 [ 966D55C3EBE86897C2ADFC680A2F954A, FEFAADC4FEA30E228013CA67BD4B19C72985ABDE0A258330942B2BCE47E8D510 ] SamsungRapidFSFltr C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys
23:56:02.0921 0x2324 SamsungRapidFSFltr - ok
23:56:02.0936 0x2324 [ 534E728704E465B09F94548A54E9E38C, C613B69CBB41D932FF96C01E3B0E73F7FB021D31C62D63F939D4DA92945EC8CA ] SamsungRapidSvc C:\Windows\system32\RAPID\SamsungRapidSvc.exe
23:56:02.0936 0x2324 SamsungRapidSvc - ok
23:56:02.0952 0x2324 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:56:02.0967 0x2324 sbp2port - ok
23:56:02.0983 0x2324 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:56:03.0030 0x2324 SCardSvr - ok
23:56:03.0045 0x2324 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:56:03.0092 0x2324 scfilter - ok
23:56:03.0108 0x2324 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
23:56:03.0155 0x2324 Schedule - ok
23:56:03.0170 0x2324 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:56:03.0201 0x2324 SCPolicySvc - ok
23:56:03.0201 0x2324 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:56:03.0233 0x2324 sdbus - ok
23:56:03.0248 0x2324 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:56:03.0279 0x2324 SDRSVC - ok
23:56:03.0279 0x2324 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:56:03.0295 0x2324 secdrv - ok
23:56:03.0311 0x2324 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:56:03.0342 0x2324 seclogon - ok
23:56:03.0357 0x2324 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:56:03.0389 0x2324 SENS - ok
23:56:03.0389 0x2324 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:56:03.0420 0x2324 SensrSvc - ok
23:56:03.0420 0x2324 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:56:03.0435 0x2324 Serenum - ok
23:56:03.0452 0x2324 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:56:03.0483 0x2324 Serial - ok
23:56:03.0483 0x2324 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:56:03.0499 0x2324 sermouse - ok
23:56:03.0514 0x2324 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:56:03.0561 0x2324 SessionEnv - ok
23:56:03.0561 0x2324 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:56:03.0592 0x2324 sffdisk - ok
23:56:03.0592 0x2324 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:56:03.0608 0x2324 sffp_mmc - ok
23:56:03.0624 0x2324 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:56:03.0639 0x2324 sffp_sd - ok
23:56:03.0655 0x2324 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:56:03.0670 0x2324 sfloppy - ok
23:56:03.0702 0x2324 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:56:03.0748 0x2324 SharedAccess - ok
23:56:03.0764 0x2324 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:56:03.0811 0x2324 ShellHWDetection - ok
23:56:03.0826 0x2324 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:56:03.0842 0x2324 SiSRaid2 - ok
23:56:03.0858 0x2324 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:56:03.0873 0x2324 SiSRaid4 - ok
23:56:03.0889 0x2324 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:56:03.0904 0x2324 SkypeUpdate - ok
23:56:03.0920 0x2324 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:56:03.0967 0x2324 Smb - ok
23:56:03.0967 0x2324 [ C10B629AD8BD36BF8D376243D509AECA, 4F0972C53C817CB9D09A33D67269E383B64B2DEED00A6EA17DE94241E437C3BF ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
23:56:03.0982 0x2324 SmbDrvI - ok
23:56:03.0998 0x2324 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:56:04.0014 0x2324 SNMPTRAP - ok
23:56:04.0014 0x2324 [ F9369327409492097B0BB7CE86BD29DE, 7E9B7A9659A6971029E491C702C306E2078B8F5547FCF874FDA8BAD5898D5E25 ] Soluto C:\Windows\system32\DRIVERS\Soluto.sys
23:56:04.0045 0x2324 Soluto - ok
23:56:04.0060 0x2324 [ D56C85099CA6D7A5CED861FE920D2DB6, D6D003B660E5F9B2AA5546C96283D76833A6CDD16DEFC46D7225348192F47655 ] SolutoLauncherService C:\Program Files\Soluto\SolutoLauncherService.exe
23:56:04.0060 0x2324 SolutoLauncherService - ok
23:56:04.0138 0x2324 [ 92875E1EE2915A165C5E86089197E94B, 65BCE5670A9A7A98A59F48043AD61475FB85AC7A5DCC72C6DFC12305FC308A53 ] SolutoRemoteService C:\Program Files\Soluto\SolutoRemoteService.exe
23:56:04.0185 0x2324 SolutoRemoteService - detected UnsignedFile.Multi.Generic ( 1 )
23:56:06.0916 0x2324 Detect skipped due to KSN trusted
23:56:06.0916 0x2324 SolutoRemoteService - ok
23:56:06.0947 0x2324 [ 7B35E1FFBF3B3A8763122BC34FEAEA3C, 8E3DCA135759FFD7ED1032CCCE5D562D60E4BDFE6C4C3AEC50F893C2657CC810 ] SolutoService C:\Program Files\Soluto\SolutoService.exe
