| |
| |||||||
Log-Analyse und Auswertung: PC führt Programme zT wahllos aus/nicht ausWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.05.2016, 11:46
| #1 |
 |  PC führt Programme zT wahllos aus/nicht aus Moin! Ich bin neu auf diesem Forum, deswegen bitte ich um Entschuldigung, sollte ich viel nachfragen (kenne mich mit der Materie schlecht aus). Seit gestern führt mein PC Programme nicht oder stark verzögert aus. Einige Beispiele: - Microsoft Security Essentials starten/aktivieren sich sehr langsam (15mins nach PC Start) Das Internetsymbol in der Taskleiste hat hierbei lange einen Kreis auf sich, dann kurz das gelbe Symbol und dann ist es normal, das Internet ist die ganze Zeit über nicht beeinträchtigt. - Firefox funzt ohne Probleme - Das Startmenü wird zeitweilig nicht anklickbar bzw. permanent unbedienbar - CS:GO startet gar nicht, LoL z.B. schon (beides Spiele) - jegliche Downloads (Anti-Malware Tools o.ä.) lassen sich nicht installieren - abgesicherter Modus arbeitet reibungsfrei Ich muss hinzufügen, dass ich mir gestern für Malware Bytes eine Premiumversion holen wollte, und dazu mit irgendeiner Methode aus dem Internet eine "license.conf" Datei ersetzt habe. Ich habe diese Dateien gelöscht, da ich Probleme hiermit vermutet hatte. Malwarebytes habe ich ebenfalls gelöscht (keine Logdateien mehr da). Ich operiere vom abgesichterten Modus aus, mir stehen also nicht alle Funktionen zur Verfügung. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016
durchgeführt von Thomas (Administrator) auf THOMAS-PC (11-05-2016 12:47:59)
Gestartet von C:\Users\Thomas\Downloads
Geladene Profile: Thomas (Verfügbare Profile: Thomas)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5009096 2016-04-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SPEEDLINK KUDOS] => C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe [1470464 2012-03-08] ()
HKLM-x32\...\Run: [Skiller PRO] => C:\Program Files (x86)\Skiller PRO\Monitor.exe [475136 2015-07-17] (Sharkoon Technologies)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Spotify Web Helper] => C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1524336 2016-04-06] (Spotify Ltd)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Run: [f.lux] => C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
BootExecute: autocheck autochk /r \??\C:autocheck autochk *
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7F44B7C4-C23C-4E67-B9AC-3F19997CD50C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-04-29] (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2016-04-29] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-04-29] (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default
FF Homepage: hxxps://www.youtube.com/watch?v=EiRC80FJbHU
FF NetworkProxy: "autoconfig_url", "hxxp://www.bib.h-bonn-rhein-sieg.de/bibmedia/Downloads/bibliothek/proxy-p-7010.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-04-29] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Reddit Enhancement Suite - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi [2016-04-06]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\l4ktzj6q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.twitch.tv/directory/following
CHR StartupUrls: Default -> "hxxps://www.twitch.tv/directory/following"
CHR Profile: C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-17]
CHR Extension: (Google Docs) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-17]
CHR Extension: (Google Drive) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-17]
CHR Extension: (YouTube) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-17]
CHR Extension: (Google Tabellen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-17]
CHR Extension: (Google Mail) - C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-17]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-08-30] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] ()
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2911464 2016-04-29] (Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-29] (Digital Wave Ltd.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [202288 2016-04-28] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [296648 2016-04-15] (Advanced Micro Devices)
S2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices)
S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96256 2016-04-15] (Advanced Micro Devices) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [225792 2014-10-31] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [305664 2014-10-31] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 12:47 - 2016-05-11 12:48 - 00012241 _____ C:\Users\Thomas\Downloads\FRST.txt
2016-05-11 12:47 - 2016-05-11 12:47 - 02381312 _____ (Farbar) C:\Users\Thomas\Downloads\FRST64.exe
2016-05-11 12:47 - 2016-05-11 12:47 - 00000000 ____D C:\FRST
2016-05-11 12:18 - 2016-05-11 12:45 - 00001536 _____ C:\Users\Thomas\Desktop\JRT.txt
2016-05-11 12:16 - 2016-05-11 12:44 - 00000000 ____D C:\AdwCleaner
2016-05-11 11:59 - 2016-05-11 11:59 - 01610816 _____ (Malwarebytes) C:\Users\Thomas\Downloads\JRT.exe
2016-05-11 11:58 - 2016-05-11 11:59 - 03640384 _____ C:\Users\Thomas\Downloads\AdwCleaner_5.116.exe
2016-05-11 11:53 - 2016-05-11 11:53 - 22851472 _____ (Malwarebytes ) C:\Users\Thomas\Downloads\mbam-setup-computerbild.8000-2.2.1.1043.exe
2016-05-11 11:03 - 2016-05-11 11:03 - 00000000 ____D C:\Program Files (x86)\ESET
2016-05-11 10:51 - 2016-05-11 10:51 - 00003544 ____N C:\bootsqm.dat
2016-05-10 23:37 - 2016-05-11 11:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-05-10 23:37 - 2016-05-11 11:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-05-10 23:37 - 2016-05-10 23:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-10 23:37 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-05-10 23:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-05-10 23:06 - 2016-05-11 12:16 - 00707550 _____ C:\Windows\ntbtlog.txt
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ___HD C:\ProgramData\CanonIJETV
2016-05-08 12:49 - 2016-05-08 12:49 - 00000000 ____D C:\Program Files (x86)\Canon
2016-05-08 12:14 - 2016-05-08 12:14 - 00000000 ____H C:\Users\Thomas\Documents\Default.rdp
2016-05-07 13:23 - 2016-05-07 13:23 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\WinRAR
2016-05-07 12:51 - 2016-05-11 11:04 - 00000000 ___RD C:\Users\Thomas\Documents\Scanned Documents
