Battle Net Account gehackt

marcciboy81 · 27.12.2015, 03:48

Hallo Helfer,
wie der Titel schon sagt wurde mein Battlenet Account letzte Woche gehackt. Ich nutze es nur von meinem Laptop aus also muss der Übeltäter hier liegen. Nun war ich leider auch so "faul" und benutzte für meinen E-Mail Account die gleichen Logindaten wie für den Battle Net Account. Als ich die Tage bei web.de auf die Webseite zu Griff nannte es mir ein letztes einloggen zu einem Zeitpunkt an dem ich es definitiv nicht selber gewesen sein kann. Nun habe ich bedenken das der keylogger oder was auch immer immer noch auf dem Laptop aktiv ist. Avast findet bei Suchlauf keine Bedrohung. log von Malwarebytes liegt bei. Habe jetzt natürlich Angst auf dem Laptop mich irgendwo online einzuloggen weil ich nicht weiss ob das Problem behoben wurde.

Vielen Dank

deeprybka · 27.12.2015, 12:40

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

marcciboy81 · 27.12.2015, 13:46

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015
durchgeführt von Marc (Administrator) auf ALIEN (27-12-2015 03:25:57)
Gestartet von C:\Users\Marc\Desktop
Geladene Profile: Marc (Verfügbare Profile: Marc)
Platform: Windows 10 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.91.145.0\OverwolfHelper64.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Curse) C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\CTJckCfg.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
() C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncService.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDExtHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDAppHost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BDRuntimeHost.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DBRUpdate\DBRUpd.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.91.145.0\OverwolfBrowser.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [12656 2012-07-24] (Alienware)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3945672 2015-07-16] (Synaptics Incorporated)
HKLM\...\Run: [Onboard] => C:\Program Files\Western Digital\WD SmartWare\WDSmartWare.exe [3195248 2015-09-11] (Western Digital Technologies, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Sound Blaster Recon3Di Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe [886272 2012-05-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-11-20] (Apple Inc.)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2249352 2013-06-20] (Microsoft Corp.)
HKLM-x32\...\Run: [AlienwareOn-ScreenDisplay] => C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe [1632592 2013-01-21] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [14688 2015-09-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-09-11] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [icq] => C:\Users\Marc\AppData\Roaming\ICQM\icq.exe [28698984 2013-09-14] (ICQ)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2015-12-16] (Electronic Arts)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2015-12-15] (Overwolf LTD)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50385536 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => Keine Datei
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-09-14] ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{cf55b176-d647-477d-ae1d-cdaef08ea63b}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{f3d44827-e5cb-4b4a-846f-5a145c61b28d}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> {62702207-E0F9-4EAA-B8D6-BBC7CF2FC27B} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> {76ACCF46-6CED-4DC0-951C-1E231A9D5718} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> {82040DE7-880C-450B-9394-4FDB0D90713C} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> {92A5AB75-8E5B-48D4-A958-105F4901DA1E} URL = hxxp://search.gmx.com/web?q={searchTerms}&origin=tb_splugin_ie
SearchScopes: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> {C8E798C4-801B-401F-AC6F-C08C3305A0B5} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> Kein Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  Keine Datei
Toolbar: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-22] (Google Inc.)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://files.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-720720720720} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\etl8t1ji.default-1433977887822
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-20] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2014-11-12] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-29] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-1126503913-4283920827-1050956460-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2013-09-29] (Pando Networks)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2251992 2015-03-27] (Broadcom Corporation.)
S2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173192 2013-06-20] (Microsoft Corp.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-09-13] (Creative Labs) [Datei ist nicht signiert]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-09-13] (Creative Labs) [Datei ist nicht signiert]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [133640 2015-06-12] (Creative Technology Ltd)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [344928 2011-01-28] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2013-10-26] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-20] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5729280 2011-07-21] (Native Instruments GmbH) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-16] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1008880 2015-12-15] (Overwolf LTD)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-07-16] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-09-11] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [307064 2015-09-11] (Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [173312 2015-03-27] (Broadcom Corporation.)
S0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2013-10-26] (Bytemobile, Inc.) [Datei ist nicht signiert]
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1075496 2015-06-12] (Creative Technology Ltd)
R3 dcdbas; C:\Windows\System32\drivers\dcdbas64.sys [38472 2011-02-02] (Dell Inc.)
R3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
R3 DellProf; C:\Windows\system32\drivers\DellProf.sys [23312 2015-02-26] (Dell Computer Corporation)
R3 DellRbtn; C:\Windows\System32\drivers\DellRbtn.sys [10752 2013-01-24] (OSR Open Systems Resources, Inc.)
R0 EMSC; C:\Windows\System32\drivers\EMSC.SYS [17720 2012-07-10] ()
R0 EMSC; C:\Windows\SysWOW64\drivers\EMSC.SYS [15160 2012-07-10] ()
S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [212992 2013-10-26] (Huawei Technologies Co., Ltd.)
S3 kiox_ff_driver; C:\Windows\System32\drivers\kiox_ff_driver.sys [41456 2015-06-15] (Kionix, Inc.)
S3 ks2avs; C:\Windows\System32\Drivers\ks2avs.sys [357968 2011-07-20] (Native Instruments GmbH)
S3 ks2usb_svc; C:\Windows\System32\Drivers\ks2usb.sys [80976 2011-07-20] (Native Instruments GmbH)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-16] (Synaptics Incorporated)
R3 ST_Accel; C:\Windows\system32\DRIVERS\ST_Accel.sys [143592 2015-07-30] (STMicroelectronics)
R1 tcpipBM; C:\WINDOWS\system32\drivers\tcpipBM.sys [39552 2013-10-26] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-27 03:25 - 2015-12-27 03:26 - 00027831 _____ C:\Users\Marc\Desktop\FRST.txt
2015-12-27 03:25 - 2015-12-27 03:25 - 02370560 _____ (Farbar) C:\Users\Marc\Desktop\FRST64.exe
2015-12-27 03:25 - 2015-12-27 03:25 - 00000000 ____D C:\FRST
2015-12-27 02:57 - 2015-12-27 02:57 - 00016148 _____ C:\WINDOWS\system32\ALIEN_Marc_HistoryPrediction.bin
2015-12-27 01:12 - 2015-12-27 01:12 - 00000085 _____ C:\WINDOWS\wininit.ini
2015-12-27 01:02 - 2015-12-27 01:02 - 00001135 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-27 01:02 - 2015-12-27 01:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-27 01:02 - 2015-12-27 01:02 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-27 01:02 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-12-27 01:02 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-12-27 01:02 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-12-27 00:21 - 2015-12-27 00:21 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-27 00:20 - 2015-12-27 01:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-27 00:20 - 2015-12-27 01:12 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-12-27 00:20 - 2015-12-27 00:20 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2015-12-27 00:13 - 2015-12-27 00:13 - 00000000 ___HD C:\OneDriveTemp
2015-12-21 23:49 - 2015-12-21 23:49 - 01466656 _____ C:\Users\Marc\Downloads\HijackThis - CHIP-Installer.exe
2015-12-21 15:28 - 2015-12-21 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-12-21 15:28 - 2015-12-21 15:28 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-12-21 14:57 - 2015-12-27 01:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-12-21 14:56 - 2015-12-21 14:56 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-21 14:52 - 2015-12-21 14:52 - 01466656 _____ C:\Users\Marc\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-12-21 13:20 - 2015-12-21 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-21 01:20 - 2015-12-21 01:20 - 00001385 _____ C:\Users\Marc\Desktop\iTunes.lnk
2015-12-18 00:28 - 2015-12-18 00:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-12-18 00:28 - 2015-12-18 00:28 - 00000000 ____D C:\Program Files\iTunes
2015-12-18 00:28 - 2015-12-18 00:28 - 00000000 ____D C:\Program Files\iPod
2015-12-18 00:28 - 2015-12-18 00:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-12-09 12:38 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 12:38 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 12:38 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 12:38 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 12:38 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 12:38 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 12:38 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 12:38 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 12:38 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 12:38 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 12:38 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 12:38 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 12:38 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 12:38 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 12:38 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 12:38 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 12:38 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 12:38 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 12:38 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 12:38 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 12:38 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 12:38 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 12:38 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 12:38 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 12:38 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 12:38 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 12:38 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 12:38 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 12:38 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 12:38 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 12:38 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 12:38 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 12:38 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 12:38 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 12:38 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 12:38 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 12:38 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 12:38 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 12:38 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 12:38 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 12:38 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 12:38 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 12:38 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 12:38 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 12:38 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 12:38 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 12:38 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 12:38 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 12:38 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 12:38 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 12:38 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 12:38 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 12:38 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 12:38 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 12:38 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 12:38 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 12:38 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 12:38 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 12:38 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 12:38 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 12:38 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 12:38 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 12:38 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 12:38 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 12:38 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 12:38 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 12:38 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 12:38 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 12:38 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 12:38 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 12:38 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 12:38 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 12:38 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 12:38 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 12:38 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 12:38 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 12:38 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 12:38 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 12:38 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 12:38 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-27 03:25 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-27 03:18 - 2013-11-03 01:02 - 00000000 ____D C:\Users\Marc\AppData\Roaming\Skype
2015-12-27 03:13 - 2015-09-18 12:45 - 00000000 ____D C:\Users\Marc\AppData\Local\Deployment
2015-12-27 02:46 - 2014-01-17 14:32 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-27 02:39 - 2014-03-28 00:45 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-27 01:46 - 2014-01-17 14:32 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-27 01:30 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-12-27 00:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-27 00:17 - 2013-09-13 23:32 - 00000000 ____D C:\Program Files (x86)\AlienRespawn
2015-12-27 00:15 - 2013-10-21 00:04 - 00004150 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D6FCCCB2-6D73-46F3-9568-E333F8F4ED3E}
2015-12-27 00:13 - 2014-12-10 12:35 - 00000000 __RDO C:\Users\Marc\SkyDrive
2015-12-27 00:12 - 2013-09-29 12:09 - 00000000 ____D C:\Users\Marc\AppData\Local\Overwolf
2015-12-27 00:12 - 2013-09-14 13:22 - 00000000 ____D C:\ProgramData\Origin
2015-12-27 00:12 - 2013-09-14 12:37 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-26 15:39 - 2014-03-13 13:42 - 00000000 ____D C:\Users\Marc\AppData\Local\Battle.net
2015-12-26 15:05 - 2014-12-05 02:06 - 00000000 ____D C:\Users\Marc\Documents\Assassin's Creed Unity
2015-12-26 15:04 - 2014-03-13 13:42 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-26 15:04 - 2013-09-13 23:32 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-12-25 14:46 - 2015-07-29 12:57 - 00000000 ____D C:\Users\Marc
2015-12-23 14:35 - 2014-01-17 14:32 - 00000000 ____D C:\Users\Marc\AppData\Local\Google
2015-12-23 12:18 - 2013-09-29 12:10 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-12-21 23:45 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-21 15:16 - 2014-07-20 22:32 - 00001103 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-21 15:15 - 2014-08-13 22:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-21 15:11 - 2015-07-29 13:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-21 15:11 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-21 15:11 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-21 15:11 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-21 15:08 - 2015-11-14 01:55 - 00008192 _____ C:\WINDOWS\SysWOW64\WDPABKP.dat
2015-12-21 15:07 - 2015-07-29 12:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-21 15:07 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-21 15:07 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2015-12-21 13:20 - 2014-09-29 23:22 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-21 13:20 - 2014-03-13 12:47 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-21 13:20 - 2014-03-13 12:47 - 00000000 ____D C:\Users\Marc\AppData\Local\Skype
2015-12-21 13:20 - 2013-11-03 01:02 - 00000000 ____D C:\ProgramData\Skype
2015-12-21 13:19 - 2015-07-10 13:20 - 00250632 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-19 02:18 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-18 00:28 - 2014-01-24 14:00 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-12-17 23:04 - 2014-12-19 02:07 - 00000000 ____D C:\Users\Marc\AppData\Local\ElevatedDiagnostics
2015-12-16 23:58 - 2013-09-14 13:22 - 00000000 ____D C:\Program Files (x86)\Origin
2015-12-16 12:15 - 2013-09-14 12:29 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-12-15 02:15 - 2015-09-07 22:14 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-14 02:09 - 2013-10-05 12:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-14 02:09 - 2013-10-05 12:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-14 02:08 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-14 01:54 - 2015-07-29 13:10 - 00002419 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-11 13:35 - 2015-07-29 13:52 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-11 13:32 - 2015-10-30 20:28 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-09 13:56 - 2013-09-26 22:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 13:55 - 2013-10-05 12:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 13:54 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 13:54 - 2013-09-14 13:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 13:52 - 2013-09-14 13:45 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-06 04:18 - 2014-03-13 13:43 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-12-05 01:41 - 2014-01-17 14:32 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 01:41 - 2014-01-17 14:32 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 02:06 - 2013-09-13 19:49 - 00000000 ____D C:\Users\Marc\AppData\Local\Packages
2015-12-01 01:32 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:32 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-30 00:09 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2013-09-15 00:33 - 2013-10-27 01:09 - 0000000 _____ () C:\Users\Marc\AppData\Local\Driver_Jupiter_01Present.flag
2013-09-13 20:19 - 2013-09-15 00:35 - 0000611 _____ () C:\Users\Marc\AppData\Local\killertool.log
2015-07-29 14:02 - 2015-07-29 14:02 - 0000017 _____ () C:\Users\Marc\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-27 00:52

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015
durchgeführt von Marc (2015-12-27 03:26:23)
Gestartet von C:\Users\Marc\Desktop
Windows 10 Pro (X64) (2015-07-29 12:08:49)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1126503913-4283920827-1050956460-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1126503913-4283920827-1050956460-503 - Limited - Disabled)
Gast (S-1-5-21-1126503913-4283920827-1050956460-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1126503913-4283920827-1050956460-1035 - Limited - Enabled)
Marc (S-1-5-21-1126503913-4283920827-1050956460-1001 - Administrator - Enabled) => C:\Users\Marc

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 1.0.0.6 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 1.0.0.6 - Alienware)
Alienware Command Center (HKLM-x32\...\InstallShield_{F5BC7030-7BC1-4D2B-A75C-6528B7AE2A22}) (Version: 2.8.10.0 - Alienware Corp.)
Alienware Command Center (Version: 2.8.10.0 - Alienware Corp.) Hidden
Alienware On-Screen Display (HKLM-x32\...\InstallShield_{0D69462F-99CC-4F8D-942E-666E21CE59F8}) (Version: 0.32.0.7C - )
Alienware On-Screen Display (x32 Version: 0.32.0.7C - ) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.171.0 - Microsoft Corporation)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Curse Client (HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.1.6664.93 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dell System Detect Bootstrapper (HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\8e3135b376bd523e) (Version: 5.1.0.41 - Dell)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.671.10 - Electronic Arts Inc.)
DJI driver version 2.02 (HKLM-x32\...\{EDFDE5EE-84C7-4936-804C-6563943E5754}_is1) (Version: 2.02 - DJI)
DJI Phantom 2 Vision Assistant version 3.2 (HKLM-x32\...\{C607E958-CE1D-478F-B0EB-8A55D2C95563}_is1) (Version: 3.2 - DJI)
DJI Phantom 2 Vision Assistant version 3.4 (HKLM-x32\...\{A9BCE110-26F4-449F-B64F-8878B3061601}_is1) (Version: 3.4 - DJI)
DJI Phantom 2 Vision Assistant version 3.6 (HKLM-x32\...\{610B86FC-5F48-406E-B283-90A8CA0C0EFB}_is1) (Version: 3.6 - DJI)
EMSC (x32 Version: 0.0.0.24C - Compal Electronics, Inc.) Hidden
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.12.925 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.13.925 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.13.925 - DVDVideoSoft Ltd.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
ICQ 8.1 (build 6337) (HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Native Instruments Audio 2 DJ (HKLM-x32\...\Native Instruments Audio 2 DJ) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 10 (HKLM-x32\...\Native Instruments Traktor Audio 10) (Version:  - Native Instruments)
Native Instruments Traktor Audio 2 (HKLM-x32\...\Native Instruments Traktor Audio 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 (HKLM-x32\...\Native Instruments Traktor Audio 6) (Version:  - Native Instruments)
Native Instruments Traktor Kontrol S2 (HKLM-x32\...\Native Instruments Traktor Kontrol S2) (Version:  - Native Instruments)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.2.2730 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.91.145.0 - Overwolf Ltd.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.9200.28132 - Realtek Semiconductor Corp.)
Sharepod 4.0.1.0 (HKLM-x32\...\{085BCFB8-F6FB-4600-AFAB-1F6DBC7F5F99}_is1) (Version:  - Macroplant LLC)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Sound Blaster Recon3Di (HKLM-x32\...\{FEF74F43-9C01-46CC-8A28-43BBBBB8C6B2}) (Version: 1.00.15 - Creative Technology Limited)
Sound Blaster Recon3Di Extras (HKLM-x32\...\{C45E715E-442E-4D82-BD46-A08A0870957C}) (Version: 1.0 - Creative Technology Limited)
ST Microelectronics 3 Axis Digital Accelerometer Solution (HKLM-x32\...\{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}) (Version: 4.12.0028 - ST Microelectronics)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
SyncFileSetup (x86) (x32 Version: 1.1.5731.17046 - Western Digital Technologies, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WD Access (HKLM-x32\...\{b63cacc5-a0ce-427f-88c1-0db455d5ab6c}) (Version: 1.0.5627.18840 - Western Digital Technologies, Inc.)
WD Access (x32 Version: 1.0.5627.18840 - Western Digital Technologies, Inc) Hidden
WD Quick View (HKLM-x32\...\{7D7465FB-EE46-4AAD-9481-82DFDF1C7693}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{105E2364-9169-4141-B42F-43D8F6B136FA}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{30d59263-cfde-4ddb-9021-e280187620b2}) (Version: 2.4.13.7 - Western Digital Technologies, Inc.)
WD Sync (HKLM-x32\...\{d754cb4c-5acb-4fd1-8e64-a3b76455885d}) (Version: 1.1.5731.17046 - Western Digital Technologies, Inc.)
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1900 - Broadcom Corporation)
Winamp (HKLM-x32\...\Winamp) (Version: 5.65  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-Treiberpaket - dji-innovations inc. (usbser) Ports  (12/06/2012 5.1.2600.5512) (HKLM\...\F731C4A8B354FB9B7579C5D98402D2F988E8B95C) (Version: 12/06/2012 5.1.2600.5512 - dji-innovations inc.)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Marc\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0B8FD01C-4CF3-4B28-900E-C1EDDC341B6B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-10-30] (PC-Doctor, Inc.)
Task: {101DC3F6-5517-47F4-9796-D8C6E57A184C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {338E79B5-5352-4C64-8C52-96B935E266CC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {3844CC60-E531-462A-B71E-F863F7DBCEC9} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {5123345D-E8ED-496C-9B6F-1BE62F2B1995} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {591C6F40-9A29-427C-9F3A-E396A93E3408} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5FC93E82-696E-4F16-8BEC-3E6020E877A4} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {61D7635C-1E3C-451B-B6C2-D8F96702A65C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {648F57C4-7375-4269-BB0F-44DEDDC74F16} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-21] (AVAST Software)
Task: {6502ABDB-161D-4432-83BD-AAD07A9FDA7C} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {7C9ED341-6037-45C0-A802-FBF550BEC495} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {7E519A48-1FD3-42A5-B39B-31E98CA2D38D} - System32\Tasks\PCDoctorBackgroundMonitorTask-Retry => C:\Program Files\Alienware\SupportAssist\uaclauncher.exe [2015-10-30] (PC-Doctor, Inc.)
Task: {7E5B34A5-AEA2-4873-B38F-CDFE7FE4571D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8B31E82E-C89E-433F-A460-0743BC1BF1B3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {8BBCD691-B357-4725-942D-37AB16CA1A2C} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Alienware\SupportAssist\sessionchecker.exe [2015-10-30] (PC-Doctor, Inc.)
Task: {A46D7C2B-D3FC-4AB0-817D-E393E54CAB56} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {C29C4DB4-969C-48CC-BE2F-CA0CE31364BC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CCE9FFB0-C90F-4895-B1D5-16C4F5FE8BE1} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {D4684E4B-4649-45BD-925B-08F295B60985} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {DD333136-77F1-44B5-81BE-9B585D923005} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {EF3AC9A9-ABDE-43FD-885A-853D46C86B4A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {F08CFEED-FE3F-4D03-85E1-3B6CF81F7417} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-12-15] (Overwolf LTD)
Task: {F17BF8FA-F804-4EF2-895C-F146748556A1} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FF25987F-35C1-4D2C-BF4E-F51F7DD29C9B} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-29 13:50 - 2015-07-29 13:50 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 23:22 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00344928 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2013-10-26 23:52 - 2013-10-26 23:52 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2015-07-29 12:54 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-30 23:31 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-30 23:31 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-09-30 23:31 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-06-17 22:52 - 2015-06-17 22:52 - 00016384 ____N () C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2013-10-05 23:30 - 2013-10-05 23:30 - 00035840 _____ () C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-06-17 22:52 - 2015-06-17 22:52 - 00099840 ____N () C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2013-01-21 18:28 - 2013-01-21 18:28 - 01632592 _____ () C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
2015-12-09 12:38 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 12:38 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 12:38 - 2015-11-25 05:24 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-09 12:38 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-09-30 23:31 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:43 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-12-09 12:38 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-09-30 23:31 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-09 12:38 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-07-21 00:35 - 2015-07-21 00:35 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-21 00:35 - 2015-07-21 00:35 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-21 13:20 - 2015-12-21 13:20 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122001\algo.dll
2015-12-27 01:05 - 2015-12-27 01:05 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122601\algo.dll
2013-10-26 23:52 - 2013-10-26 23:52 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2013-10-26 23:52 - 2013-10-26 23:52 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2013-10-26 23:52 - 2013-10-26 23:52 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2013-10-26 23:52 - 2013-10-26 23:52 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2013-09-13 19:58 - 2012-07-20 05:34 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-08-21 13:18 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-27 14:11 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-05-21 22:45 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-28 22:22 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-28 22:22 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-28 22:22 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-28 22:22 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-28 22:22 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-27 14:11 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-27 14:11 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2013-09-06 11:55 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-28 22:25 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-04-28 23:23 - 2015-12-16 23:56 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-01-30 03:05 - 2015-12-16 23:56 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2013-08-07 10:31 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-15 14:43 - 2015-12-15 14:43 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.91.145.0\libcef.DLL
2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2009-12-18 10:07 - 2009-12-18 10:07 - 00577536 _____ () C:\Program Files (x86)\Alienware On-Screen Display\EMSC.dll
2015-07-21 00:35 - 2015-07-21 00:35 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\...\dell.com -> dell.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1126503913-4283920827-1050956460-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marc\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6306A7D6-5954-44FB-B60B-D61068879439}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{6CB25822-4FDA-4646-8D99-451AB36E8541}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [UDP Query User{05102703-DEB0-4398-8DD2-A4DFBD8B5F89}E:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{859863BE-54F8-4E7B-98F4-B528FCDABC0B}E:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) E:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{801734A0-E0B4-4AAD-AABC-2158DC437D4E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{D3717CBE-289D-4C0E-8C8C-D940AC25AB51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{9915FC65-E176-472F-88E1-AADFBC59AE1D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{D20C2FBA-88EF-4948-9C9B-0C1624404A4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{76620697-4DBF-4104-B5B2-527FA73F8918}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{256BDCEC-F4FE-4CD6-B6B2-E7433BFC26BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{E9825812-6C78-4705-B7A8-C759D9EEE296}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{4B643CD7-9EBD-4E5B-BD6C-DBDA46411D26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8D308A86-D4F5-4BC4-9B85-DA18F53C4A3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{C652B1D5-3801-484D-9B4E-64D128EF1729}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{63CD3FB6-2804-4F6A-8E79-40400FCE615D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{CF98EB8F-5C10-499D-96B5-E3C2776F62A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{9CBF6BBA-93AC-4CDA-AE29-A3414B164777}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{365EE486-02DD-4B46-8F2D-E3190D07CB89}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9EDE05CC-FDA1-457E-B5CE-3B854694BD42}] => (Allow) E:\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{BF133F1A-2A14-4006-A46A-6FDEC1DDACA4}] => (Allow) E:\games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{8CCC2A03-8065-4299-A0EE-8EE786160E44}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{787705D6-03D0-4668-8948-858C818C3A12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{8D29F787-49DA-4BE5-AC1B-FD50EFE6F82A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{FE1D0E73-4BC6-4D75-A880-7822CF2504EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{723703D2-C6E2-4DD5-A027-07DAA2C2B771}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{09DEE285-4EE2-465A-8F34-78B729A9EB8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{EBDE7892-B94E-489F-87F0-A57CC68986F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{D4599FEC-7F59-4B59-BF47-0A9A8E69C72B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{38742FAE-BE0E-434C-8FFE-7DBC5D3369BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{E898C27D-766E-4547-B8F8-9A30F2FFA7F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [UDP Query User{C2E797F4-80DC-4D5A-8065-F4C767D99962}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [TCP Query User{8062FB82-14D4-40BC-8D1E-0F285FF9B916}C:\programdata\battle.net\agent\agent.3372\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3372\agent.exe
FirewallRules: [{47DC805A-0EA5-4902-A5E8-53D595955895}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{279EAEA1-24AA-47E9-95D1-CE276CC3E450}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{AA1B4F93-3811-45E9-9D0D-D2BDA3AA5685}] => (Allow) E:\games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{999DF0A8-D916-45D0-B374-431950DD052F}] => (Allow) E:\games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{8B469870-635A-4EC4-B044-1B3EF089EEF8}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{C23499B1-0694-477D-843E-47A9F3E571E6}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{8F260895-42B2-434A-B475-2EB20F30797D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{7B495B9A-74C4-4DA1-A00E-3AB774F8040E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{BED88BBA-8D3D-4B60-8063-4AA95D828525}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{7CAB0481-2687-4B8D-AC94-2973AA7AFCB1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{5A7CFA8F-AE64-4BDD-AD3F-E58491682C3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1A42A84C-DD76-45B5-87F4-8EA055AC3DD4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{52293F64-28F0-4C49-BD3C-7DD355190EE9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{1BA01FAC-81F6-4AFE-9F85-967A419EA54E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{B124F545-A576-4361-98FD-37607B83AB3E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{FE18DC09-31C3-450E-A5A4-C381F7B4965D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{D0079A84-0A01-4177-A6A6-F37322F0D78B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{50B81129-FAEC-4D8D-B13D-6F05BE067A6C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{413C8A08-EB51-4684-BAF1-0BEDD69B8593}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{3A1CAD45-1309-49DA-989E-739B705D1297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [UDP Query User{09FA0197-F413-44A0-9A6F-0E852D5F3376}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{1CEAB384-1C69-4681-98DB-38F853374ABC}C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{CEB780B0-5AB1-4222-ACEF-3A28F4A749FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{D9E40803-37B1-4E33-AFF9-4E0D50DF06A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{9948C4ED-0512-4BC5-A127-49FFA8716585}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C8C14AFA-C52A-496D-97BF-D9A6506DFC51}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{F1D801A1-A028-4982-A1C1-60CFF8720EE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{907F6D91-F121-40D1-9C15-B970A9F73479}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{5E2E0A9B-EC99-4ED1-8F1F-104D1EB9801B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{BEFADFC2-05CB-4AB6-9A1B-C36B51BBF181}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{02ADD2C7-F2A1-460A-B4D4-A94C5A590490}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{8D05929F-BDE0-417E-A7C6-1A3530C6DD9E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{591224D8-7C6E-479F-AFD8-DB20056FEBA9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{E6285105-5A16-4CB9-BF6C-4FBC1B0F130F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{1BE2E837-0FCD-44EA-BDC9-7A89A358CCD1}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{E165AEC5-D588-4A1F-AE06-63CE1BFDECEA}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{15AEF715-F824-402D-BA33-90C383D500A0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EC3E37F9-2524-4077-BA43-572DEC8B32F9}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{F31F122B-A2FA-4B57-9CE1-391A866F4D00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7FB3E269-E2C5-40E3-AA94-92A95F4CDAD4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{596DC87E-7AFD-4FC6-8C4B-B56FF46FFD81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{0CA3BCC0-D2F9-472B-88C9-919169E94AF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{B3F2F51C-F457-40C9-8955-5B55CCD5ABDD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{FE60DC97-EF5C-4427-AFCC-FC19D290DD49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{20D62C36-2AD1-48DF-8302-2C54AB61E5BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{9A6094FB-40A7-45A4-BD8E-404097B6A02D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{8568216D-F1D8-412B-A3AD-BA24798E6E9E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C8DC1E72-CAA3-4E53-BF74-DFD13B761B2E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{89B034DD-1B11-429D-A952-09AF5CE71A39}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DDF9FC3E-81C2-4B13-8950-681336810E59}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{D52C04D1-D7A2-44E5-AB5E-23A3085362A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{AAF89AB2-972A-4AF4-872D-FBF28A78B75B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{EEBB25FC-BE1E-43A3-83B7-6E67C605B1C5}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [TCP Query User{BF90877A-4996-4825-8530-33B1382A6FDE}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe
FirewallRules: [{EE6E64EC-D0D4-41D7-B011-0B0E0C8DF3B0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [{5E88A28F-74C5-41FA-AD56-ABA207B0A06B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\f12013\F1_2013.exe
FirewallRules: [UDP Query User{D334C756-92EB-443A-B597-70F73D6E3794}E:\games\ubisoft\assassin's creed iv black flag\ac4bfmp.exe] => (Allow) E:\games\ubisoft\assassin's creed iv black flag\ac4bfmp.exe
FirewallRules: [TCP Query User{8778B842-5288-402F-ABF2-C2BE13013E30}E:\games\ubisoft\assassin's creed iv black flag\ac4bfmp.exe] => (Allow) E:\games\ubisoft\assassin's creed iv black flag\ac4bfmp.exe
FirewallRules: [UDP Query User{11034254-9A37-419D-8362-B0B7FE934185}E:\games\ubisoft\assassin's creed iv black flag\ac4bfsp.exe] => (Allow) E:\games\ubisoft\assassin's creed iv black flag\ac4bfsp.exe
FirewallRules: [TCP Query User{3458D3DE-E9C5-4BB0-A75B-0DD79697128D}E:\games\ubisoft\assassin's creed iv black flag\ac4bfsp.exe] => (Allow) E:\games\ubisoft\assassin's creed iv black flag\ac4bfsp.exe
FirewallRules: [{4EFBCC27-7CFD-4B85-B03F-FE357E97D33A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{D1EFE094-85C4-4A0D-9A51-2BA3FD54B59A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{FCAACD5B-B370-431B-8008-583DEA640EDB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{C85FF39E-E183-4ED9-A7EB-B3C3CF8428FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{ED22E88F-B50C-4697-8B97-816530FB41B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{BAC1C763-6065-4B41-9A44-40E6540D707B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [UDP Query User{52D4C5A3-0F28-4FF0-BCE1-7A27FCE5B7B6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{39B85CF3-965C-4CE4-913C-D5B93FAA8B6B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{39574B8C-2261-48DA-ACAB-9018ACD5A1CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{7F65E8E7-6A83-4183-BF61-8BA6C7680641}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{5D12D77A-F600-41C0-B7F5-691DE6567E61}] => (Allow) C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
FirewallRules: [{0A10324A-BBAC-474B-9DC5-D1CBF7DC2B26}] => (Allow) C:\Users\Marc\AppData\Local\Apps\2.0\G5CJGT65.9HY\114M924Z.AWR\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
FirewallRules: [{19C31885-F3D7-47E1-8913-5FF5A9143D49}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{809FE2A7-650D-47C6-8D94-62BE9B1207EF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{647F8443-A2B2-4A8D-A23C-AFDE5E0D7D5E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BCCC67BF-0CD0-463D-B090-C19E3089C5A3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{42C0CA0E-AB76-4441-AFE3-359E0A00E9B1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{511826F0-99C0-4997-A178-27FB76A5726F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{4C77E98C-C634-44B2-A506-C249DC7919A0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{10A1B4A0-71EA-48AF-B06E-815EE5A59B8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{19F4E005-1E0A-41F1-86CA-78362205C8B3}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{A691AF5D-A59B-4511-9E04-D8592B9DBC21}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{49002BC5-1708-4F2C-9414-DACD0889F62C}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{2CA2165E-3678-45C9-B823-20CE631F8749}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{718B17A2-0245-478C-8DB1-C3B32AA01406}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{0BE2CD5B-992E-4EC6-A887-A95DE9AB4AE1}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{977DDE8E-E0BA-46CB-B8A3-813AB340179E}] => (Allow) C:\Users\Marc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{C39FD6FC-F44D-4062-9DD6-5E72CA5165A8}] => (Allow) C:\Users\Marc\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{908E85F5-B6DC-4940-BB57-1BCFBC0B4A99}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A80193E3-6D98-462C-9AE3-6CB4CFBE8CAF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5361E35B-961E-4D8B-A1BB-E4E53DD8AC7A}] => (Allow) E:\games\Diablo III\Diablo III.exe
FirewallRules: [{D7D95700-A35E-4AC8-92A9-F28A3A6D3E36}] => (Allow) E:\games\Diablo III\Diablo III.exe
FirewallRules: [{3BCB93C4-D204-434B-94D5-C37EE5E83BDD}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{B84DB34C-156A-48D8-9377-6A26F30B6740}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 13\Game\fifa13.exe
FirewallRules: [{F418BFA4-ECE7-4691-A6C9-F5E44C009B0F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{9BFFF256-F260-4C4D-84DD-671A571CB351}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{455BBE75-47F1-43D2-AF12-2C6934A4BBE7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D3020B05-0B7B-48C9-8B71-E52D08AB8E0D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3D23F84E-16A4-419C-8BB6-CA06CA01CCBE}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{4D438909-60D6-4209-A2A9-B775419BECCF}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{0B673D9D-7379-464A-A96F-2A445D08CC24}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{F1CE4835-7330-4B99-8D44-13C6C7CDFF82}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{A9EF53D6-A34B-4C1F-A520-92BD1A56D8DC}] => (Allow) LPort=58378
FirewallRules: [{0497E7FD-D01C-4808-A20C-972DE3BA3C5E}] => (Allow) LPort=58378
FirewallRules: [{72D0B554-CC49-4DD6-BA0B-51E7525DB1A7}] => (Allow) LPort=58378
FirewallRules: [{8E1D7A16-17E7-4E2C-848B-3B48E8947376}] => (Allow) LPort=58378
FirewallRules: [{A33F3547-7347-4F78-A053-6479162B9470}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E5652651-B02A-4B5A-822D-6FCAF22642A7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C65E3DB6-8221-46BF-9BE7-A8EA5B9C2922}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2878A895-970C-4803-9111-91FE26D36E09}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1AA42886-54EC-4208-BDC8-4527C179D202}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{315205E5-95C9-4C63-9D00-A7B82F5A72AC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A820F932-23EC-415F-A704-824444EA7373}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1F7F078B-EB78-42EB-91FC-342D4E0F2880}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3598D86F-BA07-4929-9493-32FDD6669C75}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{32E6448E-1900-45BD-83F5-4C63BBDABE97}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1011D1C3-6D73-411A-8981-2A65A9A29EAD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{EE37C6A5-691E-44B1-9395-C7C3F8389D02}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [UDP Query User{893984E6-3D0E-42B6-851C-23DD013AE2AA}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [TCP Query User{F099BF4F-A812-434A-AEE2-BB927D2144E1}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [UDP Query User{EBD6681E-825E-4B1C-B5F5-B0C0F8BC44E4}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => (Allow) C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [{62E008FA-520C-4BD6-9720-C9106786543C}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Wiederherstellungspunkte =========================

