Beim E-Banking kurz schwarzes Fenster, daraufhin findet TrojanHunter Buzus.16507

mafunk · 23.02.2016, 22:13

Hallo
Habe Windows 10, nutze Firefox und F-secure. Vor ein paar Tagen merkte ich die erste Auffälligkeit beim Surfen: ein Werbebanner wurde schwarz und überdeckt den gesamten Browser. F-secure fand nichts, der gestern installierte Malwarebytes auch nicht. Vorhin war ich im E-Banking, als plötzlich für ca. 1 Sekunde ein schwarzes Systemfenster aufging, so eine Art DOS-Fenster. Daraufhin installierte ich TrojanHunter 6.0, der nun Buzus.16507 fand, in einem File qrtfix.exe. Dieser Scan läuft noch.
Was kann ich tun?
Merci, Michael

deeprybka · 23.02.2016, 22:27

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

mafunk · 23.02.2016, 22:56

Hallo Jürgen - merci für die Hilfe! Kurze Rückfrage: soll ich den noch laufenden Scan des TrojanHunter abbrechen?

Ich habe den TrojanHunter Scan nun gestoppt und FRST installiert und laufen gelassen. Hier das erste Logfile FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
durchgeführt von Michael (Administrator) auf HP-MICHAEL (23-02-2016 22:49:19)
Gestartet von C:\Users\Michael\Desktop
Geladene Profile: Michael (Verfügbare Profile: Michael)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Synaptics Incorporated) C:\Windows\System32\valWBFPolicyService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(%CFullName%) C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Mischel Internet Security) C:\Program Files (x86)\TrojanHunter\THGuard.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.16941.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2016-01-30] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [127528 2015-07-08] (Hewlett-Packard Company)
HKLM-x32\...\Run: [F-Secure Hoster (45119)] => C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE [310312 2015-10-08] (F-Secure Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2720144 2015-08-09] (Dominik Reichl)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2015-09-03] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [14371936 2015-11-26] (Swisscom (Schweiz) AG)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [THGuard] => C:\Program Files (x86)\TrojanHunter\THGuard.exe [1082832 2015-06-18] (Mischel Internet Security)
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Mystify.scr [150528 2015-10-30] (Microsoft Corporation)
Startup: C:\Users\Michael\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-10-12]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{07ed4471-029f-4a1d-b0e5-406156e2a534}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp13.msn.com
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp13.msn.com
SearchScopes: HKLM-x32 -> {53CFB67E-3B47-470D-95F6-505646C4FB70} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2322434192-922272962-2423913161-1001 -> {53CFB67E-3B47-470D-95F6-505646C4FB70} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https64.dll [2016-01-11] (F-Secure Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
BHO: Kein Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> Keine Datei
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-02-05] (Microsoft Corporation)
BHO-x32: Browsing Protection by F-Secure -> {45BBE08D-81C5-4A67-AF20-B2A077C67747} -> C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_ie_https\fs_ie_https.dll [2016-01-11] (F-Secure Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-12-17] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-02-04] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-10-19] (Hewlett-Packard Company)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-02-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\igpsd6wp.default
FF Homepage: hxxp://www.spiegel.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-05] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2015-04-21] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-02-23] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-02-04] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2322434192-922272962-2423913161-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-09-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: My Swisscom Assistant - C:\Users\Michael\AppData\Roaming\Mozilla\Firefox\Profiles\igpsd6wp.default\Extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B} [2015-10-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [firefox@bho.com] - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt
FF Extension: HP SimplePass - C:\Program Files\Hewlett-Packard\SimplePass\FFBHOExt [2015-10-13] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [ols@f-secure.com] - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi
FF Extension: Browsing Protection by F-Secure - C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\browser\install\fs_firefox_https\fs_firefox_https.xpi [2015-11-18]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [fidikogfgleiaefnjbmnjaplmgknppkg] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jmjjnhpacphpjmnnlnccpfmhkcloaade] - C:/Program Files (x86)/F-Secure/apps/CCF_Scanning/bin/browser/install/fs_chrome_https/fs_chrome_https.crx [2014-11-27]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2804976 2016-02-04] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1385640 2015-10-13] (Intel Corporation)
R2 fshoster; C:\Program Files (x86)\F-Secure\fshoster32.exe [187432 2014-02-19] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE [216104 2015-10-08] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe [60456 2015-10-14] (F-Secure Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-11-18] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2015-09-03] (Hewlett-Packard Development Company, L.P.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353896 2016-01-30] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 IntelUSBoverIP; C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [395744 2015-01-14] (Intel)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-10-28] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-11-18] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-11-18] (NVIDIA Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [124928 2015-07-02] (Softex Inc.) [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [307456 2016-01-30] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260216 2015-12-09] (Synaptics Incorporated)
R2 valWBFPolicyService; C:\Windows\system32\valWBFPolicyService.exe [82952 2015-12-10] (Synaptics Incorporated)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-10-28] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-10-13] (Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-10-13] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [41976 2015-10-13] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [251384 2015-10-13] (Intel Corporation)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [219128 2015-11-18] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys [97352 2016-02-03] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [75448 2016-01-13] ()
R3 fsni; C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys [97832 2016-01-11] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13352 2015-10-08] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [299280 2015-12-18] (Intel Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [184096 2015-06-29] (Intel Corporation)
R3 Netwtw02; C:\Windows\System32\drivers\Netwtw02.sys [6731520 2016-01-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-11-18] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-11-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [895256 2015-10-13] (Realtek                                            )
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [391896 2015-03-23] (Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [71288 2015-12-09] (Synaptics Incorporated)
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [212056 2015-01-14] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 22:49 - 2016-02-23 22:49 - 00023561 _____ C:\Users\Michael\Desktop\FRST.txt
2016-02-23 22:48 - 2016-02-23 22:49 - 00000000 ____D C:\FRST
2016-02-23 22:47 - 2016-02-23 22:48 - 02371072 _____ (Farbar) C:\Users\Michael\Desktop\FRST64.exe
2016-02-23 20:46 - 2016-02-23 20:46 - 00001131 _____ C:\Users\Michael\Desktop\TrojanHunter.lnk
2016-02-23 20:46 - 2016-02-23 20:46 - 00000000 ____D C:\ProgramData\TrojanHunter
2016-02-23 20:46 - 2016-02-23 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TrojanHunter
2016-02-23 20:46 - 2016-02-23 20:46 - 00000000 ____D C:\Program Files (x86)\TrojanHunter
2016-02-21 10:34 - 2016-02-21 10:34 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-02-21 10:33 - 2016-02-21 10:33 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-02-21 10:33 - 2016-02-21 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-02-21 10:33 - 2016-02-21 10:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-21 10:33 - 2016-02-21 10:33 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-02-21 10:33 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-02-21 10:33 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-02-21 10:33 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-02-12 22:23 - 2016-02-13 20:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-09 21:41 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-02-09 21:41 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-02-09 21:41 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-02-09 21:41 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-02-09 21:41 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-02-09 21:41 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-02-09 21:41 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-02-09 21:41 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-02-09 21:41 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-02-09 21:41 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-02-09 21:41 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-02-09 21:41 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-02-09 21:41 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-02-09 21:41 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-02-09 21:41 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-02-09 21:41 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-02-09 21:41 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-02-09 21:41 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-02-09 21:41 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-02-09 21:41 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-02-09 21:41 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-02-09 21:41 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-02-09 21:41 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-02-09 21:41 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-02-09 21:41 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-02-09 21:41 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-02-09 21:41 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-02-09 21:41 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-02-09 21:41 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-02-09 21:41 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-02-09 21:41 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-02-09 21:41 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-02-09 21:41 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-02-09 21:41 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-02-09 21:41 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-02-09 21:41 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-02-09 21:41 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-02-09 21:41 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-02-09 21:41 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-02-09 21:41 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-02-09 21:41 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-02-09 21:41 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-02-09 21:41 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-02-09 21:41 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-02-09 21:41 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-02-09 21:41 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-02-09 21:41 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-02-09 21:41 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-02-09 21:41 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-02-09 21:41 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-02-09 21:41 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-02-09 21:41 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-02-09 21:41 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-02-09 21:41 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-02-09 21:41 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-02-09 21:41 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-02-09 21:41 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-02-09 21:41 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-02-09 21:41 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-02-09 21:41 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-02-09 21:41 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-02-09 21:41 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-02-09 21:41 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-02-09 21:41 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-02-09 21:41 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 72203792 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2016-01-30 14:53 - 2016-01-30 14:53 - 04216609 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2016-01-30 14:53 - 2016-01-30 14:53 - 03195648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 02893568 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2016-01-30 14:53 - 2016-01-30 14:53 - 02130584 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 02029184 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 01601944 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 01435152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 01351992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 01020208 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00574760 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00532384 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00467160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00387320 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00381416 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00341160 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00321720 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00258504 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00214840 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00166208 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00122328 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00118600 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00110992 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2016-01-30 14:53 - 2016-01-30 14:53 - 00088352 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2016-01-30 14:37 - 2016-01-30 14:37 - 00000000 ____D C:\Users\Michael\Intel
2016-01-30 14:37 - 2016-01-30 14:37 - 00000000 ____D C:\ProgramData\Intel
2016-01-30 14:33 - 2016-01-30 14:33 - 35069432 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdumdim32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 31014352 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd11dxva32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 29084160 _____ (Intel Corporation) C:\WINDOWS\system32\common_clang64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 19844096 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\common_clang32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 15155960 _____ (Intel Corporation) C:\WINDOWS\system32\igc64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 13313024 _____ (Intel Corporation) C:\WINDOWS\system32\ig8icd64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 13168072 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igc32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 11178048 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10iumd32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 10075136 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\ig8icd32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 05797102 _____ C:\WINDOWS\system32\igdclbif.bin
2016-01-30 14:33 - 2016-01-30 14:33 - 05666816 _____ (Intel Corporation) C:\WINDOWS\system32\igdmcl64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 05245440 _____ (Intel Corporation) C:\WINDOWS\system32\GfxResources.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 04869816 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdusc32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 04527104 _____ (Intel Corporation) C:\WINDOWS\system32\igdrcl64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 04362056 _____ (Intel Corporation) C:\WINDOWS\system32\igd12umd64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 03982336 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdrcl32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 03952128 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmcl32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 03932528 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd12umd32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 01840592 _____ (Intel Corporation) C:\WINDOWS\system32\igdmd64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 01465672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdmd32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 01008232 _____ C:\WINDOWS\system32\igfxSDK.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00941672 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv4_0.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00938088 _____ (Intel Corporation) C:\WINDOWS\system32\Gfxv2_0.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00819926 _____ C:\WINDOWS\system32\DisplayAudiox64.cab
2016-01-30 14:33 - 2016-01-30 14:33 - 00595560 _____ (Intel Corporation) C:\WINDOWS\system32\IntelCpHDCPSvc.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00517736 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiUMS64.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00448104 _____ (Intel Corporation) C:\WINDOWS\system32\GfxUIEx.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00421376 _____ (Intel Corporation) C:\WINDOWS\system32\igdbcl64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00397824 _____ (Intel Corporation) C:\WINDOWS\system32\IntelOpenCL64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00395368 _____ C:\WINDOWS\system32\igfxTray.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00386048 _____ (Intel Corporation) C:\WINDOWS\system32\igfxOSP.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00371200 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdbcl32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00331776 _____ (Intel Corporation) C:\WINDOWS\system32\IntelWiDiMCComp64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00300032 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelOpenCL32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00285304 _____ (Intel Corporation) C:\WINDOWS\system32\igd10idpp64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00270896 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igd10idpp32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00256000 _____ C:\WINDOWS\system32\igfxCPL.cpl
2016-01-30 14:33 - 2016-01-30 14:33 - 00248832 _____ (Intel Corporation) C:\WINDOWS\system32\igdfcl64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00243200 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDTCM.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00218216 _____ (Intel Corporation) C:\WINDOWS\system32\igfxext.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00213608 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyApp.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00213096 _____ (Intel Corporation) C:\WINDOWS\system32\DPTopologyAppv2_0.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00207872 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdfcl32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00201368 _____ (Intel Corporation) C:\WINDOWS\system32\igdde64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00189952 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCoIn_v4300.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00176128 _____ (Intel Corporation) C:\WINDOWS\system32\igdail64.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00160680 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdde32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00156672 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igdail32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00156264 _____ (Intel Corporation) C:\WINDOWS\system32\difx64.exe
2016-01-30 14:33 - 2016-01-30 14:33 - 00094208 _____ ( ) C:\WINDOWS\system32\igfxSDKLibv2_0.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00086016 _____ C:\WINDOWS\system32\igfxCUIServicePS.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00083456 _____ ( ) C:\WINDOWS\system32\igfxSDKLib.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00077824 _____ ( ) C:\WINDOWS\system32\igfxDHLibv2_0.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00065536 _____ ( ) C:\WINDOWS\system32\igfxDHLib.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00036616 _____ (Intel Corporation) C:\WINDOWS\system32\igfxexps.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00035328 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\igfxexps32.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILibv2_0.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00011776 _____ ( ) C:\WINDOWS\system32\igfxDILib.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLibv2_0.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00010240 _____ ( ) C:\WINDOWS\system32\igfxEMLib.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLibv2_0.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00005120 _____ ( ) C:\WINDOWS\system32\igfxLHMLib.dll
2016-01-30 14:33 - 2016-01-30 14:33 - 00004698 _____ C:\WINDOWS\system32\iglhxs64.vp
2016-01-27 22:56 - 2016-01-27 22:56 - 00009043 _____ C:\Users\Michael\Documents\Untitled[2].pdf
2016-01-27 21:33 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-01-27 21:33 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-27 21:33 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-27 21:33 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-27 21:33 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-01-27 21:33 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-01-27 21:33 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-01-27 21:33 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-01-27 21:33 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-27 21:33 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-01-27 21:33 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-01-27 21:33 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-27 21:33 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-01-27 21:33 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-01-27 21:33 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-01-27 21:33 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-01-27 21:33 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-01-27 21:33 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-01-27 21:33 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-01-27 21:33 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-01-27 21:33 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-01-27 21:33 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-01-27 21:33 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-01-27 21:33 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-01-27 21:33 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-01-27 21:33 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-01-27 21:33 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-01-27 21:33 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-01-27 21:33 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-01-27 21:33 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-01-27 21:33 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-01-27 21:33 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-01-27 21:33 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-01-27 21:33 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-01-27 21:33 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-01-27 21:33 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-01-27 21:33 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-01-27 21:33 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-01-27 21:33 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-01-27 21:33 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-01-27 21:33 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-01-27 21:33 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-01-27 21:33 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-01-27 21:33 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-01-27 21:33 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-01-27 21:33 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-01-27 21:33 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-01-27 21:33 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-01-27 21:33 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-01-27 21:33 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-01-27 21:33 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-01-27 21:33 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-01-27 21:33 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-01-27 21:33 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-01-27 21:33 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-01-27 21:33 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-01-27 21:33 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-01-27 21:33 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-01-27 21:33 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-01-27 21:33 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-01-27 21:33 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-01-27 21:33 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-01-27 21:33 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-01-27 21:33 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-27 21:33 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-01-27 21:33 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-01-27 21:33 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-01-27 21:33 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-01-27 21:33 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-01-27 21:33 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-01-27 21:33 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-01-27 21:33 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-01-27 21:33 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-01-27 21:33 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-01-27 21:33 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-01-27 21:33 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-01-27 21:33 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-01-27 21:33 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-01-27 21:33 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-01-27 21:33 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-01-27 21:33 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-01-27 21:33 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-01-27 21:33 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-01-27 21:33 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-01-27 21:33 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-01-27 21:33 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-27 21:33 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-01-27 21:33 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-01-27 21:33 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-01-27 21:33 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-01-27 21:33 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-01-27 21:33 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-01-27 21:33 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-01-27 21:33 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-01-27 21:33 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-01-27 21:33 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-27 21:33 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-01-27 21:33 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-01-27 21:33 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-27 21:33 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-01-27 21:33 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-01-27 21:33 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-01-27 21:33 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-23 22:30 - 2015-10-25 11:28 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-23 20:44 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-23 20:43 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-23 20:31 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-02-23 20:31 - 2015-10-11 14:08 - 00000000 ____D C:\Users\Michael\Documents\Youcam
2016-02-23 20:30 - 2015-07-20 11:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-02-23 20:29 - 2015-12-09 22:18 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-23 20:29 - 2015-10-11 14:07 - 00000000 __SHD C:\Users\Michael\IntelGraphicsProfiles
2016-02-23 18:10 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2016-02-20 21:56 - 2015-12-10 19:48 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-02-19 20:25 - 2015-10-12 23:08 - 00003262 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForMichael
2016-02-19 20:25 - 2015-10-12 23:08 - 00000362 _____ C:\WINDOWS\Tasks\HPCeeScheduleForMichael.job
2016-02-18 22:32 - 2015-10-16 08:32 - 00000000 ____D C:\Users\Michael\AppData\Roaming\KeePass
2016-02-18 21:21 - 2015-10-11 14:07 - 00000000 ____D C:\Users\Michael\AppData\Local\Packages
2016-02-16 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2016-02-14 10:00 - 2015-12-09 22:18 - 03027552 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-14 10:00 - 2015-12-09 22:11 - 00850232 _____ C:\WINDOWS\system32\perfh00C.dat
2016-02-14 10:00 - 2015-12-09 22:11 - 00171306 _____ C:\WINDOWS\system32\perfc00C.dat
2016-02-14 10:00 - 2015-10-30 19:35 - 00856226 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-14 10:00 - 2015-10-30 19:35 - 00188898 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-13 20:22 - 2015-10-12 19:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-09 22:35 - 2015-12-09 22:23 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-09 22:35 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-02-09 22:35 - 2015-10-15 21:10 - 00000000 ____D C:\ProgramData\Synaptics
2016-02-09 22:35 - 2015-09-10 06:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-02-09 22:34 - 2015-10-30 19:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-09 21:51 - 2015-10-12 18:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-02-09 21:49 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-02-09 21:49 - 2015-10-12 18:34 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-30 14:54 - 2015-12-09 22:17 - 00000000 ____D C:\Program Files\Synaptics
2016-01-30 14:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-01-30 14:54 - 2015-03-24 09:53 - 00000000 ____D C:\SWSetup
2016-01-30 14:53 - 2015-12-09 22:18 - 00015766 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-01-30 14:53 - 2015-12-09 22:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-01-30 14:53 - 2015-10-13 05:38 - 04655872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2016-01-30 14:53 - 2015-10-13 05:38 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2016-01-30 14:53 - 2015-10-13 05:38 - 03004904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2016-01-30 14:53 - 2015-10-13 05:38 - 01328504 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2016-01-30 14:53 - 2015-10-13 05:38 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2016-01-30 14:53 - 2015-10-13 05:38 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2016-01-30 14:53 - 2015-07-20 10:52 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-01-30 14:52 - 2015-07-20 10:52 - 02826832 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2016-01-30 14:47 - 2015-12-09 22:19 - 00000000 ____D C:\Users\Michael
2016-01-30 14:46 - 2015-07-20 11:00 - 00017378 _____ C:\WINDOWS\system32\results.xml
2016-01-30 14:45 - 2015-12-09 22:18 - 00000000 ____D C:\ProgramData\Validity
2016-01-30 14:37 - 2015-07-10 10:47 - 00000000 ____D C:\Users\Default.migrated
2016-01-30 14:36 - 2015-12-09 22:17 - 00000000 ____D C:\Program Files\Intel
2016-01-30 14:34 - 2015-12-09 22:18 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-01-30 14:33 - 2015-10-12 23:03 - 35989240 _____ (Intel Corporation) C:\WINDOWS\system32\igdumdim64.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 29709824 _____ (Intel Corporation) C:\WINDOWS\system32\igd11dxva64.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 13632048 _____ (Intel Corporation) C:\WINDOWS\system32\igd10iumd64.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 06429072 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\igdkmd64.sys
2016-01-30 14:33 - 2015-10-12 23:03 - 06337096 _____ (Intel Corporation) C:\WINDOWS\system32\igdusc64.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 02035712 _____ (Intel Corporation) C:\WINDOWS\system32\igfxLHM.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 00728576 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDH.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 00364032 _____ (Intel Corporation) C:\WINDOWS\system32\igfxDI.dll
2016-01-30 14:33 - 2015-10-12 23:03 - 00353896 _____ (Intel Corporation) C:\WINDOWS\system32\igfxCUIService.exe
2016-01-30 14:33 - 2015-10-12 23:03 - 00332904 _____ (Intel Corporation) C:\WINDOWS\system32\igfxEM.exe
2016-01-30 14:33 - 2015-10-12 23:03 - 00282216 _____ (Intel Corporation) C:\WINDOWS\SysWOW64\IntelCpHeciSvc.exe
2016-01-30 14:33 - 2015-10-12 23:03 - 00248424 _____ (Intel Corporation) C:\WINDOWS\system32\igfxHK.exe
2016-01-30 14:32 - 2015-12-09 22:17 - 00000000 ____D C:\Program Files (x86)\Intel
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-27 23:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-10-22 19:54 - 2015-10-27 21:31 - 0007608 _____ () C:\Users\Michael\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-15 22:26