2016-05-07 12:51 - 2016-05-07 12:51 - 00000000 ____D C:\Users\Thomas\Documents\Fax
2016-05-06 16:11 - 2016-05-07 11:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-05-01 15:50 - 2016-05-01 19:05 - 00000000 ____D C:\Users\Thomas\Desktop\Rea
2016-04-25 22:10 - 2016-04-25 22:10 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-04-25 22:09 - 2016-02-16 01:27 - 00125720 _____ C:\Windows\SysWOW64\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:26 - 00126232 _____ C:\Windows\system32\vulkan-1.dll
2016-04-25 22:09 - 2016-02-16 01:25 - 00045848 _____ C:\Windows\system32\vulkaninfo.exe
2016-04-25 22:09 - 2016-02-16 01:25 - 00042264 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-04-25 22:08 - 2016-04-25 22:08 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-04-25 22:01 - 2016-04-25 22:01 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ViaHub3_01011.Wdf
2016-04-25 22:00 - 2016-04-25 22:00 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xhcdrv_01011.Wdf
2016-04-24 15:44 - 2016-04-25 21:38 - 00000944 _____ C:\Users\Thomas\Desktop\Start Tor Browser.lnk
2016-04-24 15:44 - 2016-04-24 15:44 - 00000833 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-04-24 12:18 - 2016-04-24 21:15 - 00000000 ____D C:\Program Files\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skiller PRO
2016-04-24 12:18 - 2016-04-24 12:18 - 00000000 ____D C:\Program Files (x86)\Skiller PRO
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SPEEDLINK PRIME
2016-04-23 23:32 - 2016-04-23 23:32 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK
2016-04-17 21:00 - 2016-04-17 21:00 - 00000000 ____D C:\Users\Thomas\Documents\Benutzerdefinierte Office-Vorlagen
2016-04-17 20:58 - 2016-04-17 20:58 - 00000000 ____D C:\Users\Thomas\AppData\LocalLow\Temp
2016-04-17 20:30 - 2016-04-17 20:31 - 00000000 ____D C:\Users\Thomas\Desktop\MS Office
2016-04-17 20:18 - 2016-04-17 20:18 - 00002180 _____ C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00002120 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ___RD C:\Users\Thomas\OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-04-17 20:18 - 2016-04-17 20:18 - 00000000 ____D C:\Program Files (x86)\Microsoft OneDrive
2016-04-17 20:03 - 2016-04-17 20:03 - 00002509 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-04-17 20:03 - 2016-04-17 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-04-17 19:59 - 2016-05-07 11:43 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-17 19:59 - 2016-04-17 19:59 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-04-17 19:56 - 2016-05-07 11:42 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Users\Thomas\Desktop\Chemsketch
2016-04-17 19:56 - 2016-04-17 19:56 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-17 19:51 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACDLabs Freeware 2015
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ProgramData\Advanced Chemistry Development
2016-04-17 19:50 - 2016-04-17 19:51 - 00000000 ____D C:\ACD2015FREE
2016-04-17 15:04 - 2016-05-03 14:09 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-17 15:03 - 2016-05-11 11:46 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-17 15:03 - 2016-05-10 23:08 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-17 15:03 - 2016-04-17 15:41 - 00000000 ____D C:\Users\Thomas\AppData\Local\Google
2016-04-17 15:03 - 2016-04-17 15:04 - 00000000 ____D C:\Program Files (x86)\Google
2016-04-17 15:03 - 2016-04-17 15:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-17 15:03 - 2016-04-17 15:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-17 14:59 - 2016-04-17 14:59 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\LolClient
2016-04-16 17:36 - 2016-05-05 14:17 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00001398 _____ C:\Users\Public\Desktop\Free YouTube To MP3 Converter.lnk
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\FreeCodecPack
2016-04-16 17:36 - 2016-04-16 17:36 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-04-15 23:15 - 2016-04-15 23:15 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00110880 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-04-15 23:15 - 2016-04-15 23:15 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 09526616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-04-15 23:14 - 2016-04-15 23:14 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-04-15 23:13 - 2016-04-15 23:13 - 08844232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-04-15 23:11 - 2016-04-15 23:11 - 00296648 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-04-15 23:05 - 2016-04-15 23:05 - 26345472 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-04-15 22:57 - 2016-04-15 22:57 - 06956032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 48212480 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-04-15 22:54 - 2016-04-15 22:54 - 00235008 _____ C:\Windows\system32\clinfo.exe
2016-04-15 22:53 - 2016-04-15 22:53 - 05420032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-04-15 22:52 - 2016-04-15 22:52 - 40126976 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-04-15 22:51 - 2016-04-15 22:51 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 26886656 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-04-15 22:49 - 2016-04-15 22:49 - 21730304 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00701440 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-04-15 22:28 - 2016-04-15 22:28 - 00580096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 30380032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 06884864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-04-15 22:27 - 2016-04-15 22:27 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-04-15 22:24 - 2016-04-15 22:24 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-04-15 22:23 - 2016-04-15 22:23 - 05398016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-04-15 22:22 - 2016-04-15 22:22 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-04-15 22:22 - 2016-04-15 22:22 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-04-15 22:21 - 2016-04-15 22:21 - 25070080 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-04-15 22:21 - 2016-04-15 22:21 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00097280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-04-15 22:20 - 2016-04-15 22:20 - 00089600 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00698768 _____ C:\Windows\system32\atiapfxx.blb