23:56:06.0979 0x2324 SolutoService - ok
23:56:06.0979 0x2324 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:56:07.0010 0x2324 spldr - ok
23:56:07.0041 0x2324 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:56:07.0057 0x2324 Spooler - ok
23:56:07.0181 0x2324 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:56:07.0306 0x2324 sppsvc - ok
23:56:07.0322 0x2324 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:56:07.0353 0x2324 sppuinotify - ok
23:56:07.0384 0x2324 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:56:07.0415 0x2324 srv - ok
23:56:07.0447 0x2324 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:56:07.0493 0x2324 srv2 - ok
23:56:07.0493 0x2324 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:56:07.0525 0x2324 srvnet - ok
23:56:07.0540 0x2324 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:56:07.0587 0x2324 SSDPSRV - ok
23:56:07.0587 0x2324 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:56:07.0634 0x2324 SstpSvc - ok
23:56:07.0649 0x2324 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:56:07.0665 0x2324 ssudmdm - ok
23:56:07.0696 0x2324 [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
23:56:07.0712 0x2324 STacSV - ok
23:56:07.0712 0x2324 [ C48E0745D33897C7A73394214F2B9B4F, 8E685F0493D3D7377D52D0E5296BA6E9D345E169EB40DAFADFE14432A97CC2AF ] stdflt C:\Windows\system32\DRIVERS\stdflt.sys
23:56:07.0727 0x2324 stdflt - ok
23:56:07.0759 0x2324 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:56:07.0790 0x2324 Steam Client Service - ok
23:56:07.0790 0x2324 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:56:07.0805 0x2324 stexstor - ok
23:56:07.0837 0x2324 [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
23:56:07.0883 0x2324 STHDA - ok
23:56:07.0899 0x2324 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:56:07.0946 0x2324 stisvc - ok
23:56:07.0946 0x2324 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
23:56:07.0961 0x2324 storflt - ok
23:56:07.0977 0x2324 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
23:56:07.0993 0x2324 StorSvc - ok
23:56:07.0993 0x2324 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
23:56:08.0008 0x2324 storvsc - ok
23:56:08.0024 0x2324 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
23:56:08.0039 0x2324 swenum - ok
23:56:08.0071 0x2324 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:56:08.0117 0x2324 swprv - ok
23:56:08.0195 0x2324 [ 8DF6C536ECE3B538978B53C223AB905D, B8889EF319A4CE2875CDCB28782384F97DD00CC61ACE46BBFCD53E23F386DE32 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:56:08.0242 0x2324 SynTP - ok
23:56:08.0289 0x2324 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
23:56:08.0351 0x2324 SysMain - ok
23:56:08.0351 0x2324 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:56:08.0383 0x2324 TabletInputService - ok
23:56:08.0383 0x2324 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
23:56:08.0414 0x2324 tap0901 - ok
23:56:08.0414 0x2324 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:56:08.0461 0x2324 TapiSrv - ok
23:56:08.0476 0x2324 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:56:08.0507 0x2324 TBS - ok
23:56:08.0585 0x2324 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:56:08.0679 0x2324 Tcpip - ok
23:56:08.0757 0x2324 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:56:08.0835 0x2324 TCPIP6 - ok
23:56:08.0851 0x2324 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:56:08.0882 0x2324 tcpipreg - ok
23:56:08.0882 0x2324 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:56:08.0913 0x2324 TDPIPE - ok
23:56:08.0913 0x2324 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:56:08.0929 0x2324 TDTCP - ok
23:56:08.0944 0x2324 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:56:08.0975 0x2324 tdx - ok
23:56:08.0975 0x2324 [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
23:56:08.0991 0x2324 Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
23:56:11.0768 0x2324 Detect skipped due to KSN trusted
23:56:11.0768 0x2324 Te.Service - ok
23:56:11.0783 0x2324 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
23:56:11.0799 0x2324 TermDD - ok
23:56:11.0830 0x2324 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
23:56:11.0877 0x2324 TermService - ok
23:56:11.0893 0x2324 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:56:11.0908 0x2324 Themes - ok
23:56:11.0924 0x2324 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:56:11.0955 0x2324 THREADORDER - ok