==================== Ende von FRST.txt ============================

Und hier das Logfile von Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-02-2016 01
durchgeführt von Michael (2016-02-23 22:49:49)
Gestartet von C:\Users\Michael\Desktop
Windows 10 Home Version 1511 (X64) (2015-12-09 21:26:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2322434192-922272962-2423913161-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2322434192-922272962-2423913161-503 - Limited - Disabled)
Gast (S-1-5-21-2322434192-922272962-2423913161-501 - Limited - Disabled)
Michael (S-1-5-21-2322434192-922272962-2423913161-1001 - Administrator - Enabled) => C:\Users\Michael

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Computer Security (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Computer Security (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.7.0.6 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.5.0.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.6.0.5 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Computer Security 14.106.105.0 (release) (x32 Version: 14.106.105.0 - F-Secure Corporation) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.9.4928 - CyberLink Corp.)
CyberLink MediaEspresso 6.7 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.7.4.6127 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.4.6303 - CyberLink Corp.)
Cyberlink PhotoDirector (Version: 5.0.4.6303 - Ihr Firmenname) Hidden
CyberLink Power Media Player 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.6.5104 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.9.5009 - CyberLink Corp.)
CyberLink PowerBackup 2.6 (HKLM-x32\...\InstallShield_{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.6.2.1307 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3.3812 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.3.3812 - Ihr Firmenname) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.6.5011 - CyberLink Corp.)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.3.0 - Dropbox, Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.8.1 (HKLM-x32\...\{4FD2D1C8-8636-11E4-9D21-00163E98E7D6}) (Version: 5.8.1.6061 - Evernote Corp.)
Foxit PhantomPDF (HKLM-x32\...\{4E32271C-B55A-4CDF-8DB7-88FD1C45927C}) (Version: 7.0.310.226 - Foxit Software Inc.)
FreeFileSync 7.8 (HKLM-x32\...\FreeFileSync_is1) (Version: 7.8 - www.FreeFileSync.org)
F-Secure CCF Reputation (x32 Version: 1.1.25.2280 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.136 (x32 Version: 1.02.136 - F-Secure Corporation) Hidden
F-Secure SafeSearch 1.03.207.0 (release) (x32 Version: 1.03.207.0 - F-Secure Corporation) Hidden
FUJIFILM Bestellsoftware 5.4 (HKLM-x32\...\FUJI.CH Bestell-Software_is1) (Version:  - )
Garmin BaseCamp (HKLM-x32\...\{36A0D446-B8E9-4753-BDFE-335F6F4DE59C}) (Version: 4.5.2 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.1.6.0 - Brother Industries, Ltd.)
HP 3D DriveGuard (HKLM-x32\...\{E8D0E2B8-B64B-44BC-8E01-00DDACBDF78A}) (Version: 6.0.28.1 - Hewlett-Packard Company)
HP CoolSense (HKLM-x32\...\{ADE2F6A7-E7BD-4955-BD66-30903B223DDF}) (Version: 2.20.41 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{CF43D82B-1165-483F-A2EB-D11FED649BE1}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7960.5089 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.46 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{61EB474B-67A6-47F4-B1B7-386851BAB3D0}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{8F1A441E-AD6D-4732-BD6A-F38D5F1D1E47}) (Version: 12.0.30.219 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{6B1ECC61-B581-400D-BFAF-101B1AAEA5AB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.01.46 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.46 - Softex Inc.) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10600.150 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{9f63698a-6f92-4dd3-be96-6a75e3672dae}) (Version: 18.30.0000.3514 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4300 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{AACB7B6F-5057-4612-B026-FE2A3D69F30B}) (Version: 5.1.28.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{E3FD53DA-893B-4981-AAB7-1BF1AB0A1784}) (Version: 17.1.1532.1814 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Internet Security (HKLM-x32\...\F-Secure ServiceEnabler 45119) (Version: 2.06.303.0 - F-Secure Corporation)
Internet Security (x32 Version: 2.06.303.0 - F-Secure Corporation) Hidden
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
KeePass Password Safe 2.30 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.30 - Dominik Reichl)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6568.2025 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6528.1011 - Microsoft Corporation) Hidden
Online Safety 2.107.2565.1702 (x32 Version: 2.107.2565.1702 - F-Secure Corporation) Hidden
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.315.0 - Tracker Software Products Ltd)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.77 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7661 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
SportTracks 3.1 (HKLM-x32\...\{99895EF0-B290-4B21-B1FE-FB00E1B5D195}) (Version: 3.1.5770 - Zone Five Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
Synaptics WBF DDK (HKLM\...\{244C6825-00E4-4AC1-8A1C-96B8911399C6}) (Version: 4.5.327.0 - Synaptics)
tiptoi® Manager 3.0.9 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.0.9 - Ravensburger AG)
TrojanHunter 6.0 (HKLM-x32\...\TrojanHunter_is1) (Version: 6.0 - Bytelayer AB)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2322434192-922272962-2423913161-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Michael\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {005E99F1-4021-4D76-8CA1-7F0F85B7D9C4} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {049F8486-F976-4AA8-98B0-BDFA7FD2CE69} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {10107FF3-1A93-4BCA-806E-CFFAE789888D} - System32\Tasks\Start OPBHOBroker => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [2015-07-02] (Hewlett-Packard)
Task: {30945E8D-CDF2-40AE-B48B-A04D24955351} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2014-05-19] (Hewlett-Packard Development Company, L.P.)
Task: {3B58C9B3-3EB8-4409-B2B1-066322979ECE} - System32\Tasks\Start SimplePass => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [2015-07-02] (Hewlett-Packard)
Task: {3E9CD70F-1992-4BAA-91E6-D4BF06C5F27E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-01-06] (HP Inc.)
Task: {403C2437-828A-4225-84AE-3B22577E0540} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-01-15] ()
Task: {4212D859-434D-4652-9DDE-BB5D6B22C378} - System32\Tasks\YCMServiceAgent => c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2015-02-11] (CyberLink Corp.)
Task: {4B059211-2F20-4AB7-9048-09263C3615AE} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {575A242A-B5D0-450A-8DE1-2E3C5830AE68} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {62F47956-2DA7-4EF7-AA5D-FC281662BB7D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {63EB830F-92D0-434F-8602-F29A3EE09EDF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6FC58B76-C443-4BAB-9B1B-DE14937CF5CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {734DC34D-23B9-4869-B1F4-3717634D7B14} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {7558229F-9BBE-4B2B-8B17-4FB044FBAFEE} - System32\Tasks\HPCeeScheduleForMichael => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {76F953A2-490C-4AC9-AA47-583D176B0479} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7847FEF6-5747-4084-836D-A036CC2417FD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-09] (Microsoft Corporation)
Task: {7CA83C38-1270-4D5F-93EA-F95333499352} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {8DCFED9C-F2D4-4E62-8367-A2B57DC9BBBB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-01-06] (Hewlett-Packard)
Task: {927E8C5D-6E4F-4C69-9D54-CDFC086DB401} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-01-12] (Hewlett-Packard Company)
Task: {9AA1A65D-AA0B-45C5-A035-62708C1023DA} - System32\Tasks\Start OPBHOBrokerDesktop => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [2015-07-02] (Hewlett-Packard)
Task: {9CA43436-96C8-4CAA-A994-F13592B59CBF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-02-04] (Microsoft Corporation)
Task: {AA15B4FA-E49A-460B-B7D2-802BA6A408D4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-23] (Microsoft Corporation)
Task: {BC204442-9E4D-450D-9F90-E6D5D78CE200} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {D9A6A7BE-E43F-4AE2-BB44-685339D0D0C9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-02-23] (Microsoft Corporation)
Task: {E1B493FC-C787-4E87-BA73-9EEBECAA647E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-01-20] (Hewlett-Packard)
Task: {E971AA10-6676-4929-9412-8ADFB49263E8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2015-09-28] (Hewlett-Packard Company)
Task: {F97E8D9E-2470-48EB-8100-429F6C9EC4F6} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForMichael.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-20 11:06 - 2014-04-14 17:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-09 22:17 - 2015-08-07 18:18 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-09 22:12 - 2015-12-09 22:12 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-09 22:12 - 2015-12-09 22:12 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-17 21:10 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-17 21:10 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-13 21:40 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-13 21:40 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 21:33 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 21:33 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-10-12 21:00 - 2016-02-04 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-02-07 22:22 - 2016-02-07 22:22 - 00015872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-02-07 22:22 - 2016-02-07 22:22 - 14869504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2015-11-19 17:51 - 2015-11-19 17:51 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.201.11370.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2015-10-14 19:36 - 2015-10-08 15:12 - 00045608 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2014-02-19 12:56 - 2014-02-19 12:56 - 00220200 _____ () C:\Program Files (x86)\F-Secure\daas2.dll
2016-01-04 19:57 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-10-14 19:40 - 2016-02-03 20:52 - 00091176 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2015-10-14 19:36 - 2016-02-03 20:51 - 00177704 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Gemini\fsgem.dll
2015-10-14 19:36 - 2016-02-03 20:51 - 00929832 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2015-11-18 21:07 - 2015-11-18 21:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-01-30 14:26 - 2016-01-30 14:26 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-12-09 22:22 - 2015-12-09 22:22 - 00592936 _____ () C:\WINDOWS\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.79_none_b59ec33311fcd586\QtMultimediaKit1.dll
2015-10-14 19:36 - 2015-10-08 15:12 - 00056360 _____ () C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\FSGUI\fsavures.eng

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2322434192-922272962-2423913161-1001\Control Panel\Desktop\\Wallpaper -> Z:\FOTOS\2014\2014-09 Ferien Südschweiz\Best of\06_Wanderung Valbella\Valbella41.JPG
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKLM\...\StartupApproved\Run32: => "My Swisscom Assistant"
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2322434192-922272962-2423913161-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{89DA4168-A85E-4A46-8A2E-51DEFC588F69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ECE1C7FC-69D2-468E-AA5E-E2396438F09A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5903BED1-2097-499C-8DFF-5914F79710D3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{72A32526-04FF-4723-942A-E086318D92C8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{97C48EC7-7195-411D-82B4-AF36021FBE45}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EAC36A54-D355-4F52-8605-41DC469D83FD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60A0CA6A-22E1-4611-A0BD-AD9176B932C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D994296E-8781-4AA9-A86E-6A5251E828F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{4813874F-25CD-448E-A309-E4EF35183EB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F6C1E19A-58D6-49AB-B9F5-4F22062114B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A8BCFF0D-0836-4A67-BCB1-6A5EF25FBFD5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2840939C-85D9-4284-8407-153020D9AB3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7696F3E9-9B86-4D1A-8516-762C40120E00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DF4F40D2-19AD-4226-BC88-6745AC199244}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{367FA60E-4B96-4980-B480-6844ABC1725B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F44A0900-987C-4302-82A6-E9617E51A618}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7CE83262-B3CF-4512-BEA5-64A84A130745}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A05D884-2EE5-48F9-AE24-C426727931D3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7F1855A1-331E-4F8A-B3C9-BBECE4E0C4D4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3E7AAF4-28DE-4856-B582-E9F0BEB92C0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3812475B-8EA5-4A98-B6F0-7CF5A3606B46}] => (Allow) C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
FirewallRules: [{1214B020-B7D1-4C06-A6E0-CE2E76A3F8AB}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{BC76894C-0EDD-4917-84D2-5748F9B81EE1}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{2C0F5A3A-17C9-4505-A5DA-10A412262C83}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{69CFC1BC-9034-42CD-83BC-57394C6A1788}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{C76D2977-9869-409E-83EB-D4D163BAEBCF}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BF92C42E-1C16-4B83-B9E6-A83207A983A9}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{91B973E3-5AD6-404F-A397-59B91FD0D164}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{B1713B48-3FB0-4063-BDD4-47A41E73371C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{CCF278FB-6CC4-40BA-A28F-79A1FA3DCB18}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{864D2737-0EA4-49CA-9B74-602736F8DA2B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{97AE4011-F586-4C01-98DD-0EA5B76023FF}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{8B9806E7-7177-43F1-B021-4E68EBE3877D}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{87F3B4D2-61D3-449B-83CD-06E519741A69}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{C7D03CC8-C817-4084-A6EE-29A62403D3E6}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{0EEDD52B-F73E-4979-B62B-8F9CC1CE89D6}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{D0C1D51D-800F-4C69-A467-7AE904FFCABE}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{1D6960B6-47E8-494A-8550-BBBB8BD8D828}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{89C0627C-ED3A-4DD7-BA86-922E7D62E5B9}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{10E52CBC-5C1C-4EA0-9D14-9E7A8C07BB0F}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe

==================== Wiederherstellungspunkte =========================

23-01-2016 22:50:29 Windows-Sicherung
23-01-2016 23:29:58 Windows-Sicherung
27-01-2016 22:25:28 Windows Update
30-01-2016 14:31:21 HPSF Applying updates
09-02-2016 21:47:56 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/23/2016 08:31:20 PM) (Source: Outlook) (EventID: 35) (User: )
Description: Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich befindet (Fehler=0x80070005).