2016-04-15 22:19 - 2016-04-15 22:19 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-04-15 22:19 - 2016-04-15 22:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-04-15 22:19 - 2016-04-15 22:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-04-15 22:18 - 2016-04-15 22:18 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-04-15 22:17 - 2016-04-15 22:17 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-04-15 22:15 - 2016-04-15 22:15 - 00564736 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00224256 _____ C:\Windows\system32\dgtrayicon.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00209920 _____ C:\Windows\system32\GameManager64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-04-15 22:15 - 2016-04-15 22:15 - 00162304 _____ C:\Windows\system32\atieah64.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00145408 _____ C:\Windows\SysWOW64\atieah32.exe
2016-04-15 22:15 - 2016-04-15 22:15 - 00078336 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-04-15 22:14 - 2016-04-15 22:14 - 00251392 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-04-15 22:14 - 2016-04-15 22:14 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-04-15 22:12 - 2016-04-15 22:12 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00944640 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-04-15 22:11 - 2016-04-15 22:11 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00676864 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-04-15 22:10 - 2016-04-15 22:10 - 00195072 _____ C:\Windows\system32\hsa-thunk64.dll
2016-04-15 22:10 - 2016-04-15 22:10 - 00174592 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-04-15 18:28 - 2016-04-15 18:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-15 16:23 - 2016-04-15 16:23 - 02412544 _____ C:\Windows\system32\amdacpusl.pdb
2016-04-15 16:20 - 2016-04-15 16:20 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-04-15 16:20 - 2016-04-15 16:20 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-04-15 16:20 - 2016-04-15 16:20 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-04-12 21:16 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-12 21:16 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-12 21:16 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-12 21:16 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-12 21:16 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-12 21:16 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-12 21:16 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-12 21:16 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-12 21:16 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-12 21:16 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-12 21:16 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-12 21:16 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-12 21:16 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-12 21:16 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-12 21:16 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-12 21:16 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-12 21:16 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-12 21:16 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-12 21:16 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-12 21:16 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-12 21:16 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-12 21:16 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-12 21:16 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-12 21:16 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-12 21:16 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-12 21:16 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-12 21:16 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-12 21:16 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-12 21:16 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-12 21:16 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-12 21:16 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-12 21:16 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-12 21:16 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-12 21:16 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-12 21:16 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-12 21:16 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-12 21:16 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-12 21:16 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-12 21:16 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-12 21:16 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-12 21:16 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-12 21:16 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-12 21:16 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-12 21:16 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-12 21:16 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-12 21:16 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-12 21:16 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-12 21:16 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-12 21:16 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-11 12:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-11 11:51 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-05-11 11:51 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-05-11 11:51 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-11 11:51 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-05-11 11:46 - 2016-04-08 16:36 - 00000000 ____D C:\Users\Thomas\AppData\Local\Apps\2.0
2016-05-11 11:46 - 2016-04-06 21:40 - 00000000 ____D C:\Program Files (x86)\Steam
2016-05-11 11:46 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-11 11:45 - 2016-04-09 11:54 - 00000000 ____D C:\Users\Thomas\AppData\Local\Downloaded Installations
2016-05-11 11:42 - 2016-04-06 21:00 - 00000000 ____D C:\60123cffff02c322a6
2016-05-10 23:48 - 2016-04-06 21:53 - 00000000 ____D C:\Users\Thomas\AppData\Local\ElevatedDiagnostics
2016-05-10 23:27 - 2014-01-11 18:52 - 00000000 ____D C:\Users\Thomas\Desktop\#I so'n Shit