23:56:11.0971 0x2324 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:56:12.0017 0x2324 TrkWks - ok
23:56:12.0017 0x2324 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:56:12.0064 0x2324 TrustedInstaller - ok
23:56:12.0064 0x2324 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:56:12.0095 0x2324 tssecsrv - ok
23:56:12.0095 0x2324 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:56:12.0127 0x2324 TsUsbFlt - ok
23:56:12.0127 0x2324 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:56:12.0189 0x2324 tunnel - ok
23:56:12.0189 0x2324 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:56:12.0220 0x2324 uagp35 - ok
23:56:12.0236 0x2324 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:56:12.0298 0x2324 udfs - ok
23:56:12.0298 0x2324 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:56:12.0329 0x2324 UI0Detect - ok
23:56:12.0329 0x2324 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:56:12.0361 0x2324 uliagpkx - ok
23:56:12.0361 0x2324 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:56:12.0376 0x2324 umbus - ok
23:56:12.0392 0x2324 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:56:12.0407 0x2324 UmPass - ok
23:56:12.0423 0x2324 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
23:56:12.0439 0x2324 UmRdpService - ok
23:56:12.0548 0x2324 [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
23:56:12.0610 0x2324 UNS - ok
23:56:12.0626 0x2324 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:56:12.0688 0x2324 upnphost - ok
23:56:12.0688 0x2324 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:56:12.0704 0x2324 USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
23:56:14.0513 0x2290 Object required for P2P: [ 7C03368FBF69FABEC01B036558B5A990 ] RTL8167
23:56:15.0496 0x2324 Detect skipped due to KSN trusted
23:56:15.0496 0x2324 USBAAPL64 - ok
23:56:15.0512 0x2324 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:56:15.0527 0x2324 usbccgp - ok
23:56:15.0543 0x2324 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:56:15.0574 0x2324 usbcir - ok
23:56:15.0574 0x2324 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:56:15.0605 0x2324 usbehci - ok
23:56:15.0621 0x2324 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:56:15.0668 0x2324 usbhub - ok
23:56:15.0668 0x2324 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:56:15.0699 0x2324 usbohci - ok
23:56:15.0699 0x2324 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:56:15.0730 0x2324 usbprint - ok
23:56:15.0730 0x2324 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:56:15.0761 0x2324 usbscan - ok
23:56:15.0761 0x2324 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:56:15.0793 0x2324 USBSTOR - ok
23:56:15.0793 0x2324 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:56:15.0808 0x2324 usbuhci - ok
23:56:15.0824 0x2324 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:56:15.0855 0x2324 usbvideo - ok
23:56:15.0855 0x2324 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:56:15.0902 0x2324 UxSms - ok
23:56:15.0902 0x2324 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
23:56:15.0917 0x2324 VaultSvc - ok
23:56:15.0933 0x2324 [ E64B68D03B521987B867F481BD82B8E5, 06995F004141DCEB7125660B7F09792FEB647EFD12DD99B7BB2767A3D28700E6 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
23:56:15.0964 0x2324 VBoxAswDrv - ok
23:56:15.0964 0x2324 [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone C:\Windows\system32\DRIVERS\VClone.sys
23:56:15.0995 0x2324 VClone - ok
23:56:15.0995 0x2324 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:56:16.0011 0x2324 vdrvroot - ok
23:56:16.0042 0x2324 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:56:16.0105 0x2324 vds - ok
23:56:16.0105 0x2324 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:56:16.0136 0x2324 vga - ok
23:56:16.0136 0x2324 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:56:16.0183 0x2324 VgaSave - ok
23:56:16.0198 0x2324 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:56:16.0229 0x2324 vhdmp - ok
23:56:16.0229 0x2324 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:56:16.0261 0x2324 viaide - ok
23:56:16.0261 0x2324 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
23:56:16.0292 0x2324 vmbus - ok
23:56:16.0307 0x2324 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
23:56:16.0323 0x2324 VMBusHID - ok
23:56:16.0323 0x2324 vmci - ok
23:56:16.0339 0x2324 VMnetAdapter - ok
23:56:16.0339 0x2324 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:56:16.0370 0x2324 volmgr - ok
