| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Unbekanntes Programm öffnet und schließt sich mehrfach in der TaskleisteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.03.2016, 09:28
| #1 |
| |  Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Hallo ... zunächst, ich bin ein totaler Pc-Laie. Ich habe mir die Hinweise zum Erstellen einen Treads durchgelesen, fürchte aber, ohne direkte Anleitung bin ich zu doof, um diese korrekt zu befolgen :-( Mein Problem ist folgendes: Ich habe mir am 28.03.2016 das Programm Ahnenblatt heruntergeladen und zwar von Chip.de!!! Ich habe extra darauf geachtet, dass ich alle Häckchen bei zusätzlicher Software entferne, damit ich mir nichts ungewolltes mit installiere. Soweit so gut ... trotzdessen haben sich soweit ich es sehen konnte gleich 4 weitere Programme installiert! Namentlich erinnere ich mich vorallem an Yessearch .... dann an die komische Webbar ....yahoosearchbar ..und noch irgendwas von wegen downloadmanager bla ...erinnere mich leider nicht mehr richtig an den Namen :-( Sofort nach dem download fing ich an wieder loszuwerden, was ich da bekommen hatte und zunächst schien es mir, als würde mein RevoUninstaller und mein CCleaner seine Sache gut machen. Ich war erleichtert, dass ich alles rasch losgeworden bin und habe mich mit dem neuen Programm beschäftigt. Schon dabei viel mir auf, dass sich irgendwas in meiner Taskleiste tut. Irgendwas öffnete sich rasantschnell, der Mauszeiger zeigte, er lädt etwas und dann war es schon wieder verschwunden. Teilweise so rasch, dass ich erst annahm, ich bilde mir das ein. Schließlich dachte ich, dass das Ahnenblatt vielleicht einfach nur zwischenspeichert. Am nächsten Tag hab ich dann Valhalla Hills gespielt. Alles andere war aus. Etwa alle 15-30 Minuten ruckelte plötzlich das Spiel und alles stockte und ich stelle fest, dass ich kurzweilig die Taskleiste sehe und ...ja, das Programm, was sich da öffnet und wieder schließt. Ich hab mich dann darauf konzentriert und versucht herauszufinden was es ist. Infos zu diesem Phantomprogramm: Kein Icon ...kein Name ...im höchstfall erahne ich das Bild eines Pc's, wenn ich es schaffe mit der Maus drüber zu fahren. Es ist nicht anklickbar oder dergleichen und taucht etwa 2-3 mal hintereinander schnell auf und verschwindet wieder. Meine Maßnahmen waren: ESET Online Scanner, der jedoch nur Win32/DownloadAssistent.C und DownloadGuide.D fand. Ich hab sie rausgenommen ...mittlerweile sind die übrigens wieder da. Dann AdwScanner ...massig viel gefunden, alls rausgeworfen. Highjackthis ...überhaupt kein Erfolg. Ccleaner, noch mal Fehlersuche und Cokg ...nichts. Spybot ...massig gefunden, für mich aber nicht nachvollziehbar wo und wie ich drankomme ...zumal man das Ding ja bezahlen muss ...was ich nicht tat und daher ...ab wieder runter damit :-( Dann hab ich mir die Ereigniskontrolle angesehen, ich hab mir den Autostart angeschaut und solange offen gelassen, bis das Programm wieder auftauchte ...nichts! Keine Veränderung. Keine Meldungen nada ...! So, jetzt dachte ich ..evtl liegt es an Mozilla? Also hab ich den runtergehauen und neu installiert und ...aha ... ich hatte mit Neuinstallation des Mozillas SOFORT WebBar wieder drauf! Also wieder WebBar runtergehauen. Wieder gescannt .... nichts ...abgesehen von den überbleibseln von WebBar in der Registry, welche ich freilich auch vernichtet habe. Ergebnis ...das Phantomprogramm öffnet und schließt sich leider immer noch und das schon beim Hochstarten des Pc's wenn sich mein Skype und mein Origin öffnet und das noch vor diesen beiden. Ich bin mit meinem Latain nun völlig am Ende :-( Was kann ich jetzt noch tun, außer meine komplette Festplatte zu formatieren (was ich wirklich, wirklich nur ungern wollen würde!)? Achso mein System ist: Edition: Windows 10 Home Version: 1511 Betriebssystembuild: 10586.164 Produkt-ID: 00326-10000-00000-AA279 Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz 3.50 GHz Installierter RAM: 8,00 GB (7,86 GB verwendbar) Systemtyp: 64-Bit-Betriebssystem, x64-basierter Prozessor Liebe und hoffnungsvolle Grüße Trys P.S: Habe gerade festgestellt, dass sich Mozilla in der Taskleiste schließt, wenn das Programm auftaucht!!! :-) Kann es also doch damit zusammenhängen? Das Programm öffnet sich aber auch dann, wenn ich Mozilla nicht verwende :-( Geändert von Trystis (30.03.2016 um 09:57 Uhr) |
|
30.03.2016, 14:57
| #2 |
| /// Malwareteam   | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Schritt: 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt: 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.03.2016, 18:25
| #3 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Hallo Rafael, vielen Dank, dass du dich meiner annimmst.
__________________Ich hoffe ich mache alles richtig. [CODE]:-) FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (Administrator) auf SCHLOTTERBECKPC (30-03-2016 19:22:39)
Gestartet von C:\Users\Schlotterbeck\Downloads
Geladene Profile: Schlotterbeck (Verfügbare Profile: Schlotterbeck & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Kaspersky Lab ZAO) C:\Users\Schlotterbeck\Downloads\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\Schlotterbeck\AppData\Local\Temp\{CC8A4FA4-8BD0-4A01-AB76-D9BE35EF4C22}\{868D1DC2-5891-4E17-ABD0-56997FCFFF09}.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-03-29] (Electronic Arts)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{fbc64d8c-f864-4b6b-8890-094ed2bbc179}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com
SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> {8A4BF67C-BF8B-43ED-B715-37D847738E5B} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF NewTab: about:home
FF DefaultSearchEngine: Bing®
FF SelectedSearchEngine: Bing®
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] ()
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\oh7dnav3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF Extension: New Tab by Yahoo - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2016-01-07]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-29] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek )
R3 rtl819xp; C:\Windows\System32\drivers\rtl819xp.sys [620032 2015-10-30] (Realtek Semiconductor Corporation )
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-30 19:15 - 2016-03-30 19:18 - 00485874 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_19.15.14_log.txt
2016-03-30 19:15 - 2016-03-30 19:15 - 00246848 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\81491981.sys
2016-03-30 19:14 - 2016-03-30 19:15 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Schlotterbeck\Downloads\tdsskiller.exe
2016-03-30 19:13 - 2016-03-30 19:13 - 00039777 _____ C:\Users\Schlotterbeck\Downloads\Addition.txt
2016-03-30 19:12 - 2016-03-30 19:22 - 00010556 _____ C:\Users\Schlotterbeck\Downloads\FRST.txt
2016-03-30 19:12 - 2016-03-30 19:22 - 00000000 ____D C:\FRST
2016-03-30 19:11 - 2016-03-30 19:12 - 02374144 _____ (Farbar) C:\Users\Schlotterbeck\Downloads\FRST64.exe
2016-03-29 23:28 - 2016-03-29 23:29 - 00000000 ____D C:\Users\Schlotterbeck\Downloads\backups
2016-03-29 23:16 - 2016-03-29 23:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Schlotterbeck\Downloads\HijackThis.exe
2016-03-29 22:29 - 2016-03-29 22:29 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-03-29 22:29 - 2016-03-29 22:29 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\Program Files\CCleaner
2016-03-29 22:28 - 2016-03-29 22:28 - 06828320 _____ (Piriform Ltd) C:\Users\Schlotterbeck\Downloads\ccsetup514.exe
2016-03-29 22:13 - 2016-03-29 22:13 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
2016-03-29 21:59 - 2016-03-29 21:59 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-29 21:59 - 2016-03-29 21:59 - 00001230 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-29 21:59 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-29 20:52 - 2016-03-30 01:26 - 00000000 ____D C:\AdwCleaner
2016-03-29 20:46 - 2016-03-29 20:52 - 03102208 _____ C:\Users\Schlotterbeck\Downloads\adwcleaner_5.107.exe
2016-03-29 19:54 - 2016-03-29 19:54 - 02870984 _____ (ESET) C:\Users\Schlotterbeck\Downloads\esetsmartinstaller_deu.exe
2016-03-29 19:54 - 2016-03-29 19:54 - 00000000 ____D C:\Program Files (x86)\ESET
2016-03-29 12:00 - 2016-03-29 22:34 - 00000000 ____D C:\ProgramData\LogiShrd
2016-03-29 11:56 - 2016-03-29 11:56 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-03-29 11:43 - 2016-03-29 11:43 - 02603528 _____ (mIRC Co. Ltd.) C:\Users\Schlotterbeck\Downloads\mirc744.exe
2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC
2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\Program Files (x86)\mIRC
2016-03-28 08:55 - 2016-03-29 21:37 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-03-28 08:33 - 2016-03-29 21:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-03-28 08:33 - 2016-03-28 08:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\Documents\Ahnenblatt
2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Ahnenblatt
2016-03-28 08:25 - 2016-03-28 08:25 - 00000674 _____ C:\Users\Schlotterbeck\Desktop\Ahnenblatt.lnk
2016-03-28 08:25 - 2016-03-28 08:25 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt
2016-03-28 08:24 - 2016-03-28 08:24 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\dlg
2016-03-28 08:23 - 2016-03-28 08:23 - 00003600 _____ C:\WINDOWS\System32\Tasks\GEN_Interval
2016-03-28 08:23 - 2016-03-28 08:23 - 00003272 _____ C:\WINDOWS\System32\Tasks\GEN
2016-03-28 08:22 - 2016-03-28 08:30 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-03-28 08:22 - 2016-03-28 08:22 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-19 13:49 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-09 18:45 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-03-09 18:45 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-03-09 18:45 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-03-09 18:45 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-03-09 18:45 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 18:45 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 18:45 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 18:45 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-03-09 18:45 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-03-09 18:45 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-03-09 18:45 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 18:45 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 18:45 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 18:45 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-03-09 18:45 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-03-09 18:45 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-03-09 18:45 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-03-09 18:45 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-03-09 18:45 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 18:45 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-03-09 18:45 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-03-09 18:45 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 18:45 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-03-09 18:45 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-03-09 18:45 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-03-09 18:45 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-03-09 18:45 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-03-09 18:45 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-03-09 18:45 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-03-09 18:45 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-03-09 18:45 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-03-09 18:45 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-03-09 18:45 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-03-09 18:45 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-03-09 18:45 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-03-09 18:45 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-03-09 18:45 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-03-09 18:45 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-03-09 18:45 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-03-09 18:45 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-03-09 18:45 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-03-09 18:45 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 18:45 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-03-09 18:45 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-03-09 18:45 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-03-09 18:45 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-03-09 18:45 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-03-09 18:45 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 18:45 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-03-09 18:45 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-03-09 18:45 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-03-09 18:45 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-03-09 18:45 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-03-09 18:45 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-03-09 18:45 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 18:45 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 18:45 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-03-09 18:45 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-03-09 18:45 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-03-09 18:45 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-03-09 18:45 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-03-09 18:45 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-03-09 18:45 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-03-09 18:45 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-03-09 18:45 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-03-09 18:45 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 18:45 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-03-09 18:45 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-03-09 18:45 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-03-09 18:45 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-03-09 18:45 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-03-09 18:45 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-03-09 18:45 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-03-09 18:45 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-03-09 18:45 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-03-09 18:45 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-03-09 18:45 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-03-09 18:45 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-03-09 18:45 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-03-09 18:45 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-03-09 18:45 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-03-09 18:45 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-03-09 18:45 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-03-09 18:45 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-03-09 18:45 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-03-09 18:45 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-03-09 18:45 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 18:45 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-03-09 18:45 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-03-09 18:45 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-03-09 18:45 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-03-09 18:45 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-03-09 18:45 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-03-09 18:45 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-03-09 18:45 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-03-09 18:45 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-03-09 18:45 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-03-09 18:45 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-03-09 18:45 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-03-09 18:45 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 18:45 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-03-09 18:45 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-03-09 18:45 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-03-09 18:45 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-03-09 18:45 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-03-09 18:45 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-03-09 18:45 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 18:45 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-03-09 18:45 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-03-09 18:45 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-03-09 18:45 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-03-09 18:45 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-03-09 18:45 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-03-09 18:45 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-03-09 18:45 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-03-09 18:45 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-03-09 18:45 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-03-09 18:45 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-03-09 18:45 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-03-09 18:45 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-03-09 18:45 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-03-09 18:45 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-03-09 18:45 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-03-09 18:45 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-03-09 18:45 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-03-09 18:45 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-03-09 18:45 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-03-09 18:45 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-03-09 18:45 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-03-09 18:45 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-03-09 18:45 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-03-09 18:45 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-03-09 18:45 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-03-09 18:45 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-03-09 18:45 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-03-09 18:45 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-03-09 18:45 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 18:45 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-03-09 18:45 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-03-09 18:45 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-03-09 18:45 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-03-09 18:45 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-03-09 18:45 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-03-09 18:45 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-03-09 18:45 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-03-09 18:45 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 18:45 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 18:45 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 18:45 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 18:45 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 18:45 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 18:45 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-03-09 18:45 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-03-01 23:07 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-03-01 23:07 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-03-01 23:07 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-03-01 23:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-03-01 23:07 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-03-01 23:07 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-03-01 23:07 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-03-01 23:07 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-01 23:07 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-01 23:07 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-01 23:07 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-01 23:07 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-01 23:07 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-01 23:07 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-01 23:07 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-01 23:07 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-03-01 23:07 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-03-01 23:06 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-03-01 23:06 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-03-01 23:06 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-03-01 23:06 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-01 23:06 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-03-01 23:06 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-03-01 23:06 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-03-01 23:06 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-03-01 23:06 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-03-01 23:06 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-03-01 23:06 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-03-01 23:06 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-03-01 23:06 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-03-01 23:06 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-03-01 23:06 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-03-01 23:06 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-03-01 23:06 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-03-01 23:06 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-03-01 23:06 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-01 23:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-03-01 23:06 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-03-01 23:06 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-03-01 23:06 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-03-01 23:06 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-03-01 23:06 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-03-01 23:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-03-01 23:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-03-01 23:06 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-01 23:06 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-01 23:06 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-03-01 23:06 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-03-01 23:06 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-03-01 23:06 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-03-01 23:06 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-03-01 23:06 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-03-01 23:06 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-03-01 23:06 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-03-01 23:06 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-03-01 23:06 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-03-01 23:06 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-03-01 23:06 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-03-01 23:06 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-03-01 23:06 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-03-01 23:06 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-03-01 23:06 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-03-01 23:06 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-03-01 23:06 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-03-01 23:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-03-01 23:06 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-03-01 23:06 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-03-01 23:06 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-03-01 23:06 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-03-01 23:06 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-03-01 23:06 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-03-01 23:06 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-03-01 23:06 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-03-01 23:06 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-03-01 23:06 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-03-01 23:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-03-01 23:06 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-03-01 23:06 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-03-01 23:06 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-03-01 23:06 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-03-01 23:06 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-03-01 23:06 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-03-01 23:06 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-03-01 23:06 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-03-01 23:06 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-03-01 23:06 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-03-01 23:06 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-03-01 23:06 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-03-01 23:06 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-03-01 23:06 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-03-01 23:06 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-03-01 23:06 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-01 23:06 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-03-01 23:06 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 23:06 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-03-01 23:06 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-03-01 23:06 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-03-01 23:06 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-03-01 23:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-03-01 23:06 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-03-01 23:06 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-03-01 23:06 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-03-01 23:06 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-03-01 23:06 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-03-01 23:06 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-03-01 23:06 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-03-01 23:06 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-03-01 23:06 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-03-01 23:06 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-03-01 23:06 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-03-01 23:06 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-03-01 23:06 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-03-01 23:06 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-03-01 23:06 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-03-01 23:06 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-03-01 23:06 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-03-01 23:06 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-03-01 23:06 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-03-01 23:06 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-03-01 23:06 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-03-01 23:06 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-03-01 23:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-03-01 23:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-03-01 23:06 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-03-01 23:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-03-01 23:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-03-01 23:06 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-03-01 23:06 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-03-01 23:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-01 23:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-03-01 23:06 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-03-01 23:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-03-01 23:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-03-01 23:06 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-03-01 23:06 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-03-01 23:06 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-03-01 23:06 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-03-01 23:06 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-03-01 23:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-03-01 23:06 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-03-01 23:06 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-03-01 23:06 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-03-01 23:06 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-03-01 23:06 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-03-01 23:06 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-03-01 23:06 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-03-01 23:06 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-03-01 23:06 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-03-01 23:06 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-03-01 23:06 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-03-01 23:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-03-01 23:06 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-03-01 23:06 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-03-01 23:06 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-03-01 23:06 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-03-01 23:06 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-03-01 23:06 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-03-01 23:06 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-03-01 23:06 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-03-01 23:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-03-01 23:06 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-03-01 23:06 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-03-01 23:06 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-03-01 23:06 - 2016-02-09 06:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-03-01 23:06 - 2016-02-09 06:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-03-01 23:06 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-03-01 23:06 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-03-01 23:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-03-01 23:06 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-03-30 19:10 - 2015-08-30 00:00 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Skype
2016-03-30 19:09 - 2015-12-25 08:13 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-03-30 19:09 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Origin
2016-03-30 19:09 - 2015-05-26 17:00 - 00000000 __SHD C:\Users\Schlotterbeck\IntelGraphicsProfiles
2016-03-30 10:34 - 2015-08-30 00:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-30 09:58 - 2015-08-29 23:52 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\VirtualStore
2016-03-30 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-30 08:54 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-03-30 08:53 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-03-30 08:53 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-03-30 08:53 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-03-30 08:53 - 2015-08-29 23:51 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 01:27 - 2015-12-25 08:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-30 01:27 - 2015-12-25 08:13 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-30 01:26 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-30 01:26 - 2015-08-29 23:54 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\mIRC
2016-03-30 00:36 - 2015-11-15 22:03 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33CF693F-4EEC-4CC7-AB7E-7EAB556BED39}
2016-03-29 22:35 - 2015-08-29 23:51 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\Packages
2016-03-29 22:32 - 2016-02-20 00:58 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\CrashDumps
2016-03-29 22:32 - 2015-12-25 08:11 - 00000000 ___DC C:\WINDOWS\Panther
2016-03-29 15:41 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Oracle
2016-03-29 13:57 - 2015-11-15 22:03 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-29 13:57 - 2015-08-27 18:33 - 00000000 ____D C:\Users\Schlotterbeck\.oracle_jre_usage
2016-03-29 11:43 - 2015-06-01 12:28 - 00001034 _____ C:\Users\Public\Desktop\mIRC.lnk
2016-03-29 08:27 - 2015-08-30 00:13 - 00000000 ____D C:\Program Files (x86)\Origin
2016-03-28 08:55 - 2015-12-25 08:13 - 00000000 ____D C:\Users\Schlotterbeck
2016-03-28 08:30 - 2016-01-01 14:31 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Notepad++
2016-03-28 08:28 - 2015-11-28 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-03-28 08:22 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-03-28 08:22 - 2015-08-30 00:40 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2016-03-23 19:47 - 2015-12-27 09:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-03-23 19:47 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Skype
2016-03-23 19:02 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-23 18:39 - 2015-08-30 00:47 - 00001433 _____ C:\Users\Public\Desktop\Die Sims 4.lnk
2016-03-20 22:56 - 2015-08-30 00:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-03-11 09:23 - 2015-12-25 08:12 - 00224368 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-11 09:23 - 2015-08-29 23:53 - 00002421 _____ C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-03-11 09:23 - 2015-08-16 18:08 - 00000000 ___RD C:\Users\Schlotterbeck\OneDrive
2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-03-10 10:20 - 2015-08-30 08:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-10 10:19 - 2015-08-30 08:09 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 19:43 - 2016-02-16 23:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-04 09:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-03-03 08:15 - 2015-08-16 18:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-03 01:10 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-25 08:12 - 2015-12-25 08:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Schlotterbeck\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Schlotterbeck\AppData\Local\Temp\jre-8u77-windows-au.exe
C:\Users\Schlotterbeck\AppData\Local\Temp\libeay32.dll
C:\Users\Schlotterbeck\AppData\Local\Temp\msvcr120.dll