2016-05-10 23:26 - 2016-04-07 15:20 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-05-10 23:20 - 2016-04-10 00:44 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-10 23:14 - 2016-04-06 22:57 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Skype
2016-05-10 22:12 - 2016-04-06 20:55 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\TS3Client
2016-05-10 20:25 - 2016-04-07 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-10 20:24 - 2016-04-07 16:27 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-08 12:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-07 11:20 - 2016-04-06 20:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-06 11:46 - 2016-04-08 16:28 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-05 14:19 - 2016-04-10 15:23 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-01 18:18 - 2016-04-06 21:29 - 00000000 ____D C:\Users\Thomas\AppData\Local\Spotify
2016-05-01 17:54 - 2016-04-06 21:28 - 00000000 ____D C:\Users\Thomas\AppData\Roaming\Spotify
2016-04-26 17:45 - 2016-04-06 20:55 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-04-25 22:11 - 2016-04-06 21:49 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-04-25 22:11 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-25 22:09 - 2016-04-06 21:42 - 00000000 ____D C:\Program Files\AMD
2016-04-25 22:09 - 2016-04-06 21:14 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-25 22:08 - 2016-04-06 21:43 - 00000000 ____D C:\Program Files (x86)\AMD
2016-04-25 22:04 - 2016-04-06 21:40 - 00000000 ____D C:\AMD
2016-04-24 12:18 - 2016-04-06 20:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-04-22 09:57 - 2010-11-21 05:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-18 19:08 - 2009-07-14 06:45 - 00424696 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-17 20:50 - 2016-04-06 21:22 - 00110176 _____ C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2016-04-17 20:18 - 2016-04-06 19:37 - 00000000 ____D C:\Users\Thomas
2016-04-17 17:03 - 2016-04-10 21:32 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-04-15 23:14 - 2016-04-04 06:16 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-04-15 23:14 - 2016-04-04 06:16 - 00133528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 11631488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 09588416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 08585696 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 07394016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01519920 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 01248000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-04-15 23:14 - 2016-04-04 06:15 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-04-15 22:24 - 2016-04-04 04:25 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.15.dll
2016-04-15 22:15 - 2016-04-04 03:57 - 00186368 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-04-15 22:11 - 2016-04-04 03:33 - 01276416 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-04-13 19:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-04-11 07:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-06 21:12 - 2016-04-06 21:12 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\libeay32.dll
C:\Users\Thomas\AppData\Local\Temp\msvcr120.dll
C:\Users\Thomas\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-08 17:08
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016
durchgeführt von Thomas (2016-05-11 12:48:16)
Gestartet von C:\Users\Thomas\Downloads
Windows 7 Professional Service Pack 1 (X64) (2016-04-06 17:37:00)
Start-Modus: Safe Mode (with Networking)
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-758422454-1604163277-2610386603-500 - Administrator - Disabled)
Gast (S-1-5-21-758422454-1604163277-2610386603-501 - Limited - Disabled)
Thomas (S-1-5-21-758422454-1604163277-2610386603-1000 - Administrator - Enabled) => C:\Users\Thomas
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACD/Labs Freeware in C:\ACD2015FREE\ (HKLM-x32\...\ACDLabs in C__ACD2015FREE_) (Version: v14.00, FREE - ACD/Labs)
ACP Application (Version: 2016.0415.1620.42 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0415.1636.28043 - Advanced Micro Devices, Inc.) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
f.lux (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Flux) (Version: - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.6.328 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6868.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
Mozilla Thunderbird 45.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.0 (x86 de)) (Version: 45.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6828.1015 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.92.115.2015 - Realtek)
Skiller PRO (HKLM-x32\...\{54C8FBB3-B992-43CB-8F0A-E26228013F88}) (Version: 2.1.15.6 - Sharkoon Technologies)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
SPEEDLINK PRIME Gaming Mouse (HKLM-x32\...\SPEEDLINK KUDOS) (Version: - )
Spotify (HKU\S-1-5-21-758422454-1604163277-2610386603-1000\...\Spotify) (Version: 1.0.26.132.ga4e3ccee - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-758422454-1604163277-2610386603-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Thomas\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1814CA9E-7654-4C59-A165-834EAFF679D5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {27A11073-67A1-4E9E-8D6E-45BDC9C1B526} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-24] (Microsoft Corporation)
Task: {27D6393D-4FA7-49C0-BE3D-07B63F1744C5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {29C10ED2-A5DB-47E4-90CB-64F2328E12F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-10] (Adobe Systems Incorporated)
Task: {2B3D71FA-7E23-4D26-825C-F593771E4CD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {6278FE4B-B427-4684-98CD-0860249EFF41} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-04-29] (Microsoft Corporation)
Task: {8BD2EB0E-CC15-4B5E-96EE-86402FE4DE2E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {9304EBB5-82CD-4F09-B853-E07F96DD2FAF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {B03D6180-4DBB-4D79-800E-2FA7B7550D83} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-04-29] (Microsoft Corporation)
Task: {D122ABCC-35C0-4196-9705-4C9E5608F49A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-04-29] (Microsoft Corporation)
Task: {DAF3A632-9FB4-418A-9FFA-AE2B117D2E43} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-17] (Google Inc.)