23:56:16.0370 0x2324 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:56:16.0417 0x2324 volmgrx - ok
23:56:16.0417 0x2324 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:56:16.0463 0x2324 volsnap - ok
23:56:16.0479 0x2324 [ F4942012BCE3A4ED9F43ED0F1BE5F81B, C1013931AF042F733F1427596EDBE0A9635D03B72DA1F77D8612DF6AF202E271 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
23:56:16.0510 0x2324 vpnagent - ok
23:56:16.0510 0x2324 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
23:56:16.0541 0x2324 vpnva - ok
23:56:16.0541 0x2324 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:56:16.0573 0x2324 vsmraid - ok
23:56:16.0651 0x2324 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:56:16.0744 0x2324 VSS - ok
23:56:16.0760 0x2324 [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
23:56:16.0775 0x2324 VSStandardCollectorService140 - ok
23:56:16.0775 0x2324 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:56:16.0807 0x2324 vwifibus - ok
23:56:16.0807 0x2324 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:56:16.0838 0x2324 vwififlt - ok
23:56:16.0838 0x2324 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:56:16.0869 0x2324 vwifimp - ok
23:56:16.0900 0x2324 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:56:16.0947 0x2324 W32Time - ok
23:56:16.0963 0x2324 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:56:16.0978 0x2324 WacomPen - ok
23:56:16.0994 0x2324 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:56:17.0041 0x2324 WANARP - ok
23:56:17.0041 0x2324 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:56:17.0087 0x2324 Wanarpv6 - ok
23:56:17.0134 0x2324 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:56:17.0212 0x2324 wbengine - ok
23:56:17.0212 0x2324 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:56:17.0243 0x2324 WbioSrvc - ok
23:56:17.0275 0x2324 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:56:17.0306 0x2324 wcncsvc - ok
23:56:17.0321 0x2324 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:56:17.0337 0x2324 WcsPlugInService - ok
23:56:17.0337 0x2324 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:56:17.0353 0x2324 Wd - ok
23:56:17.0384 0x2324 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:56:17.0446 0x2324 Wdf01000 - ok
23:56:17.0462 0x2324 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:56:17.0477 0x2324 WdiServiceHost - ok
23:56:17.0477 0x2324 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:56:17.0509 0x2324 WdiSystemHost - ok
23:56:17.0509 0x2324 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
23:56:17.0540 0x2324 WebClient - ok
23:56:17.0555 0x2324 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:56:17.0602 0x2324 Wecsvc - ok
23:56:17.0602 0x2324 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:56:17.0649 0x2324 wercplsupport - ok
23:56:17.0665 0x2324 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:56:17.0696 0x2324 WerSvc - ok
23:56:17.0711 0x2324 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:56:17.0758 0x2324 WfpLwf - ok
23:56:17.0758 0x2324 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:56:17.0774 0x2324 WIMMount - ok
23:56:17.0789 0x2324 WinDefend - ok
23:56:17.0789 0x2324 WinHttpAutoProxySvc - ok
23:56:17.0805 0x2324 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:56:17.0852 0x2324 Winmgmt - ok
23:56:17.0930 0x2324 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
23:56:18.0023 0x2324 WinRM - ok
23:56:18.0039 0x2324 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
23:56:18.0055 0x2324 WinUsb - ok
23:56:18.0101 0x2324 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:56:18.0148 0x2324 Wlansvc - ok
23:56:18.0148 0x2324 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:56:18.0179 0x2324 WmiAcpi - ok
23:56:18.0195 0x2324 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:56:18.0211 0x2324 wmiApSrv - ok
23:56:18.0211 0x2324 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:56:18.0226 0x2324 WPCSvc - ok
23:56:18.0242 0x2324 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:56:18.0257 0x2324 WPDBusEnum - ok
23:56:18.0273 0x2324 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:56:18.0320 0x2324 ws2ifsl - ok
23:56:18.0335 0x2324 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
23:56:18.0351 0x2324 wscsvc - ok
23:56:18.0367 0x2324 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
23:56:18.0382 0x2324 WSDPrintDevice - ok