Error: (02/23/2016 08:31:20 PM) (Source: Outlook) (EventID: 34) (User: )
Description: Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x80070005.

Error: (02/23/2016 08:29:48 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR

DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (02/23/2016 06:06:38 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR

DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (02/21/2016 09:40:42 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR

DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (02/21/2016 04:15:50 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR

DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (02/21/2016 10:31:53 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (02/21/2016 10:27:28 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10600.150) TYPE: ERROR

DPTF Build Version:  8.1.10600.150
DPTF Build Date:  Jun 26 2015 11:46:12
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (02/20/2016 10:01:33 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (02/20/2016 09:57:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: fshoster32.exe, Version: 1.5.484.0, Zeitstempel: 0x5301b366
Name des fehlerhaften Moduls: QtWebKit4.dll, Version: 4.9.2.0, Zeitstempel: 0x52eb283a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0078f925
ID des fehlerhaften Prozesses: 0x650
Startzeit der fehlerhaften Anwendung: 0xfshoster32.exe0
Pfad der fehlerhaften Anwendung: fshoster32.exe1
Pfad des fehlerhaften Moduls: fshoster32.exe2
Berichtskennung: fshoster32.exe3
Vollständiger Name des fehlerhaften Pakets: fshoster32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: fshoster32.exe5


Systemfehler:
=============
Error: (02/23/2016 09:39:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/23/2016 06:14:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_31bb1fd" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/23/2016 06:14:17 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/23/2016 06:10:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.

 Code: 8 0x0 0x0

Error: (02/23/2016 06:10:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.

 Code: 2 0xdeaddeed 0xeeec

Error: (02/23/2016 06:10:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 4003) (User: NT-AUTORITÄT)
Description: Bei der automatischen WLAN-Konfiguration wurde eine eingeschränkte Konnektivität erkannt, "Reset/Recover.adapter" wird ausgeführt.

 Code: 1 0xc 0x4

Error: (02/21/2016 10:35:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_303f2cb" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (02/21/2016 10:35:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/21/2016 04:37:29 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (02/21/2016 04:37:28 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


CodeIntegrity:
===================================
  Date: 2016-02-23 20:31:12.051
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-16 21:20:25.166
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-09 22:35:46.724
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-02-09 22:10:15.744
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-30 15:03:05.967
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-30 14:18:45.572
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-30 14:07:10.905
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-18 11:26:25.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-14 19:45:41.995
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-05 22:34:25.959
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 16299.39 MB
Verfügbarer physikalischer RAM: 12795.51 MB
Summe virtueller Speicher: 18731.39 MB
Verfügbarer virtueller Speicher: 15321.64 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:236.59 GB) (Free:169.98 GB) NTFS
Drive e: (RECOVERY) (Fixed) (Total:24.14 GB) (Free:2.71 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive z: (Daten) (Fixed) (Total:907.38 GB) (Free:693.46 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: F0423C42)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: DD8470A7)

Partition: GPT.

==================== Ende von Addition.txt ============================

deeprybka · 25.02.2016, 10:02

Hi,

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

mafunk · 25.02.2016, 20:10

Hallo Jürgen. Tool heruntergeladen und Scan durchgeführt. Tool fand nichts.

Hier Teil 1 des Logfile (da in Summe zu lang):

Code:

ATTFilter

20:01:53.0402 0x0f50  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
20:01:53.0402 0x0f50  UEFI system
20:02:05.0363 0x0f50  ============================================================
20:02:05.0363 0x0f50  Current date / time: 2016/02/25 20:02:05.0363
20:02:05.0363 0x0f50  SystemInfo:
20:02:05.0363 0x0f50  
20:02:05.0363 0x0f50  OS Version: 10.0.10586 ServicePack: 0.0
20:02:05.0363 0x0f50  Product type: Workstation
20:02:05.0363 0x0f50  ComputerName: HP-MICHAEL
20:02:05.0363 0x0f50  UserName: Michael
20:02:05.0363 0x0f50  Windows directory: C:\WINDOWS
20:02:05.0363 0x0f50  System windows directory: C:\WINDOWS
20:02:05.0363 0x0f50  Running under WOW64
20:02:05.0363 0x0f50  Processor architecture: Intel x64
20:02:05.0363 0x0f50  Number of processors: 4
20:02:05.0363 0x0f50  Page size: 0x1000
20:02:05.0363 0x0f50  Boot type: Normal boot
20:02:05.0363 0x0f50  ============================================================
20:02:05.0427 0x0f50  KLMD registered as C:\WINDOWS\system32\drivers\73518045.sys
20:02:05.0551 0x0f50  System UUID: {EE7E8D8B-BCD8-DDB7-3AED-5CF62BF4FBBC}
20:02:05.0884 0x0f50  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:02:05.0911 0x0f50  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:02:05.0914 0x0f50  ============================================================
20:02:05.0914 0x0f50  \Device\Harddisk0\DR0:
20:02:05.0914 0x0f50  GPT partitions:
20:02:05.0915 0x0f50  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {68491507-F4FA-4C5C-A897-3FAE8E37B9C9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
20:02:05.0915 0x0f50  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A1E91601-EF47-47BD-A14C-50F9CE8101B2}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
20:02:05.0915 0x0f50  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {076FF866-352D-4FA8-A210-CF2C665E30EF}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
20:02:05.0915 0x0f50  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {34DA4D35-0E02-472F-992E-65035F9A5E42}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x1D92E4C9
20:02:05.0915 0x0f50  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {CDB929ED-CAEF-4E1E-AFB5-D8A4563A3A87}, Name: , StartLBA 0x1DB36000, BlocksNum 0x1BD000
20:02:05.0915 0x0f50  MBR partitions:
20:02:05.0915 0x0f50  \Device\Harddisk1\DR1:
20:02:05.0915 0x0f50  GPT partitions:
20:02:05.0916 0x0f50  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {04833B7A-0977-463A-ACB0-84C84B0EAFD9}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x716C0800
20:02:05.0916 0x0f50  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3D85FEE5-1B6F-4673-81B3-118A71429CFB}, Name: Basic data partition, StartLBA 0x716C1000, BlocksNum 0x3045800
20:02:05.0916 0x0f50  MBR partitions:
20:02:05.0916 0x0f50  ============================================================
20:02:05.0918 0x0f50  C: <-> \Device\Harddisk0\DR0\Partition4
20:02:05.0963 0x0f50  E: <-> \Device\Harddisk1\DR1\Partition2
20:02:05.0999 0x0f50  Z: <-> \Device\Harddisk1\DR1\Partition1
20:02:05.0999 0x0f50  ============================================================
20:02:05.0999 0x0f50  Initialize success
20:02:05.0999 0x0f50  ============================================================
20:03:30.0331 0x213c  ============================================================
20:03:30.0331 0x213c  Scan started
20:03:30.0331 0x213c  Mode: Manual; SigCheck; TDLFS; 
20:03:30.0331 0x213c  ============================================================
20:03:30.0331 0x213c  KSN ping started
20:03:32.0646 0x213c  KSN ping finished: true
20:03:33.0910 0x213c  ================ Scan system memory ========================
20:03:33.0910 0x213c  System memory - ok
20:03:33.0910 0x213c  ================ Scan services =============================
20:03:33.0951 0x213c  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:03:34.0152 0x213c  1394ohci - ok
20:03:34.0187 0x213c  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:03:34.0205 0x213c  3ware - ok
20:03:34.0211 0x213c  [ 36E8D1E627D422241D903305B4008E9B, BD4BB52E98302A71A217DDE85102DBFBD04A59CEE9BAD7AF1138BF453889D6EA ] Accelerometer   C:\WINDOWS\system32\DRIVERS\Accelerometer.sys
20:03:34.0231 0x213c  Accelerometer - ok
20:03:34.0247 0x213c  [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:03:34.0284 0x213c  ACPI - ok
20:03:34.0291 0x213c  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:03:34.0307 0x213c  acpiex - ok
20:03:34.0311 0x213c  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:03:34.0435 0x213c  acpipagr - ok
20:03:34.0439 0x213c  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:03:34.0561 0x213c  AcpiPmi - ok
20:03:34.0565 0x213c  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:03:34.0685 0x213c  acpitime - ok
20:03:34.0705 0x213c  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:03:34.0725 0x213c  AdobeFlashPlayerUpdateSvc - ok
20:03:34.0752 0x213c  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:03:34.0822 0x213c  ADP80XX - ok
20:03:34.0842 0x213c  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:03:34.0880 0x213c  AFD - ok
20:03:34.0885 0x213c  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:03:34.0899 0x213c  agp440 - ok
20:03:34.0908 0x213c  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:03:35.0037 0x213c  ahcache - ok
20:03:35.0041 0x213c  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
20:03:35.0069 0x213c  AJRouter - ok
20:03:35.0075 0x213c  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\WINDOWS\System32\alg.exe
20:03:35.0106 0x213c  ALG - ok
20:03:35.0112 0x213c  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:03:35.0144 0x213c  AmdK8 - ok
20:03:35.0152 0x213c  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:03:35.0184 0x213c  AmdPPM - ok
20:03:35.0189 0x213c  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:03:35.0202 0x213c  amdsata - ok
20:03:35.0212 0x213c  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:03:35.0232 0x213c  amdsbs - ok
20:03:35.0236 0x213c  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:03:35.0255 0x213c  amdxata - ok
20:03:35.0260 0x213c  [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
20:03:35.0306 0x213c  AppHostSvc - ok
20:03:35.0313 0x213c  [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:03:35.0329 0x213c  AppID - ok
20:03:35.0334 0x213c  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:03:35.0367 0x213c  AppIDSvc - ok
20:03:35.0373 0x213c  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:03:35.0410 0x213c  Appinfo - ok
20:03:35.0419 0x213c  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:03:35.0430 0x213c  Apple Mobile Device Service - ok
20:03:35.0444 0x213c  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:03:35.0493 0x213c  AppReadiness - ok
20:03:35.0544 0x213c  [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:03:35.0679 0x213c  AppXSvc - ok
20:03:35.0687 0x213c  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:03:35.0708 0x213c  arcsas - ok
20:03:35.0722 0x213c  [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:03:35.0737 0x213c  aspnet_state - ok
20:03:35.0741 0x213c  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
20:03:35.0771 0x213c  AsyncMac - ok
20:03:35.0775 0x213c  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:03:35.0787 0x213c  atapi - ok
20:03:35.0796 0x213c  [ 158D628D1073D42429CB25A6F47DAE17, AC5B358A190A75E9D58749C198E5480371B37313ACDA228AA457041B0F09EC01 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:03:35.0837 0x213c  AudioEndpointBuilder - ok
20:03:35.0869 0x213c  [ 2D6128490CEBAC2499DA97B992E919DC, 04451E87AEF31D7C58A64F199DB15EE031E389D0FE60EF107808168C900E13ED ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:03:35.0939 0x213c  Audiosrv - ok
20:03:35.0946 0x213c  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:03:35.0984 0x213c  AxInstSV - ok
20:03:35.0998 0x213c  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:03:36.0030 0x213c  b06bdrv - ok
20:03:36.0035 0x213c  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:03:36.0062 0x213c  BasicDisplay - ok
20:03:36.0067 0x213c  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:03:36.0099 0x213c  BasicRender - ok
20:03:36.0104 0x213c  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
20:03:36.0130 0x213c  bcmfn - ok
20:03:36.0133 0x213c  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:03:36.0160 0x213c  bcmfn2 - ok
20:03:36.0171 0x213c  [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:03:36.0212 0x213c  BDESVC - ok
20:03:36.0217 0x213c  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:03:36.0341 0x213c  Beep - ok
20:03:36.0359 0x213c  [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE             C:\WINDOWS\System32\bfe.dll
20:03:36.0523 0x213c  BFE - ok
20:03:36.0549 0x213c  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\WINDOWS\System32\qmgr.dll
20:03:36.0724 0x213c  BITS - ok
20:03:36.0739 0x213c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:03:36.0761 0x213c  Bonjour Service - ok
20:03:36.0767 0x213c  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:03:36.0897 0x213c  bowser - ok
20:03:36.0912 0x213c  [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:03:37.0060 0x213c  BrokerInfrastructure - ok
20:03:37.0067 0x213c  [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser         C:\WINDOWS\System32\browser.dll
20:03:37.0194 0x213c  Browser - ok
20:03:37.0204 0x213c  [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
20:03:37.0222 0x213c  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:03:39.0509 0x213c  Detect skipped due to KSN trusted
20:03:39.0509 0x213c  BrYNSvc - ok
20:03:39.0514 0x213c  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:03:39.0648 0x213c  BthAvrcpTg - ok
20:03:39.0656 0x213c  [ 7F2165B51C19A5F59BCA94E0A1B1E0D3, 09F0A23554761C5559BED50941BCC40519F88003B6D655527F514D5F9D4CB469 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
20:03:39.0795 0x213c  BthEnum - ok
20:03:39.0806 0x213c  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:03:39.0858 0x213c  BthHFEnum - ok
20:03:39.0866 0x213c  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:03:39.0912 0x213c  bthhfhid - ok
20:03:39.0935 0x213c  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
20:03:40.0005 0x213c  BthHFSrv - ok
20:03:40.0019 0x213c  [ CC6C1393B423EBFF9F6696CB9CC4CBCB, AB1861727631EDDD5B8404C51E75A67CAA42FD640E067A6ECC07EF0FCC871840 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
20:03:40.0062 0x213c  BthLEEnum - ok
20:03:40.0069 0x213c  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:03:40.0110 0x213c  BTHMODEM - ok
20:03:40.0118 0x213c  [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
20:03:40.0161 0x213c  BthPan - ok
20:03:40.0197 0x213c  [ 40811857B266F02D75DE654AE92D98C9, 964A50FA4A6B0D62B9D8135B2FB9D7222216F99230849CD5478278B06ACD9A5B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
20:03:40.0284 0x213c  BTHPORT - ok
20:03:40.0295 0x213c  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:03:40.0334 0x213c  bthserv - ok
20:03:40.0344 0x213c  [ F001B81D47CEBF96E60CE971FFCC45C4, EE419B557C52B0F1704B5D58E7FA9A996B33E78CC02EA4CA1D28CAB8CFD77D95 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
20:03:40.0379 0x213c  BTHUSB - ok
20:03:40.0385 0x213c  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
20:03:40.0419 0x213c  buttonconverter - ok
20:03:40.0428 0x213c  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
20:03:40.0486 0x213c  CapImg - ok
20:03:40.0493 0x213c  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:03:40.0531 0x213c  cdfs - ok
20:03:40.0544 0x213c  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
20:03:40.0603 0x213c  CDPSvc - ok
20:03:40.0614 0x213c  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:03:40.0656 0x213c  cdrom - ok
20:03:40.0667 0x213c  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:03:40.0713 0x213c  CertPropSvc - ok
20:03:40.0720 0x213c  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:03:40.0754 0x213c  circlass - ok
20:03:40.0769 0x213c  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:03:40.0804 0x213c  CLFS - ok
20:03:40.0881 0x213c  [ 15574335364D67EAE9E992E90B08C5C1, 828E57B77B717A3E1989671EB4E7D6BBCB4AEA00396322E18F51C6492E5196EC ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
20:03:41.0025 0x213c  ClickToRunSvc - ok
20:03:41.0061 0x213c  [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
20:03:41.0117 0x213c  ClipSVC - ok
20:03:41.0133 0x213c  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
20:03:41.0150 0x213c  CLVirtualDrive - ok
20:03:41.0157 0x213c  [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd           C:\WINDOWS\system32\DRIVERS\clwvd.sys
20:03:41.0169 0x213c  clwvd - ok
20:03:41.0174 0x213c  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:03:41.0208 0x213c  CmBatt - ok
20:03:41.0233 0x213c  [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:03:41.0280 0x213c  CNG - ok
20:03:41.0285 0x213c  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
20:03:41.0297 0x213c  cnghwassist - ok
20:03:41.0318 0x213c  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
20:03:41.0347 0x213c  CompositeBus - ok
20:03:41.0350 0x213c  COMSysApp - ok
20:03:41.0356 0x213c  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:03:41.0371 0x213c  condrv - ok
20:03:41.0393 0x213c  [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
20:03:41.0439 0x213c  CoreMessagingRegistrar - ok
20:03:41.0478 0x213c  [ 3F4E8152C97CE1C80541DD5F66081560, 538CB40940A08EA4BB32BA2CF9383A4198FEE09D990C1F480B8C695B880C3967 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
20:03:41.0500 0x213c  cphs - ok
20:03:41.0507 0x213c  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:03:41.0541 0x213c  CryptSvc - ok
20:03:41.0546 0x213c  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:03:41.0560 0x213c  dam - ok
20:03:41.0584 0x213c  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:03:41.0656 0x213c  DcomLaunch - ok
20:03:41.0664 0x213c  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
20:03:41.0704 0x213c  DcpSvc - ok
20:03:41.0719 0x213c  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:03:41.0776 0x213c  defragsvc - ok
20:03:41.0788 0x213c  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:03:41.0836 0x213c  DeviceAssociationService - ok
20:03:41.0844 0x213c  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:03:41.0882 0x213c  DeviceInstall - ok
20:03:41.0886 0x213c  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
20:03:41.0977 0x213c  DevQueryBroker - ok
20:03:41.0984 0x213c  [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:03:42.0027 0x213c  Dfsc - ok
20:03:42.0038 0x213c  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:03:42.0080 0x213c  Dhcp - ok
20:03:42.0085 0x213c  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
20:03:42.0114 0x213c  diagnosticshub.standardcollector.service - ok
20:03:42.0156 0x213c  [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
20:03:42.0239 0x213c  DiagTrack - ok
20:03:42.0246 0x213c  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:03:42.0263 0x213c  disk - ok
20:03:42.0272 0x213c  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
20:03:42.0316 0x213c  DmEnrollmentSvc - ok
20:03:42.0321 0x213c  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:03:42.0349 0x213c  dmvsc - ok
20:03:42.0354 0x213c  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
20:03:42.0385 0x213c  dmwappushservice - ok
20:03:42.0395 0x213c  [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:03:42.0433 0x213c  Dnscache - ok
20:03:42.0443 0x213c  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:03:42.0482 0x213c  dot3svc - ok
20:03:42.0491 0x213c  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\WINDOWS\system32\dps.dll
20:03:42.0526 0x213c  DPS - ok
20:03:42.0531 0x213c  [ 5583299D67C8649FF1D27B6D5915EDB1, E925749156E0B6D12FD52A93545A1932B9A3A596BFD4D8036051BD676D3F6682 ] dptf_acpi       C:\WINDOWS\System32\drivers\dptf_acpi.sys
20:03:42.0545 0x213c  dptf_acpi - ok
20:03:42.0550 0x213c  [ 85A0E7B684F5FDB1B3D168A7297DA2EA, 5EC3AC00CCD6E5A190D75ABCD95ADFEAA678703B5D3BB3087737B48B9652477E ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
20:03:42.0560 0x213c  dptf_cpu - ok
20:03:42.0565 0x213c  [ 4310841C9B6773A4F01D6057710BA145, 617FCD24CBF7E43911A7C6A52C92E78FF8856AE09F74AF4DABAEEFD5DF85614F ] dptf_pch        C:\WINDOWS\System32\drivers\dptf_pch.sys
20:03:42.0576 0x213c  dptf_pch - ok
20:03:42.0581 0x213c  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\WINDOWS\System32\drivers\drmkaud.sys
20:03:42.0594 0x213c  drmkaud - ok
20:03:42.0602 0x213c  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:03:42.0639 0x213c  DsmSvc - ok
20:03:42.0645 0x213c  [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
20:03:42.0679 0x213c  DsSvc - ok
20:03:42.0726 0x213c  [ CC0A2F91C231E0D25EE3DBBF11B660D9, 3DADEF05D2BE1944ABD18CD4D52A402E684A0B137FADC1F00B5A77901215C6A5 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:03:42.0819 0x213c  DXGKrnl - ok
20:03:42.0827 0x213c  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:03:42.0863 0x213c  Eaphost - ok
20:03:42.0933 0x213c  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:03:43.0119 0x213c  ebdrv - ok
20:03:43.0127 0x213c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\WINDOWS\System32\lsass.exe
20:03:43.0142 0x213c  EFS - ok
20:03:43.0149 0x213c  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:03:43.0170 0x213c  EhStorClass - ok
20:03:43.0175 0x213c  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:03:43.0190 0x213c  EhStorTcgDrv - ok
20:03:43.0196 0x213c  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
20:03:43.0230 0x213c  embeddedmode - ok
20:03:43.0240 0x213c  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
20:03:43.0296 0x213c  EntAppSvc - ok
20:03:43.0300 0x213c  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:03:43.0359 0x213c  ErrDev - ok
20:03:43.0392 0x213c  [ 5B5E6E408108AF00180C6F960C114161, E6F34423CB37F7B8304D7619D2A20A3CEC726D330CBB50F58DEC94AFC8016E4E ] esifsvc         C:\WINDOWS\SysWOW64\esif_uf.exe
20:03:43.0484 0x213c  esifsvc - ok
20:03:43.0493 0x213c  [ 2EA61DF109005D21F93FD07C000F7D65, B453E68A1227EA609980084D88A06A9B6BEF961F66C0F2049460EE52A4521913 ] esif_lf         C:\WINDOWS\system32\DRIVERS\esif_lf.sys
20:03:43.0512 0x213c  esif_lf - ok
20:03:43.0527 0x213c  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\WINDOWS\system32\es.dll
20:03:43.0583 0x213c  EventSystem - ok
20:03:43.0601 0x213c  [ 6A9CB736AD508A839C19A8AC2EFB4A07, 3F523DD9782330EBFFA0A8A789E88BE000131AB5AE0641704D88ADAF8187CC80 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
20:03:43.0631 0x213c  EvtEng - ok
20:03:43.0641 0x213c  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:03:43.0683 0x213c  exfat - ok
20:03:43.0696 0x213c  [ B356C6CB145949BA45323368AE7AE579, 761889A25AC8D42B10974432A479CD84BDB9DE64C9E5B2683A264E0A9A9AB5C8 ] F-Secure Gatekeeper C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
20:03:43.0714 0x213c  F-Secure Gatekeeper - ok
20:03:43.0720 0x213c  [ A1D2EAF737AF0D3A47C7A63F1F3D9530, C0AD0CC3FBA07CB9E3F764A5292BEFA6FCD0715988E86C91EF61E22820CAAF90 ] F-Secure HIPS   C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\HIPS\drivers\fshs.sys
20:03:43.0735 0x213c  F-Secure HIPS - ok
20:03:43.0745 0x213c  [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:03:43.0774 0x213c  fastfat - ok
20:03:43.0791 0x213c  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:03:43.0847 0x213c  Fax - ok
20:03:43.0852 0x213c  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:03:43.0880 0x213c  fdc - ok
20:03:43.0884 0x213c  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:03:43.0926 0x213c  fdPHost - ok
20:03:43.0931 0x213c  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:03:43.0964 0x213c  FDResPub - ok
20:03:43.0970 0x213c  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:03:44.0013 0x213c  fhsvc - ok
20:03:44.0019 0x213c  [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
20:03:44.0050 0x213c  FileCrypt - ok
20:03:44.0055 0x213c  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:03:44.0071 0x213c  FileInfo - ok
20:03:44.0076 0x213c  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:03:44.0113 0x213c  Filetrace - ok
20:03:44.0117 0x213c  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:03:44.0146 0x213c  flpydisk - ok
20:03:44.0160 0x213c  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:03:44.0188 0x213c  FltMgr - ok
20:03:44.0224 0x213c  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:03:44.0333 0x213c  FontCache - ok
20:03:44.0340 0x213c  [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:03:44.0352 0x213c  FontCache3.0.0.0 - ok
20:03:44.0358 0x213c  [ 2F215CB2FCA090B0910A23D15131D099, 88D3D3E701CCEAE7C9584C1D3D7E1BEE2AF2110BC564969E7DCB4ED7F32BC4A1 ] fsbts           C:\WINDOWS\system32\Drivers\fsbts.sys
20:03:44.0370 0x213c  fsbts - ok
20:03:44.0375 0x213c  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:03:44.0392 0x213c  FsDepends - ok
20:03:44.0398 0x213c  [ 9D756DEC91FE4DF7C3D772F29A5B4B05, B369BC57EF5725AA6F601DA8735F96EBB2EADDC44FD55063218737E28DDC51A6 ] fshoster        C:\Program Files (x86)\F-Secure\fshoster32.exe
20:03:44.0412 0x213c  fshoster - ok
20:03:44.0421 0x213c  [ 76F82B5B8C150C862619806C9FE58DD6, 2319F43E4B03798FB9B9C597072562A0BC05F22790868EBA8B047FCA682CAE39 ] FSMA            C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSMA32.EXE
20:03:44.0437 0x213c  FSMA - ok
20:03:44.0444 0x213c  [ EE0333F0E2530CEAF28595E892089619, 34733086F492BE2F454C1E69404A564E3239966E6355EC0E0AD70FFDFB01AC21 ] fsni            C:\Program Files (x86)\F-Secure\apps\CCF_Scanning\bin\fsni64.sys
20:03:44.0456 0x213c  fsni - ok
20:03:44.0462 0x213c  [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient    C:\Program Files (x86)\F-Secure\apps\CCF_Reputation\fsorsp.exe
20:03:44.0473 0x213c  FSORSPClient - ok
20:03:44.0476 0x213c  [ 7DE182808C096374B7B2799D903650A8, 1227403997504F88AF47E91C07427EBABA2298969A8C45CA2010FDFD7E0E386A ] fsvista         C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
20:03:44.0486 0x213c  fsvista - ok
20:03:44.0491 0x213c  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:03:44.0504 0x213c  Fs_Rec - ok
20:03:44.0522 0x213c  [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:03:44.0573 0x213c  fvevol - ok
20:03:44.0579 0x213c  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:03:44.0592 0x213c  gagp30kx - ok
20:03:44.0596 0x213c  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:03:44.0626 0x213c  gencounter - ok
20:03:44.0630 0x213c  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
20:03:44.0659 0x213c  genericusbfn - ok