Task: {E81E985F-3881-447F-B0A0-40F0625F0B5B} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-04-15] (Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-758422454-1604163277-2610386603-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1BCAC893-CFF5-4B9B-B850-44B7676B9E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7111D390-46B3-475F-80D1-301F5CDBB677}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A4AB2E0E-53C0-4177-9A3E-20002042C1D7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C4571AB8-9671-4363-B564-69DB43825264}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2FAD3544-A9CF-429F-BBC3-0A9ABF814914}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{36A774A3-45F8-474F-A081-87A5A9C1E404}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8EC2A934-959C-4D2A-BC87-C8720EA64DE9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5AACE038-93F5-4799-9AE6-F166A1ADCEC0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D17EAD2D-00F5-4473-9873-7CBF0C0914D2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E76E4D58-B87C-4CED-9F5B-711B2906D389}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{AC3BC60B-C4A3-4230-BDA5-4AD011A42F8C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{93B56332-F08C-4B6B-93F4-A3F34F9C5A36}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{200E9D49-D84B-4235-A117-7685E9F00AD2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6867D683-685D-4382-9E43-7C6CDDB4BE9D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{25B354C7-1BA0-4185-B445-EC8D1A210A17}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{E44951C8-D687-4754-8D0B-8AB1B23EF7F4}C:\users\thomas\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9C60BA12-94B0-4E54-BF18-5AB6F5E4C1F3}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{39537144-DD55-4166-9463-33EF7C683842}] => (Block) C:\users\thomas\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EDC795F-272A-4EB3-AD00-1A91DCDE93CA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{BBA74933-FA30-4DA3-B21A-25D571817B41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B012F289-0C94-4CA8-AB32-1DA7A4B769E8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{0E1C8AF4-9E36-458A-9836-A67DE07796CD}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A5D40BF6-B394-4075-92B5-40FAC0B071F9}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{D4E6A0F9-6BA8-46E9-81CE-15A620FC7729}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{3056E7AE-0BC8-4731-9E16-9E4EAEDC3026}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{704ADC8C-BBA6-4E33-91D1-C5BF2058EAE0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{7E0479A9-88A2-4214-9B71-542190D6AFCA}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{7AFF1394-3682-4074-A63B-78CB06000157}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{006E7432-7673-4D85-9C07-6A4C56E8CFB0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{04A0DEE9-698B-445C-951D-BD6AA2D243AA}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
==================== Wiederherstellungspunkte =========================
06-05-2016 11:46:34 Windows Update
06-05-2016 18:25:46 Windows Update
07-05-2016 02:00:30 Windows Update
07-05-2016 11:24:18 Windows Update
07-05-2016 14:36:19 Windows Update
08-05-2016 01:52:15 Windows Update
08-05-2016 11:55:58 Windows Update
08-05-2016 17:10:43 Windows Update
09-05-2016 00:19:15 Windows Update
09-05-2016 17:37:19 Windows Update
09-05-2016 18:33:28 Windows Update
10-05-2016 00:59:20 Windows Update
10-05-2016 14:13:09 Windows Update
10-05-2016 22:12:04 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/11/2016 12:44:59 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).
Error: (05/11/2016 12:23:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RadeonSettings.exe, Version: 10.1.1.1622, Zeitstempel: 0x5711503b
Name des fehlerhaften Moduls: MSVCR120.dll, Version: 12.0.21005.1, Zeitstempel: 0x524f83ff
Ausnahmecode: 0x40000015
Fehleroffset: 0x0000000000074a46
ID des fehlerhaften Prozesses: 0x70c
Startzeit der fehlerhaften Anwendung: 0xRadeonSettings.exe0
Pfad der fehlerhaften Anwendung: RadeonSettings.exe1
Pfad des fehlerhaften Moduls: RadeonSettings.exe2
Berichtskennung: RadeonSettings.exe3
Error: (05/11/2016 12:18:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 12:17:04 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Thomas\AppData\Local\Temp\jrt\CreateRestorePoint.exe "JRT Pre-Junkware Removal"; Beschreibung = JRT Pre-Junkware Removal; Fehler = 0x8007043c).
Error: (05/11/2016 11:48:36 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:40:57 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:36:13 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:03:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/11/2016 11:03:21 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (05/11/2016 11:03:19 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Systemfehler:
=============
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:47:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (05/11/2016 12:44:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
==================== Speicherinformationen ===========================
Prozessor: AMD FX-8320E Eight-Core Processor
Prozentuale Nutzung des RAM: 10%
Installierter physikalischer RAM: 16350.65 MB
Verfügbarer physikalischer RAM: 14670.25 MB
Summe virtueller Speicher: 32699.48 MB
Verfügbarer virtueller Speicher: 31094.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:342.01 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 85DD657B)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Geändert von Zoidbarg (11.05.2016 um 11:51 Uhr) Grund: Regeln sollte man lesen... |
|
14.05.2016, 12:48
| #2 |
| /// TB-Ausbilder   | PC führt Programme zT wahllos aus/nicht aus Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
17.05.2016, 09:33
| #3 |
| /// TB-Ausbilder | PC führt Programme zT wahllos aus/nicht aus Fehlende Rückmeldung
__________________Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
27.05.2016, 09:58
| #4 |
| | PC führt Programme zT wahllos aus/nicht ausCode:
ATTFilter 10:55:22.0848 0x1a6c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
10:55:36.0841 0x1a6c ============================================================
10:55:36.0841 0x1a6c Current date / time: 2016/05/27 10:55:36.0841
10:55:36.0841 0x1a6c SystemInfo:
10:55:36.0841 0x1a6c
10:55:36.0841 0x1a6c OS Version: 6.1.7601 ServicePack: 1.0
10:55:36.0841 0x1a6c Product type: Workstation
10:55:36.0841 0x1a6c ComputerName: THOMAS-PC
10:55:36.0841 0x1a6c UserName: Thomas
10:55:36.0841 0x1a6c Windows directory: C:\Windows
10:55:36.0841 0x1a6c System windows directory: C:\Windows
10:55:36.0841 0x1a6c Running under WOW64
10:55:36.0841 0x1a6c Processor architecture: Intel x64
10:55:36.0841 0x1a6c Number of processors: 8
10:55:36.0841 0x1a6c Page size: 0x1000
10:55:36.0841 0x1a6c Boot type: Normal boot
10:55:36.0841 0x1a6c ============================================================
10:55:36.0950 0x1a6c KLMD registered as C:\Windows\system32\drivers\86345052.sys
10:55:37.0558 0x1a6c System UUID: {71019C58-4816-56F5-548D-3AC9F487C3AC}
10:55:37.0964 0x1a6c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c \Device\Harddisk0\DR0:
10:55:37.0979 0x1a6c MBR partitions:
10:55:37.0979 0x1a6c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385000
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c C: <-> \Device\Harddisk0\DR0\Partition1
10:55:37.0979 0x1a6c ============================================================
10:55:37.0979 0x1a6c Initialize success
10:55:37.0979 0x1a6c ============================================================
10:56:11.0235 0x134c ============================================================
10:56:11.0235 0x134c Scan started
10:56:11.0235 0x134c Mode: Manual; SigCheck; TDLFS;
10:56:11.0235 0x134c ============================================================
10:56:11.0235 0x134c KSN ping started
10:56:13.0553 0x134c KSN ping finished: true
10:56:13.0764 0x134c ================ Scan system memory ========================
10:56:13.0764 0x134c System memory - ok
10:56:13.0765 0x134c ================ Scan services =============================
10:56:13.0798 0x134c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:56:13.0843 0x134c 1394ohci - ok
10:56:13.0856 0x134c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:56:13.0871 0x134c ACPI - ok
10:56:13.0874 0x134c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:56:13.0889 0x134c AcpiPmi - ok
10:56:13.0894 0x134c [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:56:13.0904 0x134c AdobeARMservice - ok
10:56:13.0929 0x134c [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:56:13.0947 0x134c AdobeFlashPlayerUpdateSvc - ok
10:56:13.0961 0x134c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:56:13.0983 0x134c adp94xx - ok
10:56:13.0994 0x134c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:56:14.0012 0x134c adpahci - ok
10:56:14.0019 0x134c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:56:14.0033 0x134c adpu320 - ok
10:56:14.0038 0x134c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:56:14.0054 0x134c AeLookupSvc - ok
10:56:14.0066 0x134c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
10:56:14.0089 0x134c AFD - ok
10:56:14.0093 0x134c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:56:14.0103 0x134c agp440 - ok
10:56:14.0107 0x134c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:56:14.0122 0x134c ALG - ok
10:56:14.0125 0x134c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:56:14.0134 0x134c aliide - ok
10:56:14.0144 0x134c [ B31F6F6CBE002161AD2EA27733D4D1A4, 4765B4E7F893724B1EE57D2555881D7498DB22940BB99586CA025269C437B1F1 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
10:56:14.0170 0x134c AMD External Events Utility - ok
10:56:14.0173 0x134c AMD FUEL Service - ok
10:56:14.0182 0x134c [ BFFC39EA0FD433AA21BBDA36E111ABCA, 05EBBFB3B66BF868538D9C00157051671C26265BD4A738BC54707B0E913AAD51 ] amdacpksd C:\Windows\system32\drivers\amdacpksd.sys
10:56:14.0195 0x134c amdacpksd - ok
10:56:14.0201 0x134c [ 3785941746AC5AC844832CB965DEBF9D, 136DED7611C85FA192B1FC57F98C018F657D502DFC431A61C4C2360BB15D84F9 ] amdacpusrsvc C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
10:56:14.0207 0x134c amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
10:56:16.0634 0x134c amdacpusrsvc ( UnsignedFile.Multi.Generic ) - warning
10:56:18.0993 0x134c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:56:19.0014 0x134c amdide - ok
10:56:19.0022 0x134c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:56:19.0033 0x134c AmdK8 - ok
10:56:19.0035 0x134c amdkmdag - ok
10:56:19.0047 0x134c [ F6A33C17A38EC7555161599458E5A59A, 0FD503F3CD91B47802A4773714C3E07632004D27FE1BC44185E1217775F0FB49 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
10:56:19.0067 0x134c amdkmdap - ok
10:56:19.0072 0x134c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:56:19.0083 0x134c AmdPPM - ok
10:56:19.0088 0x134c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:56:19.0099 0x134c amdsata - ok
10:56:19.0106 0x134c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:56:19.0118 0x134c amdsbs - ok
10:56:19.0121 0x134c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:56:19.0130 0x134c amdxata - ok
10:56:19.0134 0x134c [ EBECBA1E37CE98BA2BD64A22A788DAC5, 247C474DAF9FFFF7FB46EB6185088B94B886A7685F98CABE1983EFEAEE1A8338 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
10:56:19.0144 0x134c amd_sata - ok
10:56:19.0147 0x134c [ 7F1B42E70FAE147B14B28B83E003F039, 093C2B57AFDC93E667A3AB1F74442DBA42B0DE2132388E73BDC3D09FDBB1B3D0 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
10:56:19.0155 0x134c amd_xata - ok
10:56:19.0158 0x134c [ F2154A205F4B784B61A72AEBC72BDC5F, A1D962BCF952FAD8016D9210327E7C1044BF4D3D035C7443F8671DDA16E0A390 ] AODDriver4.2 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
10:56:19.0167 0x134c AODDriver4.2 - ok
10:56:19.0171 0x134c [ 1FDE3302A17928B999E6BBA6D346F7DB, 186029C1C62842F1FE21AAD445134A3DEDB978D2E27169D5016C3149FCC42E5C ] AODDriver4.3.0 C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys
10:56:19.0179 0x134c AODDriver4.3.0 - ok