23:56:18.0398 0x2324 [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
23:56:18.0413 0x2324 WSDScan - ok
23:56:18.0413 0x2324 WSearch - ok
23:56:18.0491 0x2324 [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv C:\Windows\system32\wuaueng.dll
23:56:18.0569 0x2324 wuauserv - ok
23:56:18.0569 0x2324 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:56:18.0601 0x2324 WudfPf - ok
23:56:18.0616 0x2324 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:56:18.0647 0x2324 WUDFRd - ok
23:56:18.0663 0x2324 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:56:18.0679 0x2324 wudfsvc - ok
23:56:18.0694 0x2324 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:56:18.0725 0x2324 WwanSvc - ok
23:56:18.0741 0x2324 ================ Scan global ===============================
23:56:18.0741 0x2324 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:56:18.0757 0x2324 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:56:18.0772 0x2324 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:56:18.0772 0x2324 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:56:18.0803 0x2324 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:56:18.0819 0x2324 [ Global ] - ok
23:56:18.0819 0x2324 ================ Scan MBR ==================================
23:56:18.0819 0x2324 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:56:18.0928 0x2324 \Device\Harddisk0\DR0 - ok
23:56:18.0928 0x2324 ================ Scan VBR ==================================
23:56:18.0928 0x2324 [ 616DB81114702689E56603DB1BF22C26 ] \Device\Harddisk0\DR0\Partition1
23:56:18.0944 0x2324 \Device\Harddisk0\DR0\Partition1 - ok
23:56:18.0944 0x2324 [ 496E492C06E193B7F7B841B7C8E3652D ] \Device\Harddisk0\DR0\Partition2
23:56:18.0944 0x2324 \Device\Harddisk0\DR0\Partition2 - ok
23:56:18.0944 0x2324 [ 76756481C178EDA8C1E9E797435F3C9B ] \Device\Harddisk0\DR0\Partition3
23:56:18.0944 0x2324 \Device\Harddisk0\DR0\Partition3 - ok
23:56:18.0944 0x2324 ================ Scan generic autorun ======================
23:56:18.0975 0x2324 [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
23:56:18.0991 0x2324 SysTrayApp - ok
23:56:19.0006 0x2324 [ 6F4E71A0C3817FC8F36532796632A259, 3BF731130158C1F78DA21D7B8026CBB6EFA0F0F5F8DE4994728CA3D0A06B8819 ] C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe
23:56:19.0022 0x2324 SamsungRapidApp - ok
23:56:19.0084 0x2324 [ 62481AEC780B08A891A7158997887E84, F713C4BD11DC276CD6C27530DC80C4E3E64A4011EC1AA42C0E4FE003E1B54BC6 ] C:\Program Files (x86)\STMicroelectronics\Accelerometer\FF_Protection.exe
23:56:19.0147 0x2324 FreeFallProtection - detected UnsignedFile.Multi.Generic ( 1 )
23:56:29.0224 0x2324 FreeFallProtection ( UnsignedFile.Multi.Generic ) - warning
23:56:34.0559 0x2290 Object send P2P result: false
23:56:49.0239 0x2324 [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
23:56:49.0255 0x2324 iTunesHelper - ok
23:56:49.0426 0x2324 [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
23:56:49.0598 0x2324 AvastUI.exe - ok
23:56:49.0598 0x2324 Sidebar - ok
23:56:49.0613 0x2324 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:56:49.0645 0x2324 mctadmin - ok
23:56:49.0645 0x2324 Sidebar - ok
23:56:49.0660 0x2324 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:56:49.0676 0x2324 mctadmin - ok
23:56:49.0676 0x2324 [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\<user>\AppData\Local\Dropbox\Update\DropboxUpdate.exe
23:56:49.0691 0x2324 Dropbox Update - ok
23:56:49.0691 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:50.0705 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:51.0719 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:52.0733 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:53.0747 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:54.0761 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:55.0775 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:56.0789 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:57.0803 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:58.0817 0x2324 Waiting for KSN requests completion. In queue: 5
23:56:59.0831 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:00.0845 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:01.0859 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:02.0873 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:03.0887 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:04.0901 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:05.0915 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:06.0929 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:07.0943 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:08.0957 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:09.0971 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:10.0985 0x2324 Waiting for KSN requests completion. In queue: 5