20:03:44.0686 0x213c  [ 171CCFEB86294AFAA3609DB3899A841E, 0C2162A2D4A276182E922BBEF195CB936ABCBE6729C535CA23CDA9DAD0DDF491 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
20:03:44.0739 0x213c  GfExperienceService - ok
20:03:44.0747 0x213c  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:03:44.0765 0x213c  GPIOClx0101 - ok
20:03:44.0794 0x213c  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:03:44.0899 0x213c  gpsvc - ok
20:03:44.0904 0x213c  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
20:03:44.0935 0x213c  GpuEnergyDrv - ok
20:03:44.0941 0x213c  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:03:44.0972 0x213c  HDAudBus - ok
20:03:44.0976 0x213c  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:03:45.0004 0x213c  HidBatt - ok
20:03:45.0010 0x213c  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:03:45.0041 0x213c  HidBth - ok
20:03:45.0047 0x213c  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:03:45.0077 0x213c  hidi2c - ok
20:03:45.0082 0x213c  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
20:03:45.0095 0x213c  hidinterrupt - ok
20:03:45.0102 0x213c  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:03:45.0133 0x213c  HidIr - ok
20:03:45.0138 0x213c  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:03:45.0169 0x213c  hidserv - ok
20:03:45.0174 0x213c  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:03:45.0206 0x213c  HidUsb - ok
20:03:45.0216 0x213c  [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:03:45.0256 0x213c  HomeGroupListener - ok
20:03:45.0269 0x213c  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:03:45.0317 0x213c  HomeGroupProvider - ok
20:03:45.0322 0x213c  [ 3E28EE56DEC5678EC088752B91C05ADF, 1F80E7162BF80C66C5E58DD40513877579324FE4387044DC2A335F4320E8DFC7 ] hpdskflt        C:\WINDOWS\system32\DRIVERS\hpdskflt.sys
20:03:45.0334 0x213c  hpdskflt - ok
20:03:45.0362 0x213c  [ 7B7DE6B3DC30F3246958F42C67A6F7BB, 4B66B90CFEC2231B905B21DECC4EC7C6500E546F080A452EF67E724EDF37ADD9 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
20:03:45.0413 0x213c  hpqwmiex - ok
20:03:45.0419 0x213c  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:03:45.0432 0x213c  HpSAMD - ok
20:03:45.0438 0x213c  [ 2456CAA57C1DBF8DD4AAB89A293F9F26, 8996E639C3FB13D90DC6304563C69F7C46EC5E053BAFEE0E0A9F999093FC31E9 ] hpsrv           C:\WINDOWS\system32\Hpservice.exe
20:03:45.0452 0x213c  hpsrv - ok
20:03:45.0457 0x213c  [ CB5A8B34FA37AE53053F2D3DF05AC1E6, 2C7357079A66AE609F49900181B013E735B4A01C45DA316CD1E8698F93DE6EA8 ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
20:03:45.0474 0x213c  HPSupportSolutionsFrameworkService - ok
20:03:45.0495 0x213c  [ CFD58DC283A0DE682B5247230D03B092, A157F877228E4C79FE5A1626693A5B2492A87E38519F2B5A6A70444DA5614430 ] HPWMISVC        C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
20:03:45.0527 0x213c  HPWMISVC - ok
20:03:45.0554 0x213c  [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:03:45.0618 0x213c  HTTP - ok
20:03:45.0623 0x213c  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:03:45.0639 0x213c  hwpolicy - ok
20:03:45.0642 0x213c  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:03:45.0672 0x213c  hyperkbd - ok
20:03:45.0679 0x213c  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:03:45.0712 0x213c  i8042prt - ok
20:03:45.0718 0x213c  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
20:03:45.0753 0x213c  iai2c - ok
20:03:45.0764 0x213c  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
20:03:45.0846 0x213c  iaLPSS2i_I2C - ok
20:03:45.0851 0x213c  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:03:45.0861 0x213c  iaLPSSi_GPIO - ok
20:03:45.0866 0x213c  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:03:45.0901 0x213c  iaLPSSi_I2C - ok
20:03:45.0934 0x213c  [ 827933B762F90EB4E7690D4484190D77, 7400FA7CB1FDCC3142D9F56156C41427FB394CA32BC8887D17B1FB2DFC962C34 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
20:03:46.0015 0x213c  iaStorA - ok
20:03:46.0032 0x213c  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:03:46.0071 0x213c  iaStorAV - ok
20:03:46.0086 0x213c  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:03:46.0121 0x213c  iaStorV - ok
20:03:46.0134 0x213c  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
20:03:46.0168 0x213c  ibbus - ok
20:03:46.0171 0x213c  ibtsiva - ok
20:03:46.0180 0x213c  [ AA173D4202F9BFDD1C50B37550560780, B519D66406EC6CD03CAAF22F316D94541CDEBC06FF8D91D0B27BD9328C3920BA ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
20:03:46.0199 0x213c  ibtusb - ok
20:03:46.0207 0x213c  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
20:03:46.0243 0x213c  icssvc - ok
20:03:46.0246 0x213c  IEEtwCollectorService - ok
20:03:46.0377 0x213c  [ 3C54F7272A2BBD4D80C435172FC15EA3, 844CBAF4FED7AEA98E39982A27EDD79D6832E232E86C7296F6C334009329A057 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
20:03:46.0649 0x213c  igfx - ok
20:03:46.0666 0x213c  [ 4062D28D9AA697BC07A4B21D08C2E605, 615EE5172651EAA469C65A1B07F371C9B7FEB2BBC3B0D33261EE3D302AC81CF2 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
20:03:46.0686 0x213c  igfxCUIService2.0.0.0 - ok
20:03:46.0708 0x213c  [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:03:46.0778 0x213c  IKEEXT - ok
20:03:46.0788 0x213c  [ 5950F69F9B345952F3C2275C39EA393B, 382923DE0F5F25285F8C86BA628350DF1CFB6E63FF20736CF9285FB0F36A76DE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
20:03:46.0800 0x213c  intaud_WaveExtensible - ok
20:03:46.0895 0x213c  [ 7620340DC803E4EF3049C407B8CE50E6, C7EA5E81FF1A7C08F45FC4984FDE9748A07D54E915C86D7968126C93F2C35D1A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:03:47.0108 0x213c  IntcAzAudAddService - ok
20:03:47.0126 0x213c  [ B1679D907958C3F62EFDAA8BF1093209, DBAC2E49A4888AC8DC479279C2E67DAFF1D9153D4167325057C8DF53119A6E6D ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
20:03:47.0151 0x213c  IntcDAud - ok
20:03:47.0173 0x213c  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
20:03:47.0215 0x213c  Intel(R) Capability Licensing Service TCP IP Interface - ok
20:03:47.0220 0x213c  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:03:47.0231 0x213c  intelide - ok
20:03:47.0236 0x213c  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:03:47.0255 0x213c  intelpep - ok
20:03:47.0261 0x213c  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:03:47.0293 0x213c  intelppm - ok
20:03:47.0304 0x213c  [ 0474D8DCCD25633BCBE1E175FB5FDD28, E614716E0799C919ABA2C0F83E9D87A7C3CC71EBB4C0A96C83BC372C05444CB7 ] IntelUSBoverIP  C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
20:03:47.0325 0x213c  IntelUSBoverIP - ok
20:03:47.0330 0x213c  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\WINDOWS\system32\drivers\ioqos.sys
20:03:47.0365 0x213c  IoQos - ok
20:03:47.0371 0x213c  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:03:47.0404 0x213c  IpFilterDriver - ok
20:03:47.0425 0x213c  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:03:47.0507 0x213c  iphlpsvc - ok
20:03:47.0513 0x213c  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:03:47.0542 0x213c  IPMIDRV - ok
20:03:47.0548 0x213c  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:03:47.0582 0x213c  IPNAT - ok
20:03:47.0600 0x213c  [ 57A85230DA22ABCFD9AF2E5A3D946F41, 9E9217FF5AB64D06D79632B9F9CEDABA10F744C40896D7622D0FD397FD0E99BF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:03:47.0628 0x213c  iPod Service - ok
20:03:47.0635 0x213c  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:03:47.0730 0x213c  IRENUM - ok
20:03:47.0734 0x213c  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:03:47.0751 0x213c  isapnp - ok
20:03:47.0760 0x213c  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:03:47.0785 0x213c  iScsiPrt - ok
20:03:47.0795 0x213c  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
20:03:47.0810 0x213c  iumsvc - ok
20:03:47.0815 0x213c  [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
20:03:47.0827 0x213c  iwdbus - ok
20:03:47.0836 0x213c  [ 832F7C2747F04D1294AEF46A2CE5B63B, ABAECEFCAD9B526C3D98681A874966B924EB99AF61CDFAC6D5E767BE2FAF6CFA ] jhi_service     C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
20:03:47.0855 0x213c  jhi_service - ok
20:03:47.0860 0x213c  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:03:47.0874 0x213c  kbdclass - ok
20:03:47.0878 0x213c  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:03:47.0912 0x213c  kbdhid - ok
20:03:47.0916 0x213c  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
20:03:47.0945 0x213c  kdnic - ok
20:03:47.0950 0x213c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:03:47.0965 0x213c  KeyIso - ok
20:03:47.0972 0x213c  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:03:47.0988 0x213c  KSecDD - ok
20:03:47.0996 0x213c  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:03:48.0020 0x213c  KSecPkg - ok
20:03:48.0024 0x213c  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:03:48.0055 0x213c  ksthunk - ok
20:03:48.0066 0x213c  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:03:48.0111 0x213c  KtmRm - ok
20:03:48.0121 0x213c  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:03:48.0163 0x213c  LanmanServer - ok
20:03:48.0173 0x213c  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:03:48.0218 0x213c  LanmanWorkstation - ok
20:03:48.0223 0x213c  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
20:03:48.0252 0x213c  lfsvc - ok
20:03:48.0256 0x213c  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
20:03:48.0288 0x213c  LicenseManager - ok
20:03:48.0292 0x213c  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
20:03:48.0332 0x213c  lltdio - ok
20:03:48.0341 0x213c  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:03:48.0385 0x213c  lltdsvc - ok
20:03:48.0389 0x213c  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:03:48.0418 0x213c  lmhosts - ok
20:03:48.0426 0x213c  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:03:48.0442 0x213c  LSI_SAS - ok
20:03:48.0447 0x213c  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
20:03:48.0463 0x213c  LSI_SAS2i - ok
20:03:48.0469 0x213c  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
20:03:48.0489 0x213c  LSI_SAS3i - ok
20:03:48.0494 0x213c  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:03:48.0512 0x213c  LSI_SSS - ok
20:03:48.0530 0x213c  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\WINDOWS\System32\lsm.dll
20:03:48.0595 0x213c  LSM - ok
20:03:48.0603 0x213c  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:03:48.0646 0x213c  luafv - ok
20:03:48.0817 0x213c  [ 3B08ABBD49CFA32A914F9A45A98CF8DC, 3AE9BC6441C9409A984AFFA36152F31A3608313D5F708106DEA7EEBB5B924679 ] m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe
20:03:49.0084 0x213c  m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E - ok
20:03:49.0098 0x213c  [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
20:03:49.0130 0x213c  MapsBroker - ok
20:03:49.0134 0x213c  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:03:49.0143 0x213c  MBAMProtector - ok
20:03:49.0169 0x213c  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
20:03:49.0213 0x213c  MBAMService - ok
20:03:49.0219 0x213c  [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
20:03:49.0228 0x213c  MBAMWebAccessControl - ok
20:03:49.0233 0x213c  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:03:49.0246 0x213c  megasas - ok
20:03:49.0261 0x213c  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:03:49.0297 0x213c  megasr - ok
20:03:49.0305 0x213c  [ 0CAEA11CEC2EEC7511385A467FD464D1, C84DD82374D551C90CCB274AB7F8CE4A503042CC8D1337A1F6498B2538E1793A ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
20:03:49.0323 0x213c  MEIx64 - ok
20:03:49.0328 0x213c  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
20:03:49.0360 0x213c  MessagingService - ok
20:03:49.0380 0x213c  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
20:03:49.0423 0x213c  mlx4_bus - ok
20:03:49.0429 0x213c  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
20:03:49.0457 0x213c  MMCSS - ok
20:03:49.0462 0x213c  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:03:49.0494 0x213c  Modem - ok
20:03:49.0498 0x213c  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:03:49.0526 0x213c  monitor - ok
20:03:49.0531 0x213c  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:03:49.0546 0x213c  mouclass - ok
20:03:49.0550 0x213c  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:03:49.0593 0x213c  mouhid - ok
20:03:49.0598 0x213c  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:03:49.0620 0x213c  mountmgr - ok
20:03:49.0627 0x213c  [ 5961C5D8EDD2E2A3B99F1782AE1AC21F, C383A4724A335737C4C7C3211AFCFB82D373267EC634BC47EE078A1C66E1F62A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:03:49.0641 0x213c  MozillaMaintenance - ok
20:03:49.0646 0x213c  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:03:49.0677 0x213c  mpsdrv - ok
20:03:49.0697 0x213c  [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:03:49.0769 0x213c  MpsSvc - ok
20:03:49.0776 0x213c  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:03:49.0817 0x213c  MRxDAV - ok
20:03:49.0829 0x213c  [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:03:49.0861 0x213c  mrxsmb - ok
20:03:49.0871 0x213c  [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:03:49.0908 0x213c  mrxsmb10 - ok
20:03:49.0917 0x213c  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:03:49.0935 0x213c  mrxsmb20 - ok
20:03:49.0941 0x213c  [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
20:03:49.0975 0x213c  MsBridge - ok
20:03:49.0982 0x213c  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:03:50.0018 0x213c  MSDTC - ok
20:03:50.0025 0x213c  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:03:50.0054 0x213c  Msfs - ok
20:03:50.0059 0x213c  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:03:50.0078 0x213c  msgpiowin32 - ok
20:03:50.0081 0x213c  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:03:50.0112 0x213c  mshidkmdf - ok
20:03:50.0115 0x213c  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:03:50.0150 0x213c  mshidumdf - ok
20:03:50.0154 0x213c  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:03:50.0167 0x213c  msisadrv - ok
20:03:50.0173 0x213c  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:03:50.0214 0x213c  MSiSCSI - ok
20:03:50.0217 0x213c  msiserver - ok
20:03:50.0222 0x213c  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
20:03:50.0249 0x213c  MSKSSRV - ok
20:03:50.0254 0x213c  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
20:03:50.0289 0x213c  MsLldp - ok
20:03:50.0293 0x213c  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
20:03:50.0326 0x213c  MSPCLOCK - ok
20:03:50.0330 0x213c  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
20:03:50.0364 0x213c  MSPQM - ok
20:03:50.0377 0x213c  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:03:50.0410 0x213c  MsRPC - ok
20:03:50.0417 0x213c  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:03:50.0430 0x213c  mssmbios - ok
20:03:50.0434 0x213c  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
20:03:50.0463 0x213c  MSTEE - ok
20:03:50.0468 0x213c  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:03:50.0506 0x213c  MTConfig - ok
20:03:50.0513 0x213c  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:03:50.0537 0x213c  Mup - ok
20:03:50.0542 0x213c  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:03:50.0563 0x213c  mvumis - ok
20:03:50.0575 0x213c  [ C699631EA099A7B9343297EB1C126E79, 50EFC0B59E049A1249360038BAA7CE51E96FB7FE64EA04453C653A6E64933EFF ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
20:03:50.0594 0x213c  MyWiFiDHCPDNS - ok
20:03:50.0620 0x213c  [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:03:50.0675 0x213c  NativeWifiP - ok
20:03:50.0682 0x213c  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:03:50.0720 0x213c  NcaSvc - ok
20:03:50.0730 0x213c  [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:03:50.0779 0x213c  NcbService - ok
20:03:50.0784 0x213c  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:03:50.0831 0x213c  NcdAutoSetup - ok
20:03:50.0836 0x213c  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
20:03:50.0852 0x213c  ndfltr - ok
20:03:50.0883 0x213c  [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:03:50.0955 0x213c  NDIS - ok
20:03:50.0962 0x213c  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
20:03:50.0992 0x213c  NdisCap - ok
20:03:50.0999 0x213c  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
20:03:51.0033 0x213c  NdisImPlatform - ok
20:03:51.0037 0x213c  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:03:51.0071 0x213c  NdisTapi - ok
20:03:51.0076 0x213c  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
20:03:51.0104 0x213c  Ndisuio - ok
20:03:51.0108 0x213c  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:03:51.0139 0x213c  NdisVirtualBus - ok
20:03:51.0146 0x213c  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
20:03:51.0185 0x213c  NdisWan - ok
20:03:51.0192 0x213c  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:03:51.0221 0x213c  ndiswanlegacy - ok
20:03:51.0226 0x213c  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
20:03:51.0259 0x213c  ndproxy - ok
20:03:51.0265 0x213c  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:03:51.0299 0x213c  Ndu - ok
20:03:51.0304 0x213c  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
20:03:51.0332 0x213c  Netaapl - ok
20:03:51.0337 0x213c  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
20:03:51.0357 0x213c  NetBIOS - ok
20:03:51.0368 0x213c  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:03:51.0406 0x213c  NetBT - ok
20:03:51.0411 0x213c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:03:51.0425 0x213c  Netlogon - ok
20:03:51.0434 0x213c  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\WINDOWS\System32\netman.dll
20:03:51.0478 0x213c  Netman - ok
20:03:51.0493 0x213c  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:03:51.0555 0x213c  netprofm - ok
20:03:51.0563 0x213c  [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
20:03:51.0601 0x213c  NetSetupSvc - ok
20:03:51.0609 0x213c  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:03:51.0626 0x213c  NetTcpPortSharing - ok
20:03:51.0780 0x213c  [ F9F84522CF84CF4A4EB9DDF19200BA9B, 7C773566A4F38FF2AF9C1BC74AED680DF4F19983564987119C7468B0FAA28579 ] Netwtw02        C:\WINDOWS\System32\drivers\Netwtw02.sys
20:03:52.0101 0x213c  Netwtw02 - ok
20:03:52.0119 0x213c  [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
20:03:52.0162 0x213c  NgcCtnrSvc - ok
20:03:52.0178 0x213c  [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
20:03:52.0345 0x213c  NgcSvc - ok
20:03:52.0357 0x213c  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:03:52.0500 0x213c  NlaSvc - ok
20:03:52.0505 0x213c  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:03:52.0565 0x213c  Npfs - ok
20:03:52.0569 0x213c  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:03:52.0596 0x213c  npsvctrig - ok
20:03:52.0601 0x213c  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:03:52.0632 0x213c  nsi - ok
20:03:52.0636 0x213c  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:03:52.0665 0x213c  nsiproxy - ok
20:03:52.0718 0x213c  [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
20:03:52.0836 0x213c  NTFS - ok
20:03:52.0843 0x213c  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:03:52.0875 0x213c  Null - ok
20:03:53.0111 0x213c  [ CA845A43C0840A3654FD3E49FA753043, FEC24570D919E46927EA5ACFDA9DD3DEDBC6545A336FA9A27A375572D7884FBC ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
20:03:53.0426 0x213c  nvlddmkm - ok
20:03:53.0475 0x213c  [ 4B1E6975B565883985FB43C3FD6C88C6, D4CCA860A9AFDF5D729885896B3034A55C4778FE0A333C06B8B71C20BF73A48A ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
20:03:53.0545 0x213c  NvNetworkService - ok
20:03:53.0554 0x213c  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:03:53.0571 0x213c  nvraid - ok
20:03:53.0579 0x213c  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:03:53.0597 0x213c  nvstor - ok
20:03:53.0603 0x213c  [ DD8043B662B1F0CFC037976E38271975, A129975AE17677783A76E8DBEC6D01709BC40202672AAB5BB72A8E19A285C4C9 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
20:03:53.0612 0x213c  NvStreamKms - ok
20:03:53.0615 0x213c  NvStreamSvc - ok
20:03:53.0637 0x213c  [ 8194FC1EC2EE36F63CFDC62595444FB2, E91EE3CCD98624E867FAA65E6007AE1FF6718FFAA0C6C29871D934B315D5FDA8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
20:03:53.0680 0x213c  nvsvc - ok
20:03:53.0686 0x213c  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
20:03:53.0695 0x213c  nvvad_WaveExtensible - ok
20:03:53.0702 0x213c  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:03:53.0718 0x213c  nv_agp - ok
20:03:53.0724 0x213c  [ 6363650D553572A305CDBF90F452C1BF, 15A499D8F403D66FDD2FA5AD607606E93FD82B845FBB6ECC63DF58EFC13CBA57 ] omniserv        C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
20:03:53.0751 0x213c  omniserv - detected UnsignedFile.Multi.Generic ( 1 )
20:03:56.0039 0x213c  Detect skipped due to KSN trusted
20:03:56.0039 0x213c  omniserv - ok
20:03:56.0049 0x213c  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
20:03:56.0095 0x213c  OneSyncSvc - ok
20:03:56.0105 0x213c  [ 4708DC527C988315627302B212F22E1C, 57CEC330221A144B27853143F30A9BC5606A85961DEB3E9AFB0DD418B6E23C3E ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:03:56.0120 0x213c  ose - ok
20:03:56.0131 0x213c  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:03:56.0176 0x213c  p2pimsvc - ok
20:03:56.0189 0x213c  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:03:56.0246 0x213c  p2psvc - ok
20:03:56.0252 0x213c  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:03:56.0284 0x213c  Parport - ok
20:03:56.0290 0x213c  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:03:56.0309 0x213c  partmgr - ok
20:03:56.0326 0x213c  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:03:56.0363 0x213c  PcaSvc - ok
20:03:56.0373 0x213c  [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:03:56.0403 0x213c  pci - ok
20:03:56.0407 0x213c  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:03:56.0418 0x213c  pciide - ok
20:03:56.0425 0x213c  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:03:56.0444 0x213c  pcmcia - ok
20:03:56.0449 0x213c  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:03:56.0462 0x213c  pcw - ok
20:03:56.0468 0x213c  [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:03:56.0489 0x213c  pdc - ok
20:03:56.0506 0x213c  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:03:56.0567 0x213c  PEAUTH - ok
20:03:56.0572 0x213c  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
20:03:56.0586 0x213c  percsas2i - ok
20:03:56.0591 0x213c  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
20:03:56.0605 0x213c  percsas3i - ok