09-12-2015 13:50:48 Windows Update
27-12-2015 01:28:36 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/27/2015 01:28:38 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (12/27/2015 01:13:09 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\WINDOWS\system32\esentprf.dll8

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\WINDOWS\system32\mscoree.dll8

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\WINDOWS\system32\wbem\wmiaprpl.dll8

Error: (12/27/2015 01:13:09 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: 

Error: (12/27/2015 01:13:09 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8


Systemfehler:
=============
Error: (12/27/2015 12:15:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/27/2015 12:14:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/27/2015 12:14:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/27/2015 12:13:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/27/2015 12:13:22 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/27/2015 12:12:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SftService erreicht.

Error: (12/26/2015 03:42:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session11 erreicht.

Error: (12/26/2015 03:42:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _Session11 erreicht.

Error: (12/26/2015 03:42:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _Session11" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/26/2015 03:41:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session11" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 12235.28 MB
Verfügbarer physikalischer RAM: 8005.35 MB
Summe virtueller Speicher: 14091.28 MB
Verfügbarer virtueller Speicher: 8980.97 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:466.78 GB) (Free:266.05 GB) NTFS
Drive e: (Volume) (Fixed) (Total:698.64 GB) (Free:571.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: 81048178)

Partition: GPT.

==================== Ende von Addition.txt ============================

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 21.12.2015
Suchlaufzeit: 14:58
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.21.04
Rootkit-Datenbank: v2015.12.18.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Marc

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 416194
Abgelaufene Zeit: 7 Min., 20 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{3408AC0D-510E-4808-8F7B-6B70B1F88534}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 
PUP.Optional.OutBrowse, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{DCABB943-792E-44C4-9029-ECBEE6265AF9}, In Quarantäne, [5d5b3671414a3df9c25d7bbfbd45e917], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 2
PUP.Optional.OpenCandy, C:\Users\Marc\AppData\Roaming\OpenCandy, In Quarantäne, [c3f5c7e01e6d04328c4f93e3ec16e51b], 
PUP.Optional.OpenCandy, C:\Users\Marc\AppData\Roaming\OpenCandy\D0F52F7303F7470198FB1A578819E4A0, In Quarantäne, [c3f5c7e01e6d04328c4f93e3ec16e51b], 

Dateien: 3
PUP.Optional.OpenCandy, C:\Users\Marc\AppData\Roaming\OpenCandy\D0F52F7303F7470198FB1A578819E4A0\LatestDLMgr.exe, In Quarantäne, [73455a4d800b47ef6c3d270acb360bf5], 
PUP.Optional.OpenCandy, C:\Users\Marc\AppData\Roaming\OpenCandy\D0F52F7303F7470198FB1A578819E4A0\5404.ico, In Quarantäne, [c3f5c7e01e6d04328c4f93e3ec16e51b], 
PUP.Optional.OpenCandy, C:\Users\Marc\AppData\Roaming\OpenCandy\D0F52F7303F7470198FB1A578819E4A0\SetupGolSTEX_p1v0.exe, In Quarantäne, [c3f5c7e01e6d04328c4f93e3ec16e51b], 

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka · 27.12.2015, 13:55

Accounts werden auch durch Phishing oder online gehackt. Da muss nicht immer der PC infiziert sein. Passwörter von einem anderen PC/Handy aus ändern.

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

marcciboy81 · 27.12.2015, 14:44

Was mach ich wenn das logfile zu groß ist?

Ps: Passwörter wurden vom iPad geändert

deeprybka · 27.12.2015, 14:51

Aufteilen oder anhängen...

marcciboy81 · 27.12.2015, 14:57

Code:

ATTFilter

14:21:48.0524 0x33f8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
14:21:48.0524 0x33f8  UEFI system
14:21:51.0787 0x33f8  ============================================================
14:21:51.0787 0x33f8  Current date / time: 2015/12/27 14:21:51.0787
14:21:51.0787 0x33f8  SystemInfo:
14:21:51.0787 0x33f8  
14:21:51.0787 0x33f8  OS Version: 10.0.10240 ServicePack: 0.0
14:21:51.0787 0x33f8  Product type: Workstation
14:21:51.0787 0x33f8  ComputerName: ALIEN
14:21:51.0787 0x33f8  UserName: Marc
14:21:51.0787 0x33f8  Windows directory: C:\WINDOWS
14:21:51.0787 0x33f8  System windows directory: C:\WINDOWS
14:21:51.0787 0x33f8  Running under WOW64
14:21:51.0787 0x33f8  Processor architecture: Intel x64
14:21:51.0787 0x33f8  Number of processors: 8
14:21:51.0787 0x33f8  Page size: 0x1000
14:21:51.0787 0x33f8  Boot type: Normal boot
14:21:51.0787 0x33f8  ============================================================
14:21:51.0959 0x33f8  KLMD registered as C:\WINDOWS\system32\drivers\41044669.sys
14:21:52.0162 0x33f8  System UUID: {9DB86C6F-D813-9D34-2605-39EECF7898D4}
14:21:52.0646 0x33f8  Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:52.0646 0x33f8  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:21:52.0646 0x33f8  ============================================================
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0:
14:21:52.0646 0x33f8  GPT partitions:
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {883448EC-A19B-4C8F-9189-A094DE286CB4}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E8EB6C89-5AFC-430E-8573-EF27BBF6FBDC}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {29A0E44C-828D-4ADB-8796-DBD9DCE29AEA}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {2B057A3E-C94B-42BB-AA9E-4B718EC1DDA1}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x3A58FF8E
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D1D5488E-6C20-4BDF-9064-91B04022DE37}, Name: , StartLBA 0x3A698800, BlocksNum 0x19E000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B16C2B49-6998-4CEC-8B18-AD6E4D66EB71}, Name: , StartLBA 0x3A836800, BlocksNum 0xAF000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {458FB6AC-CCE7-47C1-AB37-49770AD587EE}, Name: Microsoft recovery partition, StartLBA 0x3A8E5800, BlocksNum 0xF3A000
14:21:52.0646 0x33f8  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C521560D-14FA-4DBA-96EF-B86B23CE0AE6}, Name: Microsoft recovery partition, StartLBA 0x3B81F800, BlocksNum 0x1C12B0
14:21:52.0646 0x33f8  MBR partitions:
14:21:52.0646 0x33f8  \Device\Harddisk1\DR1:
14:21:52.0662 0x33f8  GPT partitions:
14:21:52.0662 0x33f8  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D1BC5E51-643B-4FAF-BAEC-B821547378B4}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x57545800
14:21:52.0662 0x33f8  MBR partitions:
14:21:52.0662 0x33f8  ============================================================
14:21:52.0662 0x33f8  C: <-> \Device\Harddisk0\DR0\Partition4
14:21:52.0990 0x33f8  E: <-> \Device\Harddisk1\DR1\Partition1
14:21:52.0990 0x33f8  ============================================================
14:21:52.0990 0x33f8  Initialize success
14:21:52.0990 0x33f8  ============================================================
14:22:40.0079 0x34cc  ============================================================
14:22:40.0079 0x34cc  Scan started
14:22:40.0079 0x34cc  Mode: Manual; SigCheck; TDLFS; 
14:22:40.0079 0x34cc  ============================================================
14:22:40.0079 0x34cc  KSN ping started
14:22:42.0376 0x34cc  KSN ping finished: true
14:22:43.0392 0x34cc  ================ Scan system memory ========================
14:22:43.0392 0x34cc  System memory - ok
14:22:43.0392 0x34cc  ================ Scan services =============================
14:22:43.0431 0x34cc  [ 22CE801AD25C51E2553F41A076BB0CB2, 0520216417F1619FB642734EC937C59D5E79A24306C1E9B793C82FAE077851E6 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:22:43.0483 0x34cc  1394ohci - ok
14:22:43.0492 0x34cc  [ 2C49A2441EBB24C6ACFB524C1459115F, 0ABACB6F21C41C0297994E61F1BFABB3905AF6B569D0446FE8E174EB9225B8EF ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:22:43.0505 0x34cc  3ware - ok
14:22:43.0517 0x34cc  [ B87D3D07FE6F15328C6860D542F0E2BD, 46CF069EDD7DBFB4DB800BABA3081DAB363DD2CFD724AFF5916D3419F62A3574 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:22:43.0539 0x34cc  ACPI - ok
14:22:43.0544 0x34cc  [ 1E3C4EDBB7F3F668B7205E351010BB79, A3CA12F72836C4F77B671264828B370B9EBA9CD71110E2C0514994760B6B12FF ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:22:43.0557 0x34cc  acpiex - ok
14:22:43.0560 0x34cc  [ 13B1C26AEDCB40082CDD97506F968129, 883442206B4C60AA493E84CC3037B6C1568441E1F43D2B1FCBFD8D87D135D511 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:22:43.0566 0x34cc  acpipagr - ok
14:22:43.0566 0x34cc  [ B3D64FF927D611721DA73A61BF3A18B3, 96B51AFDC3078B5088AAF66F0CF3E07D2FCBBC84A19D309A25DF0A5C6CECB958 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:22:43.0582 0x34cc  AcpiPmi - ok
14:22:43.0582 0x34cc  [ 19F793B2203D94AC1F8AEDB08B494E2E, DC98CCF9935E1F1C32FA88575A9A678B74916EFF48E39A64CF1FF92232F64A52 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:22:43.0597 0x34cc  acpitime - ok
14:22:43.0613 0x34cc  [ F54564025D2284AE498E51D7C139F971, AAA48F38B81DB894854E8C84DB2E1F5C8447AA982D27C0BB78FF2786D9F80F83 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:22:43.0628 0x34cc  AdobeFlashPlayerUpdateSvc - ok
14:22:43.0644 0x34cc  [ 2A24E10C1A1DE0E0035E353EED494A1C, CBBFA86578BE74CAADDCA923D65E3BFFC57BC17B887936ADE5C6952530546A22 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:22:43.0675 0x34cc  ADP80XX - ok
14:22:43.0691 0x34cc  [ A3D96563BF46FC8A0E5756B796127D14, BAD3C30714F6514D2AF725077A79FF671CC022E415786E1666C0B7C24CE3670A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:22:43.0722 0x34cc  AFD - ok
14:22:43.0722 0x34cc  [ EF09D07626820F7F89519514C17FE768, C3EC1DC163CD5946270ED876CD414889BBF2C586A8AF5DC7825FA5D77001E827 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
14:22:43.0738 0x34cc  agp440 - ok
14:22:43.0738 0x34cc  [ 8A289EF0721F95267BF2404BABEE146D, E263D258F03DF3BB405D49AE7230C37E7EB8F392FDEE48059C7C1E3709520D35 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:22:43.0753 0x34cc  ahcache - ok
14:22:43.0769 0x34cc  [ C301499987AF909258774AE9DC5778BB, 3ED539C999847116AE9DB9C8C5A34AB09703BAE3018E1EAF6DBC779BB6736F32 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:22:43.0769 0x34cc  AJRouter - ok
14:22:43.0785 0x34cc  [ DD69535D379F9E40AD0D6002887AAA99, 579DD18CE2B264B4058C6069B8AEE6FD9FE6A882B7DA19E300DFE40B37A4E5BE ] ALG             C:\WINDOWS\System32\alg.exe
14:22:43.0800 0x34cc  ALG - ok
14:22:43.0800 0x34cc  [ DF1479D1D9FFA6F2A27C0993B1CC58CF, D6BA13D63AC60CDA702ADEE0AD9040E48F01BA06A6CBF8F9B32CB40B64578A3B ] AlienFusionService C:\Program Files\Alienware\Command Center\AlienFusionService.exe
14:22:43.0800 0x34cc  AlienFusionService - ok
14:22:43.0816 0x34cc  [ 6763084E8322A4876D1613854640F914, 89EEEB47517A9964FA799821E5E45BDD6009EBDC628D6DADE6A7F03DE7CDA6CD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:22:43.0832 0x34cc  AmdK8 - ok
14:22:43.0832 0x34cc  [ DE29D8AB57AD67D4940CAB4A48B3E230, 4E92AFCD9107573DAB8E65AC6318E4B8851DCCBE17E135DFF8CF5733210B52E6 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:22:43.0847 0x34cc  AmdPPM - ok
14:22:43.0847 0x34cc  [ 4C1F9BBAF5CCD76D4642F3B92B97B454, 514CCAA8B586B1019658BE101046386EB727AD48D7913AEF9A168763E91F0DE5 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:22:43.0863 0x34cc  amdsata - ok
14:22:43.0863 0x34cc  [ F8195C1A15955180DD663E7FF4C2F6DD, F3C0C6B38FB9478217EE25EBDBDF7A18F01B97655BC38373E70E71171705D5E9 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:22:43.0878 0x34cc  amdsbs - ok
14:22:43.0894 0x34cc  [ DD2F5BBCFAC4D8E48DB1A95A7EEBFF08, 619E3106072C6F785144D785C4AFB4C607CAF7ED29AAA4A1411BE262E62B7ADE ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:22:43.0894 0x34cc  amdxata - ok
14:22:43.0910 0x34cc  [ 46AAF119090573A80D603745582229ED, 8D7C4AED66DD32A104965DC23D17C0815CD1BE2E3D52375C1A63863664EE174F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:22:43.0910 0x34cc  AppID - ok
14:22:43.0925 0x34cc  [ 24315B385F515D6D5476757EAFD62633, CE645397BF43CC54B864A0E4FCB86F76C10B9C2D2482E85DBBE15EF7BF045F17 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:22:43.0941 0x34cc  AppIDSvc - ok
14:22:43.0941 0x34cc  [ 2CE396457D5C18F034D243EC7E159010, DDF588A568DF5EAE058DF315535BD746760363E2242EF8C705F8DCBA2D5DA4A7 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:22:43.0957 0x34cc  Appinfo - ok
14:22:43.0957 0x34cc  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:22:43.0972 0x34cc  Apple Mobile Device Service - ok
14:22:43.0972 0x34cc  [ 68AF553066C4DAE7D8698322526BDA86, 806A5228D204B18B3B9F88AB87B5918046BE96D1B3AEFEC9331CA7A483547486 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:22:43.0988 0x34cc  AppMgmt - ok
14:22:44.0003 0x34cc  [ A8AC0B8ED134888731D1A1BCEF930FA1, 917D2C99CB28C5F20BA386148B6A93541AEF900A9A99D310D732B501322945E5 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:22:44.0035 0x34cc  AppReadiness - ok
14:22:44.0082 0x34cc  [ D6D96E20079D902243690DCBB007F997, 4E3FAED92F6434D689CCC7AE3A077819BCD2E99D7D2C293563B2E0DCF08CC42F ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:22:44.0144 0x34cc  AppXSvc - ok
14:22:44.0160 0x34cc  [ 0756EECAC010BE449D07502DF27E7701, 6A895CA80050D021DB5E130102F626027339A22673B7C15C51A375C0401F03D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:22:44.0160 0x34cc  arcsas - ok
14:22:44.0175 0x34cc  [ 25863B5A3AC02DD35063D77C1F1415FF, F3F61F83CCF78F2FB3CD3DC66C28C1BE4D6D6F3C7440B6E5F7EEAC3739DB80DD ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
14:22:44.0191 0x34cc  aswHwid - ok
14:22:44.0191 0x34cc  [ 2894AC8C6159201940C8CD5B33CC5203, 4717301395100BD71B49451109AA29A58F702AF1E24C816CE5CC4320B6F3CA67 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
14:22:44.0191 0x34cc  aswMonFlt - ok
14:22:44.0207 0x34cc  [ C384DC3DDF65F3E011DFBDFDB500F89A, 0B15E09AE0DA51000B2AAF5DE6C5BBD7EBE4EB1DACB680A159AD9369CDA6D7D1 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
14:22:44.0207 0x34cc  aswRdr - ok
14:22:44.0207 0x34cc  [ 7F5ADFD9CA8EF06D020273B81BFFD731, 04A47F26DA3E507D9C984D7C737EC29B04AA88F68222FB4538BEA80D4D07D7FB ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
14:22:44.0222 0x34cc  aswRvrt - ok
14:22:44.0238 0x34cc  [ D8AED327929029227447ADA450AA3AE8, B4164430915B3FF58C479CDAC28A87436F8C203D492266C2D96C2872ECD6EE94 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
14:22:44.0269 0x34cc  aswSnx - ok
14:22:44.0269 0x34cc  [ D96A7EE9F5E25A7941F2A2A2BED46339, 7619A7052C33CA47A847ABAE22CD2C6E9EB102B64D212597B926D21C8A038264 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
14:22:44.0285 0x34cc  aswSP - ok
14:22:44.0300 0x34cc  [ 82F2525A22A380AA977428490AA849E3, 457F3D58B23BB61ED1BFA84B4CB2E12EE54C4BA7F9286F952E6632477EE9B548 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
14:22:44.0300 0x34cc  aswStm - ok
14:22:44.0316 0x34cc  [ 2F3F0B08EBF741FE22745BECC794CE34, 969C12129C9C9981BF20656057C05290E050B410E4ECF8405C020F9A23728099 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
14:22:44.0332 0x34cc  aswVmm - ok
14:22:44.0332 0x34cc  [ A5792F971EFE86B7F56EE7299ED1082B, 82DCD15E2C9D8A3EA663941C9CE73020FEEF2F91354D0BB51E8A142AA1E30217 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:22:44.0347 0x34cc  AsyncMac - ok
14:22:44.0347 0x34cc  [ 8921DF6060DB5C7700AA48CB12E9EA08, 8F18841B454CDE4926C50B23F818D00ECE0AE884DB198E396445CB44CB39B2C4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:22:44.0363 0x34cc  atapi - ok
14:22:44.0425 0x34cc  [ 41DFF214D30294F18F64257167F1CCBA, 87BB8BC1AB5EC4F5DAD84CB0B16CDD4634F10DC687264E4C84E47EFEFF4310F6 ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
14:22:44.0550 0x34cc  athr - ok
14:22:44.0550 0x34cc  [ 240FF83DD79546B26F187FAB20F83864, C4DC0159016B4A4630357131E614814C068D07BEA94AAF6393E882A78C9FCA1E ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:22:44.0582 0x34cc  AudioEndpointBuilder - ok
14:22:44.0597 0x34cc  [ 6300722E8527EC54D426FD00EE5196B2, 71376BE797E8F3E2E671167DA400239D5289DE7EE56CF29564C98715B9DB1D09 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:22:44.0628 0x34cc  Audiosrv - ok
14:22:44.0644 0x34cc  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:22:44.0644 0x34cc  avast! Antivirus - ok
14:22:44.0754 0x34cc  [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
14:22:44.0832 0x34cc  AvastVBoxSvc - ok
14:22:44.0847 0x34cc  [ 2F7F80543129210CA75995D0DCA488E8, 353E598FF26FA363C02A2B44BA8D7D1ED97B8AC8C69F1B5C5D521BD0D5D5AB94 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:22:44.0863 0x34cc  AxInstSV - ok
14:22:44.0879 0x34cc  [ 00D64E82900E4EC9062805ED87C2D75A, 577110F9A7C6C2C4CF86FFF4F60E23F61623ED325FC950033900A5102754A677 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:22:44.0894 0x34cc  b06bdrv - ok
14:22:44.0894 0x34cc  [ 5164A66EC1565711A7B4CF2F143B4979, DA29F0FB63F3EB2BF92D51FEB4BB7D2B964553D2F634556325953927464CB3A5 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:22:44.0910 0x34cc  BasicDisplay - ok
14:22:44.0910 0x34cc  [ F4C58BBF2972BD84C73F6A14CA35AC4E, B7A226EB861B63ACF4BF9B5A331ACA6FFC9B787DCCAA7697EEFC4F634508A6D5 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:22:44.0926 0x34cc  BasicRender - ok
14:22:44.0941 0x34cc  [ 6FED40EC0DB11DF1B2AD08621FBDDED6, 06258C9C9B7C231A6900E1E237001A4E5513F74CEA7B4DFAB56490D455AB0549 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
14:22:44.0941 0x34cc  bcbtums - ok
14:22:44.0988 0x34cc  [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
14:22:45.0035 0x34cc  BcmBtRSupport - ok
14:22:45.0035 0x34cc  [ 25349D0B334E528667980948ED107D89, 70EF9D3B8DCAC6E9720C6F3EBC77392FADC182A6925F9024FE30A21321E0137F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:22:45.0051 0x34cc  bcmfn2 - ok
14:22:45.0051 0x34cc  [ DF78B56EEE6004DEE8CE57763128075E, 5758CAF4B0182F3F2E2508B3BB58B0271F2689808D09675B2753FE373D1D77D2 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:22:45.0082 0x34cc  BDESVC - ok
14:22:45.0082 0x34cc  [ 1E8A9267F8886803AAE02982FC1B5BC4, 655DF84E037BD6E582A6BA89737A4388956219171AF7253D126E54A23F16BE59 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:22:45.0097 0x34cc  Beep - ok
14:22:45.0113 0x34cc  [ 7FAFFFC4C59F5010D6E7CEA152076B92, 945FD6C04E109D4E5A4164BAA9A8120EC85AB809555AAD83E61B9F179F976FD7 ] BFE             C:\WINDOWS\System32\bfe.dll
14:22:45.0144 0x34cc  BFE - ok
14:22:45.0144 0x34cc  [ 65608C44E71D7BA056C9EFCD8A00A7FE, A6B581A8354C7E2902AA1FFDD87C9465EFA2CD75A920CE3098E774292E4825CE ] BingDesktopUpdate C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
14:22:45.0160 0x34cc  BingDesktopUpdate - ok
14:22:45.0207 0x34cc  [ BD60F5633F6BD617D9ECCA3FFDC0D37E, 2F0DECAEB7096CD628387263381E123C883F483BD87F7F2BA6DEFBB5A184BAA3 ] BITS            C:\WINDOWS\System32\qmgr.dll
14:22:45.0254 0x34cc  BITS - ok
14:22:45.0254 0x34cc  [ 057F482CFDB57E75202E2E37795F2D3B, EC0B9A058E67F19F9660D899022433BF1AE241CDEB8256A0FC2F54EEEA9BE3A9 ] BMLoad          C:\WINDOWS\system32\drivers\BMLoad.sys
14:22:45.0269 0x34cc  BMLoad - detected UnsignedFile.Multi.Generic ( 1 )
14:22:47.0582 0x1700  Object required for P2P: [ 6300722E8527EC54D426FD00EE5196B2 ] Audiosrv
14:22:47.0613 0x34cc  Detect skipped due to KSN trusted
14:22:47.0613 0x34cc  BMLoad - ok
14:22:47.0644 0x34cc  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:22:47.0660 0x34cc  Bonjour Service - ok
14:22:47.0676 0x34cc  [ C9FD65687EF89715999C582D3E568812, 42BA59A78A47C510CB2AFDC6C6080B33F9F611F84FEE5262DFF16D7633C50EB1 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:22:47.0691 0x34cc  bowser - ok
14:22:47.0707 0x34cc  [ 3A4A543F135DE9A06ABA9DF982D79DD7, ABA165435C27BE15D7EBD3E7D023E295CB7AE2A099DF9E253C78EC45EADD75EA ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:22:47.0723 0x34cc  BrokerInfrastructure - ok
14:22:47.0738 0x34cc  [ 2AAD720B32904B97EDD8C3211344F79E, 41B1AEA5FAA48033B2581E18D68EFC986C3D65B383847E250C054CE3133A893C ] Browser         C:\WINDOWS\System32\browser.dll
14:22:47.0754 0x34cc  Browser - ok
14:22:47.0754 0x34cc  [ F8DD3B0EAC1EF1D087AE47E5819540AC, 866C951B52E3202AC89552AEA72A45123367199335578F03815E2ED55DA2FDAE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:22:47.0770 0x34cc  BthAvrcpTg - ok
14:22:47.0770 0x34cc  [ 74C9D52F3F594529465E18B2BFF80487, F1ECD8B730AD8B90673735FD6D2D9F6F0754F8BAB7135B16A41128145D5F9377 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
14:22:47.0785 0x34cc  BthEnum - ok
14:22:47.0785 0x34cc  [ 647E2A425AD43637EAA01096A58B7089, 8F76D024FEBCBA1AC54363133DE1E0DD5B9D696E5E688EFEBC3B79F7F1B9C568 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:22:47.0801 0x34cc  BthHFEnum - ok
14:22:47.0801 0x34cc  [ B95040CAD3434D9EE003065363A0FAFF, D441E0676EA1AE1ABC305732024311CA59715E6763B3D7ADB728DEEFC403E182 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:22:47.0816 0x34cc  bthhfhid - ok
14:22:47.0832 0x34cc  [ F334BF7B0737CEB3B6822631EAD55A87, 4E5AEB1F8E109BA01A5D1CDE2E3C677FF07F2AFE8B195CB5F82AA28816D2060E ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:22:47.0848 0x34cc  BthHFSrv - ok
14:22:47.0848 0x34cc  [ 986F756D10B5A2B3971A03BD6308B94F, BEDEFD7470155621365439858B35239D4474487873431E67B01A4B7D56E7CE76 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
14:22:47.0879 0x34cc  BthLEEnum - ok
14:22:47.0879 0x34cc  [ 29AEE352AED4FCD2191436D263D75347, 3D21262EA26BF423BFA4A9146E53F8B036B2A1157DBE91A11C5603AF7A670B6F ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:22:47.0895 0x34cc  BTHMODEM - ok
14:22:47.0910 0x34cc  [ FCC211B0F46D831506D0D76539203899, A2609658AE36EB0FE4CFAA00684986193FEACED7BA8D869A9DF8D03312E53169 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
14:22:47.0941 0x34cc  BTHPORT - ok
14:22:47.0941 0x34cc  [ 26DD0127A05B333E36316E6EA9A6AAE2, A2DC4483FF5639EE8DD315AB2989865CA6A6992C578FD7F7D31698A015355941 ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:22:47.0957 0x34cc  bthserv - ok
14:22:47.0973 0x34cc  [ 5866AE46EEF644E6DE5C95942AE419D7, 0726C0845D2BA4247AB26ACF05006F6FA96015158CD49795801BB906DA80C007 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
14:22:47.0973 0x34cc  BTHUSB - ok
14:22:47.0988 0x34cc  [ 8B8B304DF17084338326BC4ACC2716C5, 426D56742D0E3E8471EE28FC5E0158223826770DF5BED88D5863D265A070A45D ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
14:22:48.0004 0x34cc  btwampfl - ok
14:22:48.0004 0x34cc  [ 854AF190F55E6D70EC65A85798F896E2, 6D39F9131BE93F934502BA1DB109E7AD35D3987B636F7B32F9C34823DF25746B ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:22:48.0020 0x34cc  buttonconverter - ok
14:22:48.0035 0x34cc  [ 68BD23A0AD9E934F037A1D8A1929D1E2, 7104B04435930D085D01779065C8F293A265800D90C9DEFB19C998D9326E44E7 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
14:22:48.0066 0x34cc  c2cautoupdatesvc - ok
14:22:48.0098 0x34cc  [ 13297729C696656F990A5DBA53023129, EB2B34B04B79756199DBBBDE99ACBB576D20C7C0AF3E4F3C0CF0040948216AAC ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
14:22:48.0145 0x34cc  c2cpnrsvc - ok
14:22:48.0145 0x34cc  [ A10A1E05A943B10ECE5D57D131B7404D, 71BB816B6841001A4305DF1814926B639265E91895CA5D06284B0970E40CE386 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:22:48.0160 0x34cc  CapImg - ok
14:22:48.0176 0x34cc  [ F2829DC6D292DCAC5029893BB2E9FEE3, AF2A25722D3BE37BABD1F6668786AAF39E9D6CA18CE8E845E63266E218C64526 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:22:48.0176 0x34cc  cdfs - ok
14:22:48.0192 0x34cc  [ F3A9E38AE23AD4015764AF89E4AE3519, 57ED6AC834177E128720FEC5B5793F35C7C36474E2D787F182B6730933222CC9 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:22:48.0207 0x34cc  CDPSvc - ok
14:22:48.0207 0x34cc  [ CA160E02F35A61C6F5C681FB4669C519, E6BC66156EE226F16804C4FDC8A60EB15CE6212EAFB9FB841FAC899979E140E2 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:22:48.0223 0x34cc  cdrom - ok
14:22:48.0238 0x34cc  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:22:48.0254 0x34cc  CertPropSvc - ok
14:22:48.0254 0x34cc  [ 60D7D304DF75DFF6A46CF633F583B592, 4141D8D1C6FE829C02053DA91AC6B0628BDEB3322CAAD4AD958190F9D173340E ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:22:48.0270 0x34cc  circlass - ok
14:22:48.0270 0x34cc  [ FF9D4BCE19E5D36CB3A845A3286DA6C3, A0E2C38D629359EEC6F8EEC6F92A3E571AEF018BAF259F395DC497ED4827460B ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:22:48.0301 0x34cc  CLFS - ok
14:22:48.0301 0x34cc  [ 5C4648673693724C8D4A1A92E1AA06E6, 5D548241715687BFA52E40B867EF73CB45D01B7F9A9B7F00B92BF2B4C97BE1D0 ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:22:48.0332 0x34cc  ClipSVC - ok
14:22:48.0332 0x34cc  [ 8EBA63416EC166EBA6EF6D34A505D8C8, 5EB0236ABEA2277B71D9F009DA71934C618606B20BBEC07B8595195E40C12A2B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:22:48.0348 0x34cc  CmBatt - ok
14:22:48.0363 0x34cc  [ 3B64DA873CEA5BEC42570BFF1054A014, 3649B25855CB9BE5BA3B3FEE4221575381FB2D488B8B050B5DD0088386AA0F7B ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:22:48.0379 0x34cc  CNG - ok
14:22:48.0395 0x34cc  [ 5EEA0856000F81B3D709BC81B3AA1EF2, C04E4E31D3FC38102BA410D312F58AF848920EE37004A5C306D79229C9B6079A ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:22:48.0395 0x34cc  cnghwassist - ok
14:22:48.0410 0x34cc  [ 74CD3BF688E2B408227FE012A2F2D8ED, CC01AC79CEB9DC94FA5675D66F048928C9968B8944E34F5482A73C14B70EE8A8 ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys
14:22:48.0426 0x34cc  CompositeBus - ok
14:22:48.0426 0x34cc  COMSysApp - ok
14:22:48.0442 0x34cc  [ D38774D1D383A2CDB9A4F64B7206913B, 6CDDC46D1D431342F00CA537FC327B23B8AA4D513CEEEE61F3E19C77975DF9C8 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:22:48.0442 0x34cc  condrv - ok
14:22:48.0457 0x34cc  [ 8AFDD74F2DC5BAD9B2215FB19DB65240, A2BDDA4C77C63D3D8E9F1D397D7B41EC1BF093A6399C14D311D4D230B5F1E093 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:22:48.0488 0x34cc  CoreMessagingRegistrar - ok
14:22:48.0488 0x34cc  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
14:22:48.0504 0x34cc  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:22:50.0004 0x1700  Object send P2P result: true
14:22:50.0832 0x34cc  Detect skipped due to KSN trusted
14:22:50.0832 0x34cc  Creative ALchemy AL6 Licensing Service - ok
14:22:50.0848 0x34cc  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
14:22:50.0864 0x34cc  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
14:22:53.0223 0x34cc  Detect skipped due to KSN trusted
14:22:53.0223 0x34cc  Creative Audio Engine Licensing Service - ok
14:22:53.0239 0x34cc  [ 35DB06AACD8AD5999161DA71FF0E16F0, 22AD27811AAD14666ACEF4115447B0CFAA70D1E73923059FB2A9B4C3CBE500A6 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:22:53.0270 0x34cc  CryptSvc - ok
14:22:53.0289 0x34cc  [ 838755238B2BAE5A4802B038443B8A22, 1A89E413C6E5C3E8C2B64F8A1D41271D3FA39BC67291331FEC8DCFD4F8CCE994 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
14:22:53.0315 0x34cc  CSC - ok
14:22:53.0330 0x34cc  [ 7D64B14DAFEBBC19A87EC9D5B862F6AA, BE7510E618566FEA013E2E77CE4C7C160BADE105C493424595A15D0A7F1615CF ] CscService      C:\WINDOWS\System32\cscsvc.dll
14:22:53.0359 0x34cc  CscService - ok
14:22:53.0370 0x34cc  [ EDBA1382E5D7D1E71442B43E170CF8D4, 10E7A90FDC8498EBB8043A4B8BAD14104E68EBAE91149C5D1C1660E0D73995C9 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
14:22:53.0386 0x34cc  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
14:22:55.0710 0x34cc  Detect skipped due to KSN trusted
14:22:55.0710 0x34cc  CTAudSvcService - ok
14:22:55.0757 0x34cc  [ 6B0969DB276D1E724E01034CFE070428, BD4C772E247AB259E0AC2BABD540BDA512A3763AF87219CBD425842692DE9FD3 ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
14:22:55.0773 0x34cc  cthda - ok
14:22:55.0788 0x34cc  [ 253E979FB20A1A5C63E87E9E98845811, 6851455041FC63BBA1CAC709C9BCA5A68BACEAF43FB3E118829CA60180622FEC ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
14:22:55.0804 0x34cc  CtHdaSvc - ok
14:22:55.0804 0x34cc  [ F038EAF73AAB72A4A89185A5A7B9FD75, 8213A60B3BEAFC1C554C5D049DFE3C6E44CEFE639EDD6A335AC18A9DAEDA2D4B ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:22:55.0827 0x34cc  dam - ok
14:22:55.0830 0x34cc  [ CE4577325CBC0BE6692EB09C0D778B2D, C9AC112BA1D37F2458063A57C47E849BAEAA9BA44286A45369A0361EE40D029F ] dcdbas          C:\WINDOWS\System32\drivers\dcdbas64.sys
14:22:55.0837 0x34cc  dcdbas - ok
14:22:55.0855 0x34cc  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:22:55.0891 0x34cc  DcomLaunch - ok
14:22:55.0897 0x34cc  [ 0605AB12BF1856DF21AB708F28EA91CF, 3A6A7F8F84044DC1EA490A007E6DBC52203BA237ECF1B845961D9BB95E9BF8C8 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:22:55.0915 0x34cc  DcpSvc - ok
14:22:55.0915 0x34cc  [ B56714DED87E29377F1EE930691DADA2, B3C3BC4F546A786A93823C1471D560BF678A9C95237065E3B99B2B80E6C28131 ] DDDriver        C:\WINDOWS\system32\drivers\DDDriver64Dcsa.sys
14:22:55.0915 0x34cc  DDDriver - ok
14:22:55.0931 0x34cc  [ BABB7BB5AD3CECFF466E6080F43CFC58, 1B8FF66557EC4C749156ED6DACC4D61D5DC4E25DD58F6DB3713C356214B80FDA ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:22:55.0962 0x34cc  defragsvc - ok
14:22:56.0009 0x34cc  [ 013D165C6E3E5ED2BA0E20E4695DB5BF, EFCF3023AF86388DB3D8F696179CAD6B801B8CEDEEF9207967C25F0F39503764 ] DellDataVault   C:\Program Files\Dell\DellDataVault\DellDataVault.exe
14:22:56.0056 0x34cc  DellDataVault - ok
14:22:56.0056 0x34cc  [ 9C2CD6A0D0EEDD4EE72113DA554E374B, 45D76852B60B0D5399865FAE93FA0BE1BB320E0A4902BF58F6E0E43ACC9274FD ] DellDataVaultWiz C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
14:22:56.0071 0x34cc  DellDataVaultWiz - ok
14:22:56.0071 0x34cc  [ 66C87079CFCB61B650086802693114E0, B1EE411DF69BB98D5D9FA2D88C4C9FE1E4877FD8BBF572C3F444C90576ED0724 ] DellProf        C:\WINDOWS\system32\drivers\DellProf.sys
14:22:56.0071 0x34cc  DellProf - ok
14:22:56.0087 0x34cc  [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn        C:\WINDOWS\System32\drivers\DellRbtn.sys
14:22:56.0087 0x34cc  DellRbtn - ok
14:22:56.0102 0x34cc  [ 63C9464B165D31ACC46B6B089AB36B41, DE38DE4E6331D07630B63224F8014C27368C29791EDB58CC5DAE7CBACD37160A ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:22:56.0134 0x34cc  DeviceAssociationService - ok
14:22:56.0134 0x34cc  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:22:56.0149 0x34cc  DeviceInstall - ok
14:22:56.0165 0x34cc  [ CF3895DD260ADE05BC91D8FBE0A82907, D7D8A29E873BE5C3832C9264F0165F6CD50D42ED0E04B0FCF07F054793092334 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:22:56.0165 0x34cc  DevQueryBroker - ok
14:22:56.0181 0x34cc  [ 25435407D97419627F4B10653433BF2B, 5429B0DB7C5302E9A6AF92C046637183D4147D4A206963ABEA3A611214D6AB04 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:22:56.0196 0x34cc  Dfsc - ok
14:22:56.0196 0x34cc  [ E59C209F1F633C1AEAF151B2CA46BBAA, 6A4DA927418B56A228CC8D9DFA3351B2B53A9328F5C56C10F0C7B19974B2ED89 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:22:56.0227 0x34cc  Dhcp - ok
14:22:56.0227 0x34cc  [ 95AA7877FD4161BFBC8493F9279B1901, F6B7DF75D763A89901BD12454BEF92D161B392F721B8568505073929D9F419BD ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:22:56.0243 0x34cc  diagnosticshub.standardcollector.service - ok
14:22:56.0274 0x34cc  [ 58395E37ED838B93A56F1D089C2F53CF, 57D167B58DF5B33F7E2A98E1B8B33C8F076D34CA032D22F050AE6F83A48DC8E6 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:22:56.0306 0x34cc  DiagTrack - ok
14:22:56.0321 0x34cc  [ FDCD449AE9E75D7690593D16ADAF4DB4, 3366C4BDB031EB525F85850E903C46802A2AC762C0772C6F6E543DDA4AF1E9D5 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:22:56.0321 0x34cc  disk - ok
14:22:56.0337 0x34cc  [ 43A1B8B43CA4E213E0FD920F2FD6BCBA, 839C6047FD6EA951538209C30C9D8AE68F9B47A58DA151D071C03408250B0ECD ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:22:56.0352 0x34cc  DmEnrollmentSvc - ok
14:22:56.0352 0x34cc  [ F10A8F6D036CEDD14A5471782C52F041, E0DA3C4F76DBBEAED549375E57819F8825B33A118F7674D417D294054863F648 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:22:56.0368 0x34cc  dmvsc - ok
14:22:56.0368 0x34cc  [ 7228733177F673B4D51BD1AA082D47C1, DBE155CDCFAA7C32407A207F637F252FA0CE30F1DE7E7DBEC42DB37FADB5BFA7 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:22:56.0384 0x34cc  dmwappushservice - ok
14:22:56.0399 0x34cc  [ 592E41B3C11CA12203D3708AD8FC3D37, 6C69D5D603FBF038C069EDDCE29F7C6A60CAAE58B985AB218E1497F2BA934D42 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:22:56.0415 0x34cc  Dnscache - ok
14:22:56.0431 0x34cc  [ 6184C7A2F12625C108AEFD3A43429967, 689153F319BB1013FF60F71317E8380A6945EEE8141EDBDD6B185A966E23BB93 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:22:56.0446 0x34cc  dot3svc - ok
14:22:56.0446 0x34cc  [ A616D8297C1BEA690BBC796736A7A78D, 9365470F4609606410AD79D98E1E77D815DC7C5AA924FB639FCF713EE8EDEA76 ] DPS             C:\WINDOWS\system32\dps.dll
14:22:56.0462 0x34cc  DPS - ok
14:22:56.0462 0x34cc  [ 45771610FF181434073B5A0A00F20F8D, 6A17DB09AA6D021F000F7315317235E1FCF41FD58EA7DF81A7C9F5A6DE999984 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:22:56.0477 0x34cc  drmkaud - ok
14:22:56.0493 0x34cc  [ 00D9A948FB7344C62CEBED88E50EE39A, EF33FE7FB34DE571F3956C1F7AC8EFAA25BFD9F3AFA3ECD25DD34C5890873245 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:22:56.0509 0x34cc  DsmSvc - ok
14:22:56.0509 0x34cc  [ D920A8B070A9BA5C9DEFC3BA7C3883B5, 8EA05CDE58930EB16B4B502561AF2DB5229658FDC1948A9A8F249A7402C21398 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:22:56.0524 0x34cc  DsSvc - ok
14:22:56.0556 0x34cc  [ 89C9C3745F270EF93988DA57BC6AA62B, 947886F3121919427BDCB123C6FC28E29CA73D427E92025E1BEAA743D27306D3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:22:56.0603 0x34cc  DXGKrnl - ok
14:22:56.0618 0x34cc  [ 6E36BDBB46DF7F865D0DD30663AE3891, 98967B01EA450AD4D5FE8085F710359C022D783B839A51BD4A266718156B01EB ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
14:22:56.0634 0x34cc  Eaphost - ok
14:22:56.0681 0x34cc  [ 3070013B01EDA42C7EB67D731340C396, C083CA05650750876E70CB6AB51D5C047C06098C2ED86B083A74C97830247BFC ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:22:56.0759 0x34cc  ebdrv - ok
14:22:56.0774 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] EFS             C:\WINDOWS\System32\lsass.exe
14:22:56.0790 0x34cc  EFS - ok
14:22:56.0790 0x34cc  [ 59EE187E333EE9914DD9BEA5F4E0D85D, E34BB8075E38FC6AEC056323C6E3B5B4E7041EE6F4D51699B706DEEA18BDB911 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:22:56.0806 0x34cc  EhStorClass - ok
14:22:56.0806 0x34cc  [ 9297F1CC486F24BDFD2874156AC5430F, 1AF8689ADE4E658FC9418F7886B6C19F7D005EAB2AEF9B0E14FC81C61A74CECF ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:22:56.0821 0x34cc  EhStorTcgDrv - ok
14:22:56.0821 0x34cc  [ 9E8FF6B95FD420FA9E40BE548E5C8D92, 8825B81418335D03CFAADB792C1466023C459BE489ACACBD6686FFB544F22D30 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:22:56.0837 0x34cc  embeddedmode - ok
14:22:56.0837 0x34cc  [ 391FA1C8854E9539E0180D889020D2DA, 394DAA9AD1C73D317C06882E1C4ECA2FD4E8110999F64D161E271FA91187AC99 ] EMSC            C:\WINDOWS\system32\drivers\EMSC.SYS
14:22:56.0837 0x34cc  EMSC - ok
14:22:56.0853 0x34cc  [ DC2F91EAE9A28FA8C6610A9B7701B70D, 480DB509BF944AAC3617594F1245B4603069DE39186BC1FA7EDB8E0536B05E79 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:22:56.0868 0x34cc  EntAppSvc - ok
14:22:56.0868 0x34cc  [ F7FCCA6300485EF60CEA6D991D6C8C78, 24080D80CF1FD678DF4C9CAE70F65F8D9232F5F6A6F2B73A77B5E3C91E6505F3 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:22:56.0884 0x34cc  ErrDev - ok
14:22:56.0899 0x34cc  [ 2093F65AA84478E28C8E9D05BC413845, 086D4E0D4B993F4041AA8A9DCBEEDB53BD05B88E2BEFB218837FB10FACDF4233 ] EventSystem     C:\WINDOWS\system32\es.dll
14:22:56.0915 0x34cc  EventSystem - ok
14:22:56.0915 0x34cc  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\WINDOWS\System32\drivers\ew_usbenumfilter.sys
14:22:56.0931 0x34cc  ew_usbenumfilter - ok
14:22:56.0946 0x34cc  [ DCCDC3F35F0618692117DF90800A4284, B636B2A39AE89A9C2CDE17EC52DA669DA8AA9E2B04CA5CA19926DA8009655244 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:22:56.0962 0x34cc  exfat - ok
14:22:56.0962 0x34cc  [ 5A1C6AFFF6946C5C21A27AE05084C0D1, 558CB87E596E85182F6976F215EE0E35F57BF901409A2805E6A3C29D8984B048 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:22:56.0978 0x34cc  fastfat - ok
14:22:56.0993 0x34cc  [ 046FC9CF53A91E2FBA498CA7B0C3B028, BCFB06DF53065706DD6287E8C47BF5047F8A1E33981E1881E6ED7510337F5BC8 ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:22:57.0024 0x34cc  Fax - ok
14:22:57.0024 0x34cc  [ 4E4B7D935DBF522B2F23D3573596181D, 9D0EC9F65920EE0FFFB2D49C58E4D5151C8CEEB7AA82543D226E4B84EEE4B3F0 ] fcvsc           C:\WINDOWS\System32\drivers\fcvsc.sys
14:22:57.0040 0x34cc  fcvsc - ok
14:22:57.0040 0x34cc  [ 583EB1C7690E361213BBD0472155128B, 5F5871490A6DAC4A824F4428941AC86FBFA9AA349B99B5D9544E5D62EB459FA8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:22:57.0056 0x34cc  fdc - ok