C:\Users\Schlotterbeck\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Schlotterbeck\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Schlotterbeck\AppData\Local\Temp\nvStInst.exe
C:\Users\Schlotterbeck\AppData\Local\Temp\sqlite3.dll
C:\Users\Schlotterbeck\AppData\Local\Temp\xmlUpdater.exe
C:\Users\Schlotterbeck\AppData\Local\Temp\ytb.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-03-24 09:40
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (2016-03-30 19:22:55)
Gestartet von C:\Users\Schlotterbeck\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-25 06:17:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4088502895-2642783358-2647005207-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4088502895-2642783358-2647005207-503 - Limited - Disabled)
Gast (S-1-5-21-4088502895-2642783358-2647005207-501 - Limited - Disabled)
Schlotterbeck (S-1-5-21-4088502895-2642783358-2647005207-1000 - Administrator - Enabled) => C:\Users\Schlotterbeck
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Ahnenblatt 2.94 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.94.0.1 - Dirk Böttcher)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.16.61.1020 - Electronic Arts Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.44 - mIRC Co. Ltd.)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
Post Mortem (HKLM-x32\...\Steam App 46550) (Version: - Anuman / Microids)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sam & Max 201: Ice Station Santa (HKLM-x32\...\Steam App 8260) (Version: - Telltale Games)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Still Life (HKLM-x32\...\Steam App 46480) (Version: - Anuman / Microids)
Still Life 2 (HKLM-x32\...\Steam App 46490) (Version: - Anuman / Microids)
The Book of Unwritten Tales 2 (HKLM-x32\...\Steam App 279940) (Version: - KING Art)
The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Valhalla Hills (HKLM-x32\...\Steam App 351910) (Version: - Funatics Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Schlotterbeck\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04F3A45F-C0BD-4434-A53C-10F5BD1EEF5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {7A3D8D85-D64B-4C49-9A62-3E80493FCDAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {884F9824-B9EB-4ED4-B189-42834F0A9476} - System32\Tasks\GEN => C:\Users\Schlotterbeck\AppData\Local\Programs\GEN\GEN.exe [2016-03-22] ( )
Task: {A80D56CB-D689-44BB-83DB-49B0048C87E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {E24B1F6E-AFA4-4D2F-9D2B-CF47B1D3712F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE} - System32\Tasks\GEN_Interval => C:\Users\Schlotterbeck\AppData\Local\Programs\GEN\GEN.exe [2016-03-22] ( )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-21 19:48 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-25 08:13 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-25 13:39 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 23:06 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 21:03 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:03 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 23:00 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 23:00 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-15 22:44 - 2016-01-15 22:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-11-11 18:56 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-08-30 00:40 - 2015-09-01 11:38 - 00450831 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15464 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6CE28B72-77A7-4CAD-A1AA-55800C6E073A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CF22FD0-7A5B-4415-861A-315954DC85A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{449331B2-99C7-4259-A5CD-72B3ACD1000D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8A46055-4283-4FC3-9A84-BCDBC51CE9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1FAB3791-4A95-4591-8CAD-EDDD4DC47A60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C3ABF497-1C31-4C50-8458-921EED1E17A8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24DFDCEB-194C-4F12-95BF-F93BBAE20C2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C94AF98F-BADD-4ED6-B744-92FE0464B3BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{610A8308-197E-4B2E-A6CB-B329E942191F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF180DCE-6D8E-40FA-B247-0232957B13D6}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{5BAAFD55-0128-46AB-ABBE-79E9D7013B4B}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [UDP Query User{2610F3D4-8C2A-429E-820B-E2082B936FE8}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [TCP Query User{0FB5175C-D572-4937-9E03-E9147E5621AC}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [{8C4E56AD-3ABB-4EF1-B4F4-EA12FA76D83C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5EEBEDB-9B13-4EBB-B422-944D57F11FEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{523DA543-C157-4DD4-93F3-1FF50D3DE5C5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{560414C9-3E58-4089-AC47-8532E73238A8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{2EDA0CAA-3EFA-4872-93AA-D5F11F2A316C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{383FF987-68DE-404F-9DE9-CFDD401A8B81}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E260304C-E05C-48F1-BB19-45B564D69D01}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{F7A4F864-9A09-4AF3-95B0-32C8C9B46650}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{2C324932-FE6E-4CE2-ADE7-79E360337302}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{BB7E0345-A690-4FA1-A0AA-D776C2AF9E0B}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{ED0705CB-10D9-4CC9-AD1D-7E2FC305F5BA}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{EB9B5509-6DD5-46D8-8AFC-E6E7545D2B3D}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{B35D686C-A956-4987-B088-0738A8503234}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [{A460399B-13BD-4C8D-B7A1-710D7396182C}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [TCP Query User{B7A3EE88-4B83-4C2C-94CA-B4B0AA702FA3}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [UDP Query User{56F7F28D-8E3E-44FC-B461-A7253AF65162}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [{8A6258E6-CEA0-468D-B84F-02264A64589D}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F90BF424-81E7-4C7C-B6C9-5A078EC6E2EC}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{B4D4BCCD-F487-4E35-AAE6-64AB3E37678E}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{31A3E650-3C68-4D70-86C3-B4A1383D42AE}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{2FD1C2BA-64EB-4F9D-A724-B3FE967220FD}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{91EB77F2-58B4-4D12-A238-E4BC9395394F}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{5FA42F1B-4ACC-45BF-82CF-6C0E7B846DC4}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{2BC35ABA-4916-4F87-880B-A17FCE289B4B}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{7849582D-D4FE-4E5E-A390-AB7FC4A5AA9B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{93DAD427-D225-4A4D-8629-AD1D0A61AEE7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{D4B57B4C-6F08-4351-81BB-C5637387FCB3}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{E8F7E23D-64EA-41FF-A2B1-68F1C6EE01B5}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E16EC1E1-BC51-4B85-AA68-BF4737302C7A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{50A64FED-E1FC-45B7-A6D8-6DC9360104FE}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
==================== Wiederherstellungspunkte =========================
19-03-2016 14:06:23 Geplanter Prüfpunkt
20-03-2016 22:56:20 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
23-03-2016 18:38:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
23-03-2016 18:38:56 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
28-03-2016 08:26:23 Revo Uninstaller's restore point - Yahoo Search Set
29-03-2016 21:37:08 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/30/2016 09:58:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/30/2016 09:36:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/30/2016 08:54:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SCHLOTTERBECKPC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/29/2016 09:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/29/2016 09:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/29/2016 09:37:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/29/2016 07:54:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Systemfehler:
=============
Error: (03/30/2016 11:01:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_e7b2d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 11:01:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _e7b2d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 11:01:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_e7b2d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 11:01:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_e7b2d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 10:49:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/30/2016 10:49:16 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SCHLOT~1\AppData\Local\Temp\ehdrv.sys
Error: (03/30/2016 10:49:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/30/2016 10:49:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SCHLOT~1\AppData\Local\Temp\ehdrv.sys
Error: (03/30/2016 10:49:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (03/30/2016 10:49:15 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\SCHLOT~1\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-03-24 17:01:11.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 15:18:39.961
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 07:37:32.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 08:23:09.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-03 07:14:59.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-02 21:21:36.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 10:06:30.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 08:06:28.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-11 08:13:39.801
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-30 08:22:19.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8047.65 MB
Verfügbarer physikalischer RAM: 5037.4 MB
Summe virtueller Speicher: 9327.65 MB
Verfügbarer virtueller Speicher: 6384.42 MB
==================== Laufwerke ================================
Drive c: (System SSD) (Fixed) (Total:223.03 GB) (Free:103.42 GB) NTFS
Drive d: (FREEDOS) (Fixed) (Total:465.76 GB) (Free:238.99 GB) NTFS
Drive g: (Xbox360_1_2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A155B4D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 9A393885)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.03.2016, 18:27
| #4 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Kaspersky hat leider nix gefunden, daher poste ich den Report. Ich muss den stückeln, weil er sonst zu lang ist. Hoffe das ist in Ordnung. Code:
ATTFilter 19:15:14.0731 0x0628 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
19:15:19.0603 0x0628 ============================================================
19:15:19.0603 0x0628 Current date / time: 2016/03/30 19:15:19.0603
19:15:19.0603 0x0628 SystemInfo:
19:15:19.0603 0x0628
19:15:19.0603 0x0628 OS Version: 10.0.10586 ServicePack: 0.0
19:15:19.0603 0x0628 Product type: Workstation
19:15:19.0603 0x0628 ComputerName: SCHLOTTERBECKPC
19:15:19.0604 0x0628 UserName: Schlotterbeck
19:15:19.0604 0x0628 Windows directory: C:\WINDOWS
19:15:19.0604 0x0628 System windows directory: C:\WINDOWS
19:15:19.0604 0x0628 Running under WOW64
19:15:19.0604 0x0628 Processor architecture: Intel x64
19:15:19.0604 0x0628 Number of processors: 4
19:15:19.0604 0x0628 Page size: 0x1000
19:15:19.0604 0x0628 Boot type: Normal boot
19:15:19.0604 0x0628 ============================================================
19:15:19.0638 0x0628 KLMD registered as C:\WINDOWS\system32\drivers\81491981.sys
19:15:20.0023 0x0628 System UUID: {0645CCB3-AC08-B82F-3699-1903F9C8E8E9}
19:15:20.0323 0x0628 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:15:20.0324 0x0628 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:15:20.0326 0x0628 ============================================================
19:15:20.0326 0x0628 \Device\Harddisk0\DR0:
19:15:20.0326 0x0628 MBR partitions:
19:15:20.0326 0x0628 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:15:20.0326 0x0628 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BE104B0
19:15:20.0326 0x0628 \Device\Harddisk1\DR1:
19:15:20.0326 0x0628 MBR partitions:
19:15:20.0326 0x0628 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
19:15:20.0326 0x0628 ============================================================
19:15:20.0327 0x0628 C: <-> \Device\Harddisk0\DR0\Partition2
19:15:20.0350 0x0628 D: <-> \Device\Harddisk1\DR1\Partition1
19:15:20.0351 0x0628 ============================================================
19:15:20.0351 0x0628 Initialize success
19:15:20.0351 0x0628 ============================================================
19:15:23.0605 0x1c68 ============================================================
19:15:23.0605 0x1c68 Scan started
19:15:23.0605 0x1c68 Mode: Manual;
19:15:23.0605 0x1c68 ============================================================
19:15:23.0605 0x1c68 KSN ping started
19:15:25.0947 0x1c68 KSN ping finished: true
19:15:26.0647 0x1c68 ================ Scan system memory ========================
19:15:26.0647 0x1c68 System memory - ok
19:15:26.0647 0x1c68 ================ Scan services =============================
19:15:26.0680 0x1c68 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:15:26.0683 0x1c68 1394ohci - ok
19:15:26.0690 0x1c68 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:15:26.0691 0x1c68 3ware - ok
19:15:26.0701 0x1c68 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:15:26.0707 0x1c68 ACPI - ok
19:15:26.0712 0x1c68 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:15:26.0714 0x1c68 acpiex - ok
19:15:26.0716 0x1c68 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:15:26.0717 0x1c68 acpipagr - ok
19:15:26.0719 0x1c68 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:15:26.0719 0x1c68 AcpiPmi - ok
19:15:26.0721 0x1c68 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:15:26.0722 0x1c68 acpitime - ok
19:15:26.0726 0x1c68 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:15:26.0727 0x1c68 AdobeARMservice - ok
19:15:26.0748 0x1c68 [ A9D55370A0CBADD1E1E2B4796ACD26DF, 9FD0C2B1206321B34D97FF3D01C5C811022DA76DA667DB6ECCF2746437A706A2 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:15:26.0751 0x1c68 AdobeFlashPlayerUpdateSvc - ok
19:15:26.0769 0x1c68 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:15:26.0782 0x1c68 ADP80XX - ok
19:15:26.0794 0x1c68 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:15:26.0800 0x1c68 AFD - ok
19:15:26.0804 0x1c68 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
19:15:26.0804 0x1c68 agp440 - ok
19:15:26.0810 0x1c68 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:15:26.0812 0x1c68 ahcache - ok
19:15:26.0814 0x1c68 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:15:26.0815 0x1c68 AJRouter - ok
19:15:26.0818 0x1c68 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
19:15:26.0820 0x1c68 ALG - ok
19:15:26.0823 0x1c68 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:15:26.0825 0x1c68 AmdK8 - ok
19:15:26.0828 0x1c68 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:15:26.0830 0x1c68 AmdPPM - ok
19:15:26.0833 0x1c68 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:15:26.0835 0x1c68 amdsata - ok
19:15:26.0840 0x1c68 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:15:26.0843 0x1c68 amdsbs - ok
19:15:26.0846 0x1c68 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:15:26.0847 0x1c68 amdxata - ok
19:15:26.0850 0x1c68 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:15:26.0852 0x1c68 AppID - ok
19:15:26.0855 0x1c68 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:15:26.0855 0x1c68 AppIDSvc - ok
19:15:26.0859 0x1c68 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:15:26.0860 0x1c68 Appinfo - ok
19:15:26.0869 0x1c68 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:15:26.0874 0x1c68 AppReadiness - ok
19:15:26.0906 0x1c68 [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:15:26.0928 0x1c68 AppXSvc - ok
19:15:26.0933 0x1c68 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:15:26.0935 0x1c68 arcsas - ok
19:15:26.0937 0x1c68 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:15:26.0938 0x1c68 AsyncMac - ok
19:15:26.0940 0x1c68 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:15:26.0941 0x1c68 atapi - ok
19:15:26.0948 0x1c68 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:15:26.0950 0x1c68 AudioEndpointBuilder - ok
19:15:26.0967 0x1c68 [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:15:26.0978 0x1c68 Audiosrv - ok
19:15:26.0983 0x1c68 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:15:26.0984 0x1c68 AxInstSV - ok
19:15:26.0994 0x1c68 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:15:27.0000 0x1c68 b06bdrv - ok
19:15:27.0003 0x1c68 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:15:27.0004 0x1c68 BasicDisplay - ok
19:15:27.0007 0x1c68 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:15:27.0008 0x1c68 BasicRender - ok
19:15:27.0012 0x1c68 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
19:15:27.0012 0x1c68 bcmfn - ok
19:15:27.0014 0x1c68 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:15:27.0014 0x1c68 bcmfn2 - ok
19:15:27.0021 0x1c68 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:15:27.0025 0x1c68 BDESVC - ok
19:15:27.0028 0x1c68 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:15:27.0029 0x1c68 Beep - ok
19:15:27.0042 0x1c68 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\WINDOWS\System32\bfe.dll
19:15:27.0050 0x1c68 BFE - ok
19:15:27.0069 0x1c68 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
19:15:27.0082 0x1c68 BITS - ok
19:15:27.0086 0x1c68 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:15:27.0088 0x1c68 bowser - ok
19:15:27.0097 0x1c68 [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:15:27.0104 0x1c68 BrokerInfrastructure - ok
19:15:27.0108 0x1c68 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\WINDOWS\System32\browser.dll
19:15:27.0110 0x1c68 Browser - ok
19:15:27.0113 0x1c68 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:15:27.0114 0x1c68 BthAvrcpTg - ok
19:15:27.0117 0x1c68 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:15:27.0118 0x1c68 BthHFEnum - ok
19:15:27.0120 0x1c68 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:15:27.0121 0x1c68 bthhfhid - ok
19:15:27.0127 0x1c68 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:15:27.0131 0x1c68 BthHFSrv - ok
19:15:27.0134 0x1c68 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:15:27.0135 0x1c68 BTHMODEM - ok
19:15:27.0139 0x1c68 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
19:15:27.0141 0x1c68 bthserv - ok
19:15:27.0144 0x1c68 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:15:27.0145 0x1c68 buttonconverter - ok
19:15:27.0149 0x1c68 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:15:27.0150 0x1c68 CapImg - ok
19:15:27.0152 0x1c68 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:15:27.0155 0x1c68 cdfs - ok
19:15:27.0161 0x1c68 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:15:27.0163 0x1c68 CDPSvc - ok
19:15:27.0168 0x1c68 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:15:27.0170 0x1c68 cdrom - ok
19:15:27.0176 0x1c68 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:15:27.0178 0x1c68 CertPropSvc - ok
19:15:27.0181 0x1c68 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:15:27.0182 0x1c68 circlass - ok
19:15:27.0189 0x1c68 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:15:27.0194 0x1c68 CLFS - ok
19:15:27.0204 0x1c68 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:15:27.0212 0x1c68 ClipSVC - ok
19:15:27.0217 0x1c68 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:15:27.0218 0x1c68 CmBatt - ok
19:15:27.0229 0x1c68 [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:15:27.0235 0x1c68 CNG - ok
19:15:27.0238 0x1c68 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:15:27.0239 0x1c68 cnghwassist - ok
19:15:27.0249 0x1c68 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
19:15:27.0250 0x1c68 CompositeBus - ok
19:15:27.0252 0x1c68 COMSysApp - ok
19:15:27.0254 0x1c68 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:15:27.0255 0x1c68 condrv - ok
19:15:27.0268 0x1c68 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:15:27.0276 0x1c68 CoreMessagingRegistrar - ok
19:15:27.0297 0x1c68 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:15:27.0341 0x1c68 cphs - ok
19:15:27.0345 0x1c68 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:15:27.0346 0x1c68 CryptSvc - ok
19:15:27.0349 0x1c68 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
19:15:27.0350 0x1c68 dam - ok
19:15:27.0366 0x1c68 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:15:27.0377 0x1c68 DcomLaunch - ok
19:15:27.0382 0x1c68 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:15:27.0385 0x1c68 DcpSvc - ok
19:15:27.0394 0x1c68 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:15:27.0400 0x1c68 defragsvc - ok
19:15:27.0408 0x1c68 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:15:27.0413 0x1c68 DeviceAssociationService - ok
19:15:27.0418 0x1c68 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:15:27.0420 0x1c68 DeviceInstall - ok
19:15:27.0422 0x1c68 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:15:27.0423 0x1c68 DevQueryBroker - ok
19:15:27.0427 0x1c68 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:15:27.0429 0x1c68 Dfsc - ok
19:15:27.0436 0x1c68 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:15:27.0440 0x1c68 Dhcp - ok
19:15:27.0444 0x1c68 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:15:27.0445 0x1c68 diagnosticshub.standardcollector.service - ok
19:15:27.0468 0x1c68 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:15:27.0485 0x1c68 DiagTrack - ok
19:15:27.0490 0x1c68 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
19:15:27.0491 0x1c68 disk - ok
19:15:27.0497 0x1c68 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:15:27.0501 0x1c68 DmEnrollmentSvc - ok
19:15:27.0504 0x1c68 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:15:27.0505 0x1c68 dmvsc - ok
19:15:27.0508 0x1c68 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:15:27.0509 0x1c68 dmwappushservice - ok
19:15:27.0515 0x1c68 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:15:27.0518 0x1c68 Dnscache - ok
19:15:27.0526 0x1c68 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:15:27.0529 0x1c68 dot3svc - ok
19:15:27.0533 0x1c68 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
19:15:27.0535 0x1c68 DPS - ok
19:15:27.0538 0x1c68 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:15:27.0538 0x1c68 drmkaud - ok
19:15:27.0543 0x1c68 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:15:27.0546 0x1c68 DsmSvc - ok
19:15:27.0550 0x1c68 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:15:27.0552 0x1c68 DsSvc - ok
19:15:27.0579 0x1c68 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:15:27.0600 0x1c68 DXGKrnl - ok
19:15:27.0605 0x1c68 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:15:27.0607 0x1c68 Eaphost - ok
19:15:27.0656 0x1c68 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:15:27.0692 0x1c68 ebdrv - ok
19:15:27.0699 0x1c68 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
19:15:27.0700 0x1c68 EFS - ok
19:15:27.0703 0x1c68 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:15:27.0704 0x1c68 EhStorClass - ok
19:15:27.0709 0x1c68 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:15:27.0710 0x1c68 EhStorTcgDrv - ok
19:15:27.0714 0x1c68 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:15:27.0716 0x1c68 embeddedmode - ok
19:15:27.0722 0x1c68 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:15:27.0725 0x1c68 EntAppSvc - ok
19:15:27.0728 0x1c68 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:15:27.0728 0x1c68 ErrDev - ok
19:15:27.0735 0x1c68 [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
19:15:27.0743 0x1c68 EsgScanner - ok
19:15:27.0753 0x1c68 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
19:15:27.0758 0x1c68 EventSystem - ok
19:15:27.0765 0x1c68 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:15:27.0768 0x1c68 exfat - ok
19:15:27.0774 0x1c68 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:15:27.0778 0x1c68 fastfat - ok
19:15:27.0789 0x1c68 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:15:27.0797 0x1c68 Fax - ok
19:15:27.0800 0x1c68 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:15:27.0800 0x1c68 fdc - ok
19:15:27.0803 0x1c68 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:15:27.0803 0x1c68 fdPHost - ok
19:15:27.0806 0x1c68 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:15:27.0807 0x1c68 FDResPub - ok
19:15:27.0811 0x1c68 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:15:27.0813 0x1c68 fhsvc - ok
19:15:27.0816 0x1c68 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:15:27.0817 0x1c68 FileCrypt - ok
19:15:27.0820 0x1c68 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:15:27.0821 0x1c68 FileInfo - ok
19:15:27.0824 0x1c68 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:15:27.0825 0x1c68 Filetrace - ok
19:15:27.0828 0x1c68 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:15:27.0828 0x1c68 flpydisk - ok
19:15:27.0836 0x1c68 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:15:27.0839 0x1c68 FltMgr - ok
19:15:27.0864 0x1c68 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
19:15:27.0882 0x1c68 FontCache - ok
19:15:27.0887 0x1c68 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:15:27.0888 0x1c68 FontCache3.0.0.0 - ok
19:15:27.0890 0x1c68 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:15:27.0892 0x1c68 FsDepends - ok
19:15:27.0894 0x1c68 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:15:27.0895 0x1c68 Fs_Rec - ok
19:15:27.0905 0x1c68 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:15:27.0912 0x1c68 fvevol - ok
19:15:27.0915 0x1c68 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
19:15:27.0916 0x1c68 gagp30kx - ok
19:15:27.0918 0x1c68 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:15:27.0919 0x1c68 gencounter - ok
19:15:27.0921 0x1c68 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:15:27.0922 0x1c68 genericusbfn - ok
19:15:27.0941 0x1c68 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:15:27.0953 0x1c68 GfExperienceService - ok
19:15:27.0959 0x1c68 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:15:27.0961 0x1c68 GPIOClx0101 - ok
19:15:27.0982 0x1c68 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:15:27.0996 0x1c68 gpsvc - ok
19:15:27.0999 0x1c68 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:15:28.0000 0x1c68 GpuEnergyDrv - ok
19:15:28.0003 0x1c68 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:15:28.0004 0x1c68 HDAudBus - ok
19:15:28.0007 0x1c68 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:15:28.0007 0x1c68 HidBatt - ok
19:15:28.0011 0x1c68 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:15:28.0013 0x1c68 HidBth - ok
19:15:28.0015 0x1c68 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:15:28.0016 0x1c68 hidi2c - ok
19:15:28.0019 0x1c68 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:15:28.0020 0x1c68 hidinterrupt - ok
19:15:28.0022 0x1c68 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:15:28.0023 0x1c68 HidIr - ok
19:15:28.0026 0x1c68 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:15:28.0027 0x1c68 hidserv - ok
19:15:28.0029 0x1c68 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:15:28.0030 0x1c68 HidUsb - ok
19:15:28.0036 0x1c68 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:15:28.0040 0x1c68 HomeGroupListener - ok
19:15:28.0049 0x1c68 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:15:28.0054 0x1c68 HomeGroupProvider - ok
19:15:28.0058 0x1c68 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:15:28.0059 0x1c68 HpSAMD - ok
19:15:28.0077 0x1c68 [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:15:28.0089 0x1c68 HTTP - ok
19:15:28.0092 0x1c68 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:15:28.0093 0x1c68 hwpolicy - ok
19:15:28.0095 0x1c68 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:15:28.0096 0x1c68 hyperkbd - ok
19:15:28.0100 0x1c68 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:15:28.0101 0x1c68 i8042prt - ok
19:15:28.0104 0x1c68 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:15:28.0105 0x1c68 iai2c - ok
19:15:28.0110 0x1c68 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:15:28.0112 0x1c68 iaLPSS2i_I2C - ok
19:15:28.0115 0x1c68 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:15:28.0115 0x1c68 iaLPSSi_GPIO - ok
19:15:28.0119 0x1c68 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:15:28.0120 0x1c68 iaLPSSi_I2C - ok
19:15:28.0131 0x1c68 [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:15:28.0138 0x1c68 iaStorA - ok
19:15:28.0150 0x1c68 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:15:28.0156 0x1c68 iaStorAV - ok
19:15:28.0164 0x1c68 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:15:28.0169 0x1c68 iaStorV - ok
19:15:28.0177 0x1c68 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:15:28.0182 0x1c68 ibbus - ok
19:15:28.0186 0x1c68 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:15:28.0189 0x1c68 icssvc - ok
19:15:28.0191 0x1c68 IEEtwCollectorService - ok
19:15:28.0299 0x1c68 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:15:28.0392 0x1c68 igfx - ok
19:15:28.0406 0x1c68 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:15:28.0411 0x1c68 igfxCUIService2.0.0.0 - ok
19:15:28.0428 0x1c68 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:15:28.0438 0x1c68 IKEEXT - ok
19:15:28.0504 0x1c68 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:15:28.0552 0x1c68 IntcAzAudAddService - ok
19:15:28.0566 0x1c68 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:15:28.0580 0x1c68 IntcDAud - ok
19:15:28.0582 0x1c68 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:15:28.0583 0x1c68 intelide - ok
19:15:28.0585 0x1c68 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:15:28.0586 0x1c68 intelpep - ok
19:15:28.0590 0x1c68 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:15:28.0592 0x1c68 intelppm - ok
19:15:28.0594 0x1c68 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
19:15:28.0595 0x1c68 IoQos - ok
19:15:28.0598 0x1c68 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:15:28.0599 0x1c68 IpFilterDriver - ok
19:15:28.0613 0x1c68 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:15:28.0623 0x1c68 iphlpsvc - ok
19:15:28.0627 0x1c68 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:15:28.0628 0x1c68 IPMIDRV - ok
19:15:28.0632 0x1c68 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:15:28.0634 0x1c68 IPNAT - ok
19:15:28.0637 0x1c68 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:15:28.0637 0x1c68 IRENUM - ok
19:15:28.0639 0x1c68 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:15:28.0640 0x1c68 isapnp - ok
19:15:28.0646 0x1c68 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:15:28.0649 0x1c68 iScsiPrt - ok
19:15:28.0652 0x1c68 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:15:28.0653 0x1c68 kbdclass - ok
19:15:28.0656 0x1c68 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:15:28.0657 0x1c68 kbdhid - ok
19:15:28.0659 0x1c68 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:15:28.0659 0x1c68 kdnic - ok
19:15:28.0662 0x1c68 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:15:28.0663 0x1c68 KeyIso - ok
19:15:28.0667 0x1c68 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:15:28.0668 0x1c68 KSecDD - ok
19:15:28.0672 0x1c68 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:15:28.0674 0x1c68 KSecPkg - ok
19:15:28.0677 0x1c68 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:15:28.0677 0x1c68 ksthunk - ok
19:15:28.0684 0x1c68 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:15:28.0689 0x1c68 KtmRm - ok
19:15:28.0695 0x1c68 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:15:28.0700 0x1c68 LanmanServer - ok
19:15:28.0705 0x1c68 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:15:28.0710 0x1c68 LanmanWorkstation - ok
19:15:28.0713 0x1c68 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:15:28.0714 0x1c68 lfsvc - ok
19:15:28.0716 0x1c68 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:15:28.0717 0x1c68 LicenseManager - ok
19:15:28.0720 0x1c68 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:15:28.0721 0x1c68 lltdio - ok
19:15:28.0727 0x1c68 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:15:28.0730 0x1c68 lltdsvc - ok
19:15:28.0733 0x1c68 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:15:28.0734 0x1c68 lmhosts - ok
19:15:28.0739 0x1c68 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:15:28.0740 0x1c68 LSI_SAS - ok
19:15:28.0743 0x1c68 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:15:28.0745 0x1c68 LSI_SAS2i - ok
19:15:28.0748 0x1c68 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:15:28.0749 0x1c68 LSI_SAS3i - ok
19:15:28.0752 0x1c68 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:15:28.0753 0x1c68 LSI_SSS - ok
19:15:28.0765 0x1c68 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
19:15:28.0773 0x1c68 LSM - ok
19:15:28.0778 0x1c68 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:15:28.0779 0x1c68 luafv - ok
19:15:28.0782 0x1c68 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:15:28.0784 0x1c68 MapsBroker - ok
19:15:28.0787 0x1c68 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:15:28.0788 0x1c68 megasas - ok
19:15:28.0797 0x1c68 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:15:28.0803 0x1c68 megasr - ok
19:15:28.0808 0x1c68 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
19:15:28.0818 0x1c68 MEIx64 - ok
19:15:28.0821 0x1c68 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:15:28.0823 0x1c68 MessagingService - ok
19:15:28.0836 0x1c68 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:15:28.0844 0x1c68 mlx4_bus - ok
19:15:28.0848 0x1c68 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:15:28.0849 0x1c68 MMCSS - ok
19:15:28.0851 0x1c68 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:15:28.0852 0x1c68 Modem - ok
19:15:28.0855 0x1c68 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:15:28.0856 0x1c68 monitor - ok
19:15:28.0859 0x1c68 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:15:28.0860 0x1c68 mouclass - ok
19:15:28.0862 0x1c68 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:15:28.0863 0x1c68 mouhid - ok
19:15:28.0866 0x1c68 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:15:28.0868 0x1c68 mountmgr - ok