20:03:56.0622 0x213c  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:03:56.0652 0x213c  PerfHost - ok
20:03:56.0676 0x213c  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
20:03:56.0739 0x213c  PhoneSvc - ok
20:03:56.0749 0x213c  [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
20:03:56.0795 0x213c  PimIndexMaintenanceSvc - ok
20:03:56.0829 0x213c  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\WINDOWS\system32\pla.dll
20:03:56.0951 0x213c  pla - ok
20:03:56.0959 0x213c  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:03:56.0980 0x213c  PlugPlay - ok
20:03:56.0984 0x213c  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:03:57.0014 0x213c  PNRPAutoReg - ok
20:03:57.0028 0x213c  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:03:57.0062 0x213c  PNRPsvc - ok
20:03:57.0077 0x213c  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:03:57.0125 0x213c  PolicyAgent - ok
20:03:57.0134 0x213c  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\WINDOWS\system32\umpo.dll
20:03:57.0168 0x213c  Power - ok
20:03:57.0173 0x213c  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
20:03:57.0208 0x213c  PptpMiniport - ok
20:03:57.0278 0x213c  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
20:03:57.0426 0x213c  PrintNotify - ok
20:03:57.0436 0x213c  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:03:57.0485 0x213c  Processor - ok
20:03:57.0496 0x213c  [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:03:57.0538 0x213c  ProfSvc - ok
20:03:57.0546 0x213c  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
20:03:57.0569 0x213c  Psched - ok
20:03:57.0579 0x213c  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:03:57.0620 0x213c  QWAVE - ok
20:03:57.0625 0x213c  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:03:57.0652 0x213c  QWAVEdrv - ok
20:03:57.0656 0x213c  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:03:57.0685 0x213c  RasAcd - ok
20:03:57.0691 0x213c  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
20:03:57.0727 0x213c  RasAgileVpn - ok
20:03:57.0734 0x213c  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:03:57.0771 0x213c  RasAuto - ok
20:03:57.0777 0x213c  [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
20:03:57.0811 0x213c  Rasl2tp - ok
20:03:57.0828 0x213c  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:03:57.0898 0x213c  RasMan - ok
20:03:57.0904 0x213c  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:03:57.0937 0x213c  RasPppoe - ok
20:03:57.0943 0x213c  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
20:03:57.0977 0x213c  RasSstp - ok
20:03:57.0989 0x213c  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:03:58.0017 0x213c  rdbss - ok
20:03:58.0022 0x213c  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:03:58.0049 0x213c  rdpbus - ok
20:03:58.0056 0x213c  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:03:58.0089 0x213c  RDPDR - ok
20:03:58.0096 0x213c  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:03:58.0112 0x213c  RdpVideoMiniport - ok
20:03:58.0123 0x213c  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:03:58.0143 0x213c  rdyboost - ok
20:03:58.0165 0x213c  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
20:03:58.0223 0x213c  ReFSv1 - ok
20:03:58.0231 0x213c  [ 58650315271B188E9B6F1F459D512A03, F6925FD0BB1990685E6BD7102DED77F1FF4D4072B2F44D4BA53DBF1042399AFB ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
20:03:58.0244 0x213c  RegSrvc - ok
20:03:58.0261 0x213c  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:03:58.0311 0x213c  RemoteAccess - ok
20:03:58.0319 0x213c  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:03:58.0356 0x213c  RemoteRegistry - ok
20:03:58.0388 0x213c  [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
20:03:58.0475 0x213c  RetailDemo - ok
20:03:58.0483 0x213c  [ 60BFD9EE962C87747A0EB648634281ED, 3E8610F597405944BFD42EE8C397818850BC7D97ACC14AC43B6E3632A1FB916C ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
20:03:58.0524 0x213c  RFCOMM - ok
20:03:58.0536 0x213c  [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64     C:\Program Files\CyberLink\Shared files\RichVideo64.exe
20:03:58.0560 0x213c  RichVideo64 - ok
20:03:58.0566 0x213c  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:03:58.0596 0x213c  RpcEptMapper - ok
20:03:58.0600 0x213c  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:03:58.0631 0x213c  RpcLocator - ok
20:03:58.0652 0x213c  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:03:58.0709 0x213c  RpcSs - ok
20:03:58.0715 0x213c  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
20:03:58.0749 0x213c  rspndr - ok
20:03:58.0769 0x213c  [ 471929D729C7FBC284ABDE74D9CED9DF, 9E62B23EA0B9125F81AD65D38FB8B46063C86E92B2717B7D3321A01FBF062D4C ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
20:03:58.0805 0x213c  rt640x64 - ok
20:03:58.0817 0x213c  [ 551E672CA8CA587B168C5D0219BDE113, 4CFC244280F0CB73D33419B05A3F2930ABCB69A10F6A34D9824F976A5A00104F ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
20:03:58.0835 0x213c  RtkAudioService - ok
20:03:58.0846 0x213c  [ 473453324895A9B1A0AB633FEE0DEBED, 625BE6E0CB73A9E8193D70611EAB6E66DF9672CEBD4F712509D31619CB07828A ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
20:03:58.0869 0x213c  RTSUER - ok
20:03:58.0873 0x213c  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:03:58.0901 0x213c  s3cap - ok
20:03:58.0905 0x213c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:03:58.0919 0x213c  SamSs - ok
20:03:58.0925 0x213c  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:03:58.0940 0x213c  sbp2port - ok
20:03:58.0949 0x213c  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:03:58.0996 0x213c  SCardSvr - ok
20:03:59.0004 0x213c  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:03:59.0045 0x213c  ScDeviceEnum - ok
20:03:59.0050 0x213c  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:03:59.0085 0x213c  scfilter - ok
20:03:59.0109 0x213c  [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:03:59.0196 0x213c  Schedule - ok
20:03:59.0205 0x213c  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:03:59.0228 0x213c  SCPolicySvc - ok
20:03:59.0238 0x213c  [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:03:59.0261 0x213c  sdbus - ok
20:03:59.0271 0x213c  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
20:03:59.0309 0x213c  SDRSVC - ok
20:03:59.0316 0x213c  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:03:59.0332 0x213c  sdstor - ok
20:03:59.0336 0x213c  [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:03:59.0366 0x213c  seclogon - ok
20:03:59.0372 0x213c  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\WINDOWS\System32\sens.dll
20:03:59.0409 0x213c  SENS - ok
20:03:59.0437 0x213c  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
20:03:59.0531 0x213c  SensorDataService - ok
20:03:59.0543 0x213c  [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService   C:\WINDOWS\system32\SensorService.dll
20:03:59.0585 0x213c  SensorService - ok
20:03:59.0593 0x213c  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:03:59.0630 0x213c  SensrSvc - ok
20:03:59.0635 0x213c  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:03:59.0648 0x213c  SerCx - ok
20:03:59.0655 0x213c  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:03:59.0674 0x213c  SerCx2 - ok
20:03:59.0678 0x213c  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:03:59.0705 0x213c  Serenum - ok
20:03:59.0710 0x213c  [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:03:59.0746 0x213c  Serial - ok
20:03:59.0750 0x213c  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:03:59.0779 0x213c  sermouse - ok
20:03:59.0793 0x2b2c  Object required for P2P: [ 2D6128490CEBAC2499DA97B992E919DC ] Audiosrv
20:03:59.0794 0x213c  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:03:59.0849 0x213c  SessionEnv - ok
20:03:59.0853 0x213c  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:03:59.0882 0x213c  sfloppy - ok
20:03:59.0895 0x213c  [ 32276D1150EB30B798BE24EB0946A9B3, 033C3551569C69CB1EC099C4B54E68F826E13891CFBA4C33AB123C17F96D3262 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:03:59.0951 0x213c  SharedAccess - ok
20:03:59.0967 0x213c  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:04:00.0034 0x213c  ShellHWDetection - ok
20:04:00.0039 0x213c  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:04:00.0051 0x213c  SiSRaid2 - ok
20:04:00.0056 0x213c  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:04:00.0071 0x213c  SiSRaid4 - ok
20:04:00.0078 0x213c  [ 5E9DE059FD6B7023B5CA9440A1EE560E, 77BE324C65026BA77955CCA7BE200CE3564608E3588DF93C88E4984C7D86778D ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
20:04:00.0092 0x213c  SmbDrvI - ok
20:04:00.0097 0x213c  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\WINDOWS\System32\smphost.dll
20:04:00.0130 0x213c  smphost - ok
20:04:00.0145 0x213c  [ 30A512F0E1F1F58938758CD33D69680E, C924F6068BC413C0CD355B1BD2E1469AC1384FBB704F9869441FAD18130CEF8E ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
20:04:00.0205 0x213c  SmsRouter - ok
20:04:00.0213 0x213c  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:04:00.0243 0x213c  SNMPTRAP - ok
20:04:00.0257 0x213c  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:04:00.0294 0x213c  spaceport - ok
20:04:00.0299 0x213c  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:04:00.0314 0x213c  SpbCx - ok
20:04:00.0332 0x213c  [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:04:00.0399 0x213c  Spooler - ok
20:04:00.0543 0x213c  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:04:00.0860 0x213c  sppsvc - ok
20:04:00.0877 0x213c  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:04:00.0918 0x213c  srv - ok
20:04:00.0938 0x213c  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:04:00.0995 0x213c  srv2 - ok
20:04:01.0004 0x213c  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:04:01.0039 0x213c  srvnet - ok
20:04:01.0047 0x213c  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:04:01.0089 0x213c  SSDPSRV - ok
20:04:01.0097 0x213c  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:04:01.0139 0x213c  SstpSvc - ok
20:04:01.0198 0x213c  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
20:04:01.0409 0x213c  StateRepository - ok
20:04:01.0416 0x213c  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:04:01.0434 0x213c  stexstor - ok
20:04:01.0451 0x213c  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:04:01.0511 0x213c  stisvc - ok
20:04:01.0518 0x213c  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:04:01.0536 0x213c  storahci - ok
20:04:01.0541 0x213c  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
20:04:01.0557 0x213c  storflt - ok
20:04:01.0562 0x213c  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:04:01.0583 0x213c  stornvme - ok
20:04:01.0589 0x213c  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
20:04:01.0660 0x213c  storqosflt - ok
20:04:01.0681 0x213c  [ FEF120F66B71871C35DDC154C43EAD86, 519A31B0B798CD7CFA237CACD17E12C4DC5559E43E46B6E94543AE19361DA670 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:04:01.0739 0x213c  StorSvc - ok
20:04:01.0744 0x213c  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
20:04:01.0760 0x213c  storufs - ok
20:04:01.0765 0x213c  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:04:01.0777 0x213c  storvsc - ok
20:04:01.0781 0x213c  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:04:01.0814 0x213c  svsvc - ok
20:04:01.0818 0x213c  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:04:01.0830 0x213c  swenum - ok
20:04:01.0843 0x213c  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\WINDOWS\System32\swprv.dll
20:04:01.0902 0x213c  swprv - ok
20:04:01.0907 0x213c  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
20:04:01.0934 0x213c  Synth3dVsc - ok
20:04:01.0954 0x213c  [ 29B527CA317F7C3627DA3FA047F2136E, F7B7104195A57BEC93838B0FD55484A94D09F729801C4D48DAA33E6F6A1A5D86 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:04:01.0997 0x213c  SynTP - ok
20:04:02.0010 0x213c  [ F709B53D7263C28FDFEED5D6C48AE9CB, 5B590A7CE35C96E05CBF405BF73944A9824F55613D38E803C3F2CEE6C88DA447 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
20:04:02.0027 0x213c  SynTPEnhService - ok
20:04:02.0054 0x213c  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:04:02.0147 0x213c  SysMain - ok
20:04:02.0159 0x213c  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:04:02.0189 0x2b2c  Object send P2P result: true
20:04:02.0193 0x2b2c  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
20:04:02.0204 0x213c  SystemEventsBroker - ok
20:04:02.0212 0x213c  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:04:02.0246 0x213c  TabletInputService - ok
20:04:02.0256 0x213c  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:04:02.0300 0x213c  TapiSrv - ok
20:04:02.0354 0x213c  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:04:02.0494 0x213c  Tcpip - ok
20:04:02.0564 0x213c  [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
20:04:02.0701 0x213c  Tcpip6 - ok
20:04:02.0710 0x213c  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:04:02.0740 0x213c  tcpipreg - ok
20:04:02.0749 0x213c  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:04:02.0764 0x213c  tdx - ok
20:04:02.0769 0x213c  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:04:02.0782 0x213c  terminpt - ok
20:04:02.0813 0x213c  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\WINDOWS\System32\termsrv.dll
20:04:02.0894 0x213c  TermService - ok
20:04:02.0900 0x213c  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:04:02.0938 0x213c  Themes - ok
20:04:02.0948 0x213c  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
20:04:02.0993 0x213c  TieringEngineService - ok
20:04:03.0007 0x213c  [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
20:04:03.0066 0x213c  tiledatamodelsvc - ok
20:04:03.0074 0x213c  [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:04:03.0114 0x213c  TimeBroker - ok
20:04:03.0122 0x213c  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
20:04:03.0141 0x213c  TPM - ok
20:04:03.0148 0x213c  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:04:03.0182 0x213c  TrkWks - ok
20:04:03.0188 0x213c  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:04:03.0292 0x213c  TrustedInstaller - ok
20:04:03.0298 0x213c  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
20:04:03.0324 0x213c  tsusbflt - ok
20:04:03.0329 0x213c  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:04:03.0358 0x213c  TsUsbGD - ok
20:04:03.0366 0x213c  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
20:04:03.0400 0x213c  tunnel - ok
20:04:03.0406 0x213c  [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
20:04:03.0440 0x213c  tzautoupdate - ok
20:04:03.0446 0x213c  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:04:03.0462 0x213c  uagp35 - ok
20:04:03.0467 0x213c  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:04:03.0481 0x213c  UASPStor - ok
20:04:03.0486 0x213c  [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
20:04:03.0515 0x213c  UcmCx0101 - ok
20:04:03.0519 0x213c  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
20:04:03.0547 0x213c  UcmUcsi - ok
20:04:03.0554 0x213c  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
20:04:03.0574 0x213c  Ucx01000 - ok
20:04:03.0578 0x213c  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
20:04:03.0607 0x213c  UdeCx - ok
20:04:03.0617 0x213c  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:04:03.0659 0x213c  udfs - ok
20:04:03.0664 0x213c  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:04:03.0675 0x213c  UEFI - ok
20:04:03.0686 0x213c  [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
20:04:03.0709 0x213c  Ufx01000 - ok
20:04:03.0716 0x213c  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
20:04:03.0735 0x213c  UfxChipidea - ok
20:04:03.0741 0x213c  [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
20:04:03.0757 0x213c  ufxsynopsys - ok
20:04:03.0765 0x213c  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:04:03.0807 0x213c  UI0Detect - ok
20:04:03.0813 0x213c  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:04:03.0827 0x213c  uliagpkx - ok
20:04:03.0833 0x213c  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:04:03.0867 0x213c  umbus - ok
20:04:03.0870 0x213c  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:04:03.0896 0x213c  UmPass - ok
20:04:03.0906 0x213c  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:04:03.0949 0x213c  UmRdpService - ok
20:04:03.0982 0x213c  [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
20:04:04.0070 0x213c  UnistoreSvc - ok
20:04:04.0086 0x213c  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:04:04.0140 0x213c  upnphost - ok
20:04:04.0144 0x213c  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
20:04:04.0156 0x213c  UrsChipidea - ok
20:04:04.0161 0x213c  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
20:04:04.0175 0x213c  UrsCx01000 - ok
20:04:04.0180 0x213c  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
20:04:04.0195 0x213c  UrsSynopsys - ok
20:04:04.0204 0x213c  [ 04D2E56DD81199A7506D79FC7F6690A6, 981B5EC34857B8478D60FB185D912EBAA92163BA67045F213D9ACF50D3ABE0EE ] usb3Hub         C:\WINDOWS\System32\drivers\usb3Hub.sys
20:04:04.0219 0x213c  usb3Hub - ok
20:04:04.0225 0x213c  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
20:04:04.0252 0x213c  USBAAPL64 - ok
20:04:04.0259 0x213c  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:04:04.0277 0x213c  usbccgp - ok
20:04:04.0283 0x213c  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:04:04.0312 0x213c  usbcir - ok
20:04:04.0318 0x213c  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:04:04.0332 0x213c  usbehci - ok
20:04:04.0346 0x213c  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:04:04.0377 0x213c  usbhub - ok
20:04:04.0392 0x213c  [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:04:04.0431 0x213c  USBHUB3 - ok
20:04:04.0436 0x213c  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:04:04.0463 0x213c  usbohci - ok
20:04:04.0468 0x213c  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:04:04.0494 0x213c  usbprint - ok
20:04:04.0499 0x213c  [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
20:04:04.0530 0x213c  usbser - ok
20:04:04.0536 0x213c  [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:04:04.0552 0x213c  USBSTOR - ok
20:04:04.0556 0x213c  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:04:04.0584 0x213c  usbuhci - ok
20:04:04.0594 0x213c  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:04:04.0613 0x2b2c  Object send P2P result: true
20:04:04.0618 0x2b2c  Object required for P2P: [ B356C6CB145949BA45323368AE7AE579 ] F-Secure Gatekeeper
20:04:04.0637 0x213c  usbvideo - ok
20:04:04.0652 0x213c  [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:04:04.0683 0x213c  USBXHCI - ok
20:04:04.0716 0x213c  [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
20:04:04.0812 0x213c  UserDataSvc - ok
20:04:04.0839 0x213c  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\WINDOWS\System32\usermgr.dll
20:04:04.0910 0x213c  UserManager - ok
20:04:04.0922 0x213c  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\WINDOWS\system32\usocore.dll
20:04:04.0977 0x213c  UsoSvc - ok
20:04:04.0982 0x213c  [ B3AD442BF4F24F08822FF1B4DA144FC0, ED7510F344683DC99BE16E07ADD623D2BDC34944295D912EFF19B1E109F4C5EE ] valWBFPolicyService C:\WINDOWS\system32\valWBFPolicyService.exe
20:04:04.0998 0x213c  valWBFPolicyService - ok
20:04:05.0004 0x213c  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:04:05.0024 0x213c  VaultSvc - ok
20:04:05.0029 0x213c  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:04:05.0043 0x213c  vdrvroot - ok
20:04:05.0063 0x213c  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\WINDOWS\System32\vds.exe
20:04:05.0171 0x213c  vds - ok
20:04:05.0179 0x213c  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:04:05.0201 0x213c  VerifierExt - ok
20:04:05.0219 0x213c  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:04:05.0260 0x213c  vhdmp - ok
20:04:05.0265 0x213c  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
20:04:05.0293 0x213c  vhf - ok
20:04:05.0298 0x213c  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:04:05.0315 0x213c  vmbus - ok
20:04:05.0320 0x213c  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:04:05.0346 0x213c  VMBusHID - ok
20:04:05.0361 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:04:05.0412 0x213c  vmicguestinterface - ok
20:04:05.0425 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:04:05.0458 0x213c  vmicheartbeat - ok
20:04:05.0474 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:04:05.0519 0x213c  vmickvpexchange - ok
20:04:05.0533 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:04:05.0566 0x213c  vmicrdv - ok
20:04:05.0579 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:04:05.0611 0x213c  vmicshutdown - ok
20:04:05.0629 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:04:05.0661 0x213c  vmictimesync - ok
20:04:05.0674 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\WINDOWS\System32\ICSvc.dll
20:04:05.0715 0x213c  vmicvmsession - ok
20:04:05.0732 0x213c  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:04:05.0777 0x213c  vmicvss - ok
20:04:05.0783 0x213c  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:04:05.0800 0x213c  volmgr - ok
20:04:05.0811 0x213c  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:04:05.0839 0x213c  volmgrx - ok
20:04:05.0853 0x213c  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:04:05.0884 0x213c  volsnap - ok
20:04:05.0889 0x213c  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:04:05.0906 0x213c  vpci - ok
20:04:05.0914 0x213c  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:04:05.0931 0x213c  vsmraid - ok
20:04:05.0966 0x213c  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\WINDOWS\system32\vssvc.exe
20:04:06.0093 0x213c  VSS - ok
20:04:06.0107 0x213c  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:04:06.0143 0x213c  VSTXRAID - ok
20:04:06.0149 0x213c  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:04:06.0197 0x213c  vwifibus - ok
20:04:06.0203 0x213c  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
20:04:06.0240 0x213c  vwififlt - ok
20:04:06.0244 0x213c  [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
20:04:06.0274 0x213c  vwifimp - ok
20:04:06.0288 0x213c  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\WINDOWS\system32\w32time.dll
20:04:06.0350 0x213c  W32Time - ok
20:04:06.0357 0x213c  [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
20:04:06.0388 0x213c  w3logsvc - ok
20:04:06.0393 0x213c  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:04:06.0421 0x213c  WacomPen - ok
20:04:06.0434 0x213c  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ]