14:22:57.0056 0x34cc  [ 94B1A46EDD335F0C54C7BDAFC43348E6, 58073D58D0BE7389C2A4736AFE108835E5AE9C9950FF630644F585C99B964043 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:22:57.0071 0x34cc  fdPHost - ok
14:22:57.0087 0x34cc  [ BC855BB7DFE06F27F78E0EB2A8CCB70D, D16C3DAB99C16B077BA5DA5E9E0646B0B9237B00ABAE867D9F81A2D072D583B1 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:22:57.0103 0x34cc  FDResPub - ok
14:22:57.0103 0x34cc  [ F1125F20D56F28DDCD1A6F3E81EB4F5F, A6620ECCB15FAA70E4A43ADA4CE82CF97D708B6FA07F3FAED276359E7F92FD0F ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:22:57.0118 0x34cc  fhsvc - ok
14:22:57.0118 0x34cc  [ CDFD81CACE0E11596A3BB61EC4CF6467, 569FA86A215B054131AA9AFEECFEE7FD7143DCFFE275B84196004AEA538B2476 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:22:57.0134 0x34cc  FileCrypt - ok
14:22:57.0134 0x34cc  [ 3F02FEDAE894CBF4BAADDF8C8E1D53A8, DA32ABB1CDA867B8456C46F8581FA7F3A8D8B89D9F6E7422F51941D5FFA15B13 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:22:57.0149 0x34cc  FileInfo - ok
14:22:57.0149 0x34cc  [ 2824933386E30DE5BA089DF539CE19A3, 7B33E514576C68B444AE99CBA1360EBFAE8A46EEE5C01F4EE4CF471A712AB148 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:22:57.0165 0x34cc  Filetrace - ok
14:22:57.0181 0x34cc  [ 6A598249640F8BEDD79EC73917E1664F, A675238EA19E6632CDEB4EEFF7CF509EAAEF76AD8DFD247664E5607555D9CEE1 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:22:57.0181 0x34cc  flpydisk - ok
14:22:57.0196 0x34cc  [ 44B6A6832134DF651E887E941478CA35, FCF4EB726D00F5A17DD66C81CFDA49427281C94CF9CA2008397D591AEA61AE05 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:22:57.0212 0x34cc  FltMgr - ok
14:22:57.0243 0x34cc  [ C197284A9D565A38497733AF2BDFA111, C6615AF0D366C2DD6D431B073901EED02D49AA3F252230735DBB52A90BCFA833 ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:22:57.0306 0x34cc  FontCache - ok
14:22:57.0306 0x34cc  [ 109AACC7FB0170535F71491F673AFD38, 212B6761ABBAC29993DA0A47C3DDE8074EA9E5A8FFA8FF6EAB95AC69D8FDD5A0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:22:57.0306 0x34cc  FontCache3.0.0.0 - ok
14:22:57.0321 0x34cc  [ 3F3B9E8CECD5604BC7746EF3A852EB67, 51AF62A9563379266C0C873E82F55427900032DFD7AC3EBDCDF77F8F8DE91A5D ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:22:57.0321 0x34cc  FsDepends - ok
14:22:57.0337 0x34cc  [ A60583221C7BB7CEC35C63285A297BE1, 3C842FBEAD1FA2BD8D37B2B0E8EDF77F4F50508C56FB25DFA81DE9679090D51D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:22:57.0337 0x34cc  Fs_Rec - ok
14:22:57.0353 0x34cc  [ 58013A50225174EEF1410E37795D7908, F8E557CA4110ABB203192DEAF59D91A5FEF2A5EA394637276DAB7F4D2E7BFA39 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:22:57.0368 0x34cc  fvevol - ok
14:22:57.0384 0x34cc  [ 0DAAE3EFCE00133AB3E383A36C47CDAF, 9145665F4F0575F951803AAFAA1A7DC0FAA35430CAE7D90E902074D60D6F4C62 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
14:22:57.0384 0x34cc  gagp30kx - ok
14:22:57.0399 0x34cc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:22:57.0399 0x34cc  GEARAspiWDM - ok
14:22:57.0399 0x34cc  [ F59155B95D01C08F9ED774B626B504A1, EF0FCF35AD9CD5E5D695F0C064244D2B327E7FB10FD7CBB0586253EC75562918 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:22:57.0415 0x34cc  gencounter - ok
14:22:57.0415 0x34cc  [ AE24452F55C6F1784CBD7489D0CDDB02, 4E13C51CBF30A8662B1180AC74E968CFC428B6EA7931F09357E7D120063D4823 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:22:57.0431 0x34cc  genericusbfn - ok
14:22:57.0446 0x34cc  [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
14:22:57.0478 0x34cc  GfExperienceService - ok
14:22:57.0478 0x34cc  [ 96F0D3A583A91B634EE2AC2507356EDC, 43D2575F33D28F61C13D2DCF358BFA9DCEAE276C83152DBE7AE2020A66929CD9 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:22:57.0493 0x34cc  GPIOClx0101 - ok
14:22:57.0524 0x34cc  [ E50CE978F571B900D9A7E2F1C5BCC070, EA14873A5F1B700D7CDBE55B9D214DC457262866A90D80B3E8325A8EB7932CE7 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:22:57.0571 0x34cc  gpsvc - ok
14:22:57.0571 0x34cc  [ 7BF844D362EB746BC7A6DC3F57FA3E32, C07007CF6A0A2BA953FC40A5031931131CC953A8CF3B5AFA86C8811F9C4D43C4 ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:22:57.0587 0x34cc  GpuEnergyDrv - ok
14:22:57.0587 0x34cc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:57.0608 0x34cc  gupdate - ok
14:22:57.0612 0x34cc  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:22:57.0620 0x34cc  gupdatem - ok
14:22:57.0626 0x34cc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:22:57.0635 0x34cc  gusvc - ok
14:22:57.0640 0x34cc  [ 27E248CD861AFED4DF0C48F4C853E7F0, 37BEA5E9D8ACAA871A441766B5FDD32A1091C0CB8B34DFA15596AD827C5EF1A4 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:22:57.0653 0x34cc  HDAudBus - ok
14:22:57.0656 0x34cc  [ D5A57EF4822A0388352FFF9F5CD53495, 509F365386859157E9078821FAA56D2A3C0BA296CA129E0D42453428A14687A5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:22:57.0668 0x34cc  HidBatt - ok
14:22:57.0673 0x34cc  [ 39575B53EB80C77FF2A3F1449D00B7F5, 37E66B38BACE00AFEF7093F990A234399D8451A9D2C2C8CBECAB69C664E63EA6 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:22:57.0688 0x34cc  HidBth - ok
14:22:57.0692 0x34cc  [ 35C3B602664116E737FF729F9A7156AD, 7A3C5CAD716E819CC53405971F3ACD135BCF023EC2228C1095E2116BCC384E62 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:22:57.0702 0x34cc  hidi2c - ok
14:22:57.0702 0x34cc  [ C4ABE526BBF2A18E8AF70177FBAD9C6E, 4DA06B563A08AC15D949F4599F73F172B3BFCB5D23B34240D1E2114438A11929 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
14:22:57.0718 0x34cc  hidinterrupt - ok
14:22:57.0718 0x34cc  [ 348416C7D7EB05BC3099FE2F2B27985C, F30E8682E9DD731A1AD7328FB8A48A2BB7D6E52780AE1FDE839D26E84B4FA7B5 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:22:57.0733 0x34cc  HidIr - ok
14:22:57.0733 0x34cc  [ 5576DF399CF2D3B63608F7F282151249, 04939E79B8B8035547CE6FFE9001252CA810BAD46D8DB75FF5C13EB10EEB5C57 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:22:57.0749 0x34cc  hidserv - ok
14:22:57.0749 0x34cc  [ 01F732724AF6EFE69886DA95A4E51820, E048A480F9396418BDE9659596E7EDA5FF97D3CE029D186048609B47575BEAE1 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:22:57.0765 0x34cc  HidUsb - ok
14:22:57.0765 0x34cc  [ 7433A8D28EE11A661C7A45AF28BA7987, 8A73DB423924E84CD3629BF6C7298CD093D2437B73B3F4520D39330923DDA2D6 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:22:57.0780 0x34cc  HomeGroupListener - ok
14:22:57.0796 0x34cc  [ 3FDBFBE5AE639996EB8D482C16BA7EA9, 7E48304818AABB4C5B0CB7FD32D96D6F90F4180AB0F668A2FE653A7097A40673 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:22:57.0827 0x34cc  HomeGroupProvider - ok
14:22:57.0827 0x34cc  [ 3844CE7DD23530CAD59D8CABA57CCB05, A44BB60686A0E98FF370D9DED5B32C3F34F0352ACFA3B3052BA4023922B53DB7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:22:57.0843 0x34cc  HpSAMD - ok
14:22:57.0858 0x34cc  [ CA6EADBB8731CA27BDA4037BF290AC14, 31EC9397D55D4EEC416AD722134E2D6B5D14E46D2150CB94889C4BFDAACBF421 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:22:57.0874 0x34cc  HTTP - ok
14:22:57.0890 0x34cc  [ CBCE5CE65C03E86AAAC565D4D56AF7BB, 5E3B86C8CBBD80B80D7314E6E88378FE2B414936544636C16E9F7DA6264A6709 ] huawei_cdcacm   C:\WINDOWS\system32\DRIVERS\ew_jucdcacm.sys
14:22:57.0905 0x34cc  huawei_cdcacm - ok
14:22:57.0905 0x34cc  [ 1642C62F1FD5E1FF44608283994A7BB8, 4646AA0EF74A2AEE6C17D12206FCFE1E84D6FA712AD95A171F16D11BC9D3F11A ] huawei_enumerator C:\WINDOWS\System32\drivers\ew_jubusenum.sys
14:22:57.0921 0x34cc  huawei_enumerator - ok
14:22:57.0921 0x34cc  [ DF65F49F3A108AB509D675312FC896B8, E88F15DED4346E127F182B3D1DA2D1506998844212940281355C8ED96776141C ] huawei_ext_ctrl C:\WINDOWS\System32\drivers\ew_juextctrl.sys
14:22:57.0937 0x34cc  huawei_ext_ctrl - ok
14:22:57.0937 0x34cc  [ 962032D69A8CA503F030F311CF4487B7, 1E4009A0CA6F73D02171D14FDCC875E5AD36C6CE50F1F1B1642741A0914703EB ] huawei_wwanecm  C:\WINDOWS\system32\DRIVERS\ew_juwwanecm.sys
14:22:57.0952 0x34cc  huawei_wwanecm - ok
14:22:57.0968 0x34cc  HWDeviceService64.exe - ok
14:22:57.0968 0x34cc  [ 8841D927EB1F7FFC8B1805BC0CF190ED, B063E686380EEF582CF736E33751812F0041C593C7F30EE97D13DEDC9B246AB5 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:22:57.0968 0x34cc  hwpolicy - ok
14:22:57.0983 0x34cc  [ 53436C3835E80F4421652A67F44D6313, 8731091945A839713348DF3060A4C96033874E2B3DC7E099BEEC8C65B07F98CF ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:22:57.0983 0x34cc  hyperkbd - ok
14:22:57.0983 0x34cc  [ B2DC6C2F313EBB967B556B4E73A75451, B1816A0AE15705F0325F167EA76166779607D6086EC36A4A960E3BA47B4EBC4B ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
14:22:57.0999 0x34cc  HyperVideo - ok
14:22:58.0015 0x34cc  [ D4CDEE4A62BDFFF6E8558A9552148EA7, 55306786CB45082AE374937EBA256FF9CD640BB2E8C19DC6C704489D4743F5CC ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:22:58.0015 0x34cc  i8042prt - ok
14:22:58.0030 0x34cc  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:22:58.0030 0x34cc  iaLPSSi_GPIO - ok
14:22:58.0030 0x34cc  [ F1DF87463AC308047B089E9F0456B4C8, DFFF3C63D3124C2B879B888104042406FE326D4E7C8C1881A269BD4287B9CD33 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:22:58.0046 0x34cc  iaLPSSi_I2C - ok
14:22:58.0062 0x34cc  [ 9FDD4763A115D04F565C38183DE4646F, A8B0653E7C5F5B3CB2A1B642F502269FB1BB1E35DBB1CBABDBDADF92C9815727 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:22:58.0077 0x34cc  iaStorAV - ok
14:22:58.0093 0x34cc  [ 4E69EE8F8E5DA036535D433C544AF9E2, 2ADE9B97CE1C19FF984D8BB99CF31415872C2D9628864BD78C0E44D21CC94EE3 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:22:58.0108 0x34cc  iaStorV - ok
14:22:58.0124 0x34cc  [ 15C59DF20F74A0C2C764B991FED7F4A5, 6E9804775E815F32A4D73C346E627D64A3096525E78FAE3B6E43CFECAE270428 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
14:22:58.0140 0x34cc  ibbus - ok
14:22:58.0171 0x34cc  [ DEA2F976E7327716AA0038EBF550003A, 5EA4666874F1D03879EA95F28228AC9EA3D7DF0F2E199EEE9B5BC6C81CA290B3 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
14:22:58.0233 0x34cc  IconMan_R - ok
14:22:58.0233 0x34cc  [ 88E6A429944544346EC3AE1FD7D24BCC, B6B8D51E5491C91D2FCDC77C1D82A5168B0C860252208E1B4612D8D5C19401AD ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
14:22:58.0249 0x34cc  icssvc - ok
14:22:58.0249 0x34cc  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
14:22:58.0265 0x34cc  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
14:23:00.0588 0x34cc  Detect skipped due to KSN trusted
14:23:00.0588 0x34cc  IDriverT - ok
14:23:00.0588 0x34cc  IEEtwCollectorService - ok
14:23:00.0620 0x34cc  [ 6F9C31435DD3E3D3BC247212EA144EBF, 05C4A0BD4BABD27783CEFEE6108C1A05911A212189233F09AF1A56BDC60F60F8 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:23:00.0667 0x34cc  IKEEXT - ok
14:23:00.0682 0x34cc  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:23:00.0698 0x34cc  Intel(R) Capability Licensing Service Interface - ok
14:23:00.0698 0x34cc  [ 498759139F71142888CF7EFA1ABE18C8, 9CD0CD748B143F947B4DEDE39344A8C284717CC8AC97E25827EB73CF10831419 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:23:00.0713 0x34cc  intelide - ok
14:23:00.0713 0x34cc  [ DC270DDCDDC2EF65D484A65CC5166222, A88BEAD819ABEFE28B6F9A10586ADCB0EE2A5ED9273F176E9313750609C7892F ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:23:00.0729 0x34cc  intelpep - ok
14:23:00.0739 0x34cc  [ B4D9C777762B1F7356958B9C0AA93BEB, F11B07FE939A107AB4EED4857854DF269C2D86A80C8507C8B1E95F7805975EDB ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:23:00.0753 0x34cc  intelppm - ok
14:23:00.0760 0x34cc  [ 80A3CB16C3ABAB616D33C1D8B2DB0ECE, 7DE3D5445BB1BD4563E1DF81D01366032F28F4AD445FF80D4ED4DE35DD22269A ] Internet Manager. RunOuc C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe
14:23:00.0769 0x34cc  Internet Manager. RunOuc - ok
14:23:00.0772 0x34cc  [ 22BD83268B80A8C89AAC0BDF46E4EB5D, E7DC0C2E4104B51EA545BA8D0CFF11FD6A15BFD8EE16E546E8FC220853402CB3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
14:23:00.0784 0x34cc  IoQos - ok
14:23:00.0788 0x34cc  [ A49E47A6E1429123F46A7CA9C05AEFC1, FFD68CA46DFAA4954FD76145808E2C74BDC34FFD6979BB3FB6A3EE4DC33CDC78 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:23:00.0804 0x34cc  IpFilterDriver - ok
14:23:00.0822 0x34cc  [ 8FBA61B7CB44F136226BE3B346FC6D19, 2190A523AC948B18C2C7B6DC96ABB654DAB471AD5E5E13F79899416E91777AED ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:23:00.0859 0x34cc  iphlpsvc - ok
14:23:00.0864 0x34cc  [ E0C276985AF968CE295B8E09C121321F, 07B54165E80D4254C29A6CF00CC634E70F190EF0EB8EEF73EC14F38B841087A5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:23:00.0877 0x34cc  IPMIDRV - ok
14:23:00.0883 0x34cc  [ 5D3744E6FDEC1A6FB3FA9B1DD4AF0694, 209BE9FC25C8BF8CE058B7E993B6A902B881380DADC69F5208733077DA7F4382 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:23:00.0898 0x34cc  IPNAT - ok
14:23:00.0911 0x34cc  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:23:00.0916 0x34cc  iPod Service - ok
14:23:00.0916 0x34cc  [ B18202D72C0EF4B53CEC6F59E3E1B955, 6DA244E6485372C16CF0B38838DC90B48079A85F5D22B0F2F197C8DA37F0A293 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
14:23:00.0931 0x34cc  IRENUM - ok
14:23:00.0947 0x34cc  [ CD04CBCCCB4C0E4BB06B98E0F45C888A, 106B3E823C188BD14328F2BEA28559D2F637C270064B2FD214522FAC4E616F4C ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:23:00.0947 0x34cc  isapnp - ok
14:23:00.0962 0x34cc  [ 5D90E942C94B20E0F321015C0ABF3EEA, 4110551B172D4A5524DD857D7CB65FAF2594310BE7883D5641BC0DF5EF49C82C ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:23:00.0978 0x34cc  iScsiPrt - ok
14:23:00.0978 0x34cc  [ 3C4002D339491AF73D663FFC7F6E5ECB, 0B53047989BDB781572253BC3AA757912FE54366870C1955E687972CE210C285 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:23:00.0978 0x34cc  jhi_service - ok
14:23:00.0994 0x34cc  [ 4192DFE6CA143C0AD8AF42C51A82BECA, 31FB3A261D0D5241CC87EF7DFF8BFC1A1EACE8CEC42138918EC5958DAEE100CD ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:23:00.0994 0x34cc  kbdclass - ok
14:23:01.0009 0x34cc  [ B63C0DB341DCB46CF7AA259333A737DD, F1B43BA68707F3F99CD31AB2035F5E86CD967AE4E5393928C69861785E960872 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:23:01.0009 0x34cc  kbdhid - ok
14:23:01.0025 0x34cc  [ 53C79A7FABDAAFD11EAB31963FB2CED7, 357418645DDCEFA5546AE78EDCAE86D50928710CA7A3F65F01CF721AADA36623 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
14:23:01.0025 0x34cc  kdnic - ok
14:23:01.0041 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:23:01.0041 0x34cc  KeyIso - ok
14:23:01.0056 0x34cc  [ FF6427DDB7DB186026570BEFF875DAE0, AC3BB5926465229C5F06A11CCB06DB040FCA3AA117B6C6C4C73AC2A4081B5F78 ] kiox_ff_driver  C:\WINDOWS\System32\drivers\kiox_ff_driver.sys
14:23:01.0056 0x34cc  kiox_ff_driver - ok
14:23:01.0072 0x34cc  [ 89F835783BA34CC6FE59DD720E4C4361, 79D718C5BAFAE5AB26E9EE382FDB0BEF3170EE80C939C7B30E719E0B9A34C3C9 ] ks2avs          C:\WINDOWS\System32\Drivers\ks2avs.sys
14:23:01.0087 0x34cc  ks2avs - ok
14:23:01.0087 0x34cc  [ 49B97E4180512C1B6C0E09D7233F0307, 9A9C75265C575E229F230E0D23442EBAB24F7FAF62E7F3F8E8E16C64EA60385A ] ks2usb_svc      C:\WINDOWS\System32\Drivers\ks2usb.sys
14:23:01.0087 0x34cc  ks2usb_svc - ok
14:23:01.0103 0x34cc  [ 1E99B26BDB9B9C9BC775ED4543558560, 890870A6737B4910735D1B23F714AA73FCCD1C131D135FACBA6909F06D31B3FF ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:23:01.0103 0x34cc  KSecDD - ok
14:23:01.0119 0x34cc  [ 6198A79011C67497B324798B3D4272CE, C587F7D86837550D07918F6AACF26BF65EBAF7FF57475DC9196B4D011E83AE47 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:23:01.0119 0x34cc  KSecPkg - ok
14:23:01.0134 0x34cc  [ 503597D9B72DBD9998F722F12A51ACFC, 9B3585282191163AA70243BAD921ED8725A98454E0D3879E0F671E0E4F56AB4F ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:23:01.0134 0x34cc  ksthunk - ok
14:23:01.0150 0x34cc  [ ED5AE20C27F27F293C6C61AEC9881054, 4D5BE394D129BD559B0A9D237F3F59CB3D24C15ABDD97AE2E64931D6B9D14FF1 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:23:01.0166 0x34cc  KtmRm - ok
14:23:01.0181 0x34cc  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\System32\drivers\L1C63x64.sys
14:23:01.0181 0x34cc  L1C - ok
14:23:01.0197 0x34cc  [ C529DA0AD5A21878E318801B024AF8E7, A14E8ADCA33C37B1D256CB4926A19F56D2D19B94EDF314A4ED34A8B5AB62CA5A ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:23:01.0212 0x34cc  LanmanServer - ok
14:23:01.0228 0x34cc  [ D6D9F4CAFD3F1A7E30AD02E508552CD2, F0D225E5951CFE1D8349F634CC91BDD5B3F9DCF6233CCB965E99BFEAFE642265 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:23:01.0244 0x34cc  LanmanWorkstation - ok
14:23:01.0259 0x34cc  [ 24881F16D2829764681F5FAE7B86D7D3, 290348CFAF3165847E4B53965D22E9D417EE20FFD23293B5C1855C57E6328599 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
14:23:01.0259 0x34cc  lfsvc - ok
14:23:01.0275 0x34cc  [ 6ED675774BDC3735AB6DA12D29F825CF, 4317C7CF491F4E806975E7A973CFF11CFEE9E94730DDABCC67C3D693691DDDE5 ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
14:23:01.0291 0x34cc  LicenseManager - ok
14:23:01.0291 0x34cc  [ DB789F57CE94C827FBFF709CA5ABD29E, 4CA4DD079A63649C36F76A31C4081F11F5CF6574AC573B63EF930DB19B1D1C95 ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
14:23:01.0306 0x34cc  lltdio - ok
14:23:01.0306 0x34cc  [ FECBC6C4981772E5D0F517B34A5496EE, 15DB097BFB221B91E580E5CD1DD6B34A9A2C78A1A6FCE4162A855BB4AFE673E9 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:23:01.0337 0x34cc  lltdsvc - ok
14:23:01.0337 0x34cc  [ 24C87BDC66AB192FEB273BEE5FD5AA38, BFAAE1F2450DEBD1A14877C046C6EBA91014DB0B5D0FB95EC14CB714B773B3C0 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:23:01.0353 0x34cc  lmhosts - ok
14:23:01.0353 0x34cc  [ 4269D44BB47A6DA5D80B11F4C8536458, 7A8FFC8F851DD9E5C43986BE0888831CB71D188138DF3CF7F787DADDA70915B0 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:23:01.0369 0x34cc  LMS - ok
14:23:01.0369 0x34cc  [ 3BB39166E446D456C277C17DFEA3DAC6, 1A08E1D017BBCE91E508D876835FA7AD2DA0859A8CFE8F8F31B4F12B48E2573D ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:23:01.0384 0x34cc  LSI_SAS - ok
14:23:01.0384 0x34cc  [ 25CF625E46307A5D6674C8DFA1A289AA, 1D00EB70B6B0157013A7C15EF194F51B8596612066EF31B337D8134D6BD0BBBE ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
14:23:01.0400 0x34cc  LSI_SAS2i - ok
14:23:01.0400 0x34cc  [ 722C52B12EA4C198D56994934C9DDAB6, 5F4AB818251C770821BAF41C19B1C483A31CCC28EB96F2084D4092E33EAF906B ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
14:23:01.0416 0x34cc  LSI_SAS3i - ok
14:23:01.0416 0x34cc  [ 3371FF1D5D745C3306C6A2C4E99C25A9, DD6F0099001501BAEDDF8411FBCD930BD6472662D209199249203CB2FDAA23FB ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:23:01.0431 0x34cc  LSI_SSS - ok
14:23:01.0447 0x34cc  [ E2EEF074F5260378F9AAFBCD592319A3, DC56674A08FA03FA7AF7DD8B3CC55D8324D1CB51546092A990A935FF9AB48A3C ] LSM             C:\WINDOWS\System32\lsm.dll
14:23:01.0478 0x34cc  LSM - ok
14:23:01.0478 0x34cc  [ C692B9C0352315417CF49FFA664957A3, C2D4F9A936B809889F7C51FE48214A1923175913A6C5D0B72D3BA469214B5174 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:23:01.0494 0x34cc  luafv - ok
14:23:01.0494 0x34cc  [ 6A4C75FD28F60062FEA3DF3B15D956C0, 4FC58F3320D33BDACCF759A50C623A3E58E4320749E6691B397DF0C8EAAA8A6F ] MapsBroker      C:\WINDOWS\System32\moshost.dll
14:23:01.0509 0x34cc  MapsBroker - ok
14:23:01.0525 0x34cc  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:23:01.0525 0x34cc  MBAMProtector - ok
14:23:01.0556 0x34cc  [ AB176B9E59C0435499D83047D84EDD59, 85B826A3972CE9AD885313B69B9C60328B850257667D0EB65DDE890D0BB06361 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
14:23:01.0587 0x34cc  MBAMScheduler - ok
14:23:01.0603 0x34cc  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
14:23:01.0634 0x34cc  MBAMService - ok
14:23:01.0634 0x34cc  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
14:23:01.0650 0x34cc  MBAMSwissArmy - ok
14:23:01.0650 0x34cc  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
14:23:01.0666 0x34cc  MBAMWebAccessControl - ok
14:23:01.0666 0x34cc  [ B2ED9A7A5587A128A0EFD0DBE7662E95, 63070AAFD44E3CD2A4B262DF27222B103455A4D8C2E45914502BFA03D84D32C9 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:23:01.0681 0x34cc  megasas - ok
14:23:01.0681 0x34cc  [ 083F71488E6780A67290273180256EA5, 5F43CE66F5A48850BABB70F4D219FDD002F9BC2B2F0E58E66FE2C492AA335E50 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:23:01.0714 0x34cc  megasr - ok
14:23:01.0714 0x34cc  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
14:23:01.0714 0x34cc  MEIx64 - ok
14:23:01.0729 0x34cc  [ 5907A10D46747A2B6DBFD6A198254DC2, 6C283E9DC75C7ABFD270D6FABBF4F54628A1786E7CE2F603BF664CBB9E4FE583 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
14:23:01.0760 0x34cc  mlx4_bus - ok
14:23:01.0760 0x34cc  [ 91ED6F0EDF4158D63C52194F17D4F42E, ACF543978E253650C167C6C370699AEA7340EBCECF7CAB904CBDD334D1BD6928 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
14:23:01.0776 0x34cc  MMCSS - ok
14:23:01.0776 0x34cc  [ 2C4CC9F6ADBED5A6D131FDB97A78FF68, 04DC76E3F0959C0A9B00DF2133B075194FB7DCBD76832B9D25B0E37223D300DC ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:23:01.0792 0x34cc  Modem - ok
14:23:01.0792 0x34cc  [ D8DB13529C8AD6FBAF8E2F382024374F, 13025035C479E2EF76EDCB90D83BE65B4ADD9F7000AD31FEAD628D5DDFE69158 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:23:01.0807 0x34cc  monitor - ok
14:23:01.0807 0x34cc  [ 2DAAF1EE1C30F2FCF59851A64ADA0422, 08CD801E63E2862DE058CD732C3DB3D87B1A2898732365440E3F8919932E96FC ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:23:01.0823 0x34cc  mouclass - ok
14:23:01.0823 0x34cc  [ D30FE074503283829ED194BCAE6239C3, A3A127381ECC798417D01F6B8A1894EED7D71989047BC4D1D74D0E7C8394AD65 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:23:01.0839 0x34cc  mouhid - ok
14:23:01.0839 0x34cc  [ D5EC9413527B286CFEEB0294C53ABB95, B094C611F5A7E33D2F8667B2A4D6260E1D57BD135867F984EE5B674C7EE72B95 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:23:01.0854 0x34cc  mountmgr - ok
14:23:01.0854 0x34cc  [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:23:01.0870 0x34cc  MozillaMaintenance - ok
14:23:01.0870 0x34cc  [ 989A1BBD9C49B107B4A47D06E6827A69, 62D90B22AE13AC84324DFD5FEBA595813AD07469B7FEC41380CE223D93020CCA ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:23:01.0885 0x34cc  mpsdrv - ok
14:23:01.0901 0x34cc  [ A0DBB9386BEA8DA1A159C2A2E07081A3, 9D3F26005A76A72F9512F040D45C16124D17F8C8DA45C51FFAF74F066357D0A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:23:01.0948 0x34cc  MpsSvc - ok
14:23:01.0948 0x34cc  [ C1E74DD1D84861D8F12FF8BC0BA11975, 5912A0455C840F5C8AD6383823C9C7DE6FF8B5CAF1B72EA181864999891EAF30 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:23:01.0964 0x34cc  MRxDAV - ok
14:23:01.0979 0x34cc  [ 1DF2C5FD2710A13B07E663A12F0E0EEA, 8EBCA9269F52A5CF602F5DE2B0C2AB2BFD82F415465DBB74C73D43F321D9FD46 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:23:01.0995 0x34cc  mrxsmb - ok
14:23:01.0995 0x34cc  [ 185932B1149BD707F8A13174CDAB365B, BC26CB10DD6E81A94477564444E91F76D47E685E897BD77B9C1393F0D31AB718 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:23:02.0029 0x34cc  mrxsmb10 - ok
14:23:02.0034 0x34cc  [ 99E24D4DBACBC569833B9A67710D65E7, 93BC765E7B6E19E83AFF783DE8080A80A1D69A406B496F1E36C47AE6E86AFB76 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:23:02.0052 0x34cc  mrxsmb20 - ok
14:23:02.0057 0x34cc  [ 6F8BE4FB6262012E61BBADB5444628DC, E87489207AA48106C08E4BADDD8D66D14BC9DD6AD2A4CDD880BA655932CDDE60 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
14:23:02.0072 0x34cc  MsBridge - ok
14:23:02.0078 0x34cc  [ 283BDF3602F442336DAF242BDD07FB98, 185F046B6AA24FFD1567F00AA70357C82002FF627E329CEF9B926645A6DDB172 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:23:02.0094 0x34cc  MSDTC - ok
14:23:02.0096 0x34cc  [ 7C55F1751CAC199680D4489D1EE46544, 967EC8137D321F6139C3382D19A338FD97A3023EB654747AC57C2008BE4AF677 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:23:02.0096 0x34cc  Msfs - ok
14:23:02.0112 0x34cc  [ 988588C16A53C2581488C15FF18934BF, F021FD31163CB5C7012CF96EF642C5E551708C835039075268F4CBED002D441D ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:23:02.0112 0x34cc  msgpiowin32 - ok
14:23:02.0128 0x34cc  [ 09622DBC24D0178F15DB8461BB6970DF, C0B3F9B2219AAF87E417EE9FF54C64B8AD9944E101EA79B5DC81D99E8C2ECF30 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:23:02.0128 0x34cc  mshidkmdf - ok
14:23:02.0143 0x34cc  [ 34BB07495C0159BE4189841E16F3BC2F, 264B5735D9A68C85BEDE363D4C0AE1FCC381B39EA884B4BAEE185EB8A873184A ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:23:02.0143 0x34cc  mshidumdf - ok
14:23:02.0143 0x34cc  [ 7BF3F0DA362C053918F5F2EC43CE39E2, AA773FA3F83C0C572160D3D0286A697DC628FF4F3655EF21D01C6D1B7BE5DF1C ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:23:02.0159 0x34cc  msisadrv - ok
14:23:02.0159 0x34cc  [ 669DA2006C0B9D882D2014617E1E88F5, 090F558818806CAEF6C81D369F8BFFE4A8240295EF37CAA7102A18F4CD20D868 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:23:02.0175 0x34cc  MSiSCSI - ok
14:23:02.0190 0x34cc  msiserver - ok
14:23:02.0190 0x34cc  [ B2D0FD21FE67D6434769CC6F7A7883CA, B2368BD72952C6EE6DAF1AA006DF575A3019E4721BEFB108D3DF1B9E07B2BC5D ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:23:02.0206 0x34cc  MSKSSRV - ok
14:23:02.0206 0x34cc  [ FB3801F176376286A3F8F20FFB8CDC53, EEF89081665B9BBA93AE9F5912C40C1698E8BA8DBBCCC3BBE0BAB5A86B7E05D4 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
14:23:02.0222 0x34cc  MsLldp - ok
14:23:02.0222 0x34cc  [ 8CBDF0E7A6CD824352F37A682A33DF7E, 4567FF4C73648FF26EA68EAE2B524B767099789086C158875C97768C77B81359 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:23:02.0237 0x34cc  MSPCLOCK - ok
14:23:02.0237 0x34cc  [ 33E5B6261D69ACD4948A5C64B9D8F29F, 1D32340640312372E52E59AFB5DB872E6F9DFE3AC16B56F9D928AE230DA02B8A ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:23:02.0253 0x34cc  MSPQM - ok
14:23:02.0253 0x34cc  [ 557DF8C0DBBBF518AC395C6EB1B179AE, B294B5A7882C0C60D91FB853FC87505B6E7638D25E360FDAE002AEBB714ED471 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:23:02.0268 0x34cc  MsRPC - ok
14:23:02.0284 0x34cc  [ 0A29AFA668F5DD50482A98ECE70C77A7, 4C1F23B062361D97B1C8D864AB227E5F398F774A99B5E60A1149A4F78D5BEC20 ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:23:02.0284 0x34cc  mssmbios - ok
14:23:02.0300 0x34cc  [ 30CE30877FD5BFADE74FA27D7829BF89, B5EA1F8C91E75722DB1E3E2172C8607FEDBF35BDC4141258A3E6D29D8B0E193B ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:23:02.0300 0x34cc  MSTEE - ok
14:23:02.0315 0x34cc  [ 13D88C0B8A2FA001CD72D454955A6974, 19DD5C8BBD07B64F355737436BF702FFC209D84A8855D2224D3377E233D4BB34 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:23:02.0315 0x34cc  MTConfig - ok
14:23:02.0331 0x34cc  [ 00C7F0F06A0A48B9CDB6B3AC3BE288F0, BF469A2DDF495ACB9FEE9063C6680C95BCC8686682C9EDAE6D1893D4058E8AA6 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:23:02.0331 0x34cc  Mup - ok
14:23:02.0347 0x34cc  [ 8E237527CA260C71D39ED4081BDF3419, CA52DD174C756A404B1FAD3F2A70E50085C2820BF12369259F61DA649101A179 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:23:02.0347 0x34cc  mvumis - ok
14:23:02.0362 0x34cc  [ 48D0587A8302FD3302CFE6F59F7345B0, 26D48AF3F7FF4867E179347CD635055DEA9A751C6C61CE2C391A7F74FC0DC1DE ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:23:02.0393 0x34cc  NativeWifiP - ok
14:23:02.0393 0x34cc  [ 11BE8117653C542D264788A700AC5BFE, 87EAAC2DF62BB26619DA72950F5EE41DCA1DBDF93F098647F9D200D588F14003 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:23:02.0409 0x34cc  NcaSvc - ok
14:23:02.0425 0x34cc  [ 286C6276B2BA86F29A0F687D05466277, AC8551536F37717A0ACE4A260F5696D1276F7AC62F669E8F12AA158DD86F71A5 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:23:02.0440 0x34cc  NcbService - ok
14:23:02.0440 0x34cc  [ C55DA734ED2A831E0BACAAFA01CEB7FF, 9D989B03D07BBAD287B317D238691664B0694331D6A69B7A1AA3D8AB7D1323FC ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:23:02.0472 0x34cc  NcdAutoSetup - ok
14:23:02.0472 0x34cc  [ CF8296427834CF8BBB3EE1444C17362D, 6EFBE1F015DFFA0704C66DF5C88089DD5771E1542018E4AE98389CFF3D0B2309 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
14:23:02.0487 0x34cc  ndfltr - ok
14:23:02.0503 0x34cc  [ 616F40B897DA651221F86A1741E9609B, 22D66029726313D92FC8E074BCC51C1E1560CB5FE36DCB735E7E063EA53E299A ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:23:02.0534 0x34cc  NDIS - ok
14:23:02.0534 0x34cc  [ A0719D1EBA971DFC5DF5F7CC010385F8, A982487D3A74E66F3C29AAA5B46CE9A0969F07F267DDEFE58C58573573AB0024 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
14:23:02.0550 0x34cc  NdisCap - ok
14:23:02.0550 0x34cc  [ 0C557932CCCC65AEB37326DD36504527, C0AF3066DEE4BCC32DB30CCC16B7A91442A8383BB36C7C4E3CC0A5EFE0FAAA9B ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:23:02.0581 0x34cc  NdisImPlatform - ok
14:23:02.0581 0x34cc  [ 56F9345D1945826135FBAB7589592B1F, 6BC2A5900076B917823C7392C582A2648D0C8000F2F65D309D5B48E36D4FB4D6 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:23:02.0597 0x34cc  NdisTapi - ok
14:23:02.0597 0x34cc  [ AADFC340939D99E5D756E713E1D452EB, EFEFDBB2188DE82C2C5E67929861B269FD4C127D34D1DE6D0596ABC33E2C2B51 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
14:23:02.0612 0x34cc  Ndisuio - ok
14:23:02.0612 0x34cc  [ 312DFD787D99D3BF1427B0388BC04F71, C082CA1F332AD57FF2100748518D3D7B3D0F1B042F69BD7401C44B77AFE97462 ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:23:02.0628 0x34cc  NdisVirtualBus - ok
14:23:02.0628 0x34cc  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
14:23:02.0643 0x34cc  NdisWan - ok
14:23:02.0659 0x34cc  [ 2103F43E0A1ECFB14B7E1B889F5F24D7, 6A86E854C89E132DBC9183DE2B9464DC592E7492BE267BA02FE4DAFE6FA87528 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:23:02.0675 0x34cc  ndiswanlegacy - ok
14:23:02.0675 0x34cc  [ 6E98F16983C4AE8703FF9F90AB4B31DD, BB8BD5DB4B5FB31F3A257747C27CBEFA4B7837EC5C0CF3D4F408E626E4003F4C ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
14:23:02.0690 0x34cc  ndproxy - ok
14:23:02.0690 0x34cc  [ F1B7CC77F412C8D45B2DDCF76EDA4F9D, 25F2AA76E675D9BCC0B1FD47AFEC6DF2D0B47E7B1C8AF6FB27C1ED2FB902961A ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:23:02.0706 0x34cc  Ndu - ok
14:23:02.0706 0x34cc  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl64.sys
14:23:02.0722 0x34cc  Netaapl - ok
14:23:02.0722 0x34cc  [ 824FDC990A3F79069BE468A132EB6888, D09F7A9EC04E37DA504CE54EEC25C312B407B6A8B214CBB074BEB50DE420F52A ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
14:23:02.0737 0x34cc  NetBIOS - ok
14:23:02.0753 0x34cc  [ F0D791348AD254360CC3C3E501CCB745, E4CAB4D3C2CD3169731283B00DEBFE26438BB66A3F0D78BDB68E876A14FC7070 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:23:02.0768 0x34cc  NetBT - ok
14:23:02.0768 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:23:02.0784 0x34cc  Netlogon - ok
14:23:02.0784 0x34cc  [ 7C8A7380CBE45DFD3DF118D8601499A7, C137280B7696F8CF4258BDC8B241C66BB3AA5708C5410D85255E46C7E8284826 ] Netman          C:\WINDOWS\System32\netman.dll
14:23:02.0815 0x34cc  Netman - ok
14:23:02.0815 0x34cc  [ BBE9D72EFC7BD66B28309C3607683DBA, FC372EFBC650CE0BDB117858D840A1FB361947B1C67D1DD16BABA95D0286856A ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:23:02.0847 0x34cc  netprofm - ok
14:23:02.0862 0x34cc  [ 5D046D71B18BEFB2E4D164C3DEEDD672, 536834D020889973854830919B23DF22CC1B27236AFAEDEBDF42D432CE48FCDE ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
14:23:02.0878 0x34cc  NetSetupSvc - ok
14:23:02.0878 0x34cc  [ FBF2ACE9B10DDE0B4108930D78370E86, 2A4910F071747B786EA49A638B3AAB698DCD0AD7FE702078BA83F85C533A227E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:23:02.0893 0x34cc  NetTcpPortSharing - ok
14:23:02.0893 0x34cc  [ 46E862DA2CF8F351375EF537276B69B5, AC0FE0977E56380849DCE668AC0F5AF183AAB115ED84ADD964E390CC0BEDF6D3 ] netvsc          C:\WINDOWS\System32\drivers\netvsc.sys
14:23:02.0909 0x34cc  netvsc - ok
14:23:02.0925 0x34cc  [ 88CE4AC85F36B6347C1D820FA373B998, E10B5DF8883928A2062FC6180DE4CF0DE33C68622C2E3E4E1AFC56A0682F8E75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
14:23:02.0940 0x34cc  NgcCtnrSvc - ok
14:23:02.0940 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] NgcSvc          C:\WINDOWS\system32\lsass.exe
14:23:02.0956 0x34cc  NgcSvc - ok
14:23:02.0956 0x34cc  [ 531ABFAFAE0AFA2F3E9BBB2C08477ED1, 434C4DAE4BD03F61174CD71F41FF7927769F045ECF841550C29E4E055675423E ] ngvss           C:\WINDOWS\system32\drivers\ngvss.sys
14:23:02.0972 0x34cc  ngvss - ok
14:23:03.0065 0x34cc  [ 65F9E0B3518BAB60BDD7C96D0FBCEB19, 2F9BF220174269A3EBCD16207A5E959C3CC3C65801AB55236CABEAF747ED87FC ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
14:23:03.0229 0x34cc  NIHardwareService - detected UnsignedFile.Multi.Generic ( 1 )
14:23:05.0664 0x34cc  NIHardwareService ( UnsignedFile.Multi.Generic ) - warning
14:23:05.0664 0x34cc  Force sending object to P2P due to detect: NIHardwareService
14:23:08.0102 0x34cc  Object send P2P result: true