19:15:28.0872 0x1c68 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:15:28.0874 0x1c68 MozillaMaintenance - ok
19:15:28.0877 0x1c68 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:15:28.0878 0x1c68 mpsdrv - ok
19:15:28.0892 0x1c68 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:15:28.0902 0x1c68 MpsSvc - ok
19:15:28.0907 0x1c68 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:15:28.0914 0x1c68 MRxDAV - ok
19:15:28.0922 0x1c68 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:15:28.0927 0x1c68 mrxsmb - ok
19:15:28.0933 0x1c68 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:15:28.0943 0x1c68 mrxsmb10 - ok
19:15:28.0948 0x1c68 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:15:28.0950 0x1c68 mrxsmb20 - ok
19:15:28.0955 0x1c68 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:15:28.0962 0x1c68 MsBridge - ok
19:15:28.0967 0x1c68 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:15:28.0969 0x1c68 MSDTC - ok
19:15:28.0973 0x1c68 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:15:28.0974 0x1c68 Msfs - ok
19:15:28.0977 0x1c68 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:15:28.0977 0x1c68 msgpiowin32 - ok
19:15:28.0979 0x1c68 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:15:28.0980 0x1c68 mshidkmdf - ok
19:15:28.0982 0x1c68 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:15:28.0982 0x1c68 mshidumdf - ok
19:15:28.0984 0x1c68 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:15:28.0985 0x1c68 msisadrv - ok
19:15:28.0989 0x1c68 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:15:28.0992 0x1c68 MSiSCSI - ok
19:15:28.0993 0x1c68 msiserver - ok
19:15:28.0995 0x1c68 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:15:28.0996 0x1c68 MSKSSRV - ok
19:15:28.0999 0x1c68 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:15:29.0000 0x1c68 MsLldp - ok
19:15:29.0002 0x1c68 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:15:29.0003 0x1c68 MSPCLOCK - ok
19:15:29.0005 0x1c68 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:15:29.0005 0x1c68 MSPQM - ok
19:15:29.0012 0x1c68 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:15:29.0017 0x1c68 MsRPC - ok
19:15:29.0020 0x1c68 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:15:29.0021 0x1c68 mssmbios - ok
19:15:29.0023 0x1c68 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:15:29.0024 0x1c68 MSTEE - ok
19:15:29.0027 0x1c68 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:15:29.0027 0x1c68 MTConfig - ok
19:15:29.0031 0x1c68 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:15:29.0033 0x1c68 Mup - ok
19:15:29.0036 0x1c68 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:15:29.0037 0x1c68 mvumis - ok
19:15:29.0047 0x1c68 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:15:29.0052 0x1c68 NativeWifiP - ok
19:15:29.0058 0x1c68 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:15:29.0060 0x1c68 NcaSvc - ok
19:15:29.0068 0x1c68 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:15:29.0072 0x1c68 NcbService - ok
19:15:29.0075 0x1c68 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:15:29.0077 0x1c68 NcdAutoSetup - ok
19:15:29.0080 0x1c68 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:15:29.0081 0x1c68 ndfltr - ok
19:15:29.0099 0x1c68 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:15:29.0112 0x1c68 NDIS - ok
19:15:29.0115 0x1c68 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:15:29.0116 0x1c68 NdisCap - ok
19:15:29.0120 0x1c68 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:15:29.0121 0x1c68 NdisImPlatform - ok
19:15:29.0124 0x1c68 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:15:29.0125 0x1c68 NdisTapi - ok
19:15:29.0127 0x1c68 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:15:29.0128 0x1c68 Ndisuio - ok
19:15:29.0130 0x1c68 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:15:29.0131 0x1c68 NdisVirtualBus - ok
19:15:29.0136 0x1c68 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:15:29.0138 0x1c68 NdisWan - ok
19:15:29.0143 0x1c68 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:15:29.0145 0x1c68 ndiswanlegacy - ok
19:15:29.0148 0x1c68 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:15:29.0149 0x1c68 ndproxy - ok
19:15:29.0152 0x1c68 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:15:29.0154 0x1c68 Ndu - ok
19:15:29.0156 0x1c68 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:15:29.0157 0x1c68 NetBIOS - ok
19:15:29.0164 0x1c68 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:15:29.0167 0x1c68 NetBT - ok
19:15:29.0170 0x1c68 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:15:29.0172 0x1c68 Netlogon - ok
19:15:29.0177 0x1c68 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
19:15:29.0181 0x1c68 Netman - ok
19:15:29.0190 0x1c68 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:15:29.0197 0x1c68 netprofm - ok
19:15:29.0202 0x1c68 [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:15:29.0206 0x1c68 NetSetupSvc - ok
19:15:29.0212 0x1c68 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:15:29.0214 0x1c68 NetTcpPortSharing - ok
19:15:29.0220 0x1c68 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:15:29.0224 0x1c68 NgcCtnrSvc - ok
19:15:29.0235 0x1c68 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:15:29.0244 0x1c68 NgcSvc - ok
19:15:29.0251 0x1c68 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:15:29.0255 0x1c68 NlaSvc - ok
19:15:29.0259 0x1c68 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:15:29.0260 0x1c68 Npfs - ok
19:15:29.0263 0x1c68 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:15:29.0264 0x1c68 npsvctrig - ok
19:15:29.0266 0x1c68 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
19:15:29.0268 0x1c68 nsi - ok
19:15:29.0270 0x1c68 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:15:29.0271 0x1c68 nsiproxy - ok
19:15:29.0303 0x1c68 [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:15:29.0329 0x1c68 NTFS - ok
19:15:29.0334 0x1c68 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:15:29.0334 0x1c68 Null - ok
19:15:29.0340 0x1c68 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
19:15:29.0342 0x1c68 NVHDA - ok
19:15:29.0514 0x1c68 [ 563000D29B9DABDD8CE308177D98EB5D, 9406763DAEE1893C6DF6C1659976A1673440B7BC3384B708AD06C3C42C733941 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:15:29.0644 0x1c68 nvlddmkm - ok
19:15:29.0682 0x1c68 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:15:29.0702 0x1c68 NvNetworkService - ok
19:15:29.0707 0x1c68 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:15:29.0709 0x1c68 nvraid - ok
19:15:29.0713 0x1c68 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:15:29.0715 0x1c68 nvstor - ok
19:15:29.0718 0x1c68 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:15:29.0719 0x1c68 NvStreamKms - ok
19:15:29.0806 0x1c68 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:15:29.0871 0x1fdc Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
19:15:29.0874 0x1c68 NvStreamNetworkSvc - ok
19:15:29.0947 0x1c68 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:15:29.0998 0x1c68 NvStreamSvc - ok
19:15:30.0013 0x1c68 [ D8A7CB3776A8EB344E534B59878A19B1, FF32A819D10E1A5C9A90D3EDC19F420D7705EE9F6E7ADBB16B9028234B0682DD ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
19:15:30.0018 0x1c68 NvStUSB - ok
19:15:30.0038 0x1c68 [ AC855DAF48D88318D0475F6A22834B6A, 3E69176A6363674F52598042D610915F50E721FF40C622205AB7BB50E419C7F3 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
19:15:30.0052 0x1c68 nvsvc - ok
19:15:30.0056 0x1c68 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:15:30.0057 0x1c68 nvvad_WaveExtensible - ok
19:15:30.0061 0x1c68 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
19:15:30.0062 0x1c68 nv_agp - ok
19:15:30.0069 0x1c68 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:15:30.0073 0x1c68 OneSyncSvc - ok
19:15:30.0106 0x1c68 [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:15:30.0129 0x1c68 Origin Client Service - ok
19:15:30.0138 0x1c68 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:15:30.0143 0x1c68 p2pimsvc - ok
19:15:30.0152 0x1c68 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:15:30.0157 0x1c68 p2psvc - ok
19:15:30.0161 0x1c68 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:15:30.0162 0x1c68 Parport - ok
19:15:30.0165 0x1c68 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:15:30.0167 0x1c68 partmgr - ok
19:15:30.0177 0x1c68 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:15:30.0183 0x1c68 PcaSvc - ok
19:15:30.0190 0x1c68 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
19:15:30.0194 0x1c68 pci - ok
19:15:30.0196 0x1c68 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:15:30.0197 0x1c68 pciide - ok
19:15:30.0200 0x1c68 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:15:30.0202 0x1c68 pcmcia - ok
19:15:30.0205 0x1c68 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:15:30.0206 0x1c68 pcw - ok
19:15:30.0210 0x1c68 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:15:30.0211 0x1c68 pdc - ok
19:15:30.0223 0x1c68 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:15:30.0232 0x1c68 PEAUTH - ok
19:15:30.0236 0x1c68 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:15:30.0237 0x1c68 percsas2i - ok
19:15:30.0240 0x1c68 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:15:30.0241 0x1c68 percsas3i - ok
19:15:30.0257 0x1c68 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:15:30.0258 0x1c68 PerfHost - ok
19:15:30.0273 0x1c68 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:15:30.0282 0x1c68 PhoneSvc - ok
19:15:30.0289 0x1c68 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:15:30.0292 0x1c68 PimIndexMaintenanceSvc - ok
19:15:30.0316 0x1c68 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
19:15:30.0333 0x1c68 pla - ok
19:15:30.0338 0x1c68 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:15:30.0340 0x1c68 PlugPlay - ok
19:15:30.0343 0x1c68 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:15:30.0344 0x1c68 PNRPAutoReg - ok
19:15:30.0351 0x1c68 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:15:30.0355 0x1c68 PNRPsvc - ok
19:15:30.0363 0x1c68 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:15:30.0369 0x1c68 PolicyAgent - ok
19:15:30.0373 0x1c68 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
19:15:30.0375 0x1c68 Power - ok
19:15:30.0378 0x1c68 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:15:30.0380 0x1c68 PptpMiniport - ok
19:15:30.0428 0x1c68 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:15:30.0476 0x1c68 PrintNotify - ok
19:15:30.0484 0x1c68 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:15:30.0486 0x1c68 Processor - ok
19:15:30.0492 0x1c68 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:15:30.0496 0x1c68 ProfSvc - ok
19:15:30.0500 0x1c68 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:15:30.0502 0x1c68 Psched - ok
19:15:30.0508 0x1c68 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:15:30.0513 0x1c68 QWAVE - ok
19:15:30.0515 0x1c68 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:15:30.0516 0x1c68 QWAVEdrv - ok
19:15:30.0518 0x1c68 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:15:30.0519 0x1c68 RasAcd - ok
19:15:30.0522 0x1c68 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:15:30.0524 0x1c68 RasAgileVpn - ok
19:15:30.0527 0x1c68 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:15:30.0529 0x1c68 RasAuto - ok
19:15:30.0533 0x1c68 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:15:30.0539 0x1c68 Rasl2tp - ok
19:15:30.0551 0x1c68 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:15:30.0559 0x1c68 RasMan - ok
19:15:30.0563 0x1c68 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:15:30.0564 0x1c68 RasPppoe - ok
19:15:30.0566 0x1c68 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:15:30.0568 0x1c68 RasSstp - ok
19:15:30.0576 0x1c68 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:15:30.0580 0x1c68 rdbss - ok
19:15:30.0584 0x1c68 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:15:30.0585 0x1c68 rdpbus - ok
19:15:30.0589 0x1c68 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:15:30.0591 0x1c68 RDPDR - ok
19:15:30.0595 0x1c68 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:15:30.0596 0x1c68 RdpVideoMiniport - ok
19:15:30.0601 0x1c68 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:15:30.0603 0x1c68 rdyboost - ok
19:15:30.0618 0x1c68 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:15:30.0631 0x1c68 ReFSv1 - ok
19:15:30.0640 0x1c68 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:15:30.0647 0x1c68 RemoteAccess - ok
19:15:30.0651 0x1c68 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:15:30.0654 0x1c68 RemoteRegistry - ok
19:15:30.0670 0x1c68 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:15:30.0683 0x1c68 RetailDemo - ok
19:15:30.0687 0x1c68 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:15:30.0689 0x1c68 RpcEptMapper - ok
19:15:30.0692 0x1c68 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:15:30.0692 0x1c68 RpcLocator - ok
19:15:30.0706 0x1c68 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:15:30.0717 0x1c68 RpcSs - ok
19:15:30.0721 0x1c68 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:15:30.0722 0x1c68 rspndr - ok
19:15:30.0732 0x1c68 [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
19:15:30.0739 0x1c68 rt640x64 - ok
19:15:30.0750 0x1c68 [ A88951B1FD37079237E1A2D323EBE0E4, C79510205E7032BC3E8E2BE477C646D93846BC42397A4D808185F3B5F18FDB28 ] rtl819xp C:\WINDOWS\System32\drivers\rtl819xp.sys
19:15:30.0757 0x1c68 rtl819xp - ok
19:15:30.0760 0x1c68 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:15:30.0761 0x1c68 s3cap - ok
19:15:30.0763 0x1c68 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
19:15:30.0764 0x1c68 SamSs - ok
19:15:30.0769 0x1c68 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:15:30.0770 0x1c68 sbp2port - ok
19:15:30.0775 0x1c68 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:15:30.0780 0x1c68 SCardSvr - ok
19:15:30.0784 0x1c68 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:15:30.0786 0x1c68 ScDeviceEnum - ok
19:15:30.0789 0x1c68 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:15:30.0790 0x1c68 scfilter - ok
19:15:30.0805 0x1c68 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:15:30.0817 0x1c68 Schedule - ok
19:15:30.0824 0x1c68 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:15:30.0826 0x1c68 SCPolicySvc - ok
19:15:30.0831 0x1c68 [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:15:30.0834 0x1c68 sdbus - ok
19:15:30.0839 0x1c68 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:15:30.0842 0x1c68 SDRSVC - ok
19:15:30.0845 0x1c68 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:15:30.0847 0x1c68 sdstor - ok
19:15:30.0850 0x1c68 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
19:15:30.0851 0x1c68 seclogon - ok
19:15:30.0854 0x1c68 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
19:15:30.0856 0x1c68 SENS - ok
19:15:30.0876 0x1c68 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:15:30.0891 0x1c68 SensorDataService - ok
19:15:30.0898 0x1c68 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\WINDOWS\system32\SensorService.dll
19:15:30.0903 0x1c68 SensorService - ok
19:15:30.0907 0x1c68 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:15:30.0911 0x1c68 SensrSvc - ok
19:15:30.0914 0x1c68 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:15:30.0915 0x1c68 SerCx - ok
19:15:30.0919 0x1c68 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:15:30.0921 0x1c68 SerCx2 - ok
19:15:30.0923 0x1c68 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:15:30.0924 0x1c68 Serenum - ok
19:15:30.0927 0x1c68 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:15:30.0929 0x1c68 Serial - ok
19:15:30.0931 0x1c68 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:15:30.0932 0x1c68 sermouse - ok
19:15:30.0941 0x1c68 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:15:30.0946 0x1c68 SessionEnv - ok
19:15:30.0949 0x1c68 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:15:30.0950 0x1c68 sfloppy - ok
19:15:30.0958 0x1c68 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:15:30.0963 0x1c68 SharedAccess - ok
19:15:30.0975 0x1c68 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:15:30.0982 0x1c68 ShellHWDetection - ok
19:15:30.0985 0x1c68 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:15:30.0986 0x1c68 SiSRaid2 - ok
19:15:30.0989 0x1c68 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:15:30.0990 0x1c68 SiSRaid4 - ok
19:15:30.0996 0x1c68 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:15:31.0000 0x1c68 SkypeUpdate - ok
19:15:31.0003 0x1c68 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
19:15:31.0004 0x1c68 smphost - ok
19:15:31.0014 0x1c68 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:15:31.0022 0x1c68 SmsRouter - ok
19:15:31.0027 0x1c68 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:15:31.0028 0x1c68 SNMPTRAP - ok
19:15:31.0038 0x1c68 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:15:31.0043 0x1c68 spaceport - ok
19:15:31.0047 0x1c68 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:15:31.0048 0x1c68 SpbCx - ok
19:15:31.0060 0x1c68 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:15:31.0069 0x1c68 Spooler - ok
19:15:31.0166 0x1c68 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:15:31.0185 0x1fe0 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
19:15:31.0237 0x1c68 sppsvc - ok
19:15:31.0250 0x1c68 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:15:31.0255 0x1c68 srv - ok
19:15:31.0266 0x1c68 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:15:31.0274 0x1c68 srv2 - ok
19:15:31.0279 0x1c68 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:15:31.0282 0x1c68 srvnet - ok
19:15:31.0288 0x1c68 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:15:31.0292 0x1c68 SSDPSRV - ok
19:15:31.0297 0x1c68 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:15:31.0300 0x1c68 SstpSvc - ok
19:15:31.0339 0x1c68 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:15:31.0369 0x1c68 StateRepository - ok
19:15:31.0379 0x0080 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
19:15:31.0385 0x1c68 [ C98EF483DA6BFADB3BE719F6689A3D22, FFAB917A2008638FE6C8B74AA4487D5C16A25E0E1D53AFD35CBBE5A27A4A2009 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:15:31.0569 0x1c68 Steam Client Service - ok
19:15:31.0580 0x1c68 [ 7D076C1B67B7134D1AB1007AF78AE486, DF315421D287957F7A7A69B649F993E7798A35E716610AA93AB23EE350DC0D90 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:15:31.0584 0x1c68 Stereo Service - ok
19:15:31.0587 0x1c68 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:15:31.0587 0x1c68 stexstor - ok
19:15:31.0598 0x1c68 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:15:31.0606 0x1c68 stisvc - ok
19:15:31.0610 0x1c68 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:15:31.0612 0x1c68 storahci - ok
19:15:31.0615 0x1c68 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:15:31.0616 0x1c68 storflt - ok
19:15:31.0619 0x1c68 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:15:31.0620 0x1c68 stornvme - ok
19:15:31.0623 0x1c68 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:15:31.0625 0x1c68 storqosflt - ok
19:15:31.0635 0x1c68 [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:15:31.0642 0x1c68 StorSvc - ok
19:15:31.0646 0x1c68 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:15:31.0647 0x1c68 storufs - ok
19:15:31.0649 0x1c68 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:15:31.0650 0x1c68 storvsc - ok
19:15:31.0652 0x1c68 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:15:31.0653 0x1c68 svsvc - ok
19:15:31.0656 0x1c68 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:15:31.0657 0x1c68 swenum - ok
19:15:31.0665 0x1c68 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
19:15:31.0671 0x1c68 swprv - ok
19:15:31.0675 0x1c68 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:15:31.0676 0x1c68 Synth3dVsc - ok
19:15:31.0693 0x1c68 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
19:15:31.0705 0x1c68 SysMain - ok
19:15:31.0713 0x1c68 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:15:31.0718 0x1c68 SystemEventsBroker - ok
19:15:31.0722 0x1c68 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:15:31.0725 0x1c68 TabletInputService - ok
19:15:31.0732 0x1c68 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:15:31.0736 0x1c68 TapiSrv - ok
19:15:31.0771 0x1c68 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:15:31.0796 0x1c68 Tcpip - ok
19:15:31.0832 0x1c68 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:15:31.0858 0x1c68 Tcpip6 - ok
19:15:31.0863 0x1c68 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:15:31.0864 0x1c68 tcpipreg - ok
19:15:31.0869 0x1c68 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:15:31.0870 0x1c68 tdx - ok
19:15:31.0873 0x1c68 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:15:31.0874 0x1c68 terminpt - ok
19:15:31.0890 0x1c68 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
19:15:31.0902 0x1c68 TermService - ok
19:15:31.0907 0x1c68 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
19:15:31.0909 0x1c68 Themes - ok
19:15:31.0915 0x1c68 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:15:31.0919 0x1c68 TieringEngineService - ok
19:15:31.0929 0x1c68 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:15:31.0935 0x1c68 tiledatamodelsvc - ok
19:15:31.0940 0x1c68 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
19:15:31.0943 0x1c68 TimeBroker - ok
19:15:31.0948 0x1c68 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:15:31.0950 0x1c68 TPM - ok
19:15:31.0954 0x1c68 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:15:31.0956 0x1c68 TrkWks - ok
19:15:31.0960 0x1c68 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:15:31.0961 0x1c68 TrustedInstaller - ok
19:15:31.0965 0x1c68 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:15:31.0966 0x1c68 tsusbflt - ok
19:15:31.0968 0x1c68 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:15:31.0969 0x1c68 TsUsbGD - ok
19:15:31.0974 0x1c68 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:15:31.0976 0x1c68 tunnel - ok
19:15:31.0981 0x1c68 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:15:31.0983 0x1c68 tzautoupdate - ok
19:15:31.0985 0x1c68 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
19:15:31.0986 0x1c68 uagp35 - ok
19:15:31.0989 0x1c68 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:15:31.0990 0x1c68 UASPStor - ok
19:15:31.0995 0x1c68 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:15:31.0996 0x1c68 UcmCx0101 - ok
19:15:31.0998 0x1c68 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:15:31.0999 0x1c68 UcmUcsi - ok
19:15:32.0004 0x1c68 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:15:32.0006 0x1c68 Ucx01000 - ok
19:15:32.0009 0x1c68 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:15:32.0010 0x1c68 UdeCx - ok
19:15:32.0017 0x1c68 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:15:32.0020 0x1c68 udfs - ok
19:15:32.0022 0x1c68 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:15:32.0023 0x1c68 UEFI - ok
19:15:32.0029 0x1c68 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:15:32.0032 0x1c68 Ufx01000 - ok
19:15:32.0035 0x1c68 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:15:32.0037 0x1c68 UfxChipidea - ok
19:15:32.0040 0x1c68 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:15:32.0042 0x1c68 ufxsynopsys - ok
19:15:32.0046 0x1c68 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:15:32.0048 0x1c68 UI0Detect - ok
19:15:32.0051 0x1c68 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
19:15:32.0052 0x1c68 uliagpkx - ok
19:15:32.0055 0x1c68 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:15:32.0056 0x1c68 umbus - ok
19:15:32.0058 0x1c68 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:15:32.0059 0x1c68 UmPass - ok
19:15:32.0065 0x1c68 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:15:32.0069 0x1c68 UmRdpService - ok
19:15:32.0087 0x1c68 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:15:32.0101 0x1c68 UnistoreSvc - ok
19:15:32.0113 0x1c68 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
19:15:32.0118 0x1c68 upnphost - ok
19:15:32.0121 0x1c68 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:15:32.0122 0x1c68 UrsChipidea - ok
19:15:32.0125 0x1c68 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:15:32.0126 0x1c68 UrsCx01000 - ok
19:15:32.0129 0x1c68 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:15:32.0130 0x1c68 UrsSynopsys - ok
19:15:32.0134 0x1c68 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:15:32.0137 0x1c68 usbccgp - ok
19:15:32.0141 0x1c68 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:15:32.0143 0x1c68 usbcir - ok
19:15:32.0147 0x1c68 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:15:32.0149 0x1c68 usbehci - ok
19:15:32.0159 0x1c68 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:15:32.0164 0x1c68 usbhub - ok
19:15:32.0174 0x1c68 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:15:32.0181 0x1c68 USBHUB3 - ok
19:15:32.0184 0x1c68 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:15:32.0185 0x1c68 usbohci - ok
19:15:32.0187 0x1c68 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:15:32.0188 0x1c68 usbprint - ok
19:15:32.0191 0x1c68 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:15:32.0198 0x1c68 usbser - ok
19:15:32.0202 0x1c68 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:15:32.0203 0x1c68 USBSTOR - ok
19:15:32.0206 0x1c68 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:15:32.0207 0x1c68 usbuhci - ok
19:15:32.0215 0x1c68 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:15:32.0219 0x1c68 USBXHCI - ok
19:15:32.0242 0x1c68 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:15:32.0259 0x1c68 UserDataSvc - ok
19:15:32.0276 0x1c68 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:15:32.0287 0x1c68 UserManager - ok
19:15:32.0295 0x1c68 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:15:32.0300 0x1c68 UsoSvc - ok
19:15:32.0303 0x1c68 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:15:32.0304 0x1c68 VaultSvc - ok
19:15:32.0306 0x1c68 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:15:32.0307 0x1c68 vdrvroot - ok
19:15:32.0319 0x1c68 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
19:15:32.0328 0x1c68 vds - ok
19:15:32.0333 0x1c68 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:15:32.0335 0x1c68 VerifierExt - ok
19:15:32.0347 0x1c68 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:15:32.0354 0x1fdc Object send P2P result: true
19:15:32.0356 0x1c68 vhdmp - ok
19:15:32.0359 0x1c68 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:15:32.0360 0x1c68 vhf - ok
19:15:32.0363 0x1c68 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:15:32.0364 0x1c68 vmbus - ok
19:15:32.0366 0x1c68 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:15:32.0368 0x1c68 VMBusHID - ok
19:15:32.0377 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:15:32.0384 0x1c68 vmicguestinterface - ok
19:15:32.0394 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
19:15:32.0399 0x1c68 vmicheartbeat - ok
19:15:32.0407 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:15:32.0413 0x1c68 vmickvpexchange - ok
19:15:32.0421 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
19:15:32.0427 0x1c68 vmicrdv - ok
19:15:32.0435 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
19:15:32.0441 0x1c68 vmicshutdown - ok
19:15:32.0450 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
19:15:32.0456 0x1c68 vmictimesync - ok
19:15:32.0464 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
19:15:32.0469 0x1c68 vmicvmsession - ok
19:15:32.0477 0x1c68 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
19:15:32.0483 0x1c68 vmicvss - ok
19:15:32.0486 0x1c68 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:15:32.0487 0x1c68 volmgr - ok
19:15:32.0494 0x1c68 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:15:32.0498 0x1c68 volmgrx - ok
19:15:32.0506 0x1c68 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:15:32.0511 0x1c68 volsnap - ok
19:15:32.0514 0x1c68 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:15:32.0515 0x1c68 vpci - ok
19:15:32.0519 0x1c68 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:15:32.0521 0x1c68 vsmraid - ok
19:15:32.0543 0x1c68 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
19:15:32.0559 0x1c68 VSS - ok
19:15:32.0566 0x1c68 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:15:32.0570 0x1c68 VSTXRAID - ok
19:15:32.0572 0x1c68 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:15:32.0573 0x1c68 vwifibus - ok
19:15:32.0576 0x1c68 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:15:32.0577 0x1c68 vwififlt - ok
19:15:32.0587 0x1c68 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
19:15:32.0594 0x1c68 W32Time - ok
19:15:32.0597 0x1c68 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:15:32.0598 0x1c68 WacomPen - ok
19:15:32.0606 0x1c68 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
19:15:32.0613 0x1c68 WalletService - ok
19:15:32.0616 0x1c68 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:15:32.0617 0x1c68 wanarp - ok
19:15:32.0619 0x1c68 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:15:32.0621 0x1c68 wanarpv6 - ok
19:15:32.0644 0x1c68 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
19:15:32.0662 0x1c68 wbengine - ok
19:15:32.0674 0x1c68 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:15:32.0682 0x1c68 WbioSrvc - ok
19:15:32.0692 0x1c68 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:15:32.0700 0x1c68 Wcmsvc - ok
19:15:32.0709 0x1c68 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:15:32.0715 0x1c68 wcncsvc - ok
19:15:32.0718 0x1c68 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:15:32.0720 0x1c68 WcsPlugInService - ok
19:15:32.0723 0x1c68 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:15:32.0723 0x1c68 WdBoot - ok
19:15:32.0736 0x1c68 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:15:32.0745 0x1c68 Wdf01000 - ok
19:15:32.0750 0x1c68 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:15:32.0754 0x1c68 WdFilter - ok
19:15:32.0758 0x1c68 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:15:32.0761 0x1c68 WdiServiceHost - ok
19:15:32.0762 0x1c68 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:15:32.0765 0x1c68 WdiSystemHost - ok
19:15:32.0777 0x1c68 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:15:32.0784 0x1c68 wdiwifi - ok
19:15:32.0788 0x1c68 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:15:32.0790 0x1c68 WdNisDrv - ok
19:15:32.0793 0x1c68 WdNisSvc - ok
19:15:32.0798 0x1c68 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:15:32.0801 0x1c68 WebClient - ok
19:15:32.0807 0x1c68 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:15:32.0810 0x1c68 Wecsvc - ok
19:15:32.0813 0x1c68 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:15:32.0814 0x1c68 WEPHOSTSVC - ok
19:15:32.0818 0x1c68 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:15:32.0821 0x1c68 wercplsupport - ok
19:15:32.0825 0x1c68 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:15:32.0828 0x1c68 WerSvc - ok
19:15:32.0831 0x1c68 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:15:32.0833 0x1c68 WFPLWFS - ok
19:15:32.0836 0x1c68 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:15:32.0839 0x1c68 WiaRpc - ok
19:15:32.0843 0x1c68 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:15:32.0844 0x1c68 WIMMount - ok
19:15:32.0845 0x1c68 WinDefend - ok
19:15:32.0851 0x1c68 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:15:32.0852 0x1c68 WindowsTrustedRT - ok
19:15:32.0854 0x1c68 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:15:32.0854 0x1c68 WindowsTrustedRTProxy - ok
19:15:32.0870 0x1c68 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:15:32.0880 0x1c68 WinHttpAutoProxySvc - ok
19:15:32.0883 0x1c68 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:15:32.0884 0x1c68 WinMad - ok
19:15:32.0891 0x1c68 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:15:32.0894 0x1c68 Winmgmt - ok
19:15:32.0932 0x1c68 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:15:32.0962 0x1c68 WinRM - ok
19:15:32.0970 0x1c68 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:15:32.0972 0x1c68 WINUSB - ok
19:15:32.0975 0x1c68 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:15:32.0976 0x1c68 WinVerbs - ok
19:15:33.0009 0x1c68 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:15:33.0034 0x1c68 WlanSvc - ok
19:15:33.0065 0x1c68 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:15:33.0089 0x1c68 wlidsvc - ok
19:15:33.0093 0x1c68 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:15:33.0093 0x1c68 WmiAcpi - ok
19:15:33.0100 0x1c68 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:15:33.0102 0x1c68 wmiApSrv - ok
19:15:33.0104 0x1c68 WMPNetworkSvc - ok
19:15:33.0109 0x1c68 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:15:33.0111 0x1c68 Wof - ok
19:15:33.0140 0x1c68 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:15:33.0161 0x1c68 workfolderssvc - ok
19:15:33.0165 0x1c68 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:15:33.0166 0x1c68 wpcfltr - ok
19:15:33.0169 0x1c68 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:15:33.0172 0x1c68 WPDBusEnum - ok
19:15:33.0174 0x1c68 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:15:33.0175 0x1c68 WpdUpFltr - ok
19:15:33.0178 0x1c68 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:15:33.0180 0x1c68 WpnService - ok
19:15:33.0183 0x1c68 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:15:33.0183 0x1c68 ws2ifsl - ok
19:15:33.0188 0x1c68 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:15:33.0191 0x1c68 wscsvc - ok
19:15:33.0193 0x1c68 WSearch - ok
19:15:33.0243 0x1c68 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll
19:15:33.0280 0x1c68 WSService - ok
19:15:33.0317 0x1c68 [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:15:33.0342 0x1c68 wuauserv - ok
19:15:33.0349 0x1c68 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:15:33.0350 0x1c68 WudfPf - ok
19:15:33.0356 0x1c68 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
19:15:33.0358 0x1c68 WUDFRd - ok
19:15:33.0363 0x1c68 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:15:33.0365 0x1c68 wudfsvc - ok
19:15:33.0370 0x1c68 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:15:33.0372 0x1c68 WUDFWpdFs - ok
19:15:33.0377 0x1c68 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:15:33.0379 0x1c68 WUDFWpdMtp - ok
19:15:33.0399 0x1c68 [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:15:33.0412 0x1c68 WwanSvc - ok
19:15:33.0429 0x1c68 [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:15:33.0440 0x1c68 XblAuthManager - ok
19:15:33.0458 0x1c68 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:15:33.0471 0x1c68 XblGameSave - ok
19:15:33.0478 0x1c68 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:15:33.0487 0x1c68 xboxgip - ok