mafunk · 25.02.2016, 20:14

Und hier Teil 2 des Logfiles:

Code:

ATTFilter

WalletService   C:\WINDOWS\system32\WalletService.dll
20:04:06.0485 0x213c  WalletService - ok
20:04:06.0490 0x213c  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:04:06.0527 0x213c  wanarp - ok
20:04:06.0532 0x213c  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:04:06.0548 0x213c  wanarpv6 - ok
20:04:06.0566 0x213c  [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:04:06.0624 0x213c  WAS - ok
20:04:06.0661 0x213c  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:04:06.0771 0x213c  wbengine - ok
20:04:06.0792 0x213c  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:04:06.0855 0x213c  WbioSrvc - ok
20:04:06.0873 0x213c  [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:04:06.0934 0x213c  Wcmsvc - ok
20:04:06.0948 0x213c  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:04:06.0995 0x2b2c  Object send P2P result: true
20:04:06.0998 0x2b2c  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
20:04:07.0008 0x213c  wcncsvc - ok
20:04:07.0013 0x213c  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:04:07.0046 0x213c  WcsPlugInService - ok
20:04:07.0051 0x213c  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:04:07.0069 0x213c  WdBoot - ok
20:04:07.0095 0x213c  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:04:07.0135 0x213c  Wdf01000 - ok
20:04:07.0146 0x213c  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:04:07.0177 0x213c  WdFilter - ok
20:04:07.0184 0x213c  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:04:07.0224 0x213c  WdiServiceHost - ok
20:04:07.0230 0x213c  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:04:07.0253 0x213c  WdiSystemHost - ok
20:04:07.0273 0x213c  [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
20:04:07.0332 0x213c  wdiwifi - ok
20:04:07.0339 0x213c  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:04:07.0356 0x213c  WdNisDrv - ok
20:04:07.0360 0x213c  WdNisSvc - ok
20:04:07.0369 0x213c  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:04:07.0417 0x213c  WebClient - ok
20:04:07.0425 0x213c  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:04:07.0464 0x213c  Wecsvc - ok
20:04:07.0468 0x213c  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:04:07.0500 0x213c  WEPHOSTSVC - ok
20:04:07.0506 0x213c  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:04:07.0549 0x213c  wercplsupport - ok
20:04:07.0556 0x213c  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:04:07.0597 0x213c  WerSvc - ok
20:04:07.0603 0x213c  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
20:04:07.0620 0x213c  WFPLWFS - ok
20:04:07.0626 0x213c  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:04:07.0750 0x213c  WiaRpc - ok
20:04:07.0754 0x213c  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:04:07.0766 0x213c  WIMMount - ok
20:04:07.0769 0x213c  WinDefend - ok
20:04:07.0780 0x213c  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
20:04:07.0801 0x213c  WindowsTrustedRT - ok
20:04:07.0805 0x213c  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
20:04:07.0819 0x213c  WindowsTrustedRTProxy - ok
20:04:07.0838 0x213c  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:04:07.0971 0x213c  WinHttpAutoProxySvc - ok
20:04:07.0976 0x213c  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
20:04:07.0994 0x213c  WinMad - ok
20:04:08.0004 0x213c  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:04:08.0044 0x213c  Winmgmt - ok
20:04:08.0101 0x213c  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:04:08.0279 0x213c  WinRM - ok
20:04:08.0291 0x213c  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
20:04:08.0323 0x213c  WINUSB - ok
20:04:08.0328 0x213c  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
20:04:08.0348 0x213c  WinVerbs - ok
20:04:08.0353 0x213c  [ BD19E2065A51E5E72A58729EE8CAA944, 2E5304B69A0D3ECCF9A1DEA152120493ACC3A77670380CDB24979BF5B56CAC26 ] WirelessButtonDriver64 C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
20:04:08.0362 0x213c  WirelessButtonDriver64 - ok
20:04:08.0415 0x213c  [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:04:08.0687 0x213c  WlanSvc - ok
20:04:08.0731 0x213c  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:04:08.0877 0x213c  wlidsvc - ok
20:04:08.0883 0x213c  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:04:08.0911 0x213c  WmiAcpi - ok
20:04:08.0921 0x213c  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:04:08.0955 0x213c  wmiApSrv - ok
20:04:08.0958 0x213c  WMPNetworkSvc - ok
20:04:08.0966 0x213c  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:04:08.0987 0x213c  Wof - ok
20:04:09.0031 0x213c  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:04:09.0160 0x213c  workfolderssvc - ok
20:04:09.0167 0x213c  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:04:09.0180 0x213c  wpcfltr - ok
20:04:09.0187 0x213c  [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:04:09.0218 0x213c  WPDBusEnum - ok
20:04:09.0222 0x213c  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:04:09.0235 0x213c  WpdUpFltr - ok
20:04:09.0240 0x213c  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\WINDOWS\system32\WpnService.dll
20:04:09.0272 0x213c  WpnService - ok
20:04:09.0276 0x213c  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:04:09.0305 0x213c  ws2ifsl - ok
20:04:09.0314 0x213c  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:04:09.0351 0x213c  wscsvc - ok
20:04:09.0355 0x213c  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
20:04:09.0372 0x2b2c  Object send P2P result: true
20:04:09.0372 0x2b2c  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
20:04:09.0382 0x213c  WSDPrintDevice - ok
20:04:09.0385 0x213c  WSearch - ok
20:04:09.0466 0x213c  [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService       C:\WINDOWS\System32\WSService.dll
20:04:09.0643 0x213c  WSService - ok
20:04:09.0700 0x213c  [ 9B98D38675D854AE9D5DC06AE62E5E53, A0181FE63ADADA758AB8E9A86916728C787E26DC5592F81FEC72F9603470C773 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:04:09.0854 0x213c  wuauserv - ok
20:04:09.0864 0x213c  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:04:09.0896 0x213c  WudfPf - ok
20:04:09.0904 0x213c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:09.0939 0x213c  WUDFRd - ok
20:04:09.0945 0x213c  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:04:09.0986 0x213c  wudfsvc - ok
20:04:09.0995 0x213c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:10.0020 0x213c  WUDFWpdFs - ok
20:04:10.0029 0x213c  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:04:10.0049 0x213c  WUDFWpdMtp - ok
20:04:10.0077 0x213c  [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:04:10.0170 0x213c  WwanSvc - ok
20:04:10.0197 0x213c  [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
20:04:10.0277 0x213c  XblAuthManager - ok
20:04:10.0303 0x213c  [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
20:04:10.0383 0x213c  XblGameSave - ok
20:04:10.0395 0x213c  [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
20:04:10.0435 0x213c  xboxgip - ok
20:04:10.0459 0x213c  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
20:04:10.0550 0x213c  XboxNetApiSvc - ok
20:04:10.0555 0x213c  [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
20:04:10.0583 0x213c  xinputhid - ok
20:04:10.0674 0x213c  [ F96E2E2C1061337A28B0FF06009C31C5, C84A87529D46AFF5837E845D1EC57C794D07FAB760DDF79592DB1753F7B686FB ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
20:04:10.0842 0x213c  ZeroConfigService - ok
20:04:10.0846 0x213c  ================ Scan global ===============================
20:04:10.0853 0x213c  [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
20:04:10.0863 0x213c  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
20:04:10.0874 0x213c  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
20:04:10.0888 0x213c  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
20:04:10.0898 0x213c  [ Global ] - ok
20:04:10.0899 0x213c  ================ Scan MBR ==================================
20:04:10.0901 0x213c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:04:10.0923 0x213c  \Device\Harddisk0\DR0 - ok
20:04:10.0971 0x213c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:04:11.0022 0x213c  \Device\Harddisk1\DR1 - ok
20:04:11.0023 0x213c  ================ Scan VBR ==================================
20:04:11.0025 0x213c  [ A523F74CFF2014E8E420C348152787C5 ] \Device\Harddisk0\DR0\Partition1
20:04:11.0027 0x213c  \Device\Harddisk0\DR0\Partition1 - ok
20:04:11.0030 0x213c  [ CA02AB0F3A5D038CC626B8938D9A6AC4 ] \Device\Harddisk0\DR0\Partition2
20:04:11.0031 0x213c  \Device\Harddisk0\DR0\Partition2 - ok
20:04:11.0037 0x213c  [ D65D0A04A81E9CDC4ED0EB7CF92B07A7 ] \Device\Harddisk0\DR0\Partition3
20:04:11.0037 0x213c  \Device\Harddisk0\DR0\Partition3 - ok
20:04:11.0040 0x213c  [ C1CA70FD402943F3B4271A0599667D3A ] \Device\Harddisk0\DR0\Partition4
20:04:11.0042 0x213c  \Device\Harddisk0\DR0\Partition4 - ok
20:04:11.0045 0x213c  [ 4BB000F92EC8CF513CD0D35C91C58ECF ] \Device\Harddisk0\DR0\Partition5
20:04:11.0047 0x213c  \Device\Harddisk0\DR0\Partition5 - ok
20:04:11.0079 0x213c  [ 9A9702C9637ED51AE82DD947C30009E3 ] \Device\Harddisk1\DR1\Partition1
20:04:11.0150 0x213c  \Device\Harddisk1\DR1\Partition1 - ok
20:04:11.0176 0x213c  [ A32BF62F5325F04CAAF2FC60DBFA7089 ] \Device\Harddisk1\DR1\Partition2
20:04:11.0185 0x213c  \Device\Harddisk1\DR1\Partition2 - ok
20:04:11.0185 0x213c  ================ Scan generic autorun ======================
20:04:11.0397 0x213c  [ F1A4AF003E8B98BFE05D0BCC5E85DA21, 6B6C5AA0F8869CF3FD3BFE4788863F697FE1A8337275A503CBE1780A4086560E ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:04:11.0683 0x213c  RTHDVCPL - ok
20:04:11.0754 0x2b2c  Object send P2P result: true
20:04:11.0755 0x2b2c  Object required for P2P: [ AA173D4202F9BFDD1C50B37550560780 ] ibtusb
20:04:11.0757 0x213c  [ 2DC2C370F785AD5B2717A205238B03E2, 50D002FF269741855986179D4B9D5A820C04E881B624AFEF0B76E80A68930F3D ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
20:04:11.0885 0x213c  NvBackend - ok
20:04:11.0892 0x213c  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
20:04:11.0930 0x213c  ShadowPlay - ok
20:04:11.0937 0x213c  [ 6D44DE61A0BC7EE359D65992665C6432, 5A3C2D57A293B9BDD7CB1A4AA0ACF19374866F8A88EF132E350E5973CB4F7662 ] C:\Program Files\iTunes\iTunesHelper.exe
20:04:11.0958 0x213c  iTunesHelper - ok
20:04:11.0964 0x213c  [ F4BC46AD4FC1F2F3372EBF8505D00436, 94F752406AC4968A917691A2E2A09C2EBAAA24E549E3BC0F5F256A8233DF86D5 ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
20:04:11.0979 0x213c  AccelerometerSysTrayApplet - ok
20:04:11.0987 0x213c  [ 9D756DEC91FE4DF7C3D772F29A5B4B05, B369BC57EF5725AA6F601DA8735F96EBB2EADDC44FD55063218737E28DDC51A6 ] C:\Program Files (x86)\F-Secure\fshoster32.exe
20:04:12.0006 0x213c  F-Secure Hoster (45119) - ok
20:04:12.0019 0x213c  [ E3FB47508337731F39FBD0A39C31F6AF, 2D0CC2B5C1D3B7E408F42D83516EA0E65E3FE0C297FCFC87ED3E57C9F6D264E5 ] C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Common\FSM32.EXE
20:04:12.0042 0x213c  F-Secure Manager - ok
20:04:12.0115 0x213c  [ F1021BD18F1F726DAD6E00398FD1CCB6, A76FC4DFB1E9BFE0B920C78E36C1E77D4AA2224D37A26B26AD843D60949D2214 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
20:04:12.0242 0x213c  KeePass 2 PreLoad - ok
20:04:12.0262 0x213c  [ 116DEB71DF3EADB8D82163EA565E1320, D810AAB27240EAC872274309568C7B2C5166C0BD80A33E4593E90D57FF4C8D4A ] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
20:04:12.0301 0x213c  HPMessageService - ok
20:04:12.0647 0x213c  [ 0C4A6E1E7DDF1273D57F27746382AFF4, 7225FC662BFCB95289E41863A63190AC905E2E566084016746D7FAC306706C8C ] C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
20:04:13.0146 0x213c  My Swisscom Assistant - ok
20:04:13.0232 0x213c  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
20:04:13.0465 0x213c  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
20:04:14.0135 0x2b2c  Object send P2P result: true
20:04:14.0144 0x2b2c  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
20:04:15.0759 0x213c  Detect skipped due to KSN trusted
20:04:15.0760 0x213c  BrStsMon00 - ok
20:04:15.0790 0x213c  [ 81926A18E59336F0CDF816B7F0263E43, 7ED22F2A3B3EC5B9EEAD72D6526D3514E485A8EB6A2A0EB334509202C8A6CE5C ] C:\Program Files (x86)\TrojanHunter\THGuard.exe
20:04:15.0839 0x213c  THGuard - ok
20:04:16.0030 0x213c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:04:16.0284 0x213c  OneDriveSetup - ok
20:04:16.0531 0x2b2c  Object send P2P result: true
20:04:16.0537 0x213c  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
20:04:16.0544 0x2b2c  Object required for P2P: [ 8194FC1EC2EE36F63CFDC62595444FB2 ] nvsvc
20:04:16.0778 0x213c  OneDriveSetup - ok
20:04:16.0810 0x213c  [ 9F2ECA252720B25E8FEC1CAB2984B98D, 476EE2929901CD43F15869B763376393AA0942A3B934532055E037C6DCE3CD2D ] C:\Users\Michael\AppData\Local\Microsoft\OneDrive\OneDrive.exe
20:04:16.0849 0x213c  OneDrive - ok
20:04:17.0105 0x213c  [ 52F5D651B8E39F258C1C34272FEB1AB2, C13AD8762A4474D8246DE7BC023244BD74456D45348F74F77373CC61C238A0F3 ] C:\Program Files\CCleaner\CCleaner64.exe
20:04:17.0389 0x213c  CCleaner Monitoring - ok
20:04:17.0397 0x213c  Waiting for KSN requests completion. In queue: 274
20:04:18.0397 0x213c  Waiting for KSN requests completion. In queue: 274
20:04:18.0929 0x2b2c  Object send P2P result: true
20:04:19.0398 0x213c  Waiting for KSN requests completion. In queue: 246
20:04:19.0691 0x2a64  Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
20:04:20.0399 0x213c  Waiting for KSN requests completion. In queue: 225
20:04:21.0400 0x213c  Waiting for KSN requests completion. In queue: 225
20:04:22.0077 0x2a64  Object send P2P result: true
20:04:22.0082 0x2a64  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
20:04:22.0400 0x213c  Waiting for KSN requests completion. In queue: 184
20:04:23.0401 0x213c  Waiting for KSN requests completion. In queue: 184
20:04:24.0401 0x213c  Waiting for KSN requests completion. In queue: 184
20:04:25.0038 0x2a64  Object send P2P result: true
20:04:25.0044 0x2a64  Object required for P2P: [ F709B53D7263C28FDFEED5D6C48AE9CB ] SynTPEnhService
20:04:25.0402 0x213c  Waiting for KSN requests completion. In queue: 163
20:04:26.0403 0x213c  Waiting for KSN requests completion. In queue: 163
20:04:27.0403 0x213c  Waiting for KSN requests completion. In queue: 163
20:04:27.0431 0x2a64  Object send P2P result: true
20:04:27.0431 0x2a64  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
20:04:28.0404 0x213c  Waiting for KSN requests completion. In queue: 162
20:04:29.0405 0x213c  Waiting for KSN requests completion. In queue: 162
20:04:29.0830 0x2a64  Object send P2P result: true
20:04:29.0855 0x2a64  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
20:04:30.0405 0x213c  Waiting for KSN requests completion. In queue: 82
20:04:31.0406 0x213c  Waiting for KSN requests completion. In queue: 82
20:04:32.0246 0x2a64  Object send P2P result: true
20:04:32.0260 0x2a64  Object required for P2P: [ F1A4AF003E8B98BFE05D0BCC5E85DA21 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:04:32.0407 0x213c  Waiting for KSN requests completion. In queue: 14
20:04:33.0408 0x213c  Waiting for KSN requests completion. In queue: 14
20:04:34.0408 0x213c  Waiting for KSN requests completion. In queue: 14
20:04:34.0707 0x2a64  Object send P2P result: true
20:04:34.0707 0x2a64  Object required for P2P: [ F1021BD18F1F726DAD6E00398FD1CCB6 ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
20:04:35.0409 0x213c  Waiting for KSN requests completion. In queue: 8
20:04:36.0410 0x213c  Waiting for KSN requests completion. In queue: 8
20:04:37.0107 0x2a64  Object send P2P result: true
20:04:37.0107 0x2a64  Object required for P2P: [ 0C4A6E1E7DDF1273D57F27746382AFF4 ] C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
20:04:37.0410 0x213c  Waiting for KSN requests completion. In queue: 6
20:04:38.0411 0x213c  Waiting for KSN requests completion. In queue: 6
20:04:39.0412 0x213c  Waiting for KSN requests completion. In queue: 6
20:04:39.0816 0x2a64  Object send P2P result: true
20:04:40.0423 0x213c  AV detected via SS2: Computer Security, C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 9.10.15260.0 ), 0x41000 ( enabled : updated )
20:04:40.0425 0x213c  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
20:04:40.0429 0x213c  Win FW state via NFP2: enabled ( trusted )
20:04:43.0100 0x213c  ============================================================
20:04:43.0100 0x213c  Scan finished
20:04:43.0100 0x213c  ============================================================
20:04:43.0110 0x21f8  Detected object count: 0
20:04:43.0110 0x21f8  Actual detected object count: 0