marcciboy81 · 27.12.2015, 14:58

Code:

ATTFilter

14:23:10.0493 0x34cc  [ EA1C2DAB8A63712B94897A58557B086C, 98DD7E5C84F3CDF2DAA89484892D6B439F5D14297B5243436925BEEAA0C02EE1 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:23:10.0509 0x34cc  NlaSvc - ok
14:23:10.0524 0x34cc  [ 41557BE174E9EC6AC703A8A4ADBC6650, 8CF6DF3FDC3C7C44B32851538A67BF86A54AB6444A424D7A20B7A9A94B4158D8 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:23:10.0540 0x34cc  Npfs - ok
14:23:10.0540 0x34cc  [ AC3F70FCFBCE97AA2F12BA43EE13B86E, D0AC50FB022C0F3031531CEE210D47FC3244C6FB55FAAD4AAB04081F0A21DAE4 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:23:10.0558 0x34cc  npsvctrig - ok
14:23:10.0562 0x34cc  [ 0AF4872D3D6FD3A030E836DAC2B3EF2D, 03EE7B6FAFC0BB5C26793BC5FF8BD1019AC96B3104688009C1E062C3F4F34D6D ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:23:10.0578 0x34cc  nsi - ok
14:23:10.0581 0x34cc  [ 66A98C407085B8920DF1E6D722F1ADB8, 3FE307E4A9E41B08E0453507E50D6D0C67FA6F4245A863D90181463C749C83B5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:23:10.0594 0x34cc  nsiproxy - ok
14:23:10.0630 0x34cc  [ BA8DC96D1DD7785EB0589CB1777208B7, 09B486A20D9F22FE50CB4FBC0C801609F522FA99F5FBC43107336B7D98457D91 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
14:23:10.0685 0x34cc  NTFS - ok
14:23:10.0690 0x34cc  [ 383E546EF4982262A0EF6CC2B6E9D525, 3C6C90B62E8EB094E6928C388E5081A3F73DF87B0F34F716B72EA7B6EF71FBB7 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:23:10.0701 0x34cc  Null - ok
14:23:10.0707 0x34cc  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
14:23:10.0711 0x34cc  NVHDA - ok
14:23:10.0889 0x34cc  [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
14:23:11.0092 0x34cc  nvlddmkm - ok
14:23:11.0123 0x34cc  [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
14:23:11.0170 0x34cc  NvNetworkService - ok
14:23:11.0170 0x34cc  [ 466F875F1D4C6ABB46AF28007009237C, 26F5A5579737A7CF2267F79DDE5A551149C682D5FD24663B53FCEC5AA6B448CE ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:23:11.0185 0x34cc  nvraid - ok
14:23:11.0185 0x34cc  [ 76F19EAE7A52CBAF7B8EC428BE6E0DA0, CF1E55D92FA32744A20AB75D466A3E05E6FACF4694F9265C41F5C27C1E7243DC ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:23:11.0201 0x34cc  nvstor - ok
14:23:11.0201 0x34cc  [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
14:23:11.0217 0x34cc  NvStreamKms - ok
14:23:11.0560 0x34cc  [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
14:23:11.0889 0x34cc  NvStreamSvc - ok
14:23:11.0904 0x34cc  [ 4398DCC9BA21E1BE911A13BD18C63481, 251DF1EF6101AC071100665686811915C3B306055C3901BDA96F99612FD001B2 ] NvStUSB         C:\WINDOWS\system32\DRIVERS\nvstusb.sys
14:23:11.0920 0x34cc  NvStUSB - ok
14:23:11.0951 0x34cc  [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
14:23:11.0967 0x34cc  nvsvc - ok
14:23:11.0967 0x34cc  [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
14:23:11.0982 0x34cc  nvvad_WaveExtensible - ok
14:23:11.0982 0x34cc  [ 0D0CB77D74B38E0EC62341C19E469D8D, A05D3CC67FEEB2FD219BFAA34BF98CB3F3718042124AF28F0E9FDFB9F132DD76 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
14:23:11.0998 0x34cc  nv_agp - ok
14:23:12.0014 0x34cc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:23:12.0014 0x34cc  odserv - ok
14:23:12.0029 0x34cc  [ EA3FFE8617B9FCA1620AD9876E92F4F1, 68D5143CA71D10A2BB44E29B3C76580596669D0624076BCF6CCBA7AF3140538E ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
14:23:12.0045 0x34cc  OneSyncSvc - ok
14:23:12.0107 0x34cc  [ 40CB809645F1D0A93C535F9B0402F269, E683ED4ED824CE4E49715F23E3D3E8245B398D7A0D279E1F31470B9D7AF7E223 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
14:23:12.0154 0x34cc  Origin Client Service - ok
14:23:12.0154 0x34cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:23:12.0170 0x34cc  ose - ok
14:23:12.0185 0x34cc  [ ADA2B2D72593DC26D70AD9EF7152838E, 37D429E8B85B231764358584B206F3E619D49E5B35543C369EC86B074CE94943 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
14:23:12.0217 0x34cc  OverwolfUpdater - ok
14:23:12.0217 0x34cc  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:23:12.0248 0x34cc  p2pimsvc - ok
14:23:12.0248 0x34cc  [ 3612CE3432E0A2BE0081E6B488ACF84C, F1A641735FD374CA293FB98FADA2C41E2033B17FECCA3B6D225D0E591AFFF413 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:23:12.0279 0x34cc  p2psvc - ok
14:23:12.0279 0x34cc  [ 38F1AE32339731F6E5A7281AE8042545, 308954518C45D29FC199525F0CC7FE4EA805322EC0B871DDDCBEEC15355514C8 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:23:12.0306 0x34cc  Parport - ok
14:23:12.0310 0x34cc  [ 707889D2F95AAE8C9DD254D8767AD908, BE7BD94728D7629F8B7567523FFB42B8979941CEA2EA03E11BFCD51CF119FC27 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:23:12.0322 0x34cc  partmgr - ok
14:23:12.0333 0x34cc  [ A09B0D8F9F0FC17EBCE6481AC9FD5CDF, 8E8D68992D98CF3DBC4B70C7902B3EC28A1E2DA8D4DB38F0AD9D52B1A5A1D40F ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:23:12.0354 0x34cc  PcaSvc - ok
14:23:12.0363 0x34cc  [ 2834089EA4E550FF3B96E61FB4AA34ED, D25DAB47F9778675E984E0738D2014024C2758D52D7E071167A12FF466B7898E ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:23:12.0379 0x34cc  pci - ok
14:23:12.0382 0x34cc  [ 3D587E4295B11B8480F7ACB09A89D718, 8C3BD62B3451E1B2E7197EDAE381785406DF86C03BEEC486602C642FDD37DBC1 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:23:12.0393 0x34cc  pciide - ok
14:23:12.0398 0x34cc  [ B8F07002B5F1DA23CFF979C2806B09F3, AD5C589A02BB8185AA070420BF30E78BC8BE3C6F9B0F66319A8CA05B70A5ED32 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:23:12.0410 0x34cc  pcmcia - ok
14:23:12.0413 0x34cc  [ FF588077D0C6AC2EA3FCBF1903CE08D0, 64BE1646FB6D8CC902B6F386255F7C0420E3C334E14DECD527DD541B43A1DCD6 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:23:12.0424 0x34cc  pcw - ok
14:23:12.0428 0x34cc  [ 70469C8AC4AD367295E70CFDD81B754C, 3EC6FD742C7C60363939E5343477810D751D91D32A2F24285976C08A7C4477AB ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:23:12.0440 0x34cc  pdc - ok
14:23:12.0455 0x34cc  [ 688F47C342E1BBC87A48AB71D316233E, CE99AB67C7E7A11AC69C2F4513AEBDACA385BA7F8CC49BE6313CE04ED404A0E7 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:23:12.0487 0x34cc  PEAUTH - ok
14:23:12.0522 0x34cc  [ 303D2C90139ABFC1D12E279F0F101710, CE02E335A72011004395DC635EB819B3ED8D00041B9C59024DE246366AF00559 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
14:23:12.0581 0x34cc  PeerDistSvc - ok
14:23:12.0581 0x34cc  [ 189265498945593D5256CFF7FEBB9665, 9CB88CC3C726BFE6EDCE8D9E4544306AACD3FB9E969E3A438D9FD533F25C1281 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
14:23:12.0597 0x34cc  percsas2i - ok
14:23:12.0597 0x34cc  [ 9B86965114F6831A5130EFE6657B17D9, 4C5B657DB9A9F96BFD3EAFA756ED60D911EB58857C439F5FA6E495A473ED1145 ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
14:23:12.0612 0x34cc  percsas3i - ok
14:23:12.0628 0x34cc  [ 8A5A52C855FB5BFEF019AE9938AEA8AE, 77CB8A09B209DB5895319BA9D073A67148926E22C47836343050DFC178AFAEEE ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:23:12.0644 0x34cc  PerfHost - ok
14:23:12.0656 0x34cc  [ 839BD56425530973FF3F6F7C0057CD22, 9BADF39BC4628409CFCD5F1300C6040C49B2ED72D0FA389C6BB042E5B17E1A40 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:23:12.0678 0x34cc  PimIndexMaintenanceSvc - ok
14:23:12.0708 0x34cc  [ 82FDEC2A262728F62F2111A84CC04B16, A1FCE38D4F55F10BB9B3BFB7D9E3EF7C27D499D9C8882218C8A9A73487798188 ] pla             C:\WINDOWS\system32\pla.dll
14:23:12.0766 0x34cc  pla - ok
14:23:12.0772 0x34cc  [ 7B3DA16FAA498838BB457E0B7E380EDF, B73DCFFA60886F10765E4B76A58CFF18C08CAFEE620700361FC8FEC7E80B5958 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:23:12.0792 0x34cc  PlugPlay - ok
14:23:12.0796 0x34cc  [ F1E9C35A8DFD4D64382CFB9019A950F9, 24E0381C6909F9876D6DC4697DC6405FE18DF91531891B2CCA6DB0191B9C6DF4 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:23:12.0810 0x34cc  PNRPAutoReg - ok
14:23:12.0818 0x34cc  [ CAFB5A95883158A0579DED2ED5CB0627, B23F7D19142DD3544F96ADB36F152F4EA7F6C524A1281EC26A2B95D7D044822C ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:23:12.0839 0x34cc  PNRPsvc - ok
14:23:12.0848 0x34cc  [ 62C0BD179961132EF2C5B952210C11F5, 2473FBB3619D0DDA229D4BEC30CEFE7497C27ED3844A5B7655F6F2D328FEAF61 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:23:12.0873 0x34cc  PolicyAgent - ok
14:23:12.0879 0x34cc  [ 6390391EDFC43DD11CE9E6AADCAC20EA, C8BC222FFBB9E47489D16BB5248E0E2E594011C46CFF71F5DBCC4D5CC6788098 ] Power           C:\WINDOWS\system32\umpo.dll
14:23:12.0895 0x34cc  Power - ok
14:23:12.0900 0x34cc  [ 1433EB7908E5E1E20FFD50E4126C3484, 34D81680C8F2F2C5892FC0E0A6DFCBB241AFF493267A1FE182ED28AE9F712456 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
14:23:12.0915 0x34cc  PptpMiniport - ok
14:23:12.0967 0x34cc  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:23:13.0061 0x34cc  PrintNotify - ok
14:23:13.0076 0x34cc  [ 22DE54C3974E4FD98F61D095C22C59B7, 64E78D6DEC4A28ABB0A23F2CF078459D81796EC79235AE45976ABB4F72B1D1E6 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:23:13.0076 0x34cc  Processor - ok
14:23:13.0092 0x34cc  [ 8A216BBE091DA0585F6A5E8B65980961, 7A9400AF63D1B906F48C072084CC77508C91C7E69ACC1E9957D7A9C353A67710 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:23:13.0108 0x34cc  ProfSvc - ok
14:23:13.0123 0x34cc  [ EDD52C352CBAAAD13FD7BD5DCEA309B3, EC7D294B23FD5C309E5C4C455896937B85DC615E1B36C9F8F3BDC90E75EBF9CF ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
14:23:13.0139 0x34cc  Psched - ok
14:23:13.0139 0x34cc  [ DD3FF2053356D11C785999BBC633F3E0, E9A5B7C657F4523E5DEF7AEE7ECFCC94E911FC65F1D491BEF01239F357B8D8E0 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:23:13.0155 0x34cc  QWAVE - ok
14:23:13.0170 0x34cc  [ 51590F442C6E5D43244BA30DDB0CE79D, 9C7FD0A19753C13FD4A27EBFD60703A2414D5A2F6F451F0B32769C8D7C953980 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:23:13.0170 0x34cc  QWAVEdrv - ok
14:23:13.0186 0x34cc  [ E951E70019865B06126AF850BCCA2026, C590DE38C7603149AFA0271D57EEBAF956F18F50584FCF04BC2C8D8CEC5C5932 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:23:13.0201 0x34cc  RasAcd - ok
14:23:13.0201 0x34cc  [ 0BF8607133AE264BC3C41A5BAA5FFB7B, 9A4F6AC6013AB5C2A99BCFC2CCF161DD225DE8D85D61579655ADBF04A4383A61 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
14:23:13.0217 0x34cc  RasAgileVpn - ok
14:23:13.0217 0x34cc  [ FE0976379F9E7DB6F7945FCEB88C7E29, BA331CE55C02E86478714DA87FAC547B50D53BC7D02BCA5A64D484DED44BFAA5 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:23:13.0233 0x34cc  RasAuto - ok
14:23:13.0248 0x34cc  [ CA60F6C03611AF1710BC903ED9F566FB, B5C9E8BAC631738761E11168AB68EB1ECC5EC96BF9A8248B9127DCF744CA4691 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
14:23:13.0264 0x34cc  Rasl2tp - ok
14:23:13.0264 0x34cc  [ 586A17C10D417D889F1FF7D8636E2F34, EEDA4EE8D2BC5C8C7756AB79F1F19AF8B1C4057996748FAE4E3F37844DB0EB33 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:23:13.0311 0x34cc  RasMan - ok
14:23:13.0311 0x34cc  [ E5FA41160F5A3D78D8F7765E5C5F6BB0, 31BA423FFFC3206717DC34B482149421EE28B27A4A3BA2DC78C3B3A9EE0C1365 ] RasPppoe        C:\WINDOWS\System32\drivers\raspppoe.sys
14:23:13.0326 0x34cc  RasPppoe - ok
14:23:13.0326 0x34cc  [ DF0834AE921E633E05D1FDC55C318957, 851A00961224DACBEF9DA427122F6B4B73BB99849D5ECB55DBBD311B2EA84C33 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
14:23:13.0342 0x34cc  RasSstp - ok
14:23:13.0358 0x34cc  [ FC9B7AC6E2B837EF7CD6C64F7068D41D, 9B0DD842033E82BC7EE80416A62B084BF5200923EB7A6C80415BB28004E9B5E3 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:23:13.0373 0x34cc  rdbss - ok
14:23:13.0373 0x34cc  [ FB7375657F8A5932C35EAA45E9B4B416, 99594708BFD6DC9F8CECBF092058D4D0D4F1BC3204E86F9FDAD5207ED5ECF194 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:23:13.0389 0x34cc  rdpbus - ok
14:23:13.0405 0x34cc  [ A32AED8C644734B283A7C9D08D76064D, A12F67C57E43B6A2FE6449EA3822B1108FE70C66AF9911798777F85D760E384C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:23:13.0420 0x34cc  RDPDR - ok
14:23:13.0420 0x34cc  [ 37CC7E41243EFBB4FBC0510E5CA32A02, 634E2F81D61F937F30E5ECE01FB581E090C6DA073EF7B1A3F6083ECAF363CB46 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:23:13.0436 0x34cc  RdpVideoMiniport - ok
14:23:13.0436 0x34cc  [ DAF957B25A35757E9D814611FAE8FE3B, 5244A427B2DEB5349B9F336A4A39A6834A6E8118A8EDA00738C6CE09F2452C24 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:23:13.0451 0x34cc  rdyboost - ok
14:23:13.0467 0x34cc  [ 2C72E029C153D25325CA182A669E4ADE, 5CE0E04A6B53A1F11E8159DFD1E59F2AE6631E3B5BD27BAAEC4A35BC02A55722 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
14:23:13.0498 0x34cc  ReFSv1 - ok
14:23:13.0514 0x34cc  [ BABEE4A896D005BD0D205F1C932DA25E, 269FDF65BE3A226FA2A5CA25085366E32ADAD30A020484FE844962E8C61CB1D2 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:23:13.0530 0x34cc  RemoteAccess - ok
14:23:13.0545 0x34cc  [ 066062967A77867BDCF665960EFDAD32, 68143DBDFA7C68786C22F5CC4E80200255C663A844069C080E7816F423ABB1F4 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:23:13.0561 0x34cc  RemoteRegistry - ok
14:23:13.0576 0x34cc  [ DF84555A734BA2BDA55BCCCC47095ADD, 639814A7F5B758792FE6D84E3FF312F9CE9DACB21B93EA43394DC7A04526CB81 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
14:23:13.0623 0x34cc  RetailDemo - ok
14:23:13.0623 0x34cc  [ 67E83C0C9A2B5ACEE9EF690E6B7E9189, 63D2A73B2031B52C66EF0455393BF05C55F9F7B0B9E48C54A39E547D46E090F6 ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
14:23:13.0639 0x34cc  RFCOMM - ok
14:23:13.0655 0x34cc  [ 6451FE42C35FDE3862D99579444F4A8F, BD56A1120AACF6143E6EB739E12BEE86DF142F1159865608BDF1BBE54B66AFCE ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:23:13.0670 0x34cc  RpcEptMapper - ok
14:23:13.0670 0x34cc  [ F24131EAD1D0B73463052BB042A37B6C, 43B5772310B200DF1914C8E4D10401A0BCE9082BDEAC34736AFB2920B39D7956 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:23:13.0689 0x34cc  RpcLocator - ok
14:23:13.0706 0x34cc  [ 5E57B9FBB4E9C43EE5B69BEE01A1819F, A1F8D1E52AF446CEA2EB50064E3A24B713B19197D61C3EAECB81B3CCD80558E7 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:23:13.0742 0x34cc  RpcSs - ok
14:23:13.0751 0x34cc  [ 8C00FD003B32ACFD7C054D0D7988BDF4, 72F11EE0335DB66105F5056AC7FF51D486DBB6D57353727537F53E929D3A216F ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
14:23:13.0765 0x34cc  RSPCIESTOR - ok
14:23:13.0769 0x34cc  [ DC66C1D262D64E30A30B68E9F21AC74B, A5ED3D31BCD68DBC00A956787517ACA167C86F5FFDAF7C9A85505FA2B705C6CB ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
14:23:13.0784 0x34cc  rspndr - ok
14:23:13.0788 0x34cc  [ 88F7703F2A4677C828124AE2110D3EBC, 529F6A5815806F2EA2235802BD28AF8D7A40E7799356BD3EC337C9E71B6B53E6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:23:13.0800 0x34cc  s3cap - ok
14:23:13.0804 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:23:13.0816 0x34cc  SamSs - ok
14:23:13.0820 0x34cc  [ B467E932FE4E16E201DC7E56870CB559, 6FCE9A2DFC5D222BBEA4AA271A17B830FCF8EAE44B07BEE5FF34AE50CABCBB6A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:23:13.0832 0x34cc  sbp2port - ok
14:23:13.0838 0x34cc  [ 3E115C63649402D321D396F8D606C9B0, F4BA7FE0E89D563A57B6865E4CF1334998987D11A0D70FF7491726A507B40DF4 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:23:13.0861 0x34cc  SCardSvr - ok
14:23:13.0867 0x34cc  [ 67EFFD3D1BB6D2B67DF7F8FDCB1A51FC, DE41539FAC730F5CFF6C8754ECFF1253AFDC1C86743AE71B61D716B7A84E85FD ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:23:13.0888 0x34cc  ScDeviceEnum - ok
14:23:13.0892 0x34cc  [ 31DDA0716EC265CA57DAF9D2295FD76F, E6F39C1B3CF81918277DB8C6E3DF9A82812E1C9063DEB1FB85FE433DC9A16CBA ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:23:13.0907 0x34cc  scfilter - ok
14:23:13.0925 0x34cc  [ 1BFAC03B6422E878EFCDA934BF4C4823, 0BA537A4B9E8020E6B709A44F1382DB3B41CEF631B847201F812152FEB303CD3 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:23:13.0992 0x34cc  Schedule - ok
14:23:13.0992 0x34cc  [ 320E7A02D81A468E8C1FEEFDB856AFAE, E65127D3D6B628F9D19EA509FEBD9E4DC1BF20D0C62C3C9E1D7087DF972B2AA7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:23:14.0008 0x34cc  SCPolicySvc - ok
14:23:14.0024 0x34cc  [ 004C66464D8FE76D5DA78BE6777D61AF, 58B5C436798EEBBE7081D54B55B70DEB15331856802CD45E3FF8BDE794F06A27 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:23:14.0039 0x34cc  sdbus - ok
14:23:14.0039 0x34cc  [ A906C527B838A4922611C63EBD250F91, 6BB0054A9C2408138BDF49D834FF99B5B9764E7747ABC15016F54FBA1D28394F ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
14:23:14.0055 0x34cc  SDRSVC - ok
14:23:14.0086 0x34cc  [ 2100C3E7E1D060DE822677DDE41FCCCF, 82F645A981C91ABD237AA8DD730F4490EF566371946E56A498146B7C8FC3C44A ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:23:14.0133 0x34cc  SDScannerService - ok
14:23:14.0133 0x34cc  [ F4BF50A7D16A97A887BFA0F193693C42, EEBF5AAC149C72F490BAC954B25BB6882B10FC38F93CA4F4829A06702B1ECEF9 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:23:14.0149 0x34cc  sdstor - ok
14:23:14.0180 0x34cc  [ B89DF0D2410759A6C826C136AEBC2416, 5EF86212BE1E075B2B7E0783FDA6EB2CA6938546145428FC7B39EE9D5817F0B1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:23:14.0227 0x34cc  SDUpdateService - ok
14:23:14.0227 0x34cc  [ 6B4E097AD063AEED188629CB9A542602, 0342CD807ADD430E4EC14308464EB0E1BF74F95AD0D32356210A832E6C3FE6CF ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:23:14.0248 0x34cc  SDWSCService - ok
14:23:14.0252 0x34cc  [ 648A299839E8F48A946C41DE270D28F5, EEC9A5FCBE3FF78FB5E0452FF1932A8B0C7399688041E22555703CB1977A4428 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:23:14.0266 0x34cc  seclogon - ok
14:23:14.0270 0x34cc  [ 29452A9DA3E3482F0C2963312F979053, E1782D36C336C4B4C261AD665C1E9051905AA86020E08FC94069972AF4C4DB4B ] SENS            C:\WINDOWS\System32\sens.dll
14:23:14.0290 0x34cc  SENS - ok
14:23:14.0309 0x34cc  [ 919BA7E3054E4F1D61A3524ADCE6A970, 3C382673DF5AF2F38A5AE4A268F5856B0CC9E65D52213DE6D2C06E252753B73C ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:23:14.0352 0x34cc  SensorDataService - ok
14:23:14.0360 0x34cc  [ 01C2EEA7870FE26A4A6CCBA5421CC7E5, 9E643AB6BCBECE4F2A5FD4C96547A4E3F2BDFEFC5FE24B802467718EC69929F8 ] SensorService   C:\WINDOWS\system32\SensorService.dll
14:23:14.0380 0x34cc  SensorService - ok
14:23:14.0386 0x34cc  [ D2FEE824B4AA0BE377F1353E5F915BF4, 00D754C62F3482BBD0EA72C896139C39D15192B2D9FCC7B755D1FB9DF9FCFD9B ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:23:14.0407 0x34cc  SensrSvc - ok
14:23:14.0411 0x34cc  [ 9DB0BBE3ABE1F49651AE51EC5BCABE58, 0B46C1F231F41766AB73EE7E9834D3CDACA602D12E702D9277E28B47417D9CA4 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:23:14.0423 0x34cc  SerCx - ok
14:23:14.0429 0x34cc  [ C4AF79C37334D995D95C22C14FDBF7FD, 4D4985921261909F2123467A22EDB102B490710F60AB935624435E5BB808A0E9 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:23:14.0441 0x34cc  SerCx2 - ok
14:23:14.0445 0x34cc  [ FC541A272F47BE03E67A9FCB87FA8C3E, 730A3616FD67E9F2832442144B2655A8EF78B9AFCB204113E73E257256491354 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:23:14.0457 0x34cc  Serenum - ok
14:23:14.0461 0x34cc  [ 2A5F5F95FCA123DCBF53B5F603B64789, DE5C9E1D88B2C180B137DA7839F3EF6C936A171ABA49F89C10EE9C73A2226F3F ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:23:14.0474 0x34cc  Serial - ok
14:23:14.0477 0x34cc  [ C8738887228B7BFA3B1A906816A8BB12, 328283569201791891D5E9FB3028DB5B9FD93A7BEFC00C7DEBC2CC5731DE64D5 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:23:14.0489 0x34cc  sermouse - ok
14:23:14.0502 0x34cc  [ B1CB58853153397DFFA2D13A81451D09, CC9B3B064711E9B5CB38DC1C84DC410033939848BD31BB0D12F990E8154F357E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:23:14.0526 0x34cc  SessionEnv - ok
14:23:14.0529 0x34cc  [ 67832B68752CDF7FDE56949E4A2E70BF, A72320EA8575A751DF86A1EE7969AD9D548D6185F2520197262E11B79FF8222B ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:23:14.0541 0x34cc  sfloppy - ok
14:23:14.0569 0x34cc  [ 820368BFF0E36FF72A7DE2C20833FFEE, B574BC04CBFF31EFAA6D8AEA735AB6039A1DEBE1F6E5A0007FBFDD9D4AD527F2 ] SftService      C:\Program Files (x86)\AlienRespawn\SftService.exe
14:23:14.0600 0x34cc  SftService - ok
14:23:14.0616 0x34cc  [ F10E5536E1C753E01CF19FA4F466CE90, C9897F22B176D84CA233F864078895E3DAD4DAD090FACBB01BD6E59EE337B47C ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:23:14.0647 0x34cc  SharedAccess - ok
14:23:14.0647 0x34cc  [ 4AC12D495B3CB4275F74C68A7A017561, DC53EBD606ECCD8BCF6D618C0EB58B03F5C20F09E0F0AEDE9B8082D6B208B19A ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:23:14.0694 0x34cc  ShellHWDetection - ok
14:23:14.0694 0x34cc  [ ED058030296CF9B79C8D48BF43724323, 01DC7C2590DF48116CD1A126F207FE5DE439A53286BAE3736E22EE3D1CA80BE3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:23:14.0710 0x34cc  SiSRaid2 - ok
14:23:14.0710 0x34cc  [ 633D3D1581E9DCCD5A2D8F039104C9A5, C44B5097016C2AEC8B41F77425FE44413562F9DCF0C0C11CA69D8178970B4706 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:23:14.0725 0x34cc  SiSRaid4 - ok
14:23:14.0725 0x34cc  [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:23:14.0741 0x34cc  SkypeUpdate - ok
14:23:14.0741 0x34cc  [ FB9F964FFD265262EE8E98E0ED1FB44E, B02B8BCDF91B9FFCA7E2F8F6CAC310E6EEC4BCF8F8C848DCF9EDE33D8940056D ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
14:23:14.0757 0x34cc  SmbDrvI - ok
14:23:14.0757 0x34cc  [ 35B8FC714C2E7F07F7DC7C64452153F8, 6D45EB01B5F972ED0E5520E771F007FFEE892054FABDB3DD00D3E9915D3A0A31 ] smphost         C:\WINDOWS\System32\smphost.dll
14:23:14.0772 0x34cc  smphost - ok
14:23:14.0788 0x34cc  [ DE3A5C27EC842A113F68A2705FF63B00, B134EF63708A892B673B539F544F7980FF72838D822E8E4CCDDB359B22CB8805 ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
14:23:14.0826 0x34cc  SmsRouter - ok
14:23:14.0833 0x34cc  [ CD1056818A6FCEF4D32BD1D6E34070D5, F5BFB61ACB220A73B0DC4487B049F52E9F9FA2D4188C001E7A5838D47CEA6343 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:23:14.0849 0x34cc  SNMPTRAP - ok
14:23:14.0860 0x34cc  [ 187B4AD4446C59F8FCC4A10F473EE3D1, 0AAD961B3D7B3484DC89CB86F3EC96CEBFABB7224A5BFB48083DE8F1805EA7B4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:23:14.0878 0x34cc  spaceport - ok
14:23:14.0882 0x34cc  [ 2799FCA215919FDC9A87C5FCAB530828, BDE968BF26693AA4D70AB669896BCA49C6F533EA226386B35B0EA589A55227B5 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:23:14.0894 0x34cc  SpbCx - ok
14:23:14.0909 0x34cc  [ 58C17D92AD61EC7A98B05F4FAD0D205A, B881134A1BD9194145A9D18BDB34D57E2C167F06C2A9368459D0C33E6E0D6501 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:23:14.0944 0x34cc  Spooler - ok
14:23:15.0056 0x34cc  [ 5C31E109943E67CFC801810C00AB63EE, 9A80D7CDA1135EBCE10E753986A59CFA3D8D49F9B0BE38FDF99880B1DD88C41D ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:23:15.0197 0x34cc  sppsvc - ok