19:15:33.0504 0x1c68 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:15:33.0516 0x1c68 XboxNetApiSvc - ok
19:15:33.0520 0x1c68 [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:15:33.0526 0x1c68 xinputhid - ok
19:15:33.0530 0x1c68 [ 47E1337B1538390895E035DFF91E0FD1, FC47D47607B8027067C14EBF106B40569C09375F9482570053BD189D56E9BD2E ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
19:15:33.0532 0x1c68 xusb22 - ok
19:15:33.0532 0x1c68 ================ Scan global ===============================
19:15:33.0535 0x1c68 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
19:15:33.0541 0x1c68 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
19:15:33.0547 0x1c68 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
19:15:33.0556 0x1c68 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
19:15:33.0561 0x1c68 [ Global ] - ok
19:15:33.0561 0x1c68 ================ Scan MBR ==================================
19:15:33.0562 0x1c68 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:15:33.0620 0x1c68 \Device\Harddisk0\DR0 - ok
19:15:33.0631 0x1c68 [ 489C86DEFBF26ED7E9E984BCAAB1D64C ] \Device\Harddisk1\DR1
19:15:33.0635 0x1fe0 Object send P2P result: true
19:15:33.0635 0x1fe0 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
19:15:33.0718 0x1c68 \Device\Harddisk1\DR1 - ok
19:15:33.0719 0x1c68 ================ Scan VBR ==================================
19:15:33.0723 0x1c68 [ 431984ACBBCDD83E50310283A3F4CD46 ] \Device\Harddisk0\DR0\Partition1
19:15:33.0727 0x1c68 \Device\Harddisk0\DR0\Partition1 - ok
19:15:33.0732 0x1c68 [ 4B7DE17CBF5A2058F9A08C442EC855DD ] \Device\Harddisk0\DR0\Partition2
19:15:33.0735 0x1c68 \Device\Harddisk0\DR0\Partition2 - ok
19:15:33.0738 0x1c68 [ A4B2C36043A37429D01D65A891CC436A ] \Device\Harddisk1\DR1
|
|
30.03.2016, 18:29
| #5 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der TaskleisteCode:
ATTFilter \Partition1
19:15:33.0755 0x1c68 \Device\Harddisk1\DR1\Partition1 - ok
19:15:33.0756 0x1c68 ================ Scan generic autorun ======================
19:15:33.0817 0x0080 Object send P2P result: true
19:15:33.0911 0x1c68 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:15:34.0013 0x1c68 RTHDVCPL - ok
19:15:34.0057 0x1c68 [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:15:34.0091 0x1c68 NvBackend - ok
19:15:34.0105 0x1c68 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
19:15:34.0116 0x1c68 XboxStat - ok
19:15:34.0119 0x1c68 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
19:15:34.0120 0x1c68 ShadowPlay - ok
19:15:34.0123 0x1c68 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
19:15:34.0125 0x1c68 Logitech Download Assistant - ok
19:15:34.0134 0x1c68 [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:15:34.0141 0x1c68 SunJavaUpdateSched - ok
19:15:34.0263 0x1c68 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:15:34.0356 0x1c68 OneDriveSetup - ok
19:15:34.0468 0x1c68 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:15:34.0546 0x1c68 OneDriveSetup - ok
19:15:34.0562 0x1c68 [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Schlotterbeck\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:15:34.0569 0x1c68 OneDrive - ok
19:15:34.0619 0x1c68 [ FE4071F6BCDA00B06F80E83AB3969586, 30BF77BDDDA466DC280A96B49746325B00FE2726BE5E744960F2BB38F124D6E5 ] C:\Program Files (x86)\Origin\Origin.exe
19:15:34.0656 0x1c68 EADM - ok
19:15:34.0661 0x1c68 Skype - ok
19:15:34.0780 0x1c68 [ 52F5D651B8E39F258C1C34272FEB1AB2, C13AD8762A4474D8246DE7BC023244BD74456D45348F74F77373CC61C238A0F3 ] C:\Program Files\CCleaner\CCleaner64.exe
19:15:34.0883 0x1c68 CCleaner Monitoring - ok
19:15:35.0027 0x1c68 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:15:35.0106 0x1c68 OneDriveSetup - ok
19:15:35.0121 0x1c68 [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:15:35.0128 0x1c68 WAB Migrate - ok
19:15:35.0129 0x1c68 Waiting for KSN requests completion. In queue: 298
19:15:36.0083 0x1fe0 Object send P2P result: true
19:15:36.0130 0x1c68 Waiting for KSN requests completion. In queue: 274
19:15:37.0130 0x1c68 Waiting for KSN requests completion. In queue: 274
19:15:37.0527 0x0c50 Object required for P2P: [ AC855DAF48D88318D0475F6A22834B6A ] nvsvc
19:15:38.0130 0x1c68 Waiting for KSN requests completion. In queue: 260
19:15:39.0131 0x1c68 Waiting for KSN requests completion. In queue: 260
19:15:39.0986 0x0c50 Object send P2P result: true
19:15:39.0988 0x0c50 Object required for P2P: [ EABD6FC38504B46913E2B1B739DAD185 ] Origin Client Service
19:15:40.0131 0x1c68 Waiting for KSN requests completion. In queue: 256
19:15:41.0131 0x1c68 Waiting for KSN requests completion. In queue: 256
19:15:42.0131 0x1c68 Waiting for KSN requests completion. In queue: 256
19:15:42.0462 0x0c50 Object send P2P result: true
19:15:42.0471 0x0c50 Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
19:15:43.0132 0x1c68 Waiting for KSN requests completion. In queue: 212
19:15:44.0132 0x1c68 Waiting for KSN requests completion. In queue: 212
19:15:44.0921 0x0c50 Object send P2P result: true
19:15:44.0927 0x0c50 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
19:15:45.0132 0x1c68 Waiting for KSN requests completion. In queue: 181
19:15:46.0133 0x1c68 Waiting for KSN requests completion. In queue: 181
19:15:47.0134 0x1c68 Waiting for KSN requests completion. In queue: 181
19:15:47.0378 0x0c50 Object send P2P result: true
19:15:47.0379 0x0c50 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
19:15:48.0134 0x1c68 Waiting for KSN requests completion. In queue: 174
19:15:49.0134 0x1c68 Waiting for KSN requests completion. In queue: 174
19:15:49.0868 0x0c50 Object send P2P result: true
19:15:49.0875 0x0c50 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
19:15:50.0134 0x1c68 Waiting for KSN requests completion. In queue: 152
19:15:51.0135 0x1c68 Waiting for KSN requests completion. In queue: 152
19:15:52.0135 0x1c68 Waiting for KSN requests completion. In queue: 152
19:15:52.0351 0x0c50 Object send P2P result: true
19:15:52.0365 0x0c50 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
19:15:53.0136 0x1c68 Waiting for KSN requests completion. In queue: 76
19:15:54.0136 0x1c68 Waiting for KSN requests completion. In queue: 76
19:15:54.0832 0x0c50 Object send P2P result: true
19:15:54.0849 0x0c50 Object required for P2P: [ FE4071F6BCDA00B06F80E83AB3969586 ] C:\Program Files (x86)\Origin\Origin.exe
19:15:55.0136 0x1c68 Waiting for KSN requests completion. In queue: 3
19:15:56.0137 0x1c68 Waiting for KSN requests completion. In queue: 3
19:15:57.0137 0x1c68 Waiting for KSN requests completion. In queue: 3
19:15:57.0310 0x0c50 Object send P2P result: true
19:15:58.0164 0x1c68 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
19:15:58.0172 0x1c68 Win FW state via NFP2: enabled ( trusted )
19:16:00.0566 0x1c68 ============================================================
19:16:00.0566 0x1c68 Scan finished
19:16:00.0566 0x1c68 ============================================================
19:16:00.0586 0x1f04 Detected object count: 0
19:16:00.0586 0x1f04 Actual detected object count: 0
19:16:58.0653 0x1da0 ============================================================
19:16:58.0653 0x1da0 Scan started
19:16:58.0653 0x1da0 Mode: Manual; SigCheck; TDLFS;
19:16:58.0653 0x1da0 ============================================================
19:16:58.0653 0x1da0 KSN ping started
19:17:00.0971 0x1da0 KSN ping finished: true
19:17:01.0191 0x1da0 ================ Scan system memory ========================
19:17:01.0191 0x1da0 System memory - ok
19:17:01.0191 0x1da0 ================ Scan services =============================
19:17:01.0237 0x1da0 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:17:01.0278 0x1da0 1394ohci - ok
19:17:01.0282 0x1da0 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:17:01.0290 0x1da0 3ware - ok
19:17:01.0299 0x1da0 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:17:01.0314 0x1da0 ACPI - ok
19:17:01.0318 0x1da0 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:17:01.0327 0x1da0 acpiex - ok
19:17:01.0330 0x1da0 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:17:01.0338 0x1da0 acpipagr - ok
19:17:01.0340 0x1da0 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:17:01.0348 0x1da0 AcpiPmi - ok
19:17:01.0351 0x1da0 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:17:01.0358 0x1da0 acpitime - ok
19:17:01.0361 0x1da0 [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:17:01.0367 0x1da0 AdobeARMservice - ok
19:17:01.0388 0x1da0 [ A9D55370A0CBADD1E1E2B4796ACD26DF, 9FD0C2B1206321B34D97FF3D01C5C811022DA76DA667DB6ECCF2746437A706A2 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:17:01.0395 0x1da0 AdobeFlashPlayerUpdateSvc - ok
19:17:01.0415 0x1da0 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:17:01.0438 0x1da0 ADP80XX - ok
19:17:01.0451 0x1da0 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:17:01.0466 0x1da0 AFD - ok
19:17:01.0469 0x1da0 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
19:17:01.0476 0x1da0 agp440 - ok
19:17:01.0481 0x1da0 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:17:01.0493 0x1da0 ahcache - ok
19:17:01.0496 0x1da0 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:17:01.0503 0x1da0 AJRouter - ok
19:17:01.0506 0x1da0 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
19:17:01.0516 0x1da0 ALG - ok
19:17:01.0519 0x1da0 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:17:01.0528 0x1da0 AmdK8 - ok
19:17:01.0532 0x1da0 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:17:01.0540 0x1da0 AmdPPM - ok
19:17:01.0544 0x1da0 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:17:01.0551 0x1da0 amdsata - ok
19:17:01.0557 0x1da0 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:17:01.0566 0x1da0 amdsbs - ok
19:17:01.0570 0x1da0 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:17:01.0576 0x1da0 amdxata - ok
19:17:01.0580 0x1da0 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:17:01.0588 0x1da0 AppID - ok
19:17:01.0591 0x1da0 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:17:01.0602 0x1da0 AppIDSvc - ok
19:17:01.0605 0x1da0 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:17:01.0616 0x1da0 Appinfo - ok
19:17:01.0625 0x1da0 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:17:01.0643 0x1da0 AppReadiness - ok
19:17:01.0673 0x1da0 [ 3DF25A56F18D2AB4CF58C1300C8CD323, 34A20004A93BC0F22BF99E56E6657CF0A68B64B375A66408FB1E26ADA7A72FC4 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:17:01.0725 0x1da0 AppXSvc - ok
19:17:01.0733 0x1da0 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:17:01.0740 0x1da0 arcsas - ok
19:17:01.0743 0x1da0 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:17:01.0753 0x1da0 AsyncMac - ok
19:17:01.0755 0x1da0 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:17:01.0761 0x1da0 atapi - ok
19:17:01.0767 0x1da0 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:17:01.0781 0x1da0 AudioEndpointBuilder - ok
19:17:01.0798 0x1da0 [ 9610CE53A9ED0789C8B669A5F86008F7, 9EE4B3F8528B20682595DDBDB0FF9F98FD8B957EE4C335FDD4382AE30D3C2EA0 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:17:01.0826 0x1da0 Audiosrv - ok
19:17:01.0830 0x1da0 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:17:01.0841 0x1da0 AxInstSV - ok
19:17:01.0851 0x1da0 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:17:01.0865 0x1da0 b06bdrv - ok
19:17:01.0868 0x1da0 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:17:01.0876 0x1da0 BasicDisplay - ok
19:17:01.0879 0x1da0 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:17:01.0886 0x1da0 BasicRender - ok
19:17:01.0889 0x1da0 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
19:17:01.0897 0x1da0 bcmfn - ok
19:17:01.0899 0x1da0 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:17:01.0906 0x1da0 bcmfn2 - ok
19:17:01.0913 0x1da0 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:17:01.0928 0x1da0 BDESVC - ok
19:17:01.0931 0x1da0 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:17:01.0938 0x1da0 Beep - ok
19:17:01.0951 0x1da0 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\WINDOWS\System32\bfe.dll
19:17:01.0973 0x1da0 BFE - ok
19:17:01.0991 0x1da0 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
19:17:02.0021 0x1da0 BITS - ok
19:17:02.0026 0x1da0 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:17:02.0034 0x1da0 bowser - ok
19:17:02.0044 0x1da0 [ 9972A886D911234F833A265D5D641D30, E64199AB64CC60C75371D8421031DC02818C852427C4F66AD3DF7DCDF33952B1 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:17:02.0064 0x1da0 BrokerInfrastructure - ok
19:17:02.0069 0x1da0 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\WINDOWS\System32\browser.dll
19:17:02.0078 0x1da0 Browser - ok
19:17:02.0081 0x1da0 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:17:02.0088 0x1da0 BthAvrcpTg - ok
19:17:02.0091 0x1da0 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:17:02.0099 0x1da0 BthHFEnum - ok
19:17:02.0102 0x1da0 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:17:02.0109 0x1da0 bthhfhid - ok
19:17:02.0116 0x1da0 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:17:02.0129 0x1da0 BthHFSrv - ok
19:17:02.0132 0x1da0 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:17:02.0140 0x1da0 BTHMODEM - ok
19:17:02.0145 0x1da0 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
19:17:02.0153 0x1da0 bthserv - ok
19:17:02.0156 0x1da0 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:17:02.0163 0x1da0 buttonconverter - ok
19:17:02.0167 0x1da0 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:17:02.0176 0x1da0 CapImg - ok
19:17:02.0179 0x1da0 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:17:02.0188 0x1da0 cdfs - ok
19:17:02.0194 0x1da0 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:17:02.0208 0x1da0 CDPSvc - ok
19:17:02.0213 0x1da0 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:17:02.0222 0x1da0 cdrom - ok
19:17:02.0227 0x1da0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:17:02.0240 0x1da0 CertPropSvc - ok
19:17:02.0243 0x1da0 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:17:02.0251 0x1da0 circlass - ok
19:17:02.0259 0x1da0 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:17:02.0270 0x1da0 CLFS - ok
19:17:02.0280 0x1da0 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:17:02.0296 0x1da0 ClipSVC - ok
19:17:02.0302 0x1da0 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:17:02.0309 0x1da0 CmBatt - ok
19:17:02.0320 0x1da0 [ A1105260EEEE3DBD8D38FD054B22BD00, CA943B0B03527B07690CAFFD53F8ABF14FB3974DAAA1036E54815BD0DAF803D8 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:17:02.0336 0x1da0 CNG - ok
19:17:02.0339 0x1da0 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:17:02.0345 0x1da0 cnghwassist - ok
19:17:02.0355 0x1da0 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
19:17:02.0362 0x1da0 CompositeBus - ok
19:17:02.0365 0x1da0 COMSysApp - ok
19:17:02.0367 0x1da0 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:17:02.0373 0x1da0 condrv - ok
19:17:02.0386 0x1da0 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:17:02.0404 0x1da0 CoreMessagingRegistrar - ok
19:17:02.0425 0x1da0 [ 137BC921135ECDA3E9917B56E3550D32, 6585F4FFEAB32583B867A14F7B7C09C563B1EA715AD9C3B850A7965C54A819A0 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:17:02.0438 0x1da0 cphs - ok
19:17:02.0442 0x1da0 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:17:02.0451 0x1da0 CryptSvc - ok
19:17:02.0454 0x1da0 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
19:17:02.0460 0x1da0 dam - ok
19:17:02.0460 0x1da0 Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
19:17:04.0912 0x1da0 Object send P2P result: true
19:17:04.0964 0x1da0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:17:04.0999 0x1da0 DcomLaunch - ok
19:17:05.0005 0x1da0 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:17:05.0019 0x1da0 DcpSvc - ok
19:17:05.0029 0x1da0 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:17:05.0049 0x1da0 defragsvc - ok
19:17:05.0057 0x1da0 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:17:05.0072 0x1da0 DeviceAssociationService - ok
19:17:05.0077 0x1da0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:17:05.0089 0x1da0 DeviceInstall - ok
19:17:05.0092 0x1da0 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:17:05.0099 0x1da0 DevQueryBroker - ok
19:17:05.0103 0x1da0 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:17:05.0112 0x1da0 Dfsc - ok
19:17:05.0119 0x1da0 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:17:05.0133 0x1da0 Dhcp - ok
19:17:05.0136 0x1da0 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:17:05.0143 0x1da0 diagnosticshub.standardcollector.service - ok
19:17:05.0167 0x1da0 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:17:05.0197 0x1da0 DiagTrack - ok
19:17:05.0202 0x1da0 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
19:17:05.0209 0x1da0 disk - ok
19:17:05.0216 0x1da0 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:17:05.0231 0x1da0 DmEnrollmentSvc - ok
19:17:05.0234 0x1da0 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:17:05.0241 0x1da0 dmvsc - ok
19:17:05.0244 0x1da0 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:17:05.0253 0x1da0 dmwappushservice - ok
19:17:05.0259 0x1da0 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:17:05.0271 0x1da0 Dnscache - ok
19:17:05.0277 0x1da0 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:17:05.0291 0x1da0 dot3svc - ok
19:17:05.0295 0x1da0 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
19:17:05.0305 0x1da0 DPS - ok
19:17:05.0308 0x1da0 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
19:17:05.0314 0x1da0 drmkaud - ok
19:17:05.0319 0x1da0 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:17:05.0330 0x1da0 DsmSvc - ok
19:17:05.0334 0x1da0 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:17:05.0346 0x1da0 DsSvc - ok
19:17:05.0375 0x1da0 [ F45665E77D11F3C1552EDBEAD1559DC8, C7C4B493CB36A1A35B8CA33C044BA0ED273CDA80E36F48BFF7CE3A0356246838 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:17:05.0410 0x1da0 DXGKrnl - ok
19:17:05.0418 0x1da0 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:17:05.0428 0x1da0 Eaphost - ok
19:17:05.0476 0x1da0 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:17:05.0534 0x1da0 ebdrv - ok
19:17:05.0542 0x1da0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
19:17:05.0549 0x1da0 EFS - ok
19:17:05.0553 0x1da0 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:17:05.0560 0x1da0 EhStorClass - ok
19:17:05.0564 0x1da0 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:17:05.0571 0x1da0 EhStorTcgDrv - ok
19:17:05.0574 0x1da0 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:17:05.0584 0x1da0 embeddedmode - ok
19:17:05.0591 0x1da0 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:17:05.0603 0x1da0 EntAppSvc - ok
19:17:05.0606 0x1da0 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:17:05.0612 0x1da0 ErrDev - ok
19:17:05.0616 0x1da0 [ 3B32CAA07D672F8A2E0DF5CB3A873F45, 09687E30FA5779C3593769D66CAEBED95C932746EDD6E83DABE3DCFD126AB5EC ] EsgScanner C:\WINDOWS\system32\DRIVERS\EsgScanner.sys
19:17:05.0620 0x1da0 EsgScanner - ok
19:17:05.0629 0x1da0 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
19:17:05.0646 0x1da0 EventSystem - ok
19:17:05.0653 0x1da0 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:17:05.0666 0x1da0 exfat - ok
19:17:05.0673 0x1da0 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:17:05.0683 0x1da0 fastfat - ok
19:17:05.0694 0x1da0 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:17:05.0714 0x1da0 Fax - ok
19:17:05.0718 0x1da0 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:17:05.0725 0x1da0 fdc - ok
19:17:05.0728 0x1da0 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:17:05.0738 0x1da0 fdPHost - ok
19:17:05.0741 0x1da0 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:17:05.0751 0x1da0 FDResPub - ok
19:17:05.0754 0x1da0 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:17:05.0766 0x1da0 fhsvc - ok
19:17:05.0770 0x1da0 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:17:05.0777 0x1da0 FileCrypt - ok
19:17:05.0781 0x1da0 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:17:05.0788 0x1da0 FileInfo - ok
19:17:05.0790 0x1da0 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:17:05.0800 0x1da0 Filetrace - ok
19:17:05.0803 0x1da0 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:17:05.0810 0x1da0 flpydisk - ok
19:17:05.0817 0x1da0 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:17:05.0828 0x1da0 FltMgr - ok
19:17:05.0853 0x1da0 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
19:17:05.0894 0x1da0 FontCache - ok
19:17:05.0899 0x1da0 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:17:05.0905 0x1da0 FontCache3.0.0.0 - ok
19:17:05.0908 0x1da0 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:17:05.0915 0x1da0 FsDepends - ok
19:17:05.0917 0x1da0 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:17:05.0923 0x1da0 Fs_Rec - ok
19:17:05.0934 0x1da0 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:17:05.0949 0x1da0 fvevol - ok
19:17:05.0953 0x1da0 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
19:17:05.0960 0x1da0 gagp30kx - ok
19:17:05.0963 0x1da0 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:17:05.0969 0x1da0 gencounter - ok
19:17:05.0971 0x1da0 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:17:05.0978 0x1da0 genericusbfn - ok
19:17:05.0997 0x1da0 [ 061CC5C12C39899D7398CFEBFD19F69F, 62319596863A74665FA801C305C952A0F20AAA0F1CDC2195F2F69D662790C80B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:17:06.0016 0x1da0 GfExperienceService - ok
19:17:06.0021 0x1da0 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:17:06.0029 0x1da0 GPIOClx0101 - ok
19:17:06.0050 0x1da0 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:17:06.0087 0x1da0 gpsvc - ok
19:17:06.0090 0x1da0 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:17:06.0099 0x1da0 GpuEnergyDrv - ok
19:17:06.0103 0x1da0 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:17:06.0111 0x1da0 HDAudBus - ok
19:17:06.0113 0x1da0 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:17:06.0120 0x1da0 HidBatt - ok
19:17:06.0124 0x1da0 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:17:06.0132 0x1da0 HidBth - ok
19:17:06.0135 0x1da0 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:17:06.0142 0x1da0 hidi2c - ok
19:17:06.0145 0x1da0 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:17:06.0152 0x1da0 hidinterrupt - ok
19:17:06.0154 0x1da0 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:17:06.0162 0x1da0 HidIr - ok
19:17:06.0165 0x1da0 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:17:06.0173 0x1da0 hidserv - ok
19:17:06.0175 0x1da0 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:17:06.0182 0x1da0 HidUsb - ok
19:17:06.0188 0x1da0 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:17:06.0201 0x1da0 HomeGroupListener - ok
19:17:06.0210 0x1da0 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:17:06.0227 0x1da0 HomeGroupProvider - ok
19:17:06.0230 0x1da0 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:17:06.0237 0x1da0 HpSAMD - ok
19:17:06.0254 0x1da0 [ 318E816717431D3C23DC82779900C744, 363702CC8A5B5FBF5E8CE2DA5C48D52CBD6244C9398B164EFDF1A4B0FAF592E6 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:17:06.0276 0x1da0 HTTP - ok
19:17:06.0280 0x1da0 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:17:06.0286 0x1da0 hwpolicy - ok
19:17:06.0289 0x1da0 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:17:06.0295 0x1da0 hyperkbd - ok
19:17:06.0299 0x1da0 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:17:06.0308 0x1da0 i8042prt - ok
19:17:06.0311 0x1da0 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:17:06.0319 0x1da0 iai2c - ok
19:17:06.0319 0x1da0 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
19:17:08.0775 0x1da0 Object send P2P result: true
19:17:08.0797 0x1da0 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:17:08.0823 0x1da0 iaLPSS2i_I2C - ok
19:17:08.0823 0x1da0 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
19:17:11.0279 0x1da0 Object send P2P result: true
19:17:11.0290 0x1da0 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:17:11.0310 0x1da0 iaLPSSi_GPIO - ok
19:17:11.0321 0x1da0 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:17:11.0339 0x1da0 iaLPSSi_I2C - ok
19:17:11.0359 0x1da0 [ 6655615C7E4E29E6481F75A93ED99954, C7387D85DEC6BEF74DAD3B36398D1DA8914E9CF6F460D36E30088E3F6754E972 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:17:11.0382 0x1da0 iaStorA - ok
19:17:11.0394 0x1da0 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:17:11.0410 0x1da0 iaStorAV - ok
19:17:11.0418 0x1da0 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:17:11.0430 0x1da0 iaStorV - ok
19:17:11.0438 0x1da0 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:17:11.0450 0x1da0 ibbus - ok
19:17:11.0454 0x1da0 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:17:11.0465 0x1da0 icssvc - ok
19:17:11.0467 0x1da0 IEEtwCollectorService - ok
19:17:11.0574 0x1da0 [ 34E103A5EFF7EADA5ADE6D61294FAA7F, 29AFF3C2C03D75B55D124EBA35534C1D7E2115748C23EAC79CF0FA6CBC994C1F ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:17:11.0683 0x1da0 igfx - ok
19:17:11.0699 0x1da0 [ 078DE1A9D9DB0BB617D4DCF1EF925928, 6E197785DE6F83FAB5E049F24CCC3838BB9B9EB20240BD48A2768103172B6242 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
19:17:11.0709 0x1da0 igfxCUIService2.0.0.0 - ok
19:17:11.0726 0x1da0 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:17:11.0752 0x1da0 IKEEXT - ok
19:17:11.0817 0x1da0 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:17:11.0882 0x1da0 IntcAzAudAddService - ok
19:17:11.0896 0x1da0 [ 47577F77C8DD9CF4265B944CAFE1F172, A3F48F01ECFDF8E609D26754E517C06AD6382DA231F42BF64B6746D50F02FC6A ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:17:11.0907 0x1da0 IntcDAud - ok
19:17:11.0910 0x1da0 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:17:11.0916 0x1da0 intelide - ok
19:17:11.0919 0x1da0 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:17:11.0925 0x1da0 intelpep - ok
19:17:11.0929 0x1da0 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:17:11.0937 0x1da0 intelppm - ok
19:17:11.0940 0x1da0 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
19:17:11.0947 0x1da0 IoQos - ok
19:17:11.0951 0x1da0 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:17:11.0960 0x1da0 IpFilterDriver - ok
19:17:11.0975 0x1da0 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:17:12.0002 0x1da0 iphlpsvc - ok
19:17:12.0007 0x1da0 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:17:12.0015 0x1da0 IPMIDRV - ok
19:17:12.0019 0x1da0 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:17:12.0028 0x1da0 IPNAT - ok
19:17:12.0030 0x1da0 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:17:12.0039 0x1da0 IRENUM - ok
19:17:12.0041 0x1da0 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:17:12.0047 0x1da0 isapnp - ok
19:17:12.0053 0x1da0 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:17:12.0063 0x1da0 iScsiPrt - ok
19:17:12.0067 0x1da0 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:17:12.0074 0x1da0 kbdclass - ok
19:17:12.0077 0x1da0 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:17:12.0084 0x1da0 kbdhid - ok
19:17:12.0087 0x1da0 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:17:12.0093 0x1da0 kdnic - ok
19:17:12.0096 0x1da0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:17:12.0104 0x1da0 KeyIso - ok
19:17:12.0108 0x1da0 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:17:12.0116 0x1da0 KSecDD - ok
19:17:12.0120 0x1da0 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:17:12.0128 0x1da0 KSecPkg - ok
19:17:12.0131 0x1da0 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:17:12.0138 0x1da0 ksthunk - ok
19:17:12.0145 0x1da0 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:17:12.0160 0x1da0 KtmRm - ok
19:17:12.0166 0x1da0 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:17:12.0180 0x1da0 LanmanServer - ok
19:17:12.0186 0x1da0 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:17:12.0200 0x1da0 LanmanWorkstation - ok
19:17:12.0204 0x1da0 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:17:12.0211 0x1da0 lfsvc - ok
19:17:12.0213 0x1da0 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:17:12.0221 0x1da0 LicenseManager - ok
19:17:12.0224 0x1da0 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:17:12.0233 0x1da0 lltdio - ok
19:17:12.0239 0x1da0 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:17:12.0253 0x1da0 lltdsvc - ok
19:17:12.0256 0x1da0 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:17:12.0264 0x1da0 lmhosts - ok
19:17:12.0269 0x1da0 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:17:12.0276 0x1da0 LSI_SAS - ok
19:17:12.0280 0x1da0 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:17:12.0287 0x1da0 LSI_SAS2i - ok
19:17:12.0291 0x1da0 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:17:12.0299 0x1da0 LSI_SAS3i - ok
19:17:12.0302 0x1da0 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:17:12.0309 0x1da0 LSI_SSS - ok
19:17:12.0322 0x1da0 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
19:17:12.0345 0x1da0 LSM - ok
19:17:12.0351 0x1da0 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:17:12.0363 0x1da0 luafv - ok
19:17:12.0366 0x1da0 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:17:12.0378 0x1da0 MapsBroker - ok
19:17:12.0383 0x1da0 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:17:12.0389 0x1da0 megasas - ok
19:17:12.0400 0x1da0 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:17:12.0415 0x1da0 megasr - ok
19:17:12.0420 0x1da0 [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
19:17:12.0426 0x1da0 MEIx64 - ok
19:17:12.0429 0x1da0 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:17:12.0439 0x1da0 MessagingService - ok
19:17:12.0452 0x1da0 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:17:12.0469 0x1da0 mlx4_bus - ok
19:17:12.0472 0x1da0 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:17:12.0481 0x1da0 MMCSS - ok
19:17:12.0483 0x1da0 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:17:12.0492 0x1da0 Modem - ok
19:17:12.0495 0x1da0 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:17:12.0502 0x1da0 monitor - ok
19:17:12.0505 0x1da0 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:17:12.0512 0x1da0 mouclass - ok
19:17:12.0515 0x1da0 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:17:12.0522 0x1da0 mouhid - ok
19:17:12.0526 0x1da0 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:17:12.0533 0x1da0 mountmgr - ok
19:17:12.0537 0x1da0 [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:17:12.0543 0x1da0 MozillaMaintenance - ok
19:17:12.0547 0x1da0 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:17:12.0555 0x1da0 mpsdrv - ok
19:17:12.0570 0x1da0 [ 553F19DC6F3F73545CB17FCD7A8AE37B, 49ABB625EB9C2981254EEA1FE7858DF630BA2D65653CC91CD4FEEACF69C5392F ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:17:12.0598 0x1da0 MpsSvc - ok
19:17:12.0603 0x1da0 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:17:12.0615 0x1da0 MRxDAV - ok
19:17:12.0624 0x1da0 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:17:12.0636 0x1da0 mrxsmb - ok
19:17:12.0642 0x1da0 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:17:12.0657 0x1da0 mrxsmb10 - ok
19:17:12.0662 0x1da0 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:17:12.0671 0x1da0 mrxsmb20 - ok
19:17:12.0675 0x1da0 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:17:12.0686 0x1da0 MsBridge - ok
19:17:12.0690 0x1da0 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:17:12.0700 0x1da0 MSDTC - ok
19:17:12.0700 0x1da0 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
19:17:15.0148 0x1da0 Object send P2P result: true
19:17:15.0165 0x1da0 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:17:15.0193 0x1da0 Msfs - ok
19:17:15.0197 0x1da0 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:17:15.0210 0x1da0 msgpiowin32 - ok
19:17:15.0214 0x1da0 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:17:15.0222 0x1da0 mshidkmdf - ok
19:17:15.0225 0x1da0 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:17:15.0231 0x1da0 mshidumdf - ok
19:17:15.0234 0x1da0 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:17:15.0239 0x1da0 msisadrv - ok
19:17:15.0244 0x1da0 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:17:15.0254 0x1da0 MSiSCSI - ok
19:17:15.0256 0x1da0 msiserver - ok
19:17:15.0259 0x1da0 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:17:15.0266 0x1da0 MSKSSRV - ok
19:17:15.0269 0x1da0 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:17:15.0278 0x1da0 MsLldp - ok
19:17:15.0281 0x1da0 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:17:15.0288 0x1da0 MSPCLOCK - ok
19:17:15.0290 0x1da0 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:17:15.0297 0x1da0 MSPQM - ok
19:17:15.0303 0x1da0 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:17:15.0314 0x1da0 MsRPC - ok
19:17:15.0318 0x1da0 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:17:15.0324 0x1da0 mssmbios - ok
19:17:15.0327 0x1da0 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:17:15.0334 0x1da0 MSTEE - ok
19:17:15.0336 0x1da0 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:17:15.0343 0x1da0 MTConfig - ok
19:17:15.0347 0x1da0 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:17:15.0354 0x1da0 Mup - ok
19:17:15.0357 0x1da0 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:17:15.0364 0x1da0 mvumis - ok
19:17:15.0375 0x1da0 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:17:15.0393 0x1da0 NativeWifiP - ok
19:17:15.0398 0x1da0 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:17:15.0408 0x1da0 NcaSvc - ok
19:17:15.0415 0x1da0 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:17:15.0429 0x1da0 NcbService - ok
19:17:15.0433 0x1da0 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:17:15.0448 0x1da0 NcdAutoSetup - ok
19:17:15.0451 0x1da0 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:17:15.0458 0x1da0 ndfltr - ok
19:17:15.0476 0x1da0 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:17:15.0500 0x1da0 NDIS - ok
19:17:15.0503 0x1da0 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:17:15.0511 0x1da0 NdisCap - ok
19:17:15.0515 0x1da0 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:17:15.0525 0x1da0 NdisImPlatform - ok
19:17:15.0527 0x1da0 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:17:15.0536 0x1da0 NdisTapi - ok
19:17:15.0538 0x1da0 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:17:15.0546 0x1da0 Ndisuio - ok
19:17:15.0548 0x1da0 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:17:15.0556 0x1da0 NdisVirtualBus - ok
19:17:15.0561 0x1da0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:17:15.0573 0x1da0 NdisWan - ok