10:56:19.0184 0x134c [ 24D5D2C9F24B9B7AF63182F5A444C3F9, 02D781C0FFADD355851D37B5401EFD8798F113BB5BC17A994AC5CF548360C3D2 ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe
10:56:19.0194 0x134c AODService - ok
10:56:19.0199 0x134c [ 59D01FA91962C9C1E9B4022B2D3B46DB, 3A111588538B77F010B5C900FB8425DDE55A08DBAC308CA7FB7BD9FCCCDEC69F ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
10:56:19.0213 0x134c AppHostSvc - ok
10:56:19.0217 0x134c [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID C:\Windows\system32\drivers\appid.sys
10:56:19.0231 0x134c AppID - ok
10:56:19.0235 0x134c [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:56:19.0245 0x134c AppIDSvc - ok
10:56:19.0249 0x134c [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo C:\Windows\System32\appinfo.dll
10:56:19.0263 0x134c Appinfo - ok
10:56:19.0269 0x134c [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:56:19.0280 0x134c Apple Mobile Device Service - ok
10:56:19.0286 0x134c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
10:56:19.0303 0x134c AppMgmt - ok
10:56:19.0308 0x134c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
10:56:19.0318 0x134c arc - ok
10:56:19.0323 0x134c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:56:19.0333 0x134c arcsas - ok
10:56:19.0345 0x134c [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:56:19.0356 0x134c aspnet_state - ok
10:56:19.0359 0x134c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:56:19.0389 0x134c AsyncMac - ok
10:56:19.0393 0x134c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:56:19.0402 0x134c atapi - ok
10:56:19.0407 0x134c [ D67188D9964E08CF344AF8390BA22E75, C4A1DD5AD5D691FAA74764105C701717F41682320ED65584FF4C84B995AAB283 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
10:56:19.0420 0x134c AtiHDAudioService - ok
10:56:19.0436 0x134c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:56:19.0463 0x134c AudioEndpointBuilder - ok
10:56:19.0479 0x134c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:56:19.0503 0x134c AudioSrv - ok
10:56:19.0509 0x134c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:56:19.0527 0x134c AxInstSV - ok
10:56:19.0539 0x134c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:56:19.0560 0x134c b06bdrv - ok
10:56:19.0569 0x134c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:56:19.0584 0x134c b57nd60a - ok
10:56:19.0590 0x134c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:56:19.0605 0x134c BDESVC - ok
10:56:19.0608 0x134c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:56:19.0634 0x134c Beep - ok
10:56:19.0651 0x134c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
10:56:19.0679 0x134c BFE - ok
10:56:19.0699 0x134c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
10:56:19.0747 0x134c BITS - ok
10:56:19.0751 0x134c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:56:19.0762 0x134c blbdrive - ok
10:56:19.0773 0x134c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:56:19.0790 0x134c Bonjour Service - ok
10:56:19.0795 0x134c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:56:19.0809 0x134c bowser - ok
10:56:19.0813 0x134c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:56:19.0825 0x134c BrFiltLo - ok
10:56:19.0828 0x134c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:56:19.0839 0x134c BrFiltUp - ok
10:56:19.0845 0x134c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:56:19.0861 0x134c Browser - ok
10:56:19.0869 0x134c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:56:19.0888 0x134c Brserid - ok
10:56:19.0892 0x134c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:56:19.0905 0x134c BrSerWdm - ok
10:56:19.0908 0x134c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:56:19.0920 0x134c BrUsbMdm - ok
10:56:19.0923 0x134c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:56:19.0933 0x134c BrUsbSer - ok
10:56:19.0937 0x134c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:56:19.0950 0x134c BTHMODEM - ok
10:56:19.0956 0x134c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:56:19.0984 0x134c bthserv - ok
10:56:19.0988 0x134c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:56:20.0015 0x134c cdfs - ok
10:56:20.0020 0x134c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:56:20.0033 0x134c cdrom - ok
10:56:20.0038 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:56:20.0064 0x134c CertPropSvc - ok
10:56:20.0068 0x134c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
10:56:20.0081 0x134c circlass - ok
10:56:20.0090 0x134c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
10:56:20.0107 0x134c CLFS - ok
10:56:20.0172 0x134c [ 9A62177931525A679F7ECB295442D89F, F2946F677F0602AE89E90BB62718B6AD0A4B430DE22801A0D2A358146D698D54 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
10:56:20.0176 0x18d0 Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
10:56:20.0243 0x134c ClickToRunSvc - ok
10:56:20.0253 0x134c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:56:20.0264 0x134c clr_optimization_v2.0.50727_32 - ok
10:56:20.0270 0x134c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:56:20.0280 0x134c clr_optimization_v2.0.50727_64 - ok
10:56:20.0289 0x134c [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:56:20.0302 0x134c clr_optimization_v4.0.30319_32 - ok
10:56:20.0307 0x134c [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:56:20.0319 0x134c clr_optimization_v4.0.30319_64 - ok
10:56:20.0323 0x134c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:56:20.0333 0x134c CmBatt - ok
10:56:20.0336 0x134c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:56:20.0345 0x134c cmdide - ok
10:56:20.0357 0x134c [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG C:\Windows\system32\Drivers\cng.sys
10:56:20.0380 0x134c CNG - ok
10:56:20.0384 0x134c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:56:20.0393 0x134c Compbatt - ok
10:56:20.0396 0x134c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
10:56:20.0409 0x134c CompositeBus - ok
10:56:20.0411 0x134c COMSysApp - ok
10:56:20.0415 0x134c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:56:20.0424 0x134c crcdisk - ok