14:23:15.0212 0x34cc  [ AA1F23501511EFE9CF9771F6B20E8D45, E786852D9877CCFD35444F8FC694467132F868D87A8C344FD1016FFDE74695A5 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:23:15.0228 0x34cc  srv - ok
14:23:15.0244 0x34cc  [ F5B169EDF9D5E3C7200D89D30E065D13, 12BAF3A3CB76F0900FA53681C9AD16F40308F493BA22C0F60E1E268D0D6AF825 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:23:15.0275 0x34cc  srv2 - ok
14:23:15.0275 0x34cc  [ 2E142E027F0AA698BA4DCE49CBDB43CD, A21027BBBC75A55A8B302D028113A0683016E4C72790A8C561DDB1AE7FDB4289 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:23:15.0290 0x34cc  srvnet - ok
14:23:15.0306 0x34cc  [ BF71B3FB5B7557CB740CDB09C5FB50D9, D6F9E65FDC9C4ADAFE82D94F71A1F5960DB3BEEBF4FE5B2D087515C4FAA5F287 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:23:15.0322 0x34cc  SSDPSRV - ok
14:23:15.0322 0x34cc  [ EF1BC04215C201ADA3F7F5A2F034EA21, E1A7A0FA2032B9E7D3951100E74C04D93CD848C88D23D57FBA0BFA2816B29C61 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:23:15.0353 0x34cc  SstpSvc - ok
14:23:15.0400 0x34cc  [ 78760751FBCB900F6F68CA1700DAE2DC, 356914797056B11745E18ECD033B8DC801C3C3DD6C5127FCD430A02C4FDD34A9 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
14:23:15.0478 0x34cc  StateRepository - ok
14:23:15.0478 0x34cc  [ BC2B6E9D43EFC087C46D79DBA37C299E, BA0E838EA9A3D5FA6708CB26D1B2CD05F2E8AF437F88FF187BFCB693AABA975A ] stdcfltn        C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
14:23:15.0494 0x34cc  stdcfltn - ok
14:23:15.0509 0x34cc  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:23:15.0525 0x34cc  Steam Client Service - ok
14:23:15.0525 0x34cc  [ A9425CB7D5A698EA49BE0DF55A448E68, 2DB5B00D6AAB6D0D60EFE5FE26C50FD1AB3D4F9E2BA2EAD8A0BE1F1AF9082C12 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:23:15.0540 0x34cc  Stereo Service - ok
14:23:15.0556 0x34cc  [ DDE064A4298FD1FBF804D3ED691E7EDB, B0D117B1FC0DA2CB76F5F63699E2F108930B6C6721AC443111D48215ED624278 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:23:15.0556 0x34cc  stexstor - ok
14:23:15.0572 0x34cc  [ 60F04DF1AB55D6D4BDA02052DD20537E, 52996EDF2C06968DADC9BDF24E4039929B81643493C7193B8CC4A6BD1A3AE761 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:23:15.0603 0x34cc  stisvc - ok
14:23:15.0619 0x34cc  [ 32C95F44108C3E7DB58F773346E3C9D0, F852D8ECA06080EA6DE1A90509071965A750D9CFC9627F0D4DB8ECC57133B0B5 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:23:15.0619 0x34cc  storahci - ok
14:23:15.0634 0x34cc  [ 8883C8CE4942A99B84E1CC6EFA19738E, 60C1CDA4382F8EE70D810DBB1BCAF5F389433563FF23EEB84859612F396D8CE6 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
14:23:15.0634 0x34cc  storflt - ok
14:23:15.0650 0x34cc  [ AE7B7E1E95BFB9340B1956C98CA52C81, 3E0214A0C486C1CD05D9BC57E58A998A3CEADDC1D24AE2A75098F56B37069160 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:23:15.0665 0x34cc  stornvme - ok
14:23:15.0665 0x34cc  [ 63513EF3121689B3A59BD217618A2E42, DE9B89732801DEC60BD116D58CFB427F7E37F093BE8A9F6E0CAC729B5346B314 ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
14:23:15.0681 0x34cc  storqosflt - ok
14:23:15.0681 0x34cc  [ CC96FF061C772340F2ED89ABBA567ADC, 028CD44405B7FAFC7BF331DD729E44E0594A63386F48CF39D7725A58B3DE22D6 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:23:15.0712 0x34cc  StorSvc - ok
14:23:15.0712 0x34cc  [ 000F5CFCEF0F06DC8FD1D2F568E48AE4, C1FE485E57A1B912CE79556E0EFF03CC11362E7966D250E3AA4962DCCB8F8EE6 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
14:23:15.0728 0x34cc  storufs - ok
14:23:15.0728 0x34cc  [ 7415087F9006D6818F85F3CBD79B1A50, C768EBB2263375D285D689FEEF546147D42D7376977424A4D6FD655CC78EA7CD ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:23:15.0744 0x34cc  storvsc - ok
14:23:15.0744 0x34cc  [ 6C4EF0411BFF2D6D7C4515D3BBFDD9F3, 422A3874301CBC95A69A71C63901BD53E608C546F0AE11D7E20942B7C41B41C8 ] ST_Accel        C:\WINDOWS\system32\DRIVERS\ST_Accel.sys
14:23:15.0759 0x34cc  ST_Accel - ok
14:23:15.0759 0x34cc  [ 23604F1CA8528BCECF03F8A8B562ABD6, 2F34D05DA1E662B04A86300C1A7BCF068C6824382855745DA3BA76E52881A02A ] SupportAssistAgent C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
14:23:15.0775 0x34cc  SupportAssistAgent - ok
14:23:15.0775 0x34cc  [ E49858EA5865A015EB78B7F7C1C07DE2, 1ADBBAC2D2E2E3C40AB0BDDE068001E76A8DAB79C54F06479F7A4567DAD7A7A8 ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:23:15.0790 0x34cc  svsvc - ok
14:23:15.0806 0x34cc  [ 802278EE4ACCE9EA1F1481DF20EB1667, E78F0DA2CA0B2C2DF3B7E3B2A22C03380FE649813EE6EB31067C5FB6727DB7BD ] swenum          C:\WINDOWS\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys
14:23:15.0806 0x34cc  swenum - ok
14:23:15.0822 0x34cc  [ 313D2C0DBA0B23A8302254FD317D2EC8, 20B98D6F33FEC7ACBCEED9757A3FEAD837FA7BA378BA25575A33EA45E076FC6B ] swprv           C:\WINDOWS\System32\swprv.dll
14:23:15.0853 0x34cc  swprv - ok
14:23:15.0853 0x34cc  [ 12D0CB1DCAE6725B6CA54CC2038C4C8C, 7D224298E440B8C5FDD99A52485A6245DE5109C9A02E65AD38F1EC6DBF4AEEF2 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:23:15.0869 0x34cc  Synth3dVsc - ok
14:23:15.0884 0x34cc  [ 8607DA59550BCEC0CEBC7260AF7359C4, E5FBB4E47586426B24B1706E08D9553598A744463A1EAD5122AF08291412C896 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
14:23:15.0900 0x34cc  SynTP - ok
14:23:15.0915 0x34cc  [ DFAF068A21F415187F6096DD005A4ECC, 3BE1249166889684534F8C9F230E8456E0A09AF81A9F568AC04D52D3E5A2D797 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
14:23:15.0915 0x34cc  SynTPEnhService - ok
14:23:15.0947 0x34cc  [ D5B31B2F14848015C211F1D674A82F3A, 58C18254C817693DB727090D1CC518032B3A67C5B3FC7F2F8CE4613A33790CFA ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:23:15.0978 0x34cc  SysMain - ok
14:23:15.0994 0x34cc  [ D5AAA188C70146977CFEE8D128599F3F, 9ABC30982E552EAF41FE84397EEEE5A3187444062C662D7CF35A03E3B274AFB8 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:23:16.0009 0x34cc  SystemEventsBroker - ok
14:23:16.0025 0x34cc  [ 95875059929EF91B55EA612D7967DD3D, 5F734209C8C9725376F7C146ED84999CC6D019C4C10B1795F53E72BE8853E2DD ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:23:16.0040 0x34cc  TabletInputService - ok
14:23:16.0040 0x34cc  [ FE33F417DFD9847CB571D3C7EE5FA7E3, B3C7BE7998B9B093DD969A2588EE8CEBD9771331A63D4B1D86A188317B5EE71C ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:23:16.0072 0x34cc  TapiSrv - ok
14:23:16.0103 0x34cc  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:23:16.0165 0x34cc  Tcpip - ok
14:23:16.0212 0x34cc  [ 7EBD20284AC9BF9F0A020B86769BB074, 26D8CC9C1EE069BB617973BA7CBCFC36BAF1EABF975F395077547F930197A56A ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
14:23:16.0259 0x34cc  Tcpip6 - ok
14:23:16.0275 0x34cc  [ 1A95043750E359F993154EF8559BE518, C1CDFAA87084B4D7CF38598E6C723EDD2E1DCA23D29449F48D016F589DACEA29 ] tcpipBM         C:\WINDOWS\system32\drivers\tcpipBM.sys
14:23:16.0275 0x34cc  tcpipBM - detected UnsignedFile.Multi.Generic ( 1 )
14:23:18.0634 0x34cc  Detect skipped due to KSN trusted
14:23:18.0634 0x34cc  tcpipBM - ok
14:23:18.0634 0x34cc  [ D378A1AF58AFA84BB6AC753F2C1BE9F4, 8BBA623193D51E6A8DD0627FA08C93B918EF1BA2EEBA46CDBB86FE6A1007FDEE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:23:18.0666 0x34cc  tcpipreg - ok
14:23:18.0681 0x34cc  [ D42AC03ACF9CA67693D1D9BB4D2A0BC8, D39D5180F3CDB23B4551A8C98F3C92A960B4CC9FA48E0FE11A6D89B0C247783F ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:23:18.0697 0x34cc  tdx - ok
14:23:18.0807 0x34cc  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:23:18.0900 0x34cc  TeamViewer - ok
14:23:18.0916 0x34cc  [ CCDBD2817C10A4F631280CBB3AE44FFB, A022DEF4D3CF75F41FA26275347F4BA38A513AD32FF18385C2E756DECB61D404 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:23:18.0916 0x34cc  terminpt - ok
14:23:18.0932 0x34cc  [ A0608264209A836821D6AB8C67B108AB, 7912C75F72BCAB7426A2E00C597C8D94C185B5DD31BD6C4BE5D56FECD5B0D9EA ] TermService     C:\WINDOWS\System32\termsrv.dll
14:23:18.0979 0x34cc  TermService - ok
14:23:18.0979 0x34cc  [ 261830B1E3650E4471E1F98850B929B7, D281B8A93315E64C7AF5002E5BFBE6AFF8B35FD6AA747AE07D7AA96F4AFAA613 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:23:19.0010 0x34cc  Themes - ok
14:23:19.0025 0x34cc  [ 8D23F0819A00C547814409B734DD3747, 0E1B25A53C84486F8A57F309F3C016114F90F5AF5E576889BD230931F38594A5 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
14:23:19.0041 0x34cc  tiledatamodelsvc - ok
14:23:19.0057 0x34cc  [ 354DAA630928CD4DA2BC84A0DA4ADA9D, AFAE4948EA4F899267DC52DF9A06450FC3E77083B563E541581DA90685C7E98C ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
14:23:19.0072 0x34cc  TimeBroker - ok
14:23:19.0072 0x34cc  [ F4AEDABC8F3A9D632F8206D0C7F8CA09, 6E76749CD4B857B4D930267E3CF448AF4D14FAC851873C5E71572E62CAD2FA36 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
14:23:19.0088 0x34cc  TPM - ok
14:23:19.0088 0x34cc  [ 2D0338A3009075FCCB119CB7F3280F82, F42F3B8DA0F8B2C99892E66CDEF471A1CD30A30CF437ADFF464A2C786A6B87A6 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:23:19.0119 0x34cc  TrkWks - ok
14:23:19.0119 0x34cc  [ 62D6A900C5DFF2ECF131384E5A5C85AB, 1AF1FB868C59DFF452E3351EE5070B2C746DE606B9E2F1834CE2256F41ABE7A9 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:23:19.0135 0x34cc  TrustedInstaller - ok
14:23:19.0135 0x34cc  [ 676C801CAA61AADD0C918CC536A74B78, DB5DEC9445272E46D32DC2A9A99A9AE45729E424E61C679ECFD973AA88457BE6 ] TsUsbFlt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
14:23:19.0150 0x34cc  TsUsbFlt - ok
14:23:19.0150 0x34cc  [ 2BB6CC0DD1CEE86330743B56FA9FE91F, EE71E3DEECA7599947AB09E8967FE8066348D82B4C17D8CBE800FCDE9CF4989D ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:23:19.0166 0x34cc  TsUsbGD - ok
14:23:19.0166 0x34cc  [ 14B46248612DF1B1A695040FFFBCFAFC, 8C373A3C416FC9AB3872A187E64AC7A6E69FF605BD8784E8F2B1C28C293A0495 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
14:23:19.0182 0x34cc  tunnel - ok
14:23:19.0197 0x34cc  [ D0BE5EA1652D55029C9A898FB8ACFCE0, 80C4BC30B967C79B3457F43EB9B530CA2571C6158958879AC55E5A81F71CFF15 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
14:23:19.0197 0x34cc  uagp35 - ok
14:23:19.0213 0x34cc  [ 13C15E4B238895FE4731DB1D612EEB5F, 211E4B05AA09F7FBE2487C3241A98D1F970FEE5B9B1BAED2788B57233BFC4104 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:23:19.0213 0x34cc  UASPStor - ok
14:23:19.0213 0x34cc  [ BEBB8B55C5F99B69EEE39A9D7BADB21E, 08A094EA38AB58CC70108A3BDFDD3251897DC4B13FDDAD54C1B063137836EF34 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
14:23:19.0229 0x34cc  UcmCx0101 - ok
14:23:19.0244 0x34cc  [ DE3EDAF609D00EA2E54986E6459796A6, 61A9AB51869F38300CC5CC5D302B962FB966F54CBB2E393954F36372B3A479FE ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:23:19.0244 0x34cc  UcmUcsi - ok
14:23:19.0260 0x34cc  [ FB1C1D8B96A482F3581338D6752E1D6C, 0FFAEE3E088614B3483C459513BB9D78EB76B574696FD877A3CDF6A11378F46C ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
14:23:19.0275 0x34cc  Ucx01000 - ok
14:23:19.0275 0x34cc  [ 4E1543ACE2F6E2846713E5123D9D4159, 1A6AFC525A80D1F19B14CDAD38790DF7293911C4D0E8301161D92201B934C3D4 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
14:23:19.0291 0x34cc  UdeCx - ok
14:23:19.0291 0x34cc  [ CDCA9CC1D8293E75218D8FF85F2337A4, 173086C08DDC7625E026E425F1E2B5D6C795771BEAE9BFF6093E3592FBEBD323 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:23:19.0322 0x34cc  udfs - ok
14:23:19.0322 0x34cc  [ BC683E19307C533C7161DB7A58051347, 5553BE3421986FDD9992EBFD883CDA151F7166C01BBFA3E9183A3C93E41D79B6 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:23:19.0322 0x34cc  UEFI - ok
14:23:19.0338 0x34cc  [ D14B42C26DE402F316D49667D15446F0, 61CC9FF03EF78631C800EFD8D587975CB94D53DB80E6F60BD13BA52EC5690D3D ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
14:23:19.0354 0x34cc  Ufx01000 - ok
14:23:19.0354 0x34cc  [ 192470BE4321791FBB25F379D0141D6F, AD120F8F98BD99014471CE60630B5FEE7555AB261C98B7D9819FE23C386655F7 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
14:23:19.0369 0x34cc  UfxChipidea - ok
14:23:19.0369 0x34cc  [ F7BD838E84E6B286DBCE068EFB8C0800, A55188C8F8BDC739A7ED7D29CDCB2A17468BBB158E13D804963B31ED73449520 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
14:23:19.0385 0x34cc  ufxsynopsys - ok
14:23:19.0385 0x34cc  [ C844E39B900FFA46CA8DD2BBA670A077, 0CB6232BCE47C59821DF25D6ED33E85C3E32DDAB101AA8A2C22B5401E73F5D5B ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:23:19.0416 0x34cc  UI0Detect - ok
14:23:19.0416 0x34cc  [ A25842AC180F0E8B02380ECB8ADA1AF5, AF22E7559C5EF8DC22A2B9E27FFFFF075B1D1B68A8307266BD9473E0FAF36BEF ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
14:23:19.0416 0x34cc  uliagpkx - ok
14:23:19.0432 0x34cc  [ 21088F43172525C7E02D335A3327F46C, B04AD471A7DFE83AB557DB4540616B7DF4A1904F8BDDCB920D449FCEE6F36FD5 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:23:19.0447 0x34cc  umbus - ok
14:23:19.0447 0x34cc  [ 294A291B5D48FE8F38DD94B7272442C5, 66C9139636760C92C1E04FCF440C432FF6C5A94E1577CAFE1D61FCF2D30472ED ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:23:19.0463 0x34cc  UmPass - ok
14:23:19.0463 0x34cc  [ 3427889AECC3B6912A0A01D095E32B98, 322AE14B74295ACFC124719BBEF8809201150A184E262EC55E26D2B45787BF9D ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:23:19.0479 0x34cc  UmRdpService - ok
14:23:19.0510 0x34cc  [ 0D5C9E27E93AAEA3E30A1E59A7AC3DFF, 31A203DA03877E6B887930990C5BB53402F0DFFB22A6F8FC5A34EF0B99CD8A7E ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
14:23:19.0557 0x34cc  UnistoreSvc - ok
14:23:19.0572 0x34cc  [ DBE2E6388379D5CC78099650541E9566, 1914BC929F109A49FB18ED31F239A9813A010B0A3914BC8CD0D6A94A67A072D7 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:23:19.0572 0x34cc  UNS - ok
14:23:19.0588 0x34cc  [ BD693208673F40BA21AA70B69F1D439C, E324947C2DD34386A83B09E73668F1CCED127AC91194B8BF7EC4C8E36CF8203E ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:23:19.0619 0x34cc  upnphost - ok
14:23:19.0619 0x34cc  [ A7A52EDDC3FAF183D6AC4774690ADF13, 630A0331F2EFA2DC7EFDACD08D8DF5C85BFDA30FF1525050FF54E069AFA45F6C ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
14:23:19.0635 0x34cc  UrsChipidea - ok
14:23:19.0635 0x34cc  [ 2EEA0897DD9E30E958B508D557F0B5E4, BE051A3AA5DFF56310FAB67AD19AC0443A3580542886EF3554EBE18F1323596F ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
14:23:19.0635 0x34cc  UrsCx01000 - ok
14:23:19.0650 0x34cc  [ DC54D775A3A61E4CDE871B4E38A1459A, CC996A9D293201BBD285E7B629B12EE88574702B8AC7BB4149439D6A25A07F7E ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
14:23:19.0650 0x34cc  UrsSynopsys - ok
14:23:19.0666 0x34cc  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
14:23:19.0666 0x34cc  USBAAPL64 - ok
14:23:19.0682 0x34cc  [ 18B63A0980F4AA1E6D7879B253980E37, 05F96DBE0A3DE2A685DEEBA8B6838A47AEB7CE2EBE8EB6BAD67B36DCF7E73589 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:23:19.0697 0x34cc  usbccgp - ok
14:23:19.0704 0x34cc  [ 1C60A1A3C8E1E819E16F12BAEB1C83F8, E255BD173DBF091C5EA07381862E23C1FD761489EC396E312974FBC124E1F33A ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:23:19.0719 0x34cc  usbcir - ok
14:23:19.0723 0x34cc  [ 9A3E39F85DC6E3B9F792F1095ACFF788, 66B8E137A5232E9F717907CFD49FE624AE101F4DE14E2960849DABF7A877E87A ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:23:19.0735 0x34cc  usbehci - ok
14:23:19.0746 0x34cc  [ 0A368247A900656CC0678117DFC3A87C, 9BEAD14DA067439D913F609955E95CFA0B88ED4F1BC60B473E00F9D9CBC01B9C ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:23:19.0766 0x34cc  usbhub - ok
14:23:19.0777 0x34cc  [ 1BDA1FD02783566F0B20EB0E2517F85C, 4C86DC962BBE4CA5AE466A37CF647D84CE2A34DA7F861751587841FC10CFA09D ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:23:19.0799 0x34cc  USBHUB3 - ok
14:23:19.0803 0x34cc  [ 72EA850B59F40C25A4FEDDA5FE84EFEB, FB4801AA1FB72FC1C41024916368823E88D53E338640E3BEA865B0F0E7B8EE91 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:23:19.0816 0x34cc  usbohci - ok
14:23:19.0819 0x34cc  [ 47B2B2DE152E25546944049CA1170BB1, DDA0A806D3108B2475AB13F584EA8CE6F0932C5E394C2C3FA691DFAB8A2BCAC0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:23:19.0832 0x34cc  usbprint - ok
14:23:19.0836 0x34cc  [ 1F72E1A7E1858B7B3FF81522FCEBDE95, 4FAD243DA73C45CD5CA5E50F824F30EF0DC777D83957FD21FF43D8C89EC15AAC ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
14:23:19.0850 0x34cc  usbser - ok
14:23:19.0854 0x34cc  [ CD35467670DF1E6FBF36DA308F0C872B, E1F4F9B1EBD476394CBD0C934842AEE2502B030D97351B0A1E751FF23B011B57 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:23:19.0867 0x34cc  USBSTOR - ok
14:23:19.0868 0x34cc  [ DFA92EA105DD1073B43FB210EEB03DD4, D940432458F0A04F5013B48197CEA0412C8A909C50605AA21DD08271C90E2FE3 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:23:19.0884 0x34cc  usbuhci - ok
14:23:19.0892 0x34cc  [ B1484D4BBC6B7B424F1CD1554B0AFB84, C9432978603360182AAA983248FFA97576B3C59BE5DA45473DFA17E2940479C8 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
14:23:19.0910 0x34cc  usbvideo - ok
14:23:19.0919 0x34cc  [ C67A03F54A1EA683F4880A481EE5FF6C, 346185B378577FF14EFAD01ECB7DFC9AFC0D50F16DF081C3BA99AEFF710A0EE9 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:23:19.0937 0x34cc  USBXHCI - ok
14:23:19.0962 0x34cc  [ 32212C0FE0556915E763C29DEB6D267E, C5BC9DA3AB0C41604E8F3D01AFC2C25351FF5D3967E766DD0CDB4C0239ED6312 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
14:23:20.0016 0x34cc  UserDataSvc - ok
14:23:20.0035 0x34cc  [ 19DB66E644058AA880AE20144FA40839, 3622EBD3E203C436000947666E7CDF9B075951CC1929241CCCDB123F55F93E46 ] UserManager     C:\WINDOWS\System32\usermgr.dll
14:23:20.0070 0x34cc  UserManager - ok
14:23:20.0079 0x34cc  [ 0CFEA30C0217EE74FF853B2B0CC0BE6D, 1F0856D2D94F46D7B24B7EE18ED868C9EFAE972039D35D1FAA9058A12CF40493 ] UsoSvc          C:\WINDOWS\system32\usocore.dll
14:23:20.0106 0x34cc  UsoSvc - ok
14:23:20.0111 0x34cc  [ 9A83FA0EC9B0DCED2CBC49DD05901920, 14D2F241235E2693C68BCCF05D83F2A1C9A7BE185C83E7C6C63EF0F654892F95 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:23:20.0122 0x34cc  VaultSvc - ok
14:23:20.0134 0x34cc  [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
14:23:20.0145 0x34cc  VBoxAswDrv - ok
14:23:20.0145 0x34cc  [ 26223003DDFB347B5CF3EC0B56DB066B, 78848BE1334C05F28FA431B08225EAE8345B2C66E7D677F9936892FC941EA961 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:23:20.0145 0x34cc  vdrvroot - ok
14:23:20.0161 0x34cc  [ 0C3F4E7684C1D72E85A98689E65A98A1, F7928D3EFC1A83125887ADA5F8E008022B58F0DBA8A711B4D60975D8CE82B595 ] vds             C:\WINDOWS\System32\vds.exe
14:23:20.0208 0x34cc  vds - ok
14:23:20.0208 0x34cc  [ A417284BC6B5C2EEF63F2C5154473530, 55146660CDDD829630C216038E6500CFAC906E67C82881047B665BFEEB286D10 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:23:20.0223 0x34cc  VerifierExt - ok
14:23:20.0239 0x34cc  [ 4C39C05A72EB14C0567501C7E087E564, D3DC122B7E4A5BD345517FE3A9E9E58CD3C78887F9F327AB782BADCAD0F8F2EB ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:23:20.0255 0x34cc  vhdmp - ok
14:23:20.0270 0x34cc  [ C42206A15078596FDE8E89BB629DE342, B95F9EC2413ADE658A7CE4A9BB57A0E125C29205C24BBB120153DACAF4CF9482 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
14:23:20.0270 0x34cc  vhf - ok
14:23:20.0286 0x34cc  [ 248D9F911A5C94CF8477125DD0C3A291, 418C7285184BCC9DE4E56175960585867A5DB21FEF761C49FF6F1AF1C07D8088 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:23:20.0286 0x34cc  vmbus - ok
14:23:20.0302 0x34cc  [ 3E98DD4E0CBD6B4F9CBD0E9E0EDF541E, 2B5CF364F4D1D3359FBEA8BB2E72A1FCE1277E8D893977B751D9AC10A27DF018 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:23:20.0302 0x34cc  VMBusHID - ok
14:23:20.0317 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
14:23:20.0348 0x34cc  vmicguestinterface - ok
14:23:20.0364 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
14:23:20.0380 0x34cc  vmicheartbeat - ok
14:23:20.0395 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
14:23:20.0411 0x34cc  vmickvpexchange - ok
14:23:20.0427 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
14:23:20.0442 0x34cc  vmicrdv - ok
14:23:20.0458 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
14:23:20.0489 0x34cc  vmicshutdown - ok
14:23:20.0489 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
14:23:20.0520 0x34cc  vmictimesync - ok
14:23:20.0520 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
14:23:20.0560 0x34cc  vmicvmsession - ok
14:23:20.0570 0x34cc  [ 977603C51C997435D59ECFE7E24E0653, 32AB9BBFFEB73F5282848748B46584238BD1B812A1435F7759180D36B33FE806 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
14:23:20.0595 0x34cc  vmicvss - ok
14:23:20.0599 0x34cc  [ 91F165C5D71D9DCB18D4661CF10D1084, 1D55C1FF0F5D860E6DB60EEFE303C0797C98BB0B053ECC255F9B316872288818 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:23:20.0610 0x34cc  volmgr - ok
14:23:20.0619 0x34cc  [ 17042748AC05862A0283D32575220080, A85B480CB969CB7678545D2A9EE99CBD2ADFF210FA016A43E092D0711FBB633D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
14:23:20.0636 0x34cc  volmgrx - ok
14:23:20.0645 0x34cc  [ 823A237D871CD652C6BFD47BECB6810A, 99310521451CB54C29A5DEA54C3A666F95E2A1FF0979D5F9792885A161E90C65 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
14:23:20.0662 0x34cc  volsnap - ok
14:23:20.0667 0x34cc  [ 78727FA284C2095EED660D71CD3C9AEF, 323F0BD5A624DF77973F28C7CF31EC6B3A525496EBF063666623A62B1DB0EA65 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:23:20.0678 0x34cc  vpci - ok
14:23:20.0684 0x34cc  [ 2415961D561E02F5E46B7C1C687A6788, 68A54B9595A0D15D410D5F1656B6EBE3B913A4BA5F71C658C9B99420E6ED327A ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
14:23:20.0698 0x34cc  vsmraid - ok
14:23:20.0724 0x34cc  [ 16419CBDB04DB9FF298169AA93413822, 743AD26F08AF5EFF5DD353E75C3D659B10C3FEC2FEDABB76387B87721B5B98F8 ] VSS             C:\WINDOWS\system32\vssvc.exe
14:23:20.0782 0x34cc  VSS - ok
14:23:20.0786 0x34cc  [ 6AE9A843AE979F2DCCA5A25C07C7A5F8, 3CEC26DE2EEC97929A0FBBD87FF75F8DC387C0988B2047074C8F069ACBEF2587 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:23:20.0802 0x34cc  VSTXRAID - ok
14:23:20.0802 0x34cc  [ BD232C761C59FA8D8EF626CA630E2D2E, E494EFDCE8F6343F49F33F1F03DCD5DEC9CB6F349B1AD302B4D3333B5F6BD8E5 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:23:20.0817 0x34cc  vwifibus - ok
14:23:20.0817 0x34cc  [ 3039687AB65CEE26CF478C1F42FFCD7D, 40E140C6F94B6203767A1493DF8CAE6BA1FB67FBD0C13789444F72410D0E6FF1 ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
14:23:20.0833 0x2e70  Object required for P2P: [ C982FE172EA1C7B840C4243C5AB3F8BE ] NvStreamSvc
14:23:20.0833 0x34cc  vwififlt - ok
14:23:20.0849 0x34cc  [ 37C868DDE3103130B00AD1313DAB5ACB, BF9C30817A3502F5C0673FD462B18FE1BF37963B29DF09D84B66BDCBF8ECBA81 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
14:23:20.0864 0x34cc  vwifimp - ok