19:17:15.0577 0x1da0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:17:15.0589 0x1da0 ndiswanlegacy - ok
19:17:15.0592 0x1da0 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:17:15.0601 0x1da0 ndproxy - ok
19:17:15.0604 0x1da0 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:17:15.0613 0x1da0 Ndu - ok
19:17:15.0616 0x1da0 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:17:15.0623 0x1da0 NetBIOS - ok
19:17:15.0629 0x1da0 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:17:15.0641 0x1da0 NetBT - ok
19:17:15.0644 0x1da0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:17:15.0651 0x1da0 Netlogon - ok
19:17:15.0658 0x1da0 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
19:17:15.0672 0x1da0 Netman - ok
19:17:15.0681 0x1da0 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:17:15.0701 0x1da0 netprofm - ok
19:17:15.0707 0x1da0 [ 3D58D04A9269CE21B61960544A05573D, 250DB1266EE37BAAA9F9E51434879DB4564A8550FCAB28BAB3308772882850CF ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:17:15.0721 0x1da0 NetSetupSvc - ok
19:17:15.0726 0x1da0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:17:15.0734 0x1da0 NetTcpPortSharing - ok
19:17:15.0741 0x1da0 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:17:15.0754 0x1da0 NgcCtnrSvc - ok
19:17:15.0766 0x1da0 [ C64B693DF26EB7BFF25F9BAD8B54D571, 12363E81B329D048E0148739AA542958F7CAF6FF3404BB001AF51850EF84338D ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:17:15.0789 0x1da0 NgcSvc - ok
19:17:15.0798 0x1da0 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:17:15.0814 0x1da0 NlaSvc - ok
19:17:15.0817 0x1da0 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:17:15.0825 0x1da0 Npfs - ok
19:17:15.0828 0x1da0 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:17:15.0835 0x1da0 npsvctrig - ok
19:17:15.0838 0x1da0 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
19:17:15.0846 0x1da0 nsi - ok
19:17:15.0849 0x1da0 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:17:15.0856 0x1da0 nsiproxy - ok
19:17:15.0889 0x1da0 [ 58BFFEF692A47FCE3FAAEDBC8F3DCBBB, 4F55CDF153306B17EDEA6F621939990667735676CBA460CC3078789C2766EF68 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:17:15.0929 0x1da0 NTFS - ok
19:17:15.0936 0x1da0 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:17:15.0943 0x1da0 Null - ok
19:17:15.0948 0x1da0 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
19:17:15.0954 0x1da0 NVHDA - ok
19:17:16.0123 0x1da0 [ 563000D29B9DABDD8CE308177D98EB5D, 9406763DAEE1893C6DF6C1659976A1673440B7BC3384B708AD06C3C42C733941 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:17:16.0294 0x1da0 nvlddmkm - ok
19:17:16.0332 0x1da0 [ 1E3277F1C9F62F90488D02869A9522B7, 464870ACE9BDF7A6A9C46701209BEED5C33454CFF44CDABEAF871E06F23FEF17 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:17:16.0360 0x1da0 NvNetworkService - ok
19:17:16.0366 0x1da0 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:17:16.0374 0x1da0 nvraid - ok
19:17:16.0378 0x1da0 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:17:16.0387 0x1da0 nvstor - ok
19:17:16.0389 0x1da0 [ 59A8DE923619F3DC0C6C63DC33FB231E, 29D20EA3EB9599DE829A0630F2063D5DFD2263E9222CD4E3559725792D1454A5 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:17:16.0393 0x1da0 NvStreamKms - ok
19:17:16.0478 0x1da0 [ 9B4B3747C6756F49B986398A46EC1FE0, D0A25F07CBFB39B86DCB148A2EC8F01FDDD9B6D994418C54F49AA2B782CE9811 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
19:17:16.0564 0x1da0 NvStreamNetworkSvc - ok
19:17:16.0638 0x1da0 [ 266512CCC3B2E195CDE3A7A2C98A353A, DCB6C88A32FE3EE11D4FF242DE6E52B3C576C2EA4E4A5A245B4451CDEDCE94B0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:17:16.0706 0x1da0 NvStreamSvc - ok
19:17:16.0721 0x1da0 [ D8A7CB3776A8EB344E534B59878A19B1, FF32A819D10E1A5C9A90D3EDC19F420D7705EE9F6E7ADBB16B9028234B0682DD ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
19:17:16.0731 0x1da0 NvStUSB - ok
19:17:16.0750 0x1da0 [ AC855DAF48D88318D0475F6A22834B6A, 3E69176A6363674F52598042D610915F50E721FF40C622205AB7BB50E419C7F3 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
19:17:16.0771 0x1da0 nvsvc - ok
19:17:16.0772 0x1da0 Object required for P2P: [ AC855DAF48D88318D0475F6A22834B6A ] nvsvc
19:17:19.0217 0x1da0 Object send P2P result: true
19:17:19.0228 0x1da0 [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
19:17:19.0246 0x1da0 nvvad_WaveExtensible - ok
19:17:19.0260 0x1da0 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
19:17:19.0283 0x1da0 nv_agp - ok
19:17:19.0299 0x1da0 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:17:19.0334 0x1da0 OneSyncSvc - ok
19:17:19.0366 0x1da0 [ EABD6FC38504B46913E2B1B739DAD185, A6225F8A939E6DA467777F85FAB02A218FB4B7ECDF68C34FE156E85BEA6E04BB ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:17:19.0397 0x1da0 Origin Client Service - ok
19:17:19.0399 0x1da0 Object required for P2P: [ EABD6FC38504B46913E2B1B739DAD185 ] Origin Client Service
19:17:21.0859 0x1da0 Object send P2P result: true
19:17:21.0889 0x1da0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:17:21.0927 0x1da0 p2pimsvc - ok
19:17:21.0940 0x1da0 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:17:21.0956 0x1da0 p2psvc - ok
19:17:21.0960 0x1da0 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:17:21.0969 0x1da0 Parport - ok
19:17:21.0973 0x1da0 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:17:21.0980 0x1da0 partmgr - ok
19:17:21.0990 0x1da0 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:17:22.0004 0x1da0 PcaSvc - ok
19:17:22.0011 0x1da0 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
19:17:22.0022 0x1da0 pci - ok
19:17:22.0024 0x1da0 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:17:22.0030 0x1da0 pciide - ok
19:17:22.0034 0x1da0 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:17:22.0041 0x1da0 pcmcia - ok
19:17:22.0044 0x1da0 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:17:22.0051 0x1da0 pcw - ok
19:17:22.0054 0x1da0 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:17:22.0061 0x1da0 pdc - ok
19:17:22.0073 0x1da0 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:17:22.0096 0x1da0 PEAUTH - ok
19:17:22.0100 0x1da0 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:17:22.0106 0x1da0 percsas2i - ok
19:17:22.0109 0x1da0 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:17:22.0116 0x1da0 percsas3i - ok
19:17:22.0134 0x1da0 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:17:22.0141 0x1da0 PerfHost - ok
19:17:22.0156 0x1da0 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:17:22.0180 0x1da0 PhoneSvc - ok
19:17:22.0186 0x1da0 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:17:22.0201 0x1da0 PimIndexMaintenanceSvc - ok
19:17:22.0223 0x1da0 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
19:17:22.0264 0x1da0 pla - ok
19:17:22.0270 0x1da0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:17:22.0283 0x1da0 PlugPlay - ok
19:17:22.0286 0x1da0 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:17:22.0293 0x1da0 PNRPAutoReg - ok
19:17:22.0301 0x1da0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:17:22.0315 0x1da0 PNRPsvc - ok
19:17:22.0322 0x1da0 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:17:22.0339 0x1da0 PolicyAgent - ok
19:17:22.0344 0x1da0 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
19:17:22.0354 0x1da0 Power - ok
19:17:22.0357 0x1da0 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:17:22.0367 0x1da0 PptpMiniport - ok
19:17:22.0416 0x1da0 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:17:22.0488 0x1da0 PrintNotify - ok
19:17:22.0497 0x1da0 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:17:22.0506 0x1da0 Processor - ok
19:17:22.0513 0x1da0 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:17:22.0528 0x1da0 ProfSvc - ok
19:17:22.0532 0x1da0 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:17:22.0540 0x1da0 Psched - ok
19:17:22.0546 0x1da0 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:17:22.0560 0x1da0 QWAVE - ok
19:17:22.0563 0x1da0 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:17:22.0570 0x1da0 QWAVEdrv - ok
19:17:22.0572 0x1da0 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:17:22.0582 0x1da0 RasAcd - ok
19:17:22.0586 0x1da0 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:17:22.0596 0x1da0 RasAgileVpn - ok
19:17:22.0600 0x1da0 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:17:22.0609 0x1da0 RasAuto - ok
19:17:22.0613 0x1da0 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:17:22.0623 0x1da0 Rasl2tp - ok
19:17:22.0634 0x1da0 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:17:22.0658 0x1da0 RasMan - ok
19:17:22.0661 0x1da0 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:17:22.0671 0x1da0 RasPppoe - ok
19:17:22.0674 0x1da0 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:17:22.0684 0x1da0 RasSstp - ok
19:17:22.0692 0x1da0 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:17:22.0704 0x1da0 rdbss - ok
19:17:22.0707 0x1da0 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:17:22.0714 0x1da0 rdpbus - ok
19:17:22.0719 0x1da0 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:17:22.0729 0x1da0 RDPDR - ok
19:17:22.0733 0x1da0 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:17:22.0739 0x1da0 RdpVideoMiniport - ok
19:17:22.0744 0x1da0 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:17:22.0754 0x1da0 rdyboost - ok
19:17:22.0769 0x1da0 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:17:22.0789 0x1da0 ReFSv1 - ok
19:17:22.0799 0x1da0 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:17:22.0818 0x1da0 RemoteAccess - ok
19:17:22.0823 0x1da0 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:17:22.0836 0x1da0 RemoteRegistry - ok
19:17:22.0853 0x1da0 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:17:22.0887 0x1da0 RetailDemo - ok
19:17:22.0888 0x1da0 Object required for P2P: [ AD43141CE6D5074DA1D28B5BCD4E4507 ] RetailDemo
19:17:25.0334 0x1da0 Object send P2P result: true
19:17:25.0348 0x1da0 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:17:25.0371 0x1da0 RpcEptMapper - ok
19:17:25.0375 0x1da0 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
19:17:25.0388 0x1da0 RpcLocator - ok
19:17:25.0403 0x1da0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:17:25.0428 0x1da0 RpcSs - ok
19:17:25.0432 0x1da0 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:17:25.0441 0x1da0 rspndr - ok
19:17:25.0452 0x1da0 [ FBEFF38DE03450E03E6CD9E8E37A8C74, C1C0876785DB4366D67792A3AFA219FC933FC1894AF93D07B0016BBCC81A5886 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
19:17:25.0470 0x1da0 rt640x64 - ok
19:17:25.0481 0x1da0 [ A88951B1FD37079237E1A2D323EBE0E4, C79510205E7032BC3E8E2BE477C646D93846BC42397A4D808185F3B5F18FDB28 ] rtl819xp C:\WINDOWS\System32\drivers\rtl819xp.sys
19:17:25.0500 0x1da0 rtl819xp - ok
19:17:25.0503 0x1da0 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:17:25.0509 0x1da0 s3cap - ok
19:17:25.0513 0x1da0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
19:17:25.0519 0x1da0 SamSs - ok
19:17:25.0523 0x1da0 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:17:25.0530 0x1da0 sbp2port - ok
19:17:25.0536 0x1da0 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:17:25.0550 0x1da0 SCardSvr - ok
19:17:25.0554 0x1da0 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:17:25.0568 0x1da0 ScDeviceEnum - ok
19:17:25.0571 0x1da0 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:17:25.0580 0x1da0 scfilter - ok
19:17:25.0595 0x1da0 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:17:25.0624 0x1da0 Schedule - ok
19:17:25.0630 0x1da0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:17:25.0643 0x1da0 SCPolicySvc - ok
19:17:25.0649 0x1da0 [ 70165A0A2653FB8AFDE3D85000727F29, BAC35D7B0296CAC78EAC4266FC96E292174827E0B24ECAF085228B26A5052911 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:17:25.0659 0x1da0 sdbus - ok
19:17:25.0663 0x1da0 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:17:25.0674 0x1da0 SDRSVC - ok
19:17:25.0677 0x1da0 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:17:25.0684 0x1da0 sdstor - ok
19:17:25.0687 0x1da0 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
19:17:25.0697 0x1da0 seclogon - ok
19:17:25.0700 0x1da0 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
19:17:25.0711 0x1da0 SENS - ok
19:17:25.0730 0x1da0 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:17:25.0769 0x1da0 SensorDataService - ok
19:17:25.0776 0x1da0 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\WINDOWS\system32\SensorService.dll
19:17:25.0790 0x1da0 SensorService - ok
19:17:25.0795 0x1da0 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:17:25.0806 0x1da0 SensrSvc - ok
19:17:25.0809 0x1da0 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:17:25.0816 0x1da0 SerCx - ok
19:17:25.0821 0x1da0 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:17:25.0829 0x1da0 SerCx2 - ok
19:17:25.0831 0x1da0 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:17:25.0838 0x1da0 Serenum - ok
19:17:25.0842 0x1da0 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:17:25.0850 0x1da0 Serial - ok
19:17:25.0853 0x1da0 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:17:25.0860 0x1da0 sermouse - ok
19:17:25.0870 0x1da0 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:17:25.0885 0x1da0 SessionEnv - ok
19:17:25.0888 0x1da0 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:17:25.0895 0x1da0 sfloppy - ok
19:17:25.0904 0x1da0 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:17:25.0922 0x1da0 SharedAccess - ok
19:17:25.0934 0x1da0 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:17:25.0958 0x1da0 ShellHWDetection - ok
19:17:25.0961 0x1da0 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:17:25.0968 0x1da0 SiSRaid2 - ok
19:17:25.0971 0x1da0 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:17:25.0978 0x1da0 SiSRaid4 - ok
19:17:25.0984 0x1da0 [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:17:25.0994 0x1da0 SkypeUpdate - ok
19:17:25.0994 0x1da0 Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
19:17:28.0453 0x1da0 Object send P2P result: true
19:17:28.0464 0x1da0 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
19:17:28.0496 0x1da0 smphost - ok
19:17:28.0513 0x1da0 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:17:28.0540 0x1da0 SmsRouter - ok
19:17:28.0544 0x1da0 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:17:28.0554 0x1da0 SNMPTRAP - ok
19:17:28.0564 0x1da0 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:17:28.0578 0x1da0 spaceport - ok
19:17:28.0582 0x1da0 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:17:28.0589 0x1da0 SpbCx - ok
19:17:28.0602 0x1da0 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:17:28.0627 0x1da0 Spooler - ok
19:17:28.0737 0x1da0 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:17:28.0846 0x1da0 sppsvc - ok
19:17:28.0850 0x1da0 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
19:17:31.0318 0x1da0 Object send P2P result: true
19:17:31.0356 0x1da0 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:17:31.0387 0x1da0 srv - ok
19:17:31.0400 0x1da0 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:17:31.0420 0x1da0 srv2 - ok
19:17:31.0426 0x1da0 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:17:31.0436 0x1da0 srvnet - ok
19:17:31.0442 0x1da0 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:17:31.0455 0x1da0 SSDPSRV - ok
19:17:31.0461 0x1da0 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:17:31.0473 0x1da0 SstpSvc - ok
19:17:31.0511 0x1da0 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:17:31.0574 0x1da0 StateRepository - ok
19:17:31.0592 0x1da0 [ C98EF483DA6BFADB3BE719F6689A3D22, FFAB917A2008638FE6C8B74AA4487D5C16A25E0E1D53AFD35CBBE5A27A4A2009 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
19:17:31.0606 0x1da0 Steam Client Service - ok
19:17:31.0615 0x1da0 [ 7D076C1B67B7134D1AB1007AF78AE486, DF315421D287957F7A7A69B649F993E7798A35E716610AA93AB23EE350DC0D90 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:17:31.0623 0x1da0 Stereo Service - ok
19:17:31.0626 0x1da0 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:17:31.0632 0x1da0 stexstor - ok
19:17:31.0643 0x1da0 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:17:31.0664 0x1da0 stisvc - ok
19:17:31.0668 0x1da0 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:17:31.0676 0x1da0 storahci - ok
19:17:31.0679 0x1da0 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:17:31.0685 0x1da0 storflt - ok
19:17:31.0689 0x1da0 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:17:31.0696 0x1da0 stornvme - ok
19:17:31.0699 0x1da0 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:17:31.0706 0x1da0 storqosflt - ok
19:17:31.0717 0x1da0 [ 9953FA89A4E3BC33296DAFB1ACFDC62F, D2F2698834691FF7915BDFFB82DB549354311A5DD7D37BF767F95D407AC4019F ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:17:31.0739 0x1da0 StorSvc - ok
19:17:31.0742 0x1da0 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:17:31.0748 0x1da0 storufs - ok
19:17:31.0751 0x1da0 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:17:31.0757 0x1da0 storvsc - ok
19:17:31.0759 0x1da0 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:17:31.0770 0x1da0 svsvc - ok
19:17:31.0773 0x1da0 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:17:31.0778 0x1da0 swenum - ok
19:17:31.0786 0x1da0 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
19:17:31.0805 0x1da0 swprv - ok
19:17:31.0809 0x1da0 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:17:31.0817 0x1da0 Synth3dVsc - ok
19:17:31.0834 0x1da0 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
19:17:31.0867 0x1da0 SysMain - ok
19:17:31.0867 0x1da0 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
19:17:34.0321 0x1da0 Object send P2P result: true
19:17:34.0352 0x1da0 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:17:34.0386 0x1da0 SystemEventsBroker - ok
19:17:34.0392 0x1da0 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:17:34.0405 0x1da0 TabletInputService - ok
19:17:34.0412 0x1da0 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:17:34.0426 0x1da0 TapiSrv - ok
19:17:34.0461 0x1da0 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:17:34.0504 0x1da0 Tcpip - ok
19:17:34.0543 0x1da0 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:17:34.0587 0x1da0 Tcpip6 - ok
19:17:34.0594 0x1da0 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:17:34.0603 0x1da0 tcpipreg - ok
19:17:34.0608 0x1da0 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:17:34.0616 0x1da0 tdx - ok
19:17:34.0619 0x1da0 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:17:34.0625 0x1da0 terminpt - ok
19:17:34.0641 0x1da0 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
19:17:34.0670 0x1da0 TermService - ok
19:17:34.0674 0x1da0 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
19:17:34.0688 0x1da0 Themes - ok
19:17:34.0694 0x1da0 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:17:34.0711 0x1da0 TieringEngineService - ok
19:17:34.0720 0x1da0 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:17:34.0738 0x1da0 tiledatamodelsvc - ok
19:17:34.0743 0x1da0 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
19:17:34.0756 0x1da0 TimeBroker - ok
19:17:34.0761 0x1da0 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:17:34.0770 0x1da0 TPM - ok
19:17:34.0774 0x1da0 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:17:34.0785 0x1da0 TrkWks - ok
19:17:34.0788 0x1da0 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:17:34.0799 0x1da0 TrustedInstaller - ok
19:17:34.0804 0x1da0 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:17:34.0811 0x1da0 tsusbflt - ok
19:17:34.0814 0x1da0 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:17:34.0820 0x1da0 TsUsbGD - ok
19:17:34.0825 0x1da0 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:17:34.0837 0x1da0 tunnel - ok
19:17:34.0840 0x1da0 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:17:34.0850 0x1da0 tzautoupdate - ok
19:17:34.0854 0x1da0 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
19:17:34.0860 0x1da0 uagp35 - ok
19:17:34.0864 0x1da0 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:17:34.0871 0x1da0 UASPStor - ok
19:17:34.0875 0x1da0 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:17:34.0883 0x1da0 UcmCx0101 - ok
19:17:34.0885 0x1da0 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:17:34.0893 0x1da0 UcmUcsi - ok
19:17:34.0898 0x1da0 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:17:34.0907 0x1da0 Ucx01000 - ok
19:17:34.0910 0x1da0 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:17:34.0918 0x1da0 UdeCx - ok
19:17:34.0925 0x1da0 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:17:34.0941 0x1da0 udfs - ok
19:17:34.0944 0x1da0 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:17:34.0951 0x1da0 UEFI - ok
19:17:34.0956 0x1da0 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:17:34.0966 0x1da0 Ufx01000 - ok
19:17:34.0970 0x1da0 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:17:34.0977 0x1da0 UfxChipidea - ok
19:17:34.0981 0x1da0 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:17:34.0989 0x1da0 ufxsynopsys - ok
19:17:34.0994 0x1da0 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:17:35.0005 0x1da0 UI0Detect - ok
19:17:35.0008 0x1da0 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
19:17:35.0016 0x1da0 uliagpkx - ok
19:17:35.0019 0x1da0 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:17:35.0026 0x1da0 umbus - ok
19:17:35.0029 0x1da0 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:17:35.0036 0x1da0 UmPass - ok
19:17:35.0041 0x1da0 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:17:35.0054 0x1da0 UmRdpService - ok
19:17:35.0073 0x1da0 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:17:35.0105 0x1da0 UnistoreSvc - ok
19:17:35.0116 0x1da0 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
19:17:35.0134 0x1da0 upnphost - ok
19:17:35.0137 0x1da0 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:17:35.0143 0x1da0 UrsChipidea - ok
19:17:35.0145 0x1da0 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:17:35.0153 0x1da0 UrsCx01000 - ok
19:17:35.0155 0x1da0 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:17:35.0161 0x1da0 UrsSynopsys - ok
19:17:35.0167 0x1da0 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:17:35.0176 0x1da0 usbccgp - ok
19:17:35.0178 0x1da0 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:17:35.0188 0x1da0 usbcir - ok
19:17:35.0191 0x1da0 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:17:35.0198 0x1da0 usbehci - ok
19:17:35.0207 0x1da0 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:17:35.0220 0x1da0 usbhub - ok
19:17:35.0230 0x1da0 [ B7E1CAA9429E4C3E7E01CB35B97E1536, 11A6431C27821F247202AC9F18441FEA26544630461522C129F1671257C527BA ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:17:35.0244 0x1da0 USBHUB3 - ok
19:17:35.0247 0x1da0 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:17:35.0254 0x1da0 usbohci - ok
19:17:35.0257 0x1da0 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:17:35.0265 0x1da0 usbprint - ok
19:17:35.0268 0x1da0 [ F259A45D6B555B14CC8365AA6BC8DC20, 28A588656449307F6E9C999BE5D73E34A2542A5771F4B504D9D36B9F93F32303 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:17:35.0278 0x1da0 usbser - ok
19:17:35.0282 0x1da0 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:17:35.0289 0x1da0 USBSTOR - ok
19:17:35.0292 0x1da0 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:17:35.0300 0x1da0 usbuhci - ok
19:17:35.0307 0x1da0 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:17:35.0318 0x1da0 USBXHCI - ok
19:17:35.0340 0x1da0 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:17:35.0378 0x1da0 UserDataSvc - ok
19:17:35.0395 0x1da0 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:17:35.0424 0x1da0 UserManager - ok
19:17:35.0432 0x1da0 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:17:35.0447 0x1da0 UsoSvc - ok
19:17:35.0451 0x1da0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:17:35.0458 0x1da0 VaultSvc - ok
19:17:35.0460 0x1da0 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:17:35.0467 0x1da0 vdrvroot - ok
19:17:35.0478 0x1da0 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
19:17:35.0502 0x1da0 vds - ok
19:17:35.0508 0x1da0 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:17:35.0517 0x1da0 VerifierExt - ok
19:17:35.0528 0x1da0 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:17:35.0545 0x1da0 vhdmp - ok
19:17:35.0549 0x1da0 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:17:35.0556 0x1da0 vhf - ok
19:17:35.0559 0x1da0 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:17:35.0567 0x1da0 vmbus - ok
19:17:35.0570 0x1da0 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:17:35.0576 0x1da0 VMBusHID - ok
19:17:35.0585 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:17:35.0602 0x1da0 vmicguestinterface - ok
19:17:35.0611 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
19:17:35.0628 0x1da0 vmicheartbeat - ok
19:17:35.0636 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:17:35.0654 0x1da0 vmickvpexchange - ok
19:17:35.0661 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
19:17:35.0679 0x1da0 vmicrdv - ok
19:17:35.0687 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
19:17:35.0705 0x1da0 vmicshutdown - ok
19:17:35.0714 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
19:17:35.0731 0x1da0 vmictimesync - ok
19:17:35.0739 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
19:17:35.0756 0x1da0 vmicvmsession - ok
19:17:35.0765 0x1da0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
19:17:35.0782 0x1da0 vmicvss - ok
19:17:35.0786 0x1da0 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:17:35.0792 0x1da0 volmgr - ok
19:17:35.0799 0x1da0 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:17:35.0810 0x1da0 volmgrx - ok
19:17:35.0818 0x1da0 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:17:35.0830 0x1da0 volsnap - ok
19:17:35.0834 0x1da0 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:17:35.0840 0x1da0 vpci - ok
19:17:35.0845 0x1da0 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:17:35.0854 0x1da0 vsmraid - ok
19:17:35.0876 0x1da0 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
19:17:35.0917 0x1da0 VSS - ok
19:17:35.0918 0x1da0 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
19:17:38.0368 0x1da0 Object send P2P result: true
19:17:38.0394 0x1da0 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:17:38.0422 0x1da0 VSTXRAID - ok
19:17:38.0427 0x1da0 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:17:38.0440 0x1da0 vwifibus - ok
19:17:38.0443 0x1da0 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:17:38.0453 0x1da0 vwififlt - ok
19:17:38.0463 0x1da0 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
19:17:38.0483 0x1da0 W32Time - ok
19:17:38.0486 0x1da0 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:17:38.0493 0x1da0 WacomPen - ok
19:17:38.0502 0x1da0 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
19:17:38.0520 0x1da0 WalletService - ok
19:17:38.0524 0x1da0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:17:38.0533 0x1da0 wanarp - ok
19:17:38.0535 0x1da0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:17:38.0545 0x1da0 wanarpv6 - ok
19:17:38.0568 0x1da0 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
19:17:38.0608 0x1da0 wbengine - ok
19:17:38.0622 0x1da0 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:17:38.0643 0x1da0 WbioSrvc - ok
19:17:38.0654 0x1da0 [ E9A0D466F6D8EC349DB526146618BCB6, CFD6F3F979E4366A68FBEC3BE90A42BF3D65403A987E80741A720C0622871F32 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:17:38.0673 0x1da0 Wcmsvc - ok
19:17:38.0682 0x1da0 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:17:38.0700 0x1da0 wcncsvc - ok
19:17:38.0704 0x1da0 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:17:38.0712 0x1da0 WcsPlugInService - ok
19:17:38.0715 0x1da0 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:17:38.0722 0x1da0 WdBoot - ok
19:17:38.0734 0x1da0 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:17:38.0751 0x1da0 Wdf01000 - ok
19:17:38.0757 0x1da0 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:17:38.0768 0x1da0 WdFilter - ok
19:17:38.0771 0x1da0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:17:38.0784 0x1da0 WdiServiceHost - ok
19:17:38.0786 0x1da0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:17:38.0798 0x1da0 WdiSystemHost - ok
19:17:38.0810 0x1da0 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:17:38.0832 0x1da0 wdiwifi - ok
19:17:38.0836 0x1da0 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:17:38.0844 0x1da0 WdNisDrv - ok
19:17:38.0845 0x1da0 WdNisSvc - ok
19:17:38.0853 0x1da0 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:17:38.0867 0x1da0 WebClient - ok
19:17:38.0873 0x1da0 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:17:38.0886 0x1da0 Wecsvc - ok
19:17:38.0888 0x1da0 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:17:38.0899 0x1da0 WEPHOSTSVC - ok
19:17:38.0902 0x1da0 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:17:38.0915 0x1da0 wercplsupport - ok
19:17:38.0919 0x1da0 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:17:38.0933 0x1da0 WerSvc - ok
19:17:38.0938 0x1da0 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:17:38.0946 0x1da0 WFPLWFS - ok
19:17:38.0949 0x1da0 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:17:38.0958 0x1da0 WiaRpc - ok
19:17:38.0961 0x1da0 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:17:38.0968 0x1da0 WIMMount - ok
19:17:38.0969 0x1da0 WinDefend - ok
19:17:38.0974 0x1da0 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:17:38.0982 0x1da0 WindowsTrustedRT - ok
19:17:38.0984 0x1da0 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:17:38.0990 0x1da0 WindowsTrustedRTProxy - ok
19:17:39.0004 0x1da0 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:17:39.0030 0x1da0 WinHttpAutoProxySvc - ok
19:17:39.0033 0x1da0 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:17:39.0039 0x1da0 WinMad - ok
19:17:39.0046 0x1da0 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:17:39.0057 0x1da0 Winmgmt - ok
19:17:39.0095 0x1da0 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:17:39.0156 0x1da0 WinRM - ok
19:17:39.0165 0x1da0 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:17:39.0173 0x1da0 WINUSB - ok
19:17:39.0176 0x1da0 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:17:39.0183 0x1da0 WinVerbs - ok
19:17:39.0216 0x1da0 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:17:39.0272 0x1da0 WlanSvc - ok
19:17:39.0305 0x1da0 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:17:39.0356 0x1da0 wlidsvc - ok
19:17:39.0363 0x1da0 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:17:39.0370 0x1da0 WmiAcpi - ok
19:17:39.0375 0x1da0 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:17:39.0386 0x1da0 wmiApSrv - ok
19:17:39.0388 0x1da0 WMPNetworkSvc - ok
19:17:39.0392 0x1da0 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:17:39.0401 0x1da0 Wof - ok
19:17:39.0430 0x1da0 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:17:39.0475 0x1da0 workfolderssvc - ok
19:17:39.0482 0x1da0 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:17:39.0488 0x1da0 wpcfltr - ok
19:17:39.0492 0x1da0 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:17:39.0501 0x1da0 WPDBusEnum - ok
19:17:39.0504 0x1da0 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:17:39.0510 0x1da0 WpdUpFltr - ok
19:17:39.0513 0x1da0 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:17:39.0523 0x1da0 WpnService - ok
19:17:39.0525 0x1da0 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:17:39.0533 0x1da0 ws2ifsl - ok
19:17:39.0538 0x1da0 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:17:39.0552 0x1da0 wscsvc - ok
19:17:39.0554 0x1da0 WSearch - ok
19:17:39.0603 0x1da0 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ]
|
|
30.03.2016, 18:29
| #6 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der TaskleisteCode:
ATTFilter WSService C:\WINDOWS\System32\WSService.dll
19:17:39.0664 0x1da0 WSService - ok
19:17:39.0701 0x1da0 [ 722FA682ED9EA8B85FA843A5C8F39E61, 47B09984582E55C22450A851FAF00EBEC76CD46149B19B199916255D553C6BF8 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:17:39.0757 0x1da0 wuauserv - ok
19:17:39.0765 0x1da0 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:17:39.0774 0x1da0 WudfPf - ok
19:17:39.0779 0x1da0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
19:17:39.0790 0x1da0 WUDFRd - ok
19:17:39.0794 0x1da0 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:17:39.0804 0x1da0 wudfsvc - ok
19:17:39.0809 0x1da0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:17:39.0821 0x1da0 WUDFWpdFs - ok
19:17:39.0826 0x1da0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:17:39.0837 0x1da0 WUDFWpdMtp - ok
19:17:39.0856 0x1da0 [ 417D1526811D9646A7E8779209F11361, 220FE28801474AB26579F2A37D792975D9AAD2384B420BCE52215B1389E08F91 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:17:39.0889 0x1da0 WwanSvc - ok
19:17:39.0904 0x1da0 [ 405A419F4CDAC3C18F91FEDBD146C0A8, 92A6539AE6FC1B140366A0F733FDB784CAFB2359C4E0E2DF80629FEEA2CBFC98 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:17:39.0931 0x1da0 XblAuthManager - ok
19:17:39.0950 0x1da0 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:17:39.0982 0x1da0 XblGameSave - ok
19:17:39.0989 0x1da0 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:17:40.0002 0x1da0 xboxgip - ok
19:17:40.0019 0x1da0 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:17:40.0050 0x1da0 XboxNetApiSvc - ok
19:17:40.0053 0x1da0 [ DBACD4E4FE191D0CE7C624ACA389535E, A706DA0A284398E80AEB6FBE1B5F6C3192C3F4D1C1B7533528D689D163374DDF ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:17:40.0060 0x1da0 xinputhid - ok
19:17:40.0065 0x1da0 [ 47E1337B1538390895E035DFF91E0FD1, FC47D47607B8027067C14EBF106B40569C09375F9482570053BD189D56E9BD2E ] xusb22 C:\WINDOWS\System32\drivers\xusb22.sys
19:17:40.0074 0x1da0 xusb22 - ok
19:17:40.0074 0x1da0 ================ Scan global ===============================
19:17:40.0077 0x1da0 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
19:17:40.0082 0x1da0 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
19:17:40.0087 0x1da0 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
19:17:40.0096 0x1da0 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
19:17:40.0102 0x1da0 [ Global ] - ok
19:17:40.0102 0x1da0 ================ Scan MBR ==================================
19:17:40.0103 0x1da0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:17:40.0165 0x1da0 \Device\Harddisk0\DR0 - ok
19:17:40.0166 0x1da0 [ 489C86DEFBF26ED7E9E984BCAAB1D64C ] \Device\Harddisk1\DR1
19:17:40.0284 0x1da0 \Device\Harddisk1\DR1 - ok
19:17:40.0284 0x1da0 ================ Scan VBR ==================================