Und hier noch die Info von TrojanHunter, den ich laufen liess BEVOR ich euch um Hilfe bat und dann abbrach, als du dich gemeldet hastr vorgestern:

TrojanHunter Scan Report - Saved 2016-02-23 22:46

Found malware file: C:\Program Files (x86)\F-Secure\apps\ComputerSecurity\Anti-Virus\qrtfix.exe (Buzus.16507)
Scan aborted by user

deeprybka · 26.02.2016, 09:32

Bitte TrojanHunter deinstallieren.

Schritt 1

Downloade Dir HitmanPro

auf Deinen Desktop:

HitmanPro-32 Bit Version
HitmanPro-64 Bit Version

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

mafunk · 26.02.2016, 13:36

Hier Hitman - fand nichts:

Code:

ATTFilter


	Code: 

 ATTFilter

  
	HitmanPro 3.7.13.258
www.hitmanpro.com

   Computer name . . . . : HP-MICHAEL
   Windows . . . . . . . : 10.0.0.10586.X64/4
   User name . . . . . . : HP-Michael\Michael
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2016-02-26 12:27:15
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 1m 45s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1

   Objects scanned . . . : 1*990*567
   Files scanned . . . . : 55*631
   Remnants scanned  . . : 531*496 files / 1*403*440 keys

Suspicious files ____________________________________________________________

   C:\Users\Michael\Desktop\FRST64.exe
      Size . . . . . . . : 2*371*072 bytes
      Age  . . . . . . . : 2.6 days (2016-02-23 22:47:55)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : CCBC5F744BA469D9716493857BEC102269515320F065EC6C12A15688BDA7C1AC
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -35.0s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\485B08F280370D11984DF7CD4C8FAA685FED5897
         -35.0s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\ABE90D1E79D610B07B1021A313F9097F51320452
         -35.0s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\075EEB03E7D79830E8D53B47A4522D7ADC420A6A
         -35.0s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\D38B6AE5DF8F27F1D7BC7544A29DFBA67DD9D090
         -35.0s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\8445E9D6056BFAB031D6994AFD3A15AB3F185366
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\90C3877CA0540BD5518B3C18616C214AC762CEBA
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\7C0046A02BF978C7FB34B4877ECF00F0BA2C5B13
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\30BFC109914F337B3350FBF8B192C96C55654A72
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\D63A3677C78B90679FE690D4D04CCABC1F92C591
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\E880FA1A8FEDE16DC7DE6306D5C3C0D1F6A7C27A
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\E85B87D0FDCEF95BEFE18BF828AD665903BCADCF
         -34.9s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\AAAF95EA233833A9EC9EF5707173080A3F9499B5
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\ADD858F531B99A5EFA8A7567EDE822EC5CB79D6A
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\011002533F55F4BD189F58174492B9BA6A7935A4
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\2DC4DC665C17EA3738BA217C8F10A5D2E66CFDB1
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\FFA612FB018BC8E97EA92130118D2D01B2341BE5
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\678A7612CA832CD9E779D27B9A33AB78B700492F
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\B1F4682DE68347C7E098897C3CEF994DB8D39DA9
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\E75AC3386AE6D913560464EB0C9F8FA103D5FE71
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\B630B163DC4614B236DD0F93DDCD151529E5D145
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\523CC8EB29CB904430796DC09114877CB0F473C4
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\8701BBB83D04FD6BFCAC4F4FEB4F95BC5112506E
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\09BC66A52419391F283E9D489B48F70D2C6344C2
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\ACD02FA227D87C70C49DFD920CB93EBB74C50F7C
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\0B32E6E7C9A593C124E2944B88C7F0BC0CB5D646
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\A5791F22CBA54D9D006E281847526D0B4EEAC8AD
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\514CD97E15B61A6361D04CA3457D30BC5C08A72F
         -34.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\5904C0005C4CBAB1109DE2C1DB01EDD78F5DAD83
         -34.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\152E2846ABDA212AAED1F054721430CECEBE9396
         -34.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\3351FF4103C748E9530EA4AB171E51DD56AC9F66
         -34.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\B2500A90D4BB19767195827CEB6BF09832C07F06
         -34.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\8A3AF419244B85DED033EDC1329B3122D0D604AA
         -34.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\7BD80DF1025A9330D6A34816EA0F16C2B2F106F9
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\A5D35D02873E5B54F9CD59E712C121FC45ABAA25
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\47EACE06E6972BD5975328690650290B2B929CAA
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\10275F25EF413CE9671BD41E6F8675E9A1937A5A
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\AFB468F84B111DBE529F756FBB4801D4D6DB87F6
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\C10FCBC09DA3593197E57E6243E67BCBC35C483E
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\C85946A05822151B388375F174460DCF3DDE9B97
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\733609FBD6622D1EF5DE17B715EE0ECA0C37B6C7
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\AAC546ED2388898D477EB1546522524855A7C5F2
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\E745ECDBB8C580E52DDED1FF37958FB335A889F5
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\460F247EA32091CE600D019E595474D74F8D0047
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\21D33F310FC5A8BFFE01F8A4F90C6CC4F44F560B
         -34.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\602F069F54021FE10E3E946D741108FFBF169649
         -34.5s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\C253006DF85CAD63C14CBA99448FBFE18FC152C7
         -34.5s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\08D981AFF4548BBC7A79D683AC0AAE31A9A8A6C3
         -30.6s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\32A633A683CD84FE99995B63E7AA64226FE2DD69
         -30.5s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\CC0458B01B025B9F2243166020FF60CF14326C86
         -30.5s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\4A1A9C4E37AFEB2BCF0F0505EAED6C201D57C702
         -30.4s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\600830E59BF5A9E188187960E4041F7238884B59
         -30.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\44198860838699CE9530E86CCA6A25878D7206A2
         -30.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\D7E55F0808D7136F91D8BCFBD99453A815714F33
         -29.8s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\AF8D84F90D2A2E90B3D5AB72D0330876581FA77C
         -29.1s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\87060BC0C3A5F5E19068A79A4A8453130D02D503
         -27.7s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\024400EDB0A6D9004DFA427503A76D991D8A8629
         -23.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\CC695F07B4E697C7BBA3DABC2D6124569799848B
         -23.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\D3E6A66E3D4DB261E1E307153431D617D72C96B8
         -23.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\27E052A47B7F6883C8788E2F60BD91A8BB2C00A5
         -23.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\273F5CBC1B62B9DE29BE93A2AF82056AF921803B
         -20.4s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\788EE94A331801E32C5C73080A516B39BBC81A02
         -14.3s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\3D829A40A7FC7734E5FBAA10F8D60FD2BF28FE63
         -14.1s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\519A3D90C2648FB01011F2AAC3AE2259567B384E
          0.0s C:\Users\Michael\Desktop\FRST64.exe
          3.5s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\C2F1CDEB1E059001DB66EA299E2AB2E5CBBAB03A
          4.2s C:\Users\Michael\AppData\Local\Mozilla\Firefox\Profiles\igpsd6wp.default\cache2\entries\C366FD38D67B50CAE689EE3045BC04B2A6909BF6

Hier das Ergebnis von ESET - zwei Bedrohungen gefunden:

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b9f3f7de21d81841a54b57a9fd35ffea
# end=init
# utc_time=2016-02-26 11:32:27
# local_time=2016-02-26 12:32:27 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 28314
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b9f3f7de21d81841a54b57a9fd35ffea
# end=updated
# utc_time=2016-02-26 11:34:38
# local_time=2016-02-26 12:34:38 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b9f3f7de21d81841a54b57a9fd35ffea
# engine=28314
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-26 12:28:05
# local_time=2016-02-26 01:28:05 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 6794225 15460965 0 0
# scanned=357701
# found=2
# cleaned=0
# scan_time=3206
sh=7FA71C218A46CC7165216126065D84E90DB55456 ft=1 fh=883747a2980f0271 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-2322434192-922272962-2423913161-1001\$RPEQR3L.exe"
sh=25EFC5F0778A51028FF49B40816F17F841C166E7 ft=1 fh=b79ba7112d2a946c vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\Michael\AppData\Local\Temp\DMR\dmr_72.exe"

ESET gelöscht inkl. Ordner. Papierkorb geleert.

deeprybka · 27.02.2016, 13:06

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

mafunk · 27.02.2016, 13:15

Super - merci! Eine letzte Frage: taugt deiner Meinung nach F-Secure etwas, den habe ich, weil "meine" Firma den vertreibt (Swisscom). Oder wech damit und deine Empfehlung eset?
Merci, Michael

deeprybka · 27.02.2016, 13:17

Ich empfehle ESET.

Aber F-Secure ist sicher einer der besseren Scanner. Habe damit aber keine Erfahrung.

Beim E-Banking kurz schwarzes Fenster, daraufhin findet TrojanHunter Buzus.16507

Plagegeister aller Art und deren Bekämpfung: Beim E-Banking kurz schwarzes Fenster, daraufhin findet TrojanHunter Buzus.16507