14:23:20.0864 0x34cc  [ EC9B6544C569E8D7FAB91772BD7D23F2, 06CC5F21E9A9DD35099CB3E44C3E2BF2F944CE5B71284E6A85E1B681F12BD31B ] W32Time         C:\WINDOWS\system32\w32time.dll
14:23:20.0911 0x34cc  W32Time - ok
14:23:20.0916 0x34cc  [ FC40A7527D39F06D032A6553D22E4BF6, F572FCB5EB3DE16FD6222A5B6A43C81E3A1F838890667D9F0453F82FFCA772FF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:23:20.0928 0x34cc  WacomPen - ok
14:23:20.0940 0x34cc  [ 2CFE8CBE358CC4D5715E010E3B13559F, 54E9BFCE202FA123EB261C226094054950429AAFA304AA714F461B003E070BD9 ] WalletService   C:\WINDOWS\system32\WalletService.dll
14:23:20.0967 0x34cc  WalletService - ok
14:23:20.0971 0x34cc  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:23:20.0987 0x34cc  wanarp - ok
14:23:20.0991 0x34cc  [ E9E22E116F810DAC98C5EC207F24C916, C518DC57CECA5174E7695F5632555FA08571D5F3A7D6B0C295BA4221AEA67C04 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:23:21.0006 0x34cc  wanarpv6 - ok
14:23:21.0034 0x34cc  [ CF9EF65FA66B0F4982FD1FACAB3009B6, 681C1CD5DCAF87EF436B907534E98B0AB4F66BD62E46B8977A7880B854766A27 ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:23:21.0091 0x34cc  wbengine - ok
14:23:21.0101 0x34cc  [ 8F2B0ED6FCA72B34BEEA37E32D0EE106, A86C641A13FDF056B7BA13641551582199DDB08E9490003C74D999518B097C00 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:23:21.0132 0x34cc  WbioSrvc - ok
14:23:21.0146 0x34cc  [ A40484AC27EE08DBE7F8DA5E1F6651ED, E3259694450C4F1DEC5E0EA5E23BF3A51F1819374DF47FECF70282AFD46114A1 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:23:21.0178 0x34cc  Wcmsvc - ok
14:23:21.0190 0x34cc  [ 8E7FD07D2C82ACBCA52C4100C20F6542, FB2CD88557ABB5EBE6555CD4E41BF4BDC6FE6BCF26288338F2FB034B966FCBD3 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
14:23:21.0216 0x34cc  wcncsvc - ok
14:23:21.0220 0x34cc  [ 9C776ED423CD03F8ABD54C2557E34416, 282C1208977070EC0280D5ABA0E03A847AEAEE31F35CDAA3C7A02D8477614EB1 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
14:23:21.0235 0x34cc  WcsPlugInService - ok
14:23:21.0257 0x34cc  [ C5C533EDDEA99278B66F241E90649A12, 14393592C5897686F2F540FD480330FD0EC69FC334483DC6E602EB1B31C99722 ] WDBackup        C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
14:23:21.0281 0x34cc  WDBackup - ok
14:23:21.0285 0x34cc  [ C8BA574B3BA6AE88741AC86B1FE3C1DC, B2422CDE3A6A27B52D270D24298FF69D91D389C68456EC1805BA30AA59BAB839 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:23:21.0297 0x34cc  WdBoot - ok
14:23:21.0304 0x34cc  [ 81F3DBDED84E6C3D68C49AD782D9DE02, ABD1899D544B2BA027179543F790DC8FEB6DB67ED2B126B4CB6C9FFFFCADB9D4 ] WDDriveService  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
14:23:21.0305 0x34cc  WDDriveService - ok
14:23:21.0321 0x34cc  [ 927AD29D7F91B9A0C5294932374DA15E, ABB2722EF4153771D15683B5CE603D2B7D8A585357F64A3DC26114F37BE2906E ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:23:21.0352 0x34cc  Wdf01000 - ok
14:23:21.0352 0x34cc  [ C5BB7C612B4C852836BEA39593BA5F46, 1E2B123F34500C2A8E983AAAF7F14E409B88DC396A655F19F3E7F15D0C51A762 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:23:21.0368 0x34cc  WdFilter - ok
14:23:21.0383 0x34cc  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:23:21.0399 0x34cc  WdiServiceHost - ok
14:23:21.0399 0x34cc  [ 9E0442D3880438D006D95C6F63C27274, DB1ED2BCF9986495EFA8A0B3B0156119F2E4F77AE9BDC6377ADF3A6B53C658F6 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
14:23:21.0414 0x34cc  WdiSystemHost - ok
14:23:21.0430 0x34cc  [ 9B2039C5673EEBF1D4E34ABC0AFB88C7, BBC85546BD86B9027426DAF148194CFE992B80FF89311B28BE0BD82C88630E8C ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
14:23:21.0461 0x34cc  wdiwifi - ok
14:23:21.0461 0x34cc  [ BD193A7BD34B2E829FAF56306FEE3B09, ADD746D198E21242CEFA01840952B792074EFC473113CD3E7F1ABBA6A4E26AF6 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:23:21.0477 0x34cc  WdNisDrv - ok
14:23:21.0477 0x34cc  WdNisSvc - ok
14:23:21.0493 0x34cc  [ 6A3B5013D5C7840E8CABD63DD021C112, 371CCEEAC7816CFE79ACA8A218CDA16469D9567CB63CC9D18C55FF047011EF25 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:23:21.0508 0x34cc  WebClient - ok
14:23:21.0524 0x34cc  [ EED4043BC3C2D00067411730EE118354, 5E268DA4DB78C06D8F181E9408B4769F8A12C38DA52C1E986EE0CEE1101E9485 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:23:21.0539 0x34cc  Wecsvc - ok
14:23:21.0539 0x34cc  [ 6ECD7A49AFC6533821BEEA1876CEB21D, 2E972245F56F589EF1AB9DABB9214B9DE6E290878735476323A3357D8CDFC71F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:23:21.0555 0x34cc  WEPHOSTSVC - ok
14:23:21.0571 0x34cc  [ 09B434867028AF4895A87959EA668686, 26A7DB82E42DCBF3A77092D58AC6392754FD7C538B9EAAEFA88E9AF81DFE8E96 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
14:23:21.0586 0x34cc  wercplsupport - ok
14:23:21.0586 0x34cc  [ DE4E417B867841EE55114E588098B8D5, 878708C93FC1D919E2B9E1C5F94A0EAFC5F28BDAA58D3F29DEEDC8EC3F72D9ED ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:23:21.0618 0x34cc  WerSvc - ok
14:23:21.0618 0x34cc  wfpcapture - ok
14:23:21.0618 0x34cc  [ DBF5255B759212E5217A2748567A0B5C, 5E81A9289EC39702179038B686A35FADF9974651E74222F3354B4CBE919887B0 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
14:23:21.0633 0x34cc  WFPLWFS - ok
14:23:21.0633 0x34cc  [ 4CD8826BB8320741842A9E53E48AF2BC, 97B22D9DCD0FD31D3A801946173369B0E70B1850576682C8A8180874A61CAD1A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:23:21.0649 0x34cc  WiaRpc - ok
14:23:21.0664 0x34cc  [ 4375BCBA419D19695CF566082CEF27D3, 6F86FA14B41A03F2BA51B8702F3D59B85FD488405601FA177495E4B7C576850D ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:23:21.0664 0x34cc  WIMMount - ok
14:23:21.0680 0x34cc  WinDefend - ok
14:23:21.0680 0x34cc  [ 037BC6DE5F58D4A74A5BB0C12DCECDCA, 92921A2615A41C434BADEB33594DABC166FC9418FBD311A3B2022410B14BFDAC ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
14:23:21.0696 0x34cc  WindowsTrustedRT - ok
14:23:21.0696 0x34cc  [ 70BCD70BD53F2FE660ED94B025A043EB, B23B96DCAB30C62CB1651B3A2292155AEE8217CE3120574F5158D5E7DA09DE56 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:23:21.0715 0x34cc  WindowsTrustedRTProxy - ok
14:23:21.0732 0x34cc  [ 8921ECEC2C7D1B1333D77325C60D3AEA, 67C6B6A92B34D99165B5591D0730322C31E967E599BA44924249BF5AD505C132 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:23:21.0768 0x34cc  WinHttpAutoProxySvc - ok
14:23:21.0773 0x34cc  [ 7792AE5403BF8975B6460DFC3428D129, D88F77E973D58C2CA629CC9249877A34ABF31CA1DC2A570666921A8A0DC8DEC7 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
14:23:21.0784 0x34cc  WinMad - ok
14:23:21.0788 0x34cc  [ 73B5230F03DC7002A70F11EA1B0BAA37, DFE8BBE52B58589686E402ACED51021E298A491F907EBA5689DF9DAFC3002BA5 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:23:21.0804 0x34cc  Winmgmt - ok
14:23:21.0850 0x34cc  [ 2FE85D6AFF90F56A78743CC93B9CA684, B515765C4EE64E7EC16BD6AF037C084CCA6E81180AEF59E18F260406ABE6DF58 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:23:21.0929 0x34cc  WinRM - ok
14:23:21.0944 0x34cc  [ 811F30EB6EE8318C4171CB95AE30B9BD, 765F6BEA3D35D523B5D7ED7356EC0C97A48066A5C4D77C1E6EDAC6F220153385 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
14:23:21.0960 0x34cc  WINUSB - ok
14:23:21.0960 0x34cc  [ DF00381AB8665D48DE3FF794BC6760AB, 749AC7048601061A34BFF507B574AF028FC662C0A98692E7331E667D105EC09D ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
14:23:21.0975 0x34cc  WinVerbs - ok
14:23:22.0007 0x34cc  [ 3C096082A9232B7CEE4653B9C9031769, CFD4C7D0874097ED70735FD99206F21C12749B7956C4B5D4287F160EC6A21DCC ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
14:23:22.0085 0x34cc  WlanSvc - ok
14:23:22.0116 0x34cc  [ 0968D575D9108497A6DC37749D4A6C4F, 8BFEDBE642DA0FD8AC1E60180C192527F3D36E43089090A7BB6D8B27AB6E4F7F ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
14:23:22.0179 0x34cc  wlidsvc - ok
14:23:22.0194 0x34cc  [ 623ED8E10DFEEAB7AE2CD11A0451DB79, 7DDE15F22FD24556D4765F6CFD0F8E2F27370A89A962919646DE2613B33D43D6 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
14:23:22.0194 0x34cc  WmiAcpi - ok
14:23:22.0210 0x34cc  [ B2BB87531C4127ED4120E9BF5566827F, 1DDC0F00F215D77D3698F81B56D4488F384E9D017267840EDFA4846742B99B6A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:23:22.0226 0x34cc  wmiApSrv - ok
14:23:22.0226 0x34cc  WMPNetworkSvc - ok
14:23:22.0241 0x34cc  [ 78CA1FF6FE37EEFAFF99DD1C956AF60A, 883C7890C83BAB3B846A0C969D7B67031BD2EF65FA58A0620DD0CD1655C5B2C5 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
14:23:22.0257 0x34cc  Wof - ok
14:23:22.0288 0x34cc  [ C7503A49364DB2AF7A7DE177B233081F, 85DC6D8B5631E51FCF395A884F58571A96C8C55C38CA9ABEBD9C75BABAD21E38 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:23:22.0351 0x34cc  workfolderssvc - ok
14:23:22.0351 0x34cc  [ 388F2A3C771B8BEE76FD1AAF9614D08E, C064EC6136CC20C4EE19C86E91CA071974933BB52C9EF8521DF4AFD060FED4A2 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
14:23:22.0366 0x34cc  wpcfltr - ok
14:23:22.0366 0x34cc  [ A6FCFE1F691B4A4D266F5D487FADB9FE, 2135D0C13C1295A2F76885E380CD72CB71CEB8E0D9F1C183A35935B27737D423 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:23:22.0382 0x34cc  WPDBusEnum - ok
14:23:22.0397 0x34cc  [ 37DCE976B3935380F2F6E39ABB6BF40D, B14E875F6D6503DF0DB6D9D2363316073AEEF394D830EA2270A0DCDA56E1CEC4 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:23:22.0397 0x34cc  WpdUpFltr - ok
14:23:22.0397 0x34cc  [ 80F0154FD4293E562D54E97811E03499, EDE920F7F95EFBE542FE3CE066B6F7CDE3B9A37DDF3411DC86EACE9EEF294C1D ] WpnService      C:\WINDOWS\system32\WpnService.dll
14:23:22.0413 0x34cc  WpnService - ok
14:23:22.0429 0x34cc  [ 3CD22DD5A790CF7C24D65455E565EA83, 49DB06DF6F38940E7F8691C16586A78BB20E702FD48A34E50987C06B08BDF4DB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:23:22.0444 0x34cc  ws2ifsl - ok
14:23:22.0444 0x34cc  [ EBA916109A176714E6A7BD152387F13C, 7B38B1708B83271ADA8D1CEC7F5F0A75C7F2572185C0961EFC749D5DF16A03F0 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:23:22.0460 0x34cc  wscsvc - ok
14:23:22.0460 0x34cc  WSearch - ok
14:23:22.0522 0x34cc  [ 9EB85802AB625970E05879D15DE56335, B7DCE5E1924A5CEE76CC07FF3B8CEDBBD0DDBB4C4ED0A3BFB8D1ABCAD7C0AA23 ] WSService       C:\WINDOWS\System32\WSService.dll
14:23:22.0632 0x34cc  WSService - ok
14:23:22.0694 0x34cc  [ B70FF53144AC4B3C7D98BFB7D7C239BD, 996F6253F24C6D734B777988CDE03CD3A32FFBAD6D7A198F1C590B762CD8DC0E ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:23:22.0757 0x34cc  wuauserv - ok
14:23:22.0757 0x34cc  [ 835F60262E7E310080EA05F6752BF248, 3010B731DF3D52B56EA16FD29B66F5D3AB9412E49CA4C547BAAECA3225C5DC40 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:23:22.0772 0x34cc  WudfPf - ok
14:23:22.0788 0x34cc  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
14:23:22.0804 0x34cc  WUDFRd - ok
14:23:22.0804 0x34cc  [ 44CF3130AEC8914705487C4AEF756A19, 30B09E32DEC02141F9B99ED012E441056C1663A72E4130EF4221ECC0ED87BF4B ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:23:22.0832 0x34cc  wudfsvc - ok
14:23:22.0839 0x34cc  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:23:22.0856 0x34cc  WUDFWpdFs - ok
14:23:22.0862 0x34cc  [ 4E848DE29E4279C7F25EF5B34ED94FDD, FD7B0673F4CFA6EB66D7212288223419BFFA02EBF1F1D85F155B5397C6FB21E9 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
14:23:22.0879 0x34cc  WUDFWpdMtp - ok
14:23:22.0901 0x34cc  [ D23F211E1AA0787EFEC373D172D4A1C2, 6CCAB272D121C9946B2CF6B19F50E09946F0187713D54BFBD371B5C017367204 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:23:22.0938 0x34cc  WwanSvc - ok
14:23:22.0954 0x34cc  [ 9BDC2AFCEF4CF1C630D728DE1DBD495A, 5CE19974380CCEC46C181315B349E9A7CE757E19118EC5978A2293D63268BA66 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
14:23:23.0001 0x34cc  XblAuthManager - ok
14:23:23.0032 0x34cc  [ 3EDB6162310EA223890C2DF44C68358B, 12053291809CA9C38A30EA4B2DE7115F535531F0925220C63B0312979F9CC707 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
14:23:23.0063 0x34cc  XblGameSave - ok
14:23:23.0079 0x34cc  [ 30021D1E0407B71E8D5D4F8DAE4E656A, EE2E366A1CC033C068176C7E9F876FFA0EF86A15A482B6964E170DE863CFF542 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
14:23:23.0094 0x34cc  xboxgip - ok
14:23:23.0110 0x34cc  [ 729B70C81F207541BC6A4ABAE3A8D594, 31F9BC41169D28B397C0D988C367C32FA9A95289E68AB8F38061DA478752A765 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
14:23:23.0157 0x34cc  XboxNetApiSvc - ok
14:23:23.0157 0x34cc  [ 6851673B90D8CB332439E0339F81A6B6, 4E95F1A63E6DD58BB5BD6FC1D9784837D5E6F5BCF870C7ECC92DCA1AF20B6A4C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
14:23:23.0173 0x34cc  xinputhid - ok
14:23:23.0173 0x34cc  ================ Scan global ===============================
14:23:23.0173 0x34cc  [ C6BC6E49A7F76AA2BBA58CD08196755F, D02B6B285899E966D19323566A4780D51303D00E66674D7FF4B61991430A69A6 ] C:\WINDOWS\system32\basesrv.dll
14:23:23.0188 0x34cc  [ 70EC9717DC3A1CDF79C703A145E0E5B7, D5ABF42063DFF799FD4099D8A347256CC79B89582B987B3DEE240AFA5BA421BE ] C:\WINDOWS\system32\winsrv.dll
14:23:23.0188 0x34cc  [ F435AFA375ACBAEE44324DD464EDCC11, 815DE470439AE5D96348BEBF971A14FBDCA1D36F31CA0D25F69E5F41817D43D5 ] C:\WINDOWS\system32\sxssrv.dll
14:23:23.0204 0x34cc  [ BB3D8E1C108F7244613FF3993291A922, 1642AF23F200D46F54239C3BA743F1D5ADDC6A32D5F6481264D0C1D7F3E9D533 ] C:\WINDOWS\system32\services.exe
14:23:23.0219 0x34cc  [ Global ] - ok
14:23:23.0219 0x34cc  ================ Scan MBR ==================================
14:23:23.0219 0x34cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:23:23.0251 0x34cc  \Device\Harddisk0\DR0 - ok
14:23:23.0251 0x34cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
14:23:23.0329 0x2e70  Object send P2P result: true
14:23:23.0344 0x2e70  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip
14:23:23.0688 0x34cc  \Device\Harddisk1\DR1 - ok
14:23:23.0688 0x34cc  ================ Scan VBR ==================================
14:23:23.0688 0x34cc  [ 1D5905AD0C4AD1F2F36D99CA0332E777 ] \Device\Harddisk0\DR0\Partition1
14:23:23.0688 0x34cc  \Device\Harddisk0\DR0\Partition1 - ok
14:23:23.0688 0x34cc  [ AD644B7460779A12F12A8D84081BE195 ] \Device\Harddisk0\DR0\Partition2
14:23:23.0704 0x34cc  \Device\Harddisk0\DR0\Partition2 - ok
14:23:23.0704 0x34cc  [ 4CC410B663AA2762FDDE5411E8327AB2 ] \Device\Harddisk0\DR0\Partition3
14:23:23.0704 0x34cc  \Device\Harddisk0\DR0\Partition3 - ok
14:23:23.0704 0x34cc  [ 179A0BC1E03C34F708129A214346DADF ] \Device\Harddisk0\DR0\Partition4
14:23:23.0719 0x34cc  \Device\Harddisk0\DR0\Partition4 - ok
14:23:23.0723 0x34cc  [ 6017E6A7C2B48D105D1B9110A8F0130B ] \Device\Harddisk0\DR0\Partition5
14:23:23.0738 0x34cc  \Device\Harddisk0\DR0\Partition5 - ok
14:23:23.0741 0x34cc  [ 78608C919CCE7FA227F5223B19302E92 ] \Device\Harddisk0\DR0\Partition6
14:23:23.0742 0x34cc  \Device\Harddisk0\DR0\Partition6 - ok
14:23:23.0746 0x34cc  [ D212164BF12D7FE6039D94E085EC98B0 ] \Device\Harddisk0\DR0\Partition7
14:23:23.0747 0x34cc  \Device\Harddisk0\DR0\Partition7 - ok
14:23:23.0750 0x34cc  [ D4114CA5F1C051E9296FD4B355B31A41 ] \Device\Harddisk0\DR0\Partition8
14:23:23.0751 0x34cc  \Device\Harddisk0\DR0\Partition8 - ok
14:23:23.0755 0x34cc  [ AB00227E6EB737697E203FF982CDD760 ] \Device\Harddisk1\DR1\Partition1
14:23:23.0797 0x34cc  \Device\Harddisk1\DR1\Partition1 - ok
14:23:23.0797 0x34cc  ================ Scan generic autorun ======================
14:23:23.0801 0x34cc  [ EDAF52686D3AEA33BAA300A5B0501EFB, 31B647ACD96CF4F3CE8E9823334799C05F2BC06D9252801767B0903627715345 ] C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe
14:23:23.0808 0x34cc  Command Center Controllers - ok
14:23:23.0857 0x34cc  [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
14:23:23.0919 0x34cc  NvBackend - ok
14:23:23.0919 0x34cc  [ 5DED2A3F11AE916C8F2724947E736261, 35402466FE6D02CC85A27171F55D9F7FD0AAF018D3CC410E46F0B43DCE7EA080 ] C:\WINDOWS\system32\rundll32.exe
14:23:23.0951 0x34cc  ShadowPlay - ok
14:23:23.0951 0x34cc  SynTPEnh - ok
14:23:23.0951 0x34cc  Onboard - ok
14:23:23.0951 0x34cc  [ C7F017C9B163E7DAB864649E8241F683, F007F107FCA0E3A12D7E900101EBF02C2453D4AA56BE18769E86B592C88C5106 ] C:\Program Files\iTunes\iTunesHelper.exe
14:23:23.0966 0x34cc  iTunesHelper - ok
14:23:23.0966 0x34cc  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
14:23:23.0966 0x34cc  UpdReg - detected UnsignedFile.Multi.Generic ( 1 )
14:23:25.0779 0x2e70  Object send P2P result: true
14:23:25.0779 0x2e70  Object required for P2P: [ 7EBD20284AC9BF9F0A020B86769BB074 ] Tcpip6
14:23:26.0295 0x34cc  Detect skipped due to KSN trusted
14:23:26.0295 0x34cc  UpdReg - ok
14:23:26.0326 0x34cc  [ 226ED77CEB87197FC499E7B3218EBE59, 1922E10E44B0E4A0DC67BA9D1EE0AC16947B24545327FD24CE4E19B8DC29F34F ] C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe
14:23:26.0357 0x34cc  Sound Blaster Recon3Di Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
14:23:28.0201 0x2e70  Object send P2P result: true
14:23:28.0717 0x34cc  Detect skipped due to KSN trusted
14:23:28.0717 0x34cc  Sound Blaster Recon3Di Control Panel - ok
14:23:28.0717 0x34cc  [ 7AA219D7AEAA8BADCAC7853AE6AE3BD5, 018F85DCD9EB33DC775CCCB58B999A640B6F8FEF37898EA45600B433E77CF9AE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:23:28.0733 0x34cc  APSDaemon - ok
14:23:28.0795 0x34cc  [ 7186F28DD62BC390E870B1817B8E2699, 477887E959DC629207F5002F416F7838A6211CC19B43B3DB30914AA704364B06 ] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
14:23:28.0842 0x34cc  BingDesktop - ok
14:23:28.0873 0x34cc  [ 37E110D8958EE49C92955CA00D8C0274, 8068246B2C9F152040EC53A3114A748403B982321A70D42E34AC38381E283F08 ] C:\Program Files (x86)\Alienware On-Screen Display\AlienwareOn-ScreenDisplay.exe
14:23:28.0904 0x3418  Object required for P2P: [ 0968D575D9108497A6DC37749D4A6C4F ] wlidsvc
14:23:28.0904 0x34cc  AlienwareOn-ScreenDisplay - ok
14:23:29.0014 0x34cc  [ 12DDF400E9E4441C0A9C144861D1EE01, 8B6702F149E044EC0CDA1291EE7AE64B9954E93E68F15DF8A925E396435254FF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:23:29.0108 0x34cc  AvastUI.exe - ok
14:23:29.0123 0x34cc  [ 2773E8BC0CD2AF14D32B0E85421FA866, B4E62CDF52EF10D40D4C9CAC9340A449FF1CBD1A06545CB0EE52FBB12BF084FB ] C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe
14:23:29.0123 0x34cc  WDAppManager - ok
14:23:29.0217 0x34cc  [ 6F052B9EFAAF6F48B2C9F39AB9231224, 189A737D7EA39493B0058A1BF4B298E5E052B8C90FF2C65A2E6650C0110601F1 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
14:23:29.0316 0x34cc  WD Quick View - ok
14:23:29.0328 0x34cc  [ C2CE42005E3381A95460876020518440, 562EB30DA9A1DB58DB221423177C0680E69A4C38EEE2D5FD936633B2EB8A616E ] C:\Program Files (x86)\QuickTime\QTTask.exe
14:23:29.0344 0x34cc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
14:23:31.0325 0x3418  Object send P2P result: true
14:23:31.0692 0x34cc  Detect skipped due to KSN trusted
14:23:31.0692 0x34cc  QuickTime Task - ok
14:23:31.0780 0x34cc  [ B58A7B5DB3944C25E3C1B9683647ACE7, 9F21A25D70F1DEDC93A039C30D22172FE85FE0CFB344BD053C127B1A2F6EB7DB ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
14:23:31.0855 0x34cc  SDTray - ok
14:23:31.0981 0x34cc  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:23:32.0137 0x34cc  OneDriveSetup - ok
14:23:32.0278 0x34cc  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:23:32.0418 0x34cc  OneDriveSetup - ok
14:23:32.0418 0x34cc  icq - ok
14:23:32.0465 0x34cc  [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] C:\Program Files (x86)\Steam\Steam.exe
14:23:32.0528 0x34cc  Steam - ok
14:23:32.0590 0x34cc  [ 8B8E3CEECD3C9709D1E0DAB2E25565F7, C9ACD0669136667157AF433A96C0C00F771122CE4A3BA0D3924DD635C37BF5D0 ] C:\Program Files (x86)\Origin\Origin.exe
14:23:32.0653 0x34cc  EADM - ok
14:23:32.0653 0x34cc  [ 8273CF9800264D24E498771B1150E66E, 2E6A72277DB36286B91EBC43F0BA6EACBA9084A5CD4C80104530FF384A887E89 ] C:\Program Files (x86)\Overwolf\Overwolf.exe
14:23:32.0653 0x34cc  Overwolf - ok
14:23:32.0668 0x34cc  [ 2010CA459E5EC8F9D5FC8B000D130294, 058FF215A3AAD04F2A4CF23B2CC62A5EA28F5A705EFA689DCE9126720CF33229 ] C:\Users\Marc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:23:32.0684 0x34cc  OneDrive - ok
14:23:32.0684 0x34cc  Skype - ok
14:23:32.0715 0x34cc  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:23:32.0747 0x34cc  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
14:23:35.0091 0x34cc  Detect skipped due to KSN trusted
14:23:35.0091 0x34cc  SpybotPostWindows10UpgradeReInstall - ok
14:23:35.0091 0x34cc  Waiting for KSN requests completion. In queue: 13
14:23:36.0106 0x34cc  Waiting for KSN requests completion. In queue: 13
14:23:37.0122 0x34cc  Waiting for KSN requests completion. In queue: 13
14:23:37.0435 0x2708  Object required for P2P: [ 12DDF400E9E4441C0A9C144861D1EE01 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
14:23:38.0123 0x34cc  Waiting for KSN requests completion. In queue: 10
14:23:39.0132 0x34cc  Waiting for KSN requests completion. In queue: 10
14:23:39.0883 0x2708  Object send P2P result: true
14:23:39.0883 0x2708  Object required for P2P: [ 6F052B9EFAAF6F48B2C9F39AB9231224 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
14:23:40.0133 0x34cc  Waiting for KSN requests completion. In queue: 8
14:23:41.0148 0x34cc  Waiting for KSN requests completion. In queue: 8
14:23:42.0148 0x34cc  Waiting for KSN requests completion. In queue: 8
14:23:42.0320 0x2708  Object send P2P result: true
14:23:42.0320 0x2708  Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] C:\Program Files (x86)\Steam\Steam.exe
14:23:43.0164 0x34cc  Waiting for KSN requests completion. In queue: 4
14:23:44.0180 0x34cc  Waiting for KSN requests completion. In queue: 4
14:23:44.0727 0x2708  Object send P2P result: true
14:23:44.0727 0x2708  Object required for P2P: [ 2010CA459E5EC8F9D5FC8B000D130294 ] C:\Users\Marc\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:23:45.0180 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:46.0196 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:47.0196 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:48.0212 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:49.0212 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:50.0217 0x34cc  Waiting for KSN requests completion. In queue: 1
14:23:50.0482 0x2708  Object send P2P result: true
14:23:51.0262 0x34cc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
14:23:51.0264 0x34cc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
14:23:51.0279 0x34cc  Win FW state via NFP2: enabled ( trusted )
14:23:53.0699 0x34cc  ============================================================
14:23:53.0699 0x34cc  Scan finished
14:23:53.0699 0x34cc  ============================================================
14:23:53.0715 0x0bb4  Detected object count: 1
14:23:53.0715 0x0bb4  Actual detected object count: 1
14:24:48.0952 0x0bb4  NIHardwareService ( UnsignedFile.Multi.Generic ) - skipped by user
14:24:48.0952 0x0bb4  NIHardwareService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:31:35.0865 0x0ed0  Deinitialize success