19:17:40.0291 0x1da0 [ 431984ACBBCDD83E50310283A3F4CD46 ] \Device\Harddisk0\DR0\Partition1
19:17:40.0294 0x1da0 \Device\Harddisk0\DR0\Partition1 - ok
19:17:40.0301 0x1da0 [ 4B7DE17CBF5A2058F9A08C442EC855DD ] \Device\Harddisk0\DR0\Partition2
19:17:40.0304 0x1da0 \Device\Harddisk0\DR0\Partition2 - ok
19:17:40.0309 0x1da0 [ A4B2C36043A37429D01D65A891CC436A ] \Device\Harddisk1\DR1\Partition1
19:17:40.0313 0x1da0 \Device\Harddisk1\DR1\Partition1 - ok
19:17:40.0313 0x1da0 ================ Scan generic autorun ======================
19:17:40.0460 0x1da0 [ 22EBD5AE3B3220D713E544D1D3AB3FEE, 9EF058B096DAA5C6242FBEB3DF509108180B1EB1EA252E63C437CF6C1B743BE0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:17:40.0574 0x1da0 RTHDVCPL - ok
19:17:40.0621 0x1da0 [ E445C0DB7E5E89C657FC89C0C4CCEDE5, ABD7A9B36CFD6740CE06456B152D9EB1856C11CD7FB2A34E06D63BAD0639B2A0 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:17:40.0659 0x1da0 NvBackend - ok
19:17:40.0676 0x1da0 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
19:17:40.0691 0x1da0 XboxStat - ok
19:17:40.0695 0x1da0 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
19:17:40.0709 0x1da0 ShadowPlay - ok
19:17:40.0711 0x1da0 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
19:17:40.0725 0x1da0 Logitech Download Assistant - ok
19:17:40.0734 0x1da0 [ C9B67BCB8E384064A8C2263740B0C437, F2609406A84F3A8E256DD250F84A774EF43F92C9F8B373E297A99ACF95B3CCE4 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:17:40.0745 0x1da0 SunJavaUpdateSched - ok
19:17:40.0868 0x1da0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:17:40.0975 0x1da0 OneDriveSetup - ok
19:17:41.0089 0x1da0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:17:41.0196 0x1da0 OneDriveSetup - ok
19:17:41.0213 0x1da0 [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Schlotterbeck\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:17:41.0226 0x1da0 OneDrive - ok
19:17:41.0278 0x1da0 [ FE4071F6BCDA00B06F80E83AB3969586, 30BF77BDDDA466DC280A96B49746325B00FE2726BE5E744960F2BB38F124D6E5 ] C:\Program Files (x86)\Origin\Origin.exe
19:17:41.0329 0x1da0 EADM - ok
19:17:41.0332 0x1da0 Object required for P2P: [ FE4071F6BCDA00B06F80E83AB3969586 ] C:\Program Files (x86)\Origin\Origin.exe
19:17:43.0790 0x1da0 Object send P2P result: true
19:17:43.0796 0x1da0 Skype - ok
19:17:43.0940 0x1da0 [ 52F5D651B8E39F258C1C34272FEB1AB2, C13AD8762A4474D8246DE7BC023244BD74456D45348F74F77373CC61C238A0F3 ] C:\Program Files\CCleaner\CCleaner64.exe
19:17:44.0056 0x1da0 CCleaner Monitoring - ok
19:17:44.0172 0x1da0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:17:44.0277 0x1da0 OneDriveSetup - ok
19:17:44.0294 0x1da0 [ CB396B37F21C205F00ACE39CF999295A, FD8CB2426D4B9F13480DD823F0479E75316F6486262E88E420398A2C7AB91F57 ] C:\Program Files (x86)\Windows Mail\wab.exe
19:17:44.0312 0x1da0 WAB Migrate - ok
19:17:44.0316 0x1da0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x61100 ( enabled : updated )
19:17:44.0318 0x1da0 Win FW state via NFP2: enabled ( trusted )
19:17:46.0690 0x1da0 ============================================================
19:17:46.0690 0x1da0 Scan finished
19:17:46.0690 0x1da0 ============================================================
19:17:46.0708 0x12f4 Detected object count: 0
19:17:46.0708 0x12f4 Actual detected object count: 0
|
|
30.03.2016, 19:21
| #7 |
| /// Malwareteam | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
30.03.2016, 20:54
| #8 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Hallo, hier schon mal das Log vom AdwCleaner. Ich starte jetzt mit Schritt 2. Code:
ATTFilter # AdwCleaner v5.107 - Bericht erstellt am 30/03/2016 um 21:38:27
# Aktualisiert am 28/03/2016 von Xplode
# Datenbank : 2016-03-30.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Schlotterbeck - SCHLOTTERBECKPC
# Gestartet von : C:\Users\Schlotterbeck\Downloads\AdwCleaner_5.107(1).exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\FunFeedr
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Sams.Browser
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [11522 Bytes] - [29/03/2016 21:30:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2091 Bytes] - [30/03/2016 01:26:47]
C:\AdwCleaner\AdwCleaner[C3].txt - [1165 Bytes] - [30/03/2016 21:38:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [11291 Bytes] - [29/03/2016 21:06:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [2084 Bytes] - [29/03/2016 23:31:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [1429 Bytes] - [30/03/2016 21:37:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1458 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.03.2016 Suchlaufzeit: 21:44 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.03.30.07 Rootkit-Datenbank: v2016.03.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Schlotterbeck Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 419886 Abgelaufene Zeit: 3 Min., 44 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 2 PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [5a95721b7e1b092d36b1111535ce51af], PUP.Optional.SystemHealer, HKU\S-1-5-21-4088502895-2642783358-2647005207-500\SOFTWARE\SYSTEM HEALER, In Quarantäne, [e708ade049504de9622a730635cfe61a], Registrierungswerte: 7 PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.yessearches.com/?ts=AHEpCH4oBXAqCE..&v=20160323&uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&mode=ffsengext, In Quarantäne, [5a95721b7e1b092d36b1111535ce51af] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.yessearches.com/?ts=AHEpCH4oBXAqCE..&v=20160323&uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&mode=ffsengext, In Quarantäne, [985796f73465c472dd0a2105dd2638c8] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.yessearches.com/chrome.php?uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&q={searchTerms}&ts=AHEpCH4oBXAqCE..&v=20160323&mode=ffsengext, In Quarantäne, [cf20eca12277330381669c8a12f130d0] PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.yessearches.com/chrome.php?uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&ts=AHEpCH4oBXAqCE..&v=20160323&mode=ffexttoolbar&q=, In Quarantäne, [57986b22cfca1026edfa57cf748f48b8] PUP.Optional.WebBar, HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|wbmain.exe, 11000, In Quarantäne, [7b74e0ad25747eb8a6e22b6a50b429d7] PUP.Optional.SystemHealer, HKU\S-1-5-21-4088502895-2642783358-2647005207-500\SOFTWARE\SYSTEM HEALER|HomePage, hxxp://systemhealer.com/, In Quarantäne, [e708ade049504de9622a730635cfe61a] PUP.Optional.SystemHealer, HKU\S-1-5-21-4088502895-2642783358-2647005207-500\SOFTWARE\SYSTEM HEALER|SupportPage, hxxp://systemhealer.com/support/#contact, In Quarantäne, [f6f98ffecccd63d377159fda07fda060] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 2 PUP.Optional.VBates, C:\Users\Schlotterbeck\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [f1fef994badfe45215201934798b0ff1], PUP.Optional.VBates, C:\Users\Schlotterbeck\AppData\LocalLow\Company\Product, In Quarantäne, [f1fef994badfe45215201934798b0ff1], Dateien: 12 PUP.Optional.CrossAd.Gen, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\@E9438230-A7DF-4D1F-8F2D-CA1D0F0F7924.xpi, In Quarantäne, [7679c2cb0990eb4bca6c32f355ae758b], PUP.Optional.WinYahoo, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, In Quarantäne, [07e8fa93aeeb72c499c710315ea654ac], PUP.Optional.VBates, C:\Users\Schlotterbeck\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, In Quarantäne, [f1fef994badfe45215201934798b0ff1], PUP.Optional.VBates, C:\Users\Schlotterbeck\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, In Quarantäne, [f1fef994badfe45215201934798b0ff1], PUP.Optional.WinYahoo, C:\Program Files (x86)\Mozilla Firefox\browser\extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi, In Quarantäne, [d61986073f5a360025008efa25df8977], PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.yessearches.com/?ts=AHEpCH4oBXAqCE..&v=20160323&uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&mode=ffseng");), Ersetzt,[5897becf594061d5b8c9db7961a449b7] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ification", 1459122650); user_pref("browser.bookmarks.editDialog.firstEditField", "tagsField"); user_pref("browser.bookmarks.restore_default_bookmarks", false); user), Ersetzt,[cd226c214c4d0b2b443d163e986d9e62] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ile the application is running, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pr), Ersetzt,[faf5216c029700368ff2d67e4db8619f] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ning, * the changes will be overwritten when the application exits. * * To make a manual change to preferences, you can visit the URL about:config */ user_pref("accessibility.typeahead), Ersetzt,[c629d2bb23762214572aa3b10500a858] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (update.lastUpdateTime.experiments-update-timer", 1459122770); user_pref("app.update.lastUpdateTime.search-engine-update-timer", 1459145214); user_pref("app.u), Ersetzt,[935c0b82b6e3ef47463bb2a20005e020] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.yessearches.com), Ersetzt,[f5fa7b12d2c7b0869bfb73e128dd6c94] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\searchplugins\DD1B66D4.xml, In Quarantäne, [00eff69705940a2c2b7284cf5ea7c040], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Schlotterbeck (Administrator) auf SCHLOTTERBECKPC (30-03-2016 21:51:31) Gestartet von C:\Users\Schlotterbeck\Downloads Geladene Profile: Schlotterbeck (Verfügbare Profile: Schlotterbeck & Administrator) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbam.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-03-29] (Electronic Arts) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{fbc64d8c-f864-4b6b-8890-094ed2bbc179}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> {8A4BF67C-BF8B-43ED-B715-37D847738E5B} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF NewTab: about:home FF DefaultSearchEngine: Bing® FF SelectedSearchEngine: Bing® FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\oh7dnav3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 MBAMScheduler; D:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-29] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 rtl819xp; C:\Windows\System32\drivers\rtl819xp.sys [620032 2015-10-30] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-30 21:50 - 2016-03-30 21:50 - 00006751 _____ C:\Users\Schlotterbeck\Desktop\mbam.txt 2016-03-30 21:42 - 2016-03-30 21:48 - 00000657 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-30 21:42 - 2016-03-30 21:43 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-30 21:42 - 2016-03-30 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-30 21:42 - 2016-03-30 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-30 21:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-03-30 21:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-30 21:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-30 21:41 - 2016-03-30 21:41 - 22851472 _____ (Malwarebytes ) C:\Users\Schlotterbeck\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-30 21:34 - 2016-03-30 21:34 - 03102208 _____ C:\Users\Schlotterbeck\Downloads\AdwCleaner_5.107(1).exe 2016-03-30 19:15 - 2016-03-30 20:12 - 00485962 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_19.15.14_log.txt 2016-03-30 19:14 - 2016-03-30 19:15 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Schlotterbeck\Downloads\tdsskiller.exe 2016-03-30 19:13 - 2016-03-30 19:23 - 00039776 _____ C:\Users\Schlotterbeck\Downloads\Addition.txt 2016-03-30 19:12 - 2016-03-30 21:51 - 00011045 _____ C:\Users\Schlotterbeck\Downloads\FRST.txt 2016-03-30 19:12 - 2016-03-30 21:51 - 00000000 ____D C:\FRST 2016-03-30 19:11 - 2016-03-30 19:12 - 02374144 _____ (Farbar) C:\Users\Schlotterbeck\Downloads\FRST64.exe 2016-03-29 23:28 - 2016-03-29 23:29 - 00000000 ____D C:\Users\Schlotterbeck\Downloads\backups 2016-03-29 23:16 - 2016-03-29 23:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Schlotterbeck\Downloads\HijackThis.exe 2016-03-29 22:29 - 2016-03-30 21:48 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-29 22:29 - 2016-03-29 22:29 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\Program Files\CCleaner 2016-03-29 22:28 - 2016-03-29 22:28 - 06828320 _____ (Piriform Ltd) C:\Users\Schlotterbeck\Downloads\ccsetup514.exe 2016-03-29 22:13 - 2016-03-29 22:13 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys 2016-03-29 21:59 - 2016-03-30 21:48 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-29 21:59 - 2016-03-30 21:48 - 00001224 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-29 21:59 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-29 20:52 - 2016-03-30 21:38 - 00000000 ____D C:\AdwCleaner 2016-03-29 20:46 - 2016-03-29 20:52 - 03102208 _____ C:\Users\Schlotterbeck\Downloads\adwcleaner_5.107.exe 2016-03-29 19:54 - 2016-03-29 19:54 - 02870984 _____ (ESET) C:\Users\Schlotterbeck\Downloads\esetsmartinstaller_deu.exe 2016-03-29 19:54 - 2016-03-29 19:54 - 00000000 ____D C:\Program Files (x86)\ESET 2016-03-29 12:00 - 2016-03-29 22:34 - 00000000 ____D C:\ProgramData\LogiShrd 2016-03-29 11:56 - 2016-03-29 11:56 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-03-29 11:43 - 2016-03-29 11:43 - 02603528 _____ (mIRC Co. Ltd.) C:\Users\Schlotterbeck\Downloads\mirc744.exe 2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC 2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\Program Files (x86)\mIRC 2016-03-28 08:55 - 2016-03-29 21:37 - 00000085 _____ C:\WINDOWS\wininit.ini 2016-03-28 08:33 - 2016-03-29 21:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-03-28 08:33 - 2016-03-28 08:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2016-03-28 08:25 - 2016-03-30 21:48 - 00000674 _____ C:\Users\Schlotterbeck\Desktop\Ahnenblatt.lnk 2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\Documents\Ahnenblatt 2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Ahnenblatt 2016-03-28 08:25 - 2016-03-28 08:25 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt 2016-03-28 08:24 - 2016-03-28 08:24 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\dlg 2016-03-28 08:23 - 2016-03-28 08:23 - 00003600 _____ C:\WINDOWS\System32\Tasks\GEN_Interval 2016-03-28 08:23 - 2016-03-28 08:23 - 00003272 _____ C:\WINDOWS\System32\Tasks\GEN 2016-03-28 08:22 - 2016-03-30 21:38 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-03-28 08:22 - 2016-03-28 08:22 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-19 13:49 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-09 18:45 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-09 18:45 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-09 18:45 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-03-09 18:45 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-09 18:45 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-09 18:45 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-09 18:45 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-09 18:45 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-09 18:45 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-03-09 18:45 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-09 18:45 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-09 18:45 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-09 18:45 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-09 18:45 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-03-09 18:45 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-09 18:45 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-03-09 18:45 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-03-09 18:45 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-03-09 18:45 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-09 18:45 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-09 18:45 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-09 18:45 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-09 18:45 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-09 18:45 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-03-09 18:45 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-09 18:45 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-09 18:45 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-09 18:45 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-09 18:45 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-09 18:45 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-03-09 18:45 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-09 18:45 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-03-09 18:45 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-03-09 18:45 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-09 18:45 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-09 18:45 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-09 18:45 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-09 18:45 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-03-09 18:45 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-03-09 18:45 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-03-09 18:45 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-09 18:45 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-03-09 18:45 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-03-09 18:45 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-09 18:45 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-09 18:45 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-03-09 18:45 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-03-09 18:45 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-03-09 18:45 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-03-09 18:45 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-03-09 18:45 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-03-09 18:45 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-03-09 18:45 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-03-09 18:45 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-03-09 18:45 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-09 18:45 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-03-09 18:45 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-03-09 18:45 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-09 18:45 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-09 18:45 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 18:45 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-09 18:45 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 18:45 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-09 18:45 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-03-09 18:45 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-09 18:45 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-09 18:45 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-03-09 18:45 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-09 18:45 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-03-09 18:45 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-09 18:45 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-09 18:45 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-09 18:45 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-09 18:45 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-03-09 18:45 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-09 18:45 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-09 18:45 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-09 18:45 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-09 18:45 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-09 18:45 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-09 18:45 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-09 18:45 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-03-09 18:45 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 18:45 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-09 18:45 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-09 18:45 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-09 18:45 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-09 18:45 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-09 18:45 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-09 18:45 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-09 18:45 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-09 18:45 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-09 18:45 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-09 18:45 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-03-09 18:45 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-09 18:45 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-09 18:45 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-03-09 18:45 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-09 18:45 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-03-09 18:45 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-09 18:45 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-09 18:45 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-09 18:45 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 18:45 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-09 18:45 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-09 18:45 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-09 18:45 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-09 18:45 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-09 18:45 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-03-01 23:07 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-03-01 23:07 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-03-01 23:07 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-03-01 23:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-01 23:07 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-03-01 23:07 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-03-01 23:07 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-03-01 23:07 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-03-01 23:07 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-03-01 23:07 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-01 23:07 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-03-01 23:07 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-03-01 23:07 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-03-01 23:07 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-01 23:07 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-01 23:07 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-03-01 23:07 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-03-01 23:06 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-03-01 23:06 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-01 23:06 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-03-01 23:06 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-03-01 23:06 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-03-01 23:06 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-03-01 23:06 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-03-01 23:06 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-03-01 23:06 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-03-01 23:06 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-03-01 23:06 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-03-01 23:06 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-03-01 23:06 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-03-01 23:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-03-01 23:06 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-03-01 23:06 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-03-01 23:06 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-03-01 23:06 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-03-01 23:06 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-03-01 23:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-03-01 23:06 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-01 23:06 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-03-01 23:06 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-03-01 23:06 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-03-01 23:06 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-03-01 23:06 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-03-01 23:06 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-03-01 23:06 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-03-01 23:06 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-03-01 23:06 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-03-01 23:06 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-03-01 23:06 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-03-01 23:06 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-03-01 23:06 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-03-01 23:06 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-01 23:06 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-03-01 23:06 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-03-01 23:06 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-03-01 23:06 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-03-01 23:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-03-01 23:06 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-03-01 23:06 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-03-01 23:06 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-03-01 23:06 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-03-01 23:06 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-03-01 23:06 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-03-01 23:06 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-03-01 23:06 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-03-01 23:06 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-03-01 23:06 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-03-01 23:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-03-01 23:06 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-03-01 23:06 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-03-01 23:06 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-03-01 23:06 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-03-01 23:06 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-03-01 23:06 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-03-01 23:06 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-03-01 23:06 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-03-01 23:06 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-03-01 23:06 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-03-01 23:06 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-03-01 23:06 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 23:06 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-03-01 23:06 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-03-01 23:06 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-03-01 23:06 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-03-01 23:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-03-01 23:06 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-03-01 23:06 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-03-01 23:06 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-03-01 23:06 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-03-01 23:06 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-03-01 23:06 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-03-01 23:06 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-03-01 23:06 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-03-01 23:06 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-03-01 23:06 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-03-01 23:06 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-03-01 23:06 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-03-01 23:06 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-03-01 23:06 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-03-01 23:06 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-03-01 23:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-03-01 23:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-03-01 23:06 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-03-01 23:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-03-01 23:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-03-01 23:06 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-03-01 23:06 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 23:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-03-01 23:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-03-01 23:06 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-01 23:06 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-03-01 23:06 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-03-01 23:06 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-03-01 23:06 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-03-01 23:06 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-03-01 23:06 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-01 23:06 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-03-01 23:06 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-03-01 23:06 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-03-01 23:06 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-03-01 23:06 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-03-01 23:06 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-03-01 23:06 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-03-01 23:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-03-01 23:06 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-03-01 23:06 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-03-01 23:06 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-03-01 23:06 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-03-01 23:06 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-03-01 23:06 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-03-01 23:06 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-03-01 23:06 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-03-01 23:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-03-01 23:06 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-03-01 23:06 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-03-01 23:06 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-03-01 23:06 - 2016-02-09 06:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-03-01 23:06 - 2016-02-09 06:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-03-01 23:06 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-03-01 23:06 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-03-01 23:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-03-01 23:06 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-30 21:48 - 2016-02-19 21:06 - 00001469 _____ C:\Users\Public\Desktop\Blade & Soul.lnk 2016-03-30 21:48 - 2016-02-16 23:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-30 21:48 - 2016-02-16 23:14 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-03-30 21:48 - 2016-02-07 19:38 - 00002214 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2016-03-30 21:48 - 2015-12-25 08:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-30 21:48 - 2015-11-22 14:41 - 00000642 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2016-03-30 21:48 - 2015-11-11 18:56 - 00001458 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-30 21:48 - 2015-11-06 23:02 - 00000729 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk 2016-03-30 21:48 - 2015-10-10 19:24 - 00000371 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-03-30 21:48 - 2015-09-12 11:55 - 00001405 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk 2016-03-30 21:48 - 2015-09-01 11:46 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-03-30 21:48 - 2015-08-30 00:47 - 00001427 _____ C:\Users\Public\Desktop\Die Sims 4.lnk 2016-03-30 21:48 - 2015-08-30 00:22 - 00000391 _____ C:\Users\Public\Desktop\Steam.lnk 2016-03-30 21:48 - 2015-08-30 00:13 - 00001056 _____ C:\Users\Public\Desktop\Origin.lnk 2016-03-30 21:48 - 2015-08-30 00:11 - 00001351 _____ C:\Users\Schlotterbeck\Desktop\Revo Uninstaller.lnk 2016-03-30 21:48 - 2015-08-29 23:53 - 00002421 _____ C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-30 21:48 - 2015-08-29 18:51 - 00000000 ____D C:\Users\Schlotterbeck\AppData\LocalLow\Company 2016-03-30 21:48 - 2015-06-01 12:42 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-03-30 21:48 - 2015-06-01 12:28 - 00001028 _____ C:\Users\Public\Desktop\mIRC.lnk 2016-03-30 21:48 - 2015-05-26 13:25 - 00000698 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk 2016-03-30 21:45 - 2015-11-15 22:03 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33CF693F-4EEC-4CC7-AB7E-7EAB556BED39} 2016-03-30 21:45 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat 2016-03-30 21:45 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat 2016-03-30 21:45 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-03-30 21:45 - 2015-08-29 23:51 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-30 21:39 - 2015-12-25 08:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-30 21:39 - 2015-12-25 08:13 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-30 21:39 - 2015-12-25 08:13 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-30 21:39 - 2015-08-30 00:00 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Skype 2016-03-30 21:39 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Origin 2016-03-30 21:39 - 2015-05-26 17:00 - 00000000 __SHD C:\Users\Schlotterbeck\IntelGraphicsProfiles 2016-03-30 21:38 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-03-30 21:34 - 2015-08-30 00:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-03-30 09:58 - 2015-08-29 23:52 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\VirtualStore 2016-03-30 08:59 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-30 08:54 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-30 01:26 - 2015-08-29 23:54 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\mIRC 2016-03-29 22:35 - 2015-08-29 23:51 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\Packages 2016-03-29 22:32 - 2016-02-20 00:58 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\CrashDumps 2016-03-29 22:32 - 2015-12-25 08:11 - 00000000 ___DC C:\WINDOWS\Panther 2016-03-29 15:41 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Oracle 2016-03-29 13:57 - 2015-11-15 22:03 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-29 13:57 - 2015-08-27 18:33 - 00000000 ____D C:\Users\Schlotterbeck\.oracle_jre_usage 2016-03-29 08:27 - 2015-08-30 00:13 - 00000000 ____D C:\Program Files (x86)\Origin 2016-03-28 08:55 - 2015-12-25 08:13 - 00000000 ____D C:\Users\Schlotterbeck 2016-03-28 08:30 - 2016-01-01 14:31 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Notepad++ 2016-03-28 08:28 - 2015-11-28 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2016-03-23 19:47 - 2015-12-27 09:54 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-23 19:47 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Skype 2016-03-23 19:02 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-20 22:56 - 2015-08-30 00:47 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-11 09:23 - 2015-12-25 08:12 - 00224368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-11 09:23 - 2015-08-16 18:08 - 00000000 ___RD C:\Users\Schlotterbeck\OneDrive 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-10 10:20 - 2015-08-30 08:09 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-10 10:19 - 2015-08-30 08:09 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-04 09:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-03-03 08:15 - 2015-08-16 18:06 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-03 01:10 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-25 08:12 - 2015-12-25 08:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Schlotterbeck\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Schlotterbeck\AppData\Local\Temp\jre-8u77-windows-au.exe C:\Users\Schlotterbeck\AppData\Local\Temp\libeay32.dll C:\Users\Schlotterbeck\AppData\Local\Temp\msvcr120.dll C:\Users\Schlotterbeck\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Schlotterbeck\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Schlotterbeck\AppData\Local\Temp\nvStInst.exe C:\Users\Schlotterbeck\AppData\Local\Temp\sqlite3.dll C:\Users\Schlotterbeck\AppData\Local\Temp\xmlUpdater.exe C:\Users\Schlotterbeck\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-24 09:40 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (2016-03-30 21:51:46)