23:57:12.0015 0x2324 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
23:57:12.0031 0x2324 Win FW state via NFP2: enabled ( trusted )
23:57:32.0045 0x2324 ============================================================
23:57:32.0045 0x2324 Scan finished
23:57:32.0045 0x2324 ============================================================
23:57:32.0045 0x197c Detected object count: 1
23:57:32.0045 0x197c Actual detected object count: 1
23:57:45.0040 0x197c FreeFallProtection ( UnsignedFile.Multi.Generic ) - skipped by user
23:57:45.0040 0x197c FreeFallProtection ( UnsignedFile.Multi.Generic ) - User select action: Skip
Wie gesagt im Anhang nochmal ein Screenshot des Ressourcenmanagers. Ich komme wie in Post 1 beschrieben auch nicht auf die Auslastung des RAMs, wenn ich die Summe der zugesicherten RAMs überschlage. Liebe Grüße, TheKaltur |
|
23.12.2015, 17:18
| #10 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hi Sandra, habe mir jetzt doch noch mal die Mühe gemacht die Diskrepanz genau auszurechnen: Summe aller zugesicherten Prozess-Speicher in KB: 1163530, d.h. in GB: 1.16 Vom Ressourcenmonitor angezeigte Auslastung in KB: 3160000, d.h. in GB 2.68 Diskrepanz: 1.5 GB Liebe Grüße, TheKaltur |
|
23.12.2015, 21:03
| #11 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hallo, die gefundene Datei ist legitim. Was macht denn dein Arbeitsspeicher im Ressourcenmonitor? Kannst du da nochmal einen Blick drauf werfen? |
|
23.12.2015, 21:12
| #12 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hi Sandra, ich weiß nicht genau, was du meinst, aber das Problem besteht immer noch... Diskrepanz und Auslastung siehe vorherige Posts und Anhang... LG, TheKaltur |
|
27.12.2015, 23:08
| #13 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hallo, entschuldige die leichte Verzögerung, Weihgnachten und so. Wir machen vorsichtshalber nochmal einen Scan mit MBAR, ich sehe aber anhand deiner Logs momentan nicht, woher das Problem kommt, kann aber einen Befall fast ausschliessen. Generell ist Arbeitsspeicher aber schon dazu da, dass er auch verwendet wird. Schritt 1 Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers |
|
28.12.2015, 18:59
| #14 |
| | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Hi Sandra, das hatte ich mir schon fast gedacht  Ich hoffe, du hattest schöne Feiertage mit Freunden und/oder Familie Nachdem ich mbar gestartet habe kam bei mir eine Warnung (s. Anhang), der Scan stürzte jedoch nicht ab und mir wurde angezeigt, dass keine Objekte gefunden wurden. Hier das Logfile: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.28.06
rootkit: v2015.12.26.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18124
<user> :: <user>-PC [administrator]
28.12.2015 18:32:12
mbar-log-2015-12-28 (18-32-12).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 395817
Time elapsed: 13 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Da mir das bisher (in einigen Jahren Benutzung dieses Computers) noch nie passiert ist war mein erster Tipp halt Malware, aber dann kann ich ja zumindest was das angeht beruhigt sein (sollte diese Warnmeldung da nichts bedeuten... ?!?!). Noch einmal vielen Dank für deine Hilfe, TheKaltur |
|
28.12.2015, 23:27
| #15 |
| Ruhe in Frieden † 2019 | Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? Nein, die braucht dich nicht zu beunruhigen. Wieviele RAM-Riegel hast du denn verbaut, manchmal hilft es die mal zu tauschen. (Schwierig bei Laptops) Hast du die Auslagerungsdatei mal vergrößert? Wir machen trotzdem nochmal letzte Scans. Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 Da der Scan mit Eset sehr gründlich ist, kann er unter Umständen mehrere Stunden dauern  ESET Online Scanner
Schritt 3 Starte noch einmal FRST.
|
|
| Themen zu Hohe RAM-Auslastung ohne offene Programme (2,7 GB) - Virus? |
| angeblich, anhang, antivirus, arbeitsspeicher, avast, browser, computer, einzelne, frage, free, gehackt, gen, herausfinden, hohe, installiert, offene, probleme, programme, relativ, screenshot, software, system, virus, virus?, windows, windows 7, woche |
Linear-Darstellung