deeprybka · 27.12.2015, 18:02

Jetzt bitte Suchscan durchführen:

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

marcciboy81 · 28.12.2015, 02:16

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a5ddefe90e3be145b4509f59d5ce3c4a
# end=init
# utc_time=2015-12-28 12:22:20
# local_time=2015-12-28 01:22:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27378
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a5ddefe90e3be145b4509f59d5ce3c4a
# end=updated
# utc_time=2015-12-28 12:24:17
# local_time=2015-12-28 01:24:17 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a5ddefe90e3be145b4509f59d5ce3c4a
# engine=27378
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-28 01:08:36
# local_time=2015-12-28 02:08:36 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 2429931 68951913 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 13829526 17201860 0 0
# scanned=485892
# found=6
# cleaned=0
# scan_time=2659
sh=40BF607ADBA3D2D5BA942080F16FADE0C49D7C85 ft=1 fh=e19cb1e3b373c946 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Marc\AppData\Local\Microsoft\Windows\INetCache\IE\C052ERZZ\HijackThis - CHIP-Installer.exe"
sh=E3157EBDE8717B25033510A54376B94FCFD68EDD ft=0 fh=0000000000000000 vn="JS/Exploit.Agent.NLF Trojaner" ac=I fn="C:\Users\Marc\AppData\Local\Microsoft\Windows\INetCache\Low\IE\4PI2TV7P\viewtopic[1].htm"
sh=C2E270ABF08E6E236FD94CC7E06C92A76BEBD0E3 ft=0 fh=0000000000000000 vn="JS/Kryptik.AYR Trojaner" ac=I fn="C:\Users\Marc\AppData\Local\Microsoft\Windows\INetCache\Low\IE\WSM934BT\5997-winterhauchfest-diener-von-grumpus-neues-mount-im-wilden-geschenk[1].htm"
sh=5B5EA2F5CEC496F99D245A68C884C09F5849E037 ft=1 fh=038fab3ea954bf64 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Marc\AppData\Local\Temp\DMR\dmr_72.exe"
sh=0866CFB429752723075C024D22B0BA1D210E50DA ft=1 fh=56f7157508e95981 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Marc\Downloads\HijackThis - CHIP-Installer.exe"
sh=B21215B1D58A9F255D8BB09579FBFF6B729D1896 ft=1 fh=1a8318a3832c1e8a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Marc\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"

deeprybka · 28.12.2015, 09:24

CHIP-Installer - was ist das? - Anleitungen

Denke Dein Problem resultiert von einem Online-Hack.

marcciboy81 · 28.12.2015, 10:26

Hallo deeprybka,

danke erstmal für deine schnelle Hilfe! Also denkst du das mein Laptop sauber ist und der Hack zum Beispiel bei Blizzard oder sonst wo gelegen hat?
Dann muss ich wenigstens Windows nicht neu aufsetzen...

VG

deeprybka · 28.12.2015, 17:42

Ich gehe davon aus, dass die login credentials nicht durch lokale Malware auf dem PC abgegriffen wurden.

marcciboy81 · 28.12.2015, 23:38

dann möchte ich mich recht herzlich für die Hilfe bei dir bedanken!

Ps: kleine spende an das Board folgt nächste Woche.

Lg

deeprybka · 29.12.2015, 09:39

Super, da freut sich das Team.

27.12.2015, 14:51	#6
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Battle Net Account gehackt Aufteilen oder anhängen... __________________ --> Battle Net Account gehackt

28.12.2015, 09:24	#11
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Battle Net Account gehackt CHIP-Installer - was ist das? - Anleitungen Denke Dein Problem resultiert von einem Online-Hack. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

28.12.2015, 17:42	#13
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Battle Net Account gehackt Ich gehe davon aus, dass die login credentials nicht durch lokale Malware auf dem PC abgegriffen wurden. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

29.12.2015, 09:39	#15
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Battle Net Account gehackt Super, da freut sich das Team. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Battle Net Account gehackt

Log-Analyse und Auswertung: Battle Net Account gehackt