Gestartet von C:\Users\Schlotterbeck\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-25 06:17:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4088502895-2642783358-2647005207-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4088502895-2642783358-2647005207-503 - Limited - Disabled)
Gast (S-1-5-21-4088502895-2642783358-2647005207-501 - Limited - Disabled)
Schlotterbeck (S-1-5-21-4088502895-2642783358-2647005207-1000 - Administrator - Enabled) => C:\Users\Schlotterbeck
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Ahnenblatt 2.94 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.94.0.1 - Dirk Böttcher)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.16.61.1020 - Electronic Arts Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.44 - mIRC Co. Ltd.)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
Post Mortem (HKLM-x32\...\Steam App 46550) (Version: - Anuman / Microids)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sam & Max 201: Ice Station Santa (HKLM-x32\...\Steam App 8260) (Version: - Telltale Games)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Still Life (HKLM-x32\...\Steam App 46480) (Version: - Anuman / Microids)
Still Life 2 (HKLM-x32\...\Steam App 46490) (Version: - Anuman / Microids)
The Book of Unwritten Tales 2 (HKLM-x32\...\Steam App 279940) (Version: - KING Art)
The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Valhalla Hills (HKLM-x32\...\Steam App 351910) (Version: - Funatics Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Schlotterbeck\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04F3A45F-C0BD-4434-A53C-10F5BD1EEF5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {7A3D8D85-D64B-4C49-9A62-3E80493FCDAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {884F9824-B9EB-4ED4-B189-42834F0A9476} - System32\Tasks\GEN => C:\Users\Schlotterbeck\AppData\Local\Programs\GEN\GEN.exe [2016-03-22] ( )
Task: {A80D56CB-D689-44BB-83DB-49B0048C87E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {E24B1F6E-AFA4-4D2F-9D2B-CF47B1D3712F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE} - System32\Tasks\GEN_Interval => C:\Users\Schlotterbeck\AppData\Local\Programs\GEN\GEN.exe [2016-03-22] ( )
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-25 08:13 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-21 19:48 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-25 13:39 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 23:06 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-12 21:03 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:03 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 23:00 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 23:00 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-15 22:44 - 2016-01-15 22:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-11 18:56 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-08-30 00:40 - 2015-09-01 11:38 - 00450831 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15464 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6CE28B72-77A7-4CAD-A1AA-55800C6E073A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CF22FD0-7A5B-4415-861A-315954DC85A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{449331B2-99C7-4259-A5CD-72B3ACD1000D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8A46055-4283-4FC3-9A84-BCDBC51CE9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1FAB3791-4A95-4591-8CAD-EDDD4DC47A60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C3ABF497-1C31-4C50-8458-921EED1E17A8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24DFDCEB-194C-4F12-95BF-F93BBAE20C2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C94AF98F-BADD-4ED6-B744-92FE0464B3BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{610A8308-197E-4B2E-A6CB-B329E942191F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF180DCE-6D8E-40FA-B247-0232957B13D6}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{5BAAFD55-0128-46AB-ABBE-79E9D7013B4B}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [UDP Query User{2610F3D4-8C2A-429E-820B-E2082B936FE8}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [TCP Query User{0FB5175C-D572-4937-9E03-E9147E5621AC}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [{8C4E56AD-3ABB-4EF1-B4F4-EA12FA76D83C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5EEBEDB-9B13-4EBB-B422-944D57F11FEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{523DA543-C157-4DD4-93F3-1FF50D3DE5C5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{560414C9-3E58-4089-AC47-8532E73238A8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{2EDA0CAA-3EFA-4872-93AA-D5F11F2A316C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{383FF987-68DE-404F-9DE9-CFDD401A8B81}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E260304C-E05C-48F1-BB19-45B564D69D01}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{F7A4F864-9A09-4AF3-95B0-32C8C9B46650}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{2C324932-FE6E-4CE2-ADE7-79E360337302}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{BB7E0345-A690-4FA1-A0AA-D776C2AF9E0B}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{ED0705CB-10D9-4CC9-AD1D-7E2FC305F5BA}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{EB9B5509-6DD5-46D8-8AFC-E6E7545D2B3D}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{B35D686C-A956-4987-B088-0738A8503234}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [{A460399B-13BD-4C8D-B7A1-710D7396182C}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [TCP Query User{B7A3EE88-4B83-4C2C-94CA-B4B0AA702FA3}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [UDP Query User{56F7F28D-8E3E-44FC-B461-A7253AF65162}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [{8A6258E6-CEA0-468D-B84F-02264A64589D}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F90BF424-81E7-4C7C-B6C9-5A078EC6E2EC}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{B4D4BCCD-F487-4E35-AAE6-64AB3E37678E}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{31A3E650-3C68-4D70-86C3-B4A1383D42AE}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{2FD1C2BA-64EB-4F9D-A724-B3FE967220FD}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{91EB77F2-58B4-4D12-A238-E4BC9395394F}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{5FA42F1B-4ACC-45BF-82CF-6C0E7B846DC4}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{2BC35ABA-4916-4F87-880B-A17FCE289B4B}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{7849582D-D4FE-4E5E-A390-AB7FC4A5AA9B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{93DAD427-D225-4A4D-8629-AD1D0A61AEE7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{D4B57B4C-6F08-4351-81BB-C5637387FCB3}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{E8F7E23D-64EA-41FF-A2B1-68F1C6EE01B5}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E16EC1E1-BC51-4B85-AA68-BF4737302C7A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{50A64FED-E1FC-45B7-A6D8-6DC9360104FE}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
==================== Wiederherstellungspunkte =========================
19-03-2016 14:06:23 Geplanter Prüfpunkt
20-03-2016 22:56:20 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
23-03-2016 18:38:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
23-03-2016 18:38:56 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
28-03-2016 08:26:23 Revo Uninstaller's restore point - Yahoo Search Set
29-03-2016 21:37:08 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/30/2016 09:58:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/30/2016 09:36:42 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:31 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/30/2016 08:54:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SCHLOTTERBECKPC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/29/2016 09:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/29/2016 09:58:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/29/2016 09:37:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (03/29/2016 07:54:47 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Systemfehler:
=============
Error: (03/30/2016 09:38:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_7ab10a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _7ab10a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_7ab10a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_7ab10a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/30/2016 09:38:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-03-24 17:01:11.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 15:18:39.961
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 07:37:32.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 08:23:09.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-03 07:14:59.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-02 21:21:36.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 10:06:30.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 08:06:28.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-11 08:13:39.801
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-30 08:22:19.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8047.65 MB
Verfügbarer physikalischer RAM: 5233.6 MB
Summe virtueller Speicher: 9327.65 MB
Verfügbarer virtueller Speicher: 6452.04 MB
==================== Laufwerke ================================
Drive c: (System SSD) (Fixed) (Total:223.03 GB) (Free:103.43 GB) NTFS
Drive d: (FREEDOS) (Fixed) (Total:465.76 GB) (Free:238.94 GB) NTFS
Drive g: (Xbox360_1_2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A155B4D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 9A393885)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.03.2016, 22:01
| #9 |
| /// Malwareteam | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Hast du noch irgendwelche Probleme mit deinem Rechner? ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
31.03.2016, 05:48
| #10 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Leider ja. Das Problem ist nach wie vor da :-( Je nachdem welches Programm ich gerade nutze ... jetzt z.B. wieder Mozilla ...verschwindet das ICON kurzweilig und dafür bekomme ich zwei mal recht schnell hintereinander in der Taskleiste das Phantomprogramm. Mozilla flackert dann auch deutlich sichtbar. Also das geöffnete Fenster. Dies bringt auch alles was ich zu dem Zeitpunkt mache kurzweilig zum Stocken. Wenn ich z.B. etwas schreibe werden Buchstaben in diesen Sekunden nicht erfasst und ich muss das Tippen wiederholen. Musik wird kurzweilig gestopt und Spiele ruckeln für 1-3 Sekunden, während sich das Programm ausführt (oder auch nicht ausführt). Das lässt sich für mich leider nicht erfassen. Ich lasse jetzt ESET durchlaufen. Guten Morgen ... Ergebnis von Eset ist da, aber eher ernüchternd. Dafür hat Malwarebytes, den ich gestern nicht mehr deinstalliert hab, schon wieder was von Yessearch gefunden :-( Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43e65c6aa662704e9d9e0a04e1d8f6e9
# end=init
# utc_time=2016-03-30 09:43:15
# local_time=2016-03-30 11:43:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28827
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=43e65c6aa662704e9d9e0a04e1d8f6e9
# end=updated
# utc_time=2016-03-30 09:47:28
# local_time=2016-03-30 11:47:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=43e65c6aa662704e9d9e0a04e1d8f6e9
# engine=28827
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-03-31 04:38:27
# local_time=2016-03-31 06:38:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 25056 13213250 0 0
# scanned=284063
# found=0
# cleaned=0
# scan_time=24659
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.03.2016 Suchlaufzeit: 06:34 Protokolldatei: Mb.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.03.30.08 Rootkit-Datenbank: v2016.03.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Schlotterbeck Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 420393 Abgelaufene Zeit: 4 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 3 PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.hp", "hxxp://www.yessearches.com/?ts=AHEpCH4oBXAqCE..&v=20160323&uid=F888CA033A5D524691AB15ECD3156956&ptid=cos1&mode=ffsengext");), Ersetzt,[be32701d6a2f5dd90abce47020e5b848] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (ef("accessibility.typeaheadfind", true); user_pref("app.update.auto", false); user_pref("app.update.enabled", false); user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1459), Ersetzt,[28c83d5084154fe7b610163e47be7987] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (dfind", true); user_pref("app.update.auto", false); user_pref("app.update.enabled", false); user_pref("app.update.lastUpdateTime.addon-background-update-timer", 1459122890); user_pref("app.up), Ersetzt,[00f0dbb2663381b5ae18c98be81ddf21] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Geändert von Trystis (30.03.2016 um 22:57 Uhr) |
|
31.03.2016, 11:33
| #11 |
| /// Malwareteam | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Frage Hast du dieses Programm absichtlich installiert? mIRC Schritt: 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter closeprocesses:
2016-03-28 08:23 - 2016-03-28 08:23 - 00003600 _____ C:\WINDOWS\System32\Tasks\GEN_Interval
2016-03-28 08:23 - 2016-03-28 08:23 - 00003272 _____ C:\WINDOWS\System32\Tasks\GEN
C:\Users\Schlotterbeck\AppData\Local\Programs\GEN
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-29] ()
2016-03-29 22:13 - 2016-03-29 22:13 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt: 2 Führe bitte neue Scans mit AdwCleaner und MBAM durch Schritt: 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
31.03.2016, 16:15
| #12 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Kurz zu mIRC. Ja, absichtlich installiert. Das ist ein Chatclient den ich schon seit über 8 Jahren benutze. Ich habe diesen auch registriert etc. Allerdings gab es vorgestern ein Update. Ich habe dies jedoch von der offiziellen mIRC Seite gedownloaded, wie ich es immer mache und bisher hatte ich damit nie probleme. Ich bearbeite nun die von dir gefordeten Schritte :-) Ok :-) geht los. Beim Reboot sah es übrigens schon gut aus. Mein Phantomprogamm ist nicht wie sonst direkt aufgetaucht!!! Ich beobachte aber noch und warte mal ab, bevor ich mich zu früh freue ^^ Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (2016-03-31 15:23:27) Run:1
Gestartet von C:\Users\Schlotterbeck\Downloads
Geladene Profile: Schlotterbeck (Verfügbare Profile: Schlotterbeck & Administrator)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
closeprocesses:
2016-03-28 08:23 - 2016-03-28 08:23 - 00003600 _____ C:\WINDOWS\System32\Tasks\GEN_Interval
2016-03-28 08:23 - 2016-03-28 08:23 - 00003272 _____ C:\WINDOWS\System32\Tasks\GEN
C:\Users\Schlotterbeck\AppData\Local\Programs\GEN
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-03-29] ()
2016-03-29 22:13 - 2016-03-29 22:13 - 00022704 _____ C:\WINDOWS\system32\Drivers\EsgScanner.sys
emptytemp:
*****************
Prozess erfolgreich geschlossen.
C:\WINDOWS\System32\Tasks\GEN_Interval => erfolgreich verschoben
C:\WINDOWS\System32\Tasks\GEN => erfolgreich verschoben
C:\Users\Schlotterbeck\AppData\Local\Programs\GEN => erfolgreich verschoben
EsgScanner => Dienst erfolgreich entfernt
C:\WINDOWS\system32\Drivers\EsgScanner.sys => erfolgreich verschoben
EmptyTemp: => 591.3 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:24:15 ====
Code:
ATTFilter # AdwCleaner v5.107 - Bericht erstellt am 31/03/2016 um 15:34:17
# Aktualisiert am 28/03/2016 von Xplode
# Datenbank : 2016-03-30.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Schlotterbeck - SCHLOTTERBECKPC
# Gestartet von : C:\Users\Schlotterbeck\Downloads\AdwCleaner_5.107(1).exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
C:\AdwCleaner\AdwCleaner[C1].txt - [11522 Bytes] - [29/03/2016 21:30:40]
C:\AdwCleaner\AdwCleaner[C2].txt - [2091 Bytes] - [30/03/2016 01:26:47]
C:\AdwCleaner\AdwCleaner[C3].txt - [1537 Bytes] - [30/03/2016 21:38:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [11291 Bytes] - [29/03/2016 21:06:20]
C:\AdwCleaner\AdwCleaner[S2].txt - [2084 Bytes] - [29/03/2016 23:31:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [1429 Bytes] - [30/03/2016 21:37:19]
C:\AdwCleaner\AdwCleaner[S4].txt - [1266 Bytes] - [31/03/2016 15:31:17]
C:\AdwCleaner\AdwCleaner[S5].txt - [1190 Bytes] - [31/03/2016 15:34:17]
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1263 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 31.03.2016 Suchlaufzeit: 15:36 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.03.31.03 Rootkit-Datenbank: v2016.03.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Schlotterbeck Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 417289 Abgelaufene Zeit: 2 Min., 48 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.sp", "hxxp://www.yessearches.com/chrome.php?mode=ffsengext&ptid=cos1&q={searchTerms}&ts=AHEpCH4oBXAqCE..&uid=F888CA033A5D524691AB15ECD3156956&v=20160323");), Ersetzt,[0847335befaaab8b21820e4758ad7e82] PUP.Optional.YesSearches, C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\CCACCBF1-7AB4-4CF5-B32D-668C686A539F\prefs.js, Gut: (), Schlecht: (pdate.lastUpdateTime.background-update-timer", 1459123010); user_pref("app.update.lastUpdateTime.blocklist-background-update-timer", 1459122530); user_pref("app.update.lastUpdateTime.browser-cl), Ersetzt,[5bf49cf21485bd791d862332db2ab14f] Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01 durchgeführt von Schlotterbeck (Administrator) auf SCHLOTTERBECKPC (31-03-2016 15:42:33) Gestartet von C:\Users\Schlotterbeck\Downloads Geladene Profile: Schlotterbeck (Verfügbare Profile: Schlotterbeck & Administrator) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbamscheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Malwarebytes) D:\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-03-29] (Electronic Arts) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50676864 2016-03-01] (Skype Technologies S.A.) HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{fbc64d8c-f864-4b6b-8890-094ed2bbc179}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000 -> {8A4BF67C-BF8B-43ED-B715-37D847738E5B} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-29] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-29] (Oracle Corporation) FireFox: ======== FF ProfilePath: C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 FF NewTab: about:home FF DefaultSearchEngine: Bing® FF SelectedSearchEngine: Bing® FF Homepage: about:home FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-23] () FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-23] () FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-29] (Oracle Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\oh7dnav3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Adblock Plus - C:\Users\Schlotterbeck\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23] FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-16] [ist nicht signiert] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 MBAMScheduler; D:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; D:\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2119688 2016-03-29] (Electronic Arts) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-31] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek ) R3 rtl819xp; C:\Windows\System32\drivers\rtl819xp.sys [620032 2015-10-30] (Realtek Semiconductor Corporation ) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-31 15:23 - 2016-03-31 15:24 - 00001322 _____ C:\Users\Schlotterbeck\Downloads\Fixlog.txt 2016-03-31 06:47 - 2016-03-31 06:47 - 00002322 _____ C:\Users\Schlotterbeck\Desktop\Mb.txt 2016-03-30 23:42 - 2016-03-30 23:42 - 02870984 _____ (ESET) C:\Users\Schlotterbeck\Downloads\esetsmartinstaller_deu(1).exe 2016-03-30 21:50 - 2016-03-31 15:41 - 00001952 _____ C:\Users\Schlotterbeck\Desktop\mbam.txt 2016-03-30 21:42 - 2016-03-31 15:40 - 00000657 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-03-30 21:42 - 2016-03-31 15:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-30 21:42 - 2016-03-30 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-03-30 21:42 - 2016-03-30 21:42 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-03-30 21:42 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-03-30 21:42 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-30 21:42 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-03-30 21:41 - 2016-03-30 21:41 - 22851472 _____ (Malwarebytes ) C:\Users\Schlotterbeck\Downloads\mbam-setup-2.2.1.1043.exe 2016-03-30 21:34 - 2016-03-30 21:34 - 03102208 _____ C:\Users\Schlotterbeck\Downloads\AdwCleaner_5.107(1).exe 2016-03-30 19:15 - 2016-03-30 20:12 - 00485962 _____ C:\TDSSKiller.3.1.0.9_30.03.2016_19.15.14_log.txt 2016-03-30 19:14 - 2016-03-30 19:15 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Schlotterbeck\Downloads\tdsskiller.exe 2016-03-30 19:13 - 2016-03-31 15:22 - 00041139 _____ C:\Users\Schlotterbeck\Downloads\Addition.txt 2016-03-30 19:12 - 2016-03-31 15:42 - 00010980 _____ C:\Users\Schlotterbeck\Downloads\FRST.txt 2016-03-30 19:12 - 2016-03-31 15:42 - 00000000 ____D C:\FRST 2016-03-30 19:11 - 2016-03-30 19:12 - 02374144 _____ (Farbar) C:\Users\Schlotterbeck\Downloads\FRST64.exe 2016-03-29 23:28 - 2016-03-29 23:29 - 00000000 ____D C:\Users\Schlotterbeck\Downloads\backups 2016-03-29 23:16 - 2016-03-29 23:16 - 00388608 _____ (Trend Micro Inc.) C:\Users\Schlotterbeck\Downloads\HijackThis.exe 2016-03-29 22:29 - 2016-03-31 15:40 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-03-29 22:29 - 2016-03-29 22:29 - 00002886 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-03-29 22:29 - 2016-03-29 22:29 - 00000000 ____D C:\Program Files\CCleaner 2016-03-29 22:28 - 2016-03-29 22:28 - 06828320 _____ (Piriform Ltd) C:\Users\Schlotterbeck\Downloads\ccsetup514.exe 2016-03-29 21:59 - 2016-03-31 15:40 - 00001242 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-03-29 21:59 - 2016-03-31 15:40 - 00001224 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-03-29 21:59 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-03-29 20:52 - 2016-03-31 15:34 - 00000000 ____D C:\AdwCleaner 2016-03-29 19:54 - 2016-03-29 19:54 - 02870984 _____ (ESET) C:\Users\Schlotterbeck\Downloads\esetsmartinstaller_deu.exe 2016-03-29 19:54 - 2016-03-29 19:54 - 00000000 ____D C:\Program Files (x86)\ESET 2016-03-29 12:00 - 2016-03-29 22:34 - 00000000 ____D C:\ProgramData\LogiShrd 2016-03-29 11:56 - 2016-03-29 11:56 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-03-29 11:43 - 2016-03-29 11:43 - 02603528 _____ (mIRC Co. Ltd.) C:\Users\Schlotterbeck\Downloads\mirc744.exe 2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\mIRC 2016-03-29 11:43 - 2016-03-29 11:43 - 00000000 ____D C:\Program Files (x86)\mIRC 2016-03-28 08:55 - 2016-03-29 21:37 - 00000085 _____ C:\WINDOWS\wininit.ini 2016-03-28 08:33 - 2016-03-29 21:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2016-03-28 08:33 - 2016-03-28 08:33 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2016-03-28 08:25 - 2016-03-31 15:40 - 00000674 _____ C:\Users\Schlotterbeck\Desktop\Ahnenblatt.lnk 2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\Documents\Ahnenblatt 2016-03-28 08:25 - 2016-03-29 00:05 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Ahnenblatt 2016-03-28 08:25 - 2016-03-28 08:25 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ahnenblatt 2016-03-28 08:24 - 2016-03-28 08:24 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\dlg 2016-03-28 08:22 - 2016-03-30 21:38 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-03-28 08:22 - 2016-03-28 08:22 - 00000000 ____D C:\Users\Public\Documents\dmp 2016-03-19 13:49 - 2016-03-29 21:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-03-09 18:45 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-09 18:45 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-09 18:45 - 2016-02-24 11:52 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-03-09 18:45 - 2016-02-24 11:51 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-09 18:45 - 2016-02-24 11:48 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-09 18:45 - 2016-02-24 11:47 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-09 18:45 - 2016-02-24 11:40 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-09 18:45 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-09 18:45 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2016-03-09 18:45 - 2016-02-24 11:15 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-03-09 18:45 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll 2016-03-09 18:45 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2016-03-09 18:45 - 2016-02-24 10:51 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-03-09 18:45 - 2016-02-24 10:50 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-03-09 18:45 - 2016-02-24 10:46 - 06607080 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-09 18:45 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll 2016-03-09 18:45 - 2016-02-24 10:39 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-03-09 18:45 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2016-03-09 18:45 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll 2016-03-09 18:45 - 2016-02-24 10:14 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 01997152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-09 18:45 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-03-09 18:45 - 2016-02-24 10:11 - 00652392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2016-03-09 18:45 - 2016-02-24 10:11 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-09 18:45 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-09 18:45 - 2016-02-24 10:10 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-03-09 18:45 - 2016-02-24 10:10 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-09 18:45 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-09 18:45 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-09 18:45 - 2016-02-24 10:06 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-09 18:45 - 2016-02-24 09:59 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-03-09 18:45 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll 2016-03-09 18:45 - 2016-02-24 09:38 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-09 18:45 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll 2016-03-09 18:45 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll 2016-03-09 18:45 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-03-09 18:45 - 2016-02-24 09:35 - 00523752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-09 18:45 - 2016-02-24 09:35 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-03-09 18:45 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-09 18:45 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-09 18:45 - 2016-02-24 09:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll 2016-03-09 18:45 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll 2016-03-09 18:45 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll 2016-03-09 18:45 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-03-09 18:45 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2016-03-09 18:45 - 2016-02-24 09:20 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2016-03-09 18:45 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll 2016-03-09 18:45 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll 2016-03-09 18:45 - 2016-02-24 09:15 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-03-09 18:45 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll 2016-03-09 18:45 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll 2016-03-09 18:45 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll 2016-03-09 18:45 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll 2016-03-09 18:45 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll 2016-03-09 18:45 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll 2016-03-09 18:45 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2016-03-09 18:45 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll 2016-03-09 18:45 - 2016-02-24 09:05 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-03-09 18:45 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-03-09 18:45 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2016-03-09 18:45 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll 2016-03-09 18:45 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-09 18:45 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll 2016-03-09 18:45 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2016-03-09 18:45 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-09 18:45 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-09 18:45 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll 2016-03-09 18:45 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll 2016-03-09 18:45 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-09 18:45 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll 2016-03-09 18:45 - 2016-02-24 08:51 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-03-09 18:45 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll 2016-03-09 18:45 - 2016-02-24 08:47 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll 2016-03-09 18:45 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll 2016-03-09 18:45 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll 2016-03-09 18:45 - 2016-02-24 08:43 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2016-03-09 18:45 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-09 18:45 - 2016-02-24 08:41 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2016-03-09 18:45 - 2016-02-24 08:41 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-03-09 18:45 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll 2016-03-09 18:45 - 2016-02-24 08:39 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-09 18:45 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll 2016-03-09 18:45 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll 2016-03-09 18:45 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-09 18:45 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll 2016-03-09 18:45 - 2016-02-24 08:34 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-03-09 18:45 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll 2016-03-09 18:45 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll 2016-03-09 18:45 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll 2016-03-09 18:45 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll 2016-03-09 18:45 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2016-03-09 18:45 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-09 18:45 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll 2016-03-09 18:45 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll 2016-03-09 18:45 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll 2016-03-09 18:45 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll 2016-03-09 18:45 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2016-03-09 18:45 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll 2016-03-09 18:45 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-09 18:45 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll 2016-03-09 18:45 - 2016-02-24 08:11 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-09 18:45 - 2016-02-24 08:09 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll 2016-03-09 18:45 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2016-03-09 18:45 - 2016-02-24 08:07 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2016-03-09 18:45 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-09 18:45 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll 2016-03-09 18:45 - 2016-02-24 08:01 - 01831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-09 18:45 - 2016-02-24 08:00 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-09 18:45 - 2016-02-24 08:00 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll 2016-03-09 18:45 - 2016-02-24 07:57 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-09 18:45 - 2016-02-24 07:55 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-09 18:45 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll 2016-03-09 18:45 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-09 18:45 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll 2016-03-09 18:45 - 2016-02-24 07:20 - 22376960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-09 18:45 - 2016-02-24 07:18 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-09 18:45 - 2016-02-24 07:12 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-09 18:45 - 2016-02-24 07:12 - 05321728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2016-03-09 18:45 - 2016-02-24 07:10 - 24600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-09 18:45 - 2016-02-24 07:09 - 06972416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2016-03-09 18:45 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-09 18:45 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-09 18:45 - 2016-02-24 06:59 - 05661696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-03-09 18:45 - 2016-02-24 06:55 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-03-01 23:07 - 2016-02-23 13:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-03-01 23:07 - 2016-02-23 12:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-03-01 23:07 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-03-01 23:07 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-01 23:07 - 2016-02-23 10:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-03-01 23:07 - 2016-02-23 10:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-03-01 23:07 - 2016-02-23 10:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-03-01 23:07 - 2016-02-23 09:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-03-01 23:07 - 2016-02-23 09:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-03-01 23:07 - 2016-02-23 08:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-01 23:07 - 2016-02-23 08:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-03-01 23:07 - 2016-02-23 08:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-03-01 23:07 - 2016-02-23 08:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-03-01 23:07 - 2016-02-23 08:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-01 23:07 - 2016-02-23 08:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-01 23:07 - 2016-02-09 05:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-03-01 23:07 - 2016-02-09 05:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-03-01 23:06 - 2016-02-23 13:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-03-01 23:06 - 2016-02-23 13:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-01 23:06 - 2016-02-23 13:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-03-01 23:06 - 2016-02-23 13:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-03-01 23:06 - 2016-02-23 13:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-03-01 23:06 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-03-01 23:06 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-03-01 23:06 - 2016-02-23 13:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-03-01 23:06 - 2016-02-23 12:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-03-01 23:06 - 2016-02-23 12:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-03-01 23:06 - 2016-02-23 12:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-03-01 23:06 - 2016-02-23 12:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-03-01 23:06 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-03-01 23:06 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-03-01 23:06 - 2016-02-23 12:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-03-01 23:06 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-03-01 23:06 - 2016-02-23 12:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-03-01 23:06 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-03-01 23:06 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-03-01 23:06 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-03-01 23:06 - 2016-02-23 11:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-03-01 23:06 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-03-01 23:06 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-03-01 23:06 - 2016-02-23 11:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-03-01 23:06 - 2016-02-23 11:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-01 23:06 - 2016-02-23 11:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-03-01 23:06 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-03-01 23:06 - 2016-02-23 11:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-03-01 23:06 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-03-01 23:06 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-03-01 23:06 - 2016-02-23 11:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-03-01 23:06 - 2016-02-23 11:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-03-01 23:06 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-03-01 23:06 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-03-01 23:06 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-03-01 23:06 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-03-01 23:06 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-03-01 23:06 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-03-01 23:06 - 2016-02-23 11:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-01 23:06 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-03-01 23:06 - 2016-02-23 10:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-03-01 23:06 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-03-01 23:06 - 2016-02-23 10:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-03-01 23:06 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-03-01 23:06 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-03-01 23:06 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-03-01 23:06 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-03-01 23:06 - 2016-02-23 10:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-03-01 23:06 - 2016-02-23 10:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-03-01 23:06 - 2016-02-23 10:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-03-01 23:06 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-03-01 23:06 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-03-01 23:06 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-03-01 23:06 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-03-01 23:06 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-03-01 23:06 - 2016-02-23 10:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-03-01 23:06 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-03-01 23:06 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-03-01 23:06 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-03-01 23:06 - 2016-02-23 10:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-03-01 23:06 - 2016-02-23 10:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-03-01 23:06 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-03-01 23:06 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-03-01 23:06 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-03-01 23:06 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-03-01 23:06 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-03-01 23:06 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-03-01 23:06 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 10:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 23:06 - 2016-02-23 10:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-03-01 23:06 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-03-01 23:06 - 2016-02-23 10:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-03-01 23:06 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-03-01 23:06 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-03-01 23:06 - 2016-02-23 10:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-03-01 23:06 - 2016-02-23 10:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-03-01 23:06 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-03-01 23:06 - 2016-02-23 10:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-03-01 23:06 - 2016-02-23 10:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-03-01 23:06 - 2016-02-23 10:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-03-01 23:06 - 2016-02-23 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-03-01 23:06 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-03-01 23:06 - 2016-02-23 10:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-03-01 23:06 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-03-01 23:06 - 2016-02-23 10:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-03-01 23:06 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-03-01 23:06 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-03-01 23:06 - 2016-02-23 10:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-03-01 23:06 - 2016-02-23 09:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-03-01 23:06 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-03-01 23:06 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-03-01 23:06 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-03-01 23:06 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-03-01 23:06 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-03-01 23:06 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-03-01 23:06 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-03-01 23:06 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-03-01 23:06 - 2016-02-23 09:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-03-01 23:06 - 2016-02-23 09:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 23:06 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-03-01 23:06 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-03-01 23:06 - 2016-02-23 09:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-01 23:06 - 2016-02-23 09:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-03-01 23:06 - 2016-02-23 09:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-03-01 23:06 - 2016-02-23 09:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-03-01 23:06 - 2016-02-23 09:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-03-01 23:06 - 2016-02-23 09:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-03-01 23:06 - 2016-02-23 09:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-03-01 23:06 - 2016-02-23 09:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-01 23:06 - 2016-02-23 09:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-03-01 23:06 - 2016-02-23 09:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-03-01 23:06 - 2016-02-23 09:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-03-01 23:06 - 2016-02-23 09:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-03-01 23:06 - 2016-02-23 09:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-03-01 23:06 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-03-01 23:06 - 2016-02-23 08:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-03-01 23:06 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-03-01 23:06 - 2016-02-23 08:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-03-01 23:06 - 2016-02-23 08:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-03-01 23:06 - 2016-02-23 08:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-03-01 23:06 - 2016-02-23 08:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-03-01 23:06 - 2016-02-23 08:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-03-01 23:06 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-03-01 23:06 - 2016-02-23 08:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-03-01 23:06 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-03-01 23:06 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-03-01 23:06 - 2016-02-23 08:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-03-01 23:06 - 2016-02-23 08:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-03-01 23:06 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-03-01 23:06 - 2016-02-09 06:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-03-01 23:06 - 2016-02-09 06:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-03-01 23:06 - 2016-02-09 05:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-03-01 23:06 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-03-01 23:06 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-03-01 23:06 - 2016-02-09 05:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-31 15:40 - 2016-02-19 21:06 - 00001469 _____ C:\Users\Public\Desktop\Blade & Soul.lnk 2016-03-31 15:40 - 2016-02-16 23:14 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-03-31 15:40 - 2016-02-16 23:14 - 00002128 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2016-03-31 15:40 - 2016-02-07 19:38 - 00002214 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2016-03-31 15:40 - 2015-12-25 08:14 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-03-31 15:40 - 2015-11-22 14:41 - 00000642 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk 2016-03-31 15:40 - 2015-11-11 18:56 - 00001458 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2016-03-31 15:40 - 2015-11-06 23:02 - 00000729 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk 2016-03-31 15:40 - 2015-10-10 19:24 - 00000371 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-03-31 15:40 - 2015-09-12 11:55 - 00001405 _____ C:\Users\Public\Desktop\Dragon Age Inquisition.lnk 2016-03-31 15:40 - 2015-09-01 11:46 - 00001126 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2016-03-31 15:40 - 2015-08-30 00:47 - 00001427 _____ C:\Users\Public\Desktop\Die Sims 4.lnk 2016-03-31 15:40 - 2015-08-30 00:22 - 00000391 _____ C:\Users\Public\Desktop\Steam.lnk 2016-03-31 15:40 - 2015-08-30 00:13 - 00001056 _____ C:\Users\Public\Desktop\Origin.lnk 2016-03-31 15:40 - 2015-08-30 00:11 - 00001351 _____ C:\Users\Schlotterbeck\Desktop\Revo Uninstaller.lnk 2016-03-31 15:40 - 2015-08-29 23:53 - 00002421 _____ C:\Users\Schlotterbeck\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-03-31 15:40 - 2015-06-01 12:42 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-03-31 15:40 - 2015-06-01 12:28 - 00001028 _____ C:\Users\Public\Desktop\mIRC.lnk 2016-03-31 15:40 - 2015-05-26 13:25 - 00000698 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk 2016-03-31 15:34 - 2015-08-30 00:37 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-03-31 15:30 - 2015-10-30 20:35 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat 2016-03-31 15:30 - 2015-10-30 20:35 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat 2016-03-31 15:30 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF 2016-03-31 15:30 - 2015-08-29 23:51 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-31 15:25 - 2015-12-25 08:13 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-03-31 15:25 - 2015-08-30 00:00 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Skype 2016-03-31 15:25 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Origin 2016-03-31 15:25 - 2015-05-26 17:00 - 00000000 __SHD C:\Users\Schlotterbeck\IntelGraphicsProfiles 2016-03-31 15:24 - 2015-12-25 08:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-31 15:24 - 2015-12-25 08:13 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-31 15:24 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-03-31 15:23 - 2015-11-15 22:06 - 00584288 _____ (Oracle Corporation) C:\Users\Schlotterbeck\Downloads\JavaSetup8u65(1).exe 2016-03-31 15:23 - 2015-09-24 11:03 - 00000000 ____D C:\Users\Schlotterbeck\AppData\LocalLow\Temp 2016-03-31 15:15 - 2015-11-15 22:03 - 00004188 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{33CF693F-4EEC-4CC7-AB7E-7EAB556BED39} 2016-03-31 06:42 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-30 21:48 - 2015-08-29 18:51 - 00000000 ____D C:\Users\Schlotterbeck\AppData\LocalLow\Company 2016-03-30 09:58 - 2015-08-29 23:52 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\VirtualStore 2016-03-30 08:54 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-30 01:26 - 2015-08-29 23:54 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\mIRC 2016-03-29 22:35 - 2015-08-29 23:51 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\Packages 2016-03-29 22:32 - 2016-02-20 00:58 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Local\CrashDumps 2016-03-29 22:32 - 2015-12-25 08:11 - 00000000 ___DC C:\WINDOWS\Panther 2016-03-29 15:41 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Oracle 2016-03-29 13:57 - 2015-11-15 22:03 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-03-29 13:57 - 2015-11-15 22:03 - 00000000 ____D C:\Program Files (x86)\Java 2016-03-29 13:57 - 2015-08-27 18:33 - 00000000 ____D C:\Users\Schlotterbeck\.oracle_jre_usage 2016-03-29 08:27 - 2015-08-30 00:13 - 00000000 ____D C:\Program Files (x86)\Origin 2016-03-28 08:55 - 2015-12-25 08:13 - 00000000 ____D C:\Users\Schlotterbeck 2016-03-28 08:30 - 2016-01-01 14:31 - 00000000 ____D C:\Users\Schlotterbeck\AppData\Roaming\Notepad++ 2016-03-28 08:28 - 2015-11-28 19:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT 2016-03-23 19:47 - 2015-12-27 09:54 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-03-23 19:47 - 2015-08-30 00:00 - 00000000 ____D C:\ProgramData\Skype 2016-03-23 19:02 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-03-20 22:56 - 2015-08-30 00:47 - 00000000 ____D C:\ProgramData\Package Cache 2016-03-11 09:23 - 2015-12-25 08:12 - 00224368 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-11 09:23 - 2015-08-16 18:08 - 00000000 ___RD C:\Users\Schlotterbeck\OneDrive 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-11 02:30 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-10 10:20 - 2015-08-30 08:09 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-03-10 10:19 - 2015-08-30 08:09 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-03-08 09:12 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-03-08 09:12 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-03-04 09:29 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache 2016-03-03 08:15 - 2015-08-16 18:06 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-03 01:10 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-03-03 01:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-03-03 01:10 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-25 08:12 - 2015-12-25 08:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-03-24 09:40 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (2016-03-31 15:42:48)
Gestartet von C:\Users\Schlotterbeck\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-25 06:17:51)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4088502895-2642783358-2647005207-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-4088502895-2642783358-2647005207-503 - Limited - Disabled)
Gast (S-1-5-21-4088502895-2642783358-2647005207-501 - Limited - Disabled)
Schlotterbeck (S-1-5-21-4088502895-2642783358-2647005207-1000 - Administrator - Enabled) => C:\Users\Schlotterbeck
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Ahnenblatt 2.94 (HKLM-x32\...\Ahnenblatt_is1) (Version: 2.94.0.1 - Dirk Böttcher)
Blade & Soul (HKLM-x32\...\InstallShield_{C3F383C1-D050-4A40-843F-8171A6A02C3A}) (Version: 1.0.63.237 - NC Interactive, LLC)
Blade & Soul (x32 Version: 1.0.63.237 - NC Interactive, LLC) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.16.61.1020 - Electronic Arts Inc.)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.12 - Electronic Arts)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version: - Bethesda Game Studios)
FINAL FANTASY XIV: A Realm Reborn (HKLM-x32\...\Steam App 39210) (Version: - SQUARE ENIX)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Team Bondi)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
mIRC (HKLM-x32\...\mIRC) (Version: 7.44 - mIRC Co. Ltd.)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1 - Mozilla)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.4 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.5.12.2862 - Electronic Arts, Inc.)
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version: - Obsidian Entertainment)
Post Mortem (HKLM-x32\...\Steam App 46550) (Version: - Anuman / Microids)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remember Me (HKLM-x32\...\Steam App 228300) (Version: - DONTNOD Entertainment)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sam & Max 201: Ice Station Santa (HKLM-x32\...\Steam App 8260) (Version: - Telltale Games)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Still Life (HKLM-x32\...\Steam App 46480) (Version: - Anuman / Microids)
Still Life 2 (HKLM-x32\...\Steam App 46490) (Version: - Anuman / Microids)
The Book of Unwritten Tales 2 (HKLM-x32\...\Steam App 279940) (Version: - KING Art)
The Secret World (HKLM-x32\...\Steam App 215280) (Version: - Funcom)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games)
Valhalla Hills (HKLM-x32\...\Steam App 351910) (Version: - Funatics Software)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Schlotterbeck\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {04F3A45F-C0BD-4434-A53C-10F5BD1EEF5F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {7A3D8D85-D64B-4C49-9A62-3E80493FCDAC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-10] (Microsoft Corporation)
Task: {884F9824-B9EB-4ED4-B189-42834F0A9476} - \GEN -> Keine Datei <==== ACHTUNG
Task: {A80D56CB-D689-44BB-83DB-49B0048C87E9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-23] (Adobe Systems Incorporated)
Task: {E24B1F6E-AFA4-4D2F-9D2B-CF47B1D3712F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd)
Task: {FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE} - \GEN_Interval -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-25 08:13 - 2016-01-23 03:01 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-12-21 19:48 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-03-01 23:06 - 2016-02-23 13:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-25 13:39 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-03-01 23:06 - 2016-02-23 10:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-01-15 22:44 - 2016-01-15 22:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-01-12 21:03 - 2016-01-05 03:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-01-12 21:03 - 2016-01-05 03:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-01-27 23:00 - 2016-01-16 07:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-01-27 23:00 - 2016-01-16 07:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-01-22 13:09 - 2016-01-22 13:09 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-11-11 18:56 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-08-30 00:13 - 2016-03-29 08:23 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7867 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-08-30 00:40 - 2015-09-01 11:38 - 00450831 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
Da befinden sich 15464 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4088502895-2642783358-2647005207-1000\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6CE28B72-77A7-4CAD-A1AA-55800C6E073A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6CF22FD0-7A5B-4415-861A-315954DC85A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{449331B2-99C7-4259-A5CD-72B3ACD1000D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8A46055-4283-4FC3-9A84-BCDBC51CE9C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{1FAB3791-4A95-4591-8CAD-EDDD4DC47A60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C3ABF497-1C31-4C50-8458-921EED1E17A8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{24DFDCEB-194C-4F12-95BF-F93BBAE20C2B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C94AF98F-BADD-4ED6-B744-92FE0464B3BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{610A8308-197E-4B2E-A6CB-B329E942191F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{CF180DCE-6D8E-40FA-B247-0232957B13D6}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [{5BAAFD55-0128-46AB-ABBE-79E9D7013B4B}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe
FirewallRules: [UDP Query User{2610F3D4-8C2A-429E-820B-E2082B936FE8}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [TCP Query User{0FB5175C-D572-4937-9E03-E9147E5621AC}D:\mirc\mirc.exe] => (Allow) D:\mirc\mirc.exe
FirewallRules: [{8C4E56AD-3ABB-4EF1-B4F4-EA12FA76D83C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{B5EEBEDB-9B13-4EBB-B422-944D57F11FEF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{523DA543-C157-4DD4-93F3-1FF50D3DE5C5}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{560414C9-3E58-4089-AC47-8532E73238A8}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{2EDA0CAA-3EFA-4872-93AA-D5F11F2A316C}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{383FF987-68DE-404F-9DE9-CFDD401A8B81}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{E260304C-E05C-48F1-BB19-45B564D69D01}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{F7A4F864-9A09-4AF3-95B0-32C8C9B46650}] => (Allow) D:\Steam\steamapps\common\Still life 2\SL2.exe
FirewallRules: [{2C324932-FE6E-4CE2-ADE7-79E360337302}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{BB7E0345-A690-4FA1-A0AA-D776C2AF9E0B}] => (Allow) D:\Steam\steamapps\common\The Book of Unwritten Tales 2\Windows\BouT2.exe
FirewallRules: [{ED0705CB-10D9-4CC9-AD1D-7E2FC305F5BA}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{EB9B5509-6DD5-46D8-8AFC-E6E7545D2B3D}] => (Allow) D:\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{B35D686C-A956-4987-B088-0738A8503234}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [{A460399B-13BD-4C8D-B7A1-710D7396182C}] => (Allow) D:\Steam\steamapps\common\ValhallaHills\ValhallaHills.exe
FirewallRules: [TCP Query User{B7A3EE88-4B83-4C2C-94CA-B4B0AA702FA3}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [UDP Query User{56F7F28D-8E3E-44FC-B461-A7253AF65162}D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\valhallahills\valhallahills\binaries\win64\valhallahills-win64-shipping.exe
FirewallRules: [{8A6258E6-CEA0-468D-B84F-02264A64589D}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F90BF424-81E7-4C7C-B6C9-5A078EC6E2EC}] => (Allow) D:\Steam\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{B4D4BCCD-F487-4E35-AAE6-64AB3E37678E}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [{31A3E650-3C68-4D70-86C3-B4A1383D42AE}] => (Allow) D:\Steam\steamapps\common\Torchlight II\ModLauncher.exe
FirewallRules: [TCP Query User{2FD1C2BA-64EB-4F9D-A724-B3FE967220FD}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [UDP Query User{91EB77F2-58B4-4D12-A238-E4BC9395394F}D:\steam\steamapps\common\torchlight ii\torchlight2.exe] => (Allow) D:\steam\steamapps\common\torchlight ii\torchlight2.exe
FirewallRules: [{5FA42F1B-4ACC-45BF-82CF-6C0E7B846DC4}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{2BC35ABA-4916-4F87-880B-A17FCE289B4B}] => (Allow) D:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{7849582D-D4FE-4E5E-A390-AB7FC4A5AA9B}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{93DAD427-D225-4A4D-8629-AD1D0A61AEE7}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{D4B57B4C-6F08-4351-81BB-C5637387FCB3}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [{E8F7E23D-64EA-41FF-A2B1-68F1C6EE01B5}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4_x64.exe
FirewallRules: [TCP Query User{E16EC1E1-BC51-4B85-AA68-BF4737302C7A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{50A64FED-E1FC-45B7-A6D8-6DC9360104FE}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
==================== Wiederherstellungspunkte =========================
19-03-2016 14:06:23 Geplanter Prüfpunkt
20-03-2016 22:56:20 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506
23-03-2016 18:38:50 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
23-03-2016 18:38:56 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
28-03-2016 08:26:23 Revo Uninstaller's restore point - Yahoo Search Set
29-03-2016 21:37:08 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/31/2016 03:20:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/31/2016 03:20:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/31/2016 06:54:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SCHLOTTERBECKPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/31/2016 06:41:31 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/31/2016 06:37:27 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SCHLOTTERBECKPC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (03/30/2016 11:42:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 11:42:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 11:42:53 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:58:17 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Error: (03/30/2016 09:36:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.
Systemfehler:
=============
Error: (03/31/2016 03:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_e1bcfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _e1bcfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_e1bcfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:24:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_e1bcfc" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:23:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/31/2016 03:23:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/31/2016 03:23:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:23:27 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/31/2016 03:23:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (03/31/2016 03:23:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-03-24 17:01:11.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 15:18:39.961
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-12 07:37:32.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-11 08:23:09.430
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-03 07:14:59.745
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-03-02 21:21:36.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 10:06:30.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-12 08:06:28.064
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-11 08:13:39.801
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-01-30 08:22:19.196
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690 CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 8047.65 MB
Verfügbarer physikalischer RAM: 5271.9 MB
Summe virtueller Speicher: 9327.65 MB
Verfügbarer virtueller Speicher: 6432.66 MB
==================== Laufwerke ================================
Drive c: (System SSD) (Fixed) (Total:223.03 GB) (Free:103.34 GB) NTFS
Drive d: (FREEDOS) (Fixed) (Total:465.76 GB) (Free:238.94 GB) NTFS
Drive g: (Xbox360_1_2) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: A155B4D4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=449 MB) - (Type=27)
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 9A393885)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Also ich hab jetzt eine gute Weile gewartet und es tut sich nichts! Das Phantomsprogramm scheint verschwunden zu sein!!!! Ich danke dir an dieser Stelle schon mal ganz herzlich!!! Phantastisch! Wirklich! <3<3<3 Wenn du einen Tipp für mich hast, wie ich in Zukunft so einen Mist vermeiden kann (abgesehen davon, nix mehr bei Chip.de runzerzuladen :-/) nehm ich entsprechendes gern an! |
|
31.03.2016, 16:44
| #13 |
| /// Malwareteam | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {884F9824-B9EB-4ED4-B189-42834F0A9476} - \GEN -> Keine Datei <==== ACHTUNG
Task: {FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE} - \GEN_Interval -> Keine Datei <==== ACHTUNG
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Aber gerne doch  Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean  Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg: Wichtig: Entfernen der verwendeten Tools Die Reihenfolge ist hier entscheidend.
Malwarebytes Anti-Malware und  ESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen. Persönliche Empfehlungen Das wichtigste zu erst:
Schutz vor unerwünschter Software Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen? Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de. Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken. Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil! Benutze keine Optimizer, Cleaner oder sonstige SpeedUp Wunder, da diese Tools fast nie einen auch nur messbaren Performancegewinn bringen. Du kannst jedoch regelmäßig auf deinem PC die Datenträgerbereinigung ausführen, so gewinnst du belegten Speicherplatz zurück. Aktiviere in deiner Virenschutzlösungen den "Schutz vor potentiell unerwünschter Software", um dich bestmöglich zu schützen. Guter Trick: Wenn du den kostenlosen Windows Defender benutzt (ab Windows 8), kannst du einen vergleichbaren Schutz durch einen kleinen Trick auch nutzen! Lese dazu folgenden Artikel um dich mehr zu informieren: Windows mit verstecktem Adware-Killer Zum aktivieren dieses "Tricks" lade einfach nur diese Datei und führe sie aus: MpEnablePlus.reg Tipps, um dein System sicherer zu machen Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell. Weiters kannst du dir  Malwarebytes Anti-Exploit installieren. Es schützt gegen viele aktuelle Sicherheitslücken und erhöht so deine Sicherheit. Passwörter Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen. Ganz wichtig: benutze pro Account ein anderes Passwort! Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau Unterstütze uns und empfiehl uns weiter Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür  Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen Besuche und like unsere Facebook-Seite!  Danke für deine Mitarbeit und alles Gute! Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
01.04.2016, 10:47
| #14 |
| | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Hallo :-) Hab alles gelesen! Und nochmals DANKE DANKE DANKE! Die Säuberungsarbeiten kann ich erst morgen vornehmen und sobald ich das getan habe, werde ich mich mit deinen Tricks und Tips beschäftigen, in der Hoffnung, dass mir so ein Ärger in Zukunft erspart bleibt :-) Log folgt dann auch direkt morgen. Lieben Gruß Trys Hi Rafael, hier das gewünschte log noch :-) Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Schlotterbeck (2016-04-01 10:44:09) Run:2
Gestartet von C:\Users\Schlotterbeck\Downloads
Geladene Profile: Schlotterbeck (Verfügbare Profile: Schlotterbeck & Administrator)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {884F9824-B9EB-4ED4-B189-42834F0A9476} - \GEN -> Keine Datei <==== ACHTUNG
Task: {FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE} - \GEN_Interval -> Keine Datei <==== ACHTUNG
emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{884F9824-B9EB-4ED4-B189-42834F0A9476}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{884F9824-B9EB-4ED4-B189-42834F0A9476}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GEN" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FDA8E3C8-D33A-4DCD-B955-16AD8ED98FAE}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GEN_Interval" => Schlüssel erfolgreich entfernt
EmptyTemp: => 234.2 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 10:44:20 ====
|
|
01.04.2016, 12:58
| #15 |
| /// Malwareteam | Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste Perfekt  Wenn du keine Fragen mehr hast sind wir hiermit durch
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Unbekanntes Programm öffnet und schließt sich mehrfach in der Taskleiste |
| autostart, bla, ccleaner, cpu, download, festplatte, formatieren, icon, lädt, mozilla, neue, online, problem, programm, programme, registry, ruckel, scan, software, speicher, system, taskleiste, windows, öffnet, öffnet und schließt |
Defender zu benutzen. Solltest du noch Windows 7 verwenden, verwende als kostenlose Lösung die 
Microsoft Security Essentials. 
Linear-Darstellung