10:56:20.0432 0x134c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:56:20.0448 0x134c CryptSvc - ok
10:56:20.0461 0x134c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
10:56:20.0485 0x134c CSC - ok
10:56:20.0509 0x134c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
10:56:20.0533 0x134c CscService - ok
10:56:20.0548 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch C:\Windows\system32\rpcss.dll
10:56:20.0572 0x134c DcomLaunch - ok
10:56:20.0581 0x134c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:56:20.0614 0x134c defragsvc - ok
10:56:20.0619 0x134c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:56:20.0646 0x134c DfsC - ok
10:56:20.0656 0x134c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:56:20.0676 0x134c Dhcp - ok
10:56:20.0708 0x134c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
10:56:20.0752 0x134c DiagTrack - ok
10:56:20.0766 0x134c [ BB5C615C2F0D6F392B3C93B988969E02, 13F30E2BEE863823FB85A57C407060B2677D1EF95908D49D97FD0551D29E1969 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
10:56:20.0781 0x134c DigitalWave.Update.Service - ok
10:56:20.0785 0x134c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:56:20.0813 0x134c discache - ok
10:56:20.0818 0x134c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
10:56:20.0828 0x134c Disk - ok
10:56:20.0833 0x134c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
10:56:20.0848 0x134c dmvsc - ok
10:56:20.0855 0x134c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:56:20.0871 0x134c Dnscache - ok
10:56:20.0879 0x134c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:56:20.0911 0x134c dot3svc - ok
10:56:20.0918 0x134c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:56:20.0947 0x134c DPS - ok
10:56:20.0950 0x134c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:56:20.0962 0x134c drmkaud - ok
10:56:20.0983 0x134c [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:56:21.0012 0x134c DXGKrnl - ok
10:56:21.0019 0x134c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:56:21.0048 0x134c EapHost - ok
10:56:21.0113 0x134c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:56:21.0190 0x134c ebdrv - ok
10:56:21.0199 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] EFS C:\Windows\System32\lsass.exe
10:56:21.0213 0x134c EFS - ok
10:56:21.0229 0x134c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:56:21.0256 0x134c ehRecvr - ok
10:56:21.0262 0x134c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
10:56:21.0274 0x134c ehSched - ok
10:56:21.0287 0x134c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:56:21.0306 0x134c elxstor - ok
10:56:21.0310 0x134c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:56:21.0320 0x134c ErrDev - ok
10:56:21.0333 0x134c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:56:21.0368 0x134c EventSystem - ok
10:56:21.0375 0x134c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:56:21.0404 0x134c exfat - ok
10:56:21.0411 0x134c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:56:21.0441 0x134c fastfat - ok
10:56:21.0457 0x134c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:56:21.0484 0x134c Fax - ok
10:56:21.0488 0x134c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
10:56:21.0499 0x134c fdc - ok
10:56:21.0502 0x134c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:56:21.0529 0x134c fdPHost - ok
10:56:21.0532 0x134c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:56:21.0559 0x134c FDResPub - ok
10:56:21.0563 0x134c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:56:21.0573 0x134c FileInfo - ok
10:56:21.0577 0x134c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:56:21.0604 0x134c Filetrace - ok
10:56:21.0607 0x134c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:56:21.0618 0x134c flpydisk - ok
10:56:21.0626 0x134c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:56:21.0641 0x134c FltMgr - ok
10:56:21.0667 0x134c [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache C:\Windows\system32\FntCache.dll
10:56:21.0704 0x134c FontCache - ok
10:56:21.0709 0x134c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:56:21.0719 0x134c FontCache3.0.0.0 - ok
10:56:21.0723 0x134c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:56:21.0734 0x134c FsDepends - ok
10:56:21.0738 0x134c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:56:21.0748 0x134c Fs_Rec - ok
10:56:21.0755 0x134c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:56:21.0771 0x134c fvevol - ok
10:56:21.0775 0x134c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:56:21.0785 0x134c gagp30kx - ok
10:56:21.0787 0x134c gdrv - ok
10:56:21.0805 0x134c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:56:21.0847 0x134c gpsvc - ok
10:56:21.0854 0x134c [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0866 0x134c gupdate - ok
10:56:21.0871 0x134c [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:56:21.0882 0x134c gupdatem - ok
10:56:21.0885 0x134c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:56:21.0898 0x134c hcw85cir - ok
10:56:21.0908 0x134c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:56:21.0927 0x134c HdAudAddService - ok
10:56:21.0932 0x134c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
10:56:21.0947 0x134c HDAudBus - ok
10:56:21.0950 0x134c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:56:21.0961 0x134c HidBatt - ok
10:56:21.0966 0x134c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:56:21.0979 0x134c HidBth - ok
10:56:21.0983 0x134c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
10:56:21.0995 0x134c HidIr - ok
10:56:21.0999 0x134c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
10:56:22.0027 0x134c hidserv - ok
10:56:22.0031 0x134c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:56:22.0043 0x134c HidUsb - ok
10:56:22.0048 0x134c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:56:22.0076 0x134c hkmsvc - ok
10:56:22.0084 0x134c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:56:22.0102 0x134c HomeGroupListener - ok
10:56:22.0108 0x134c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:56:22.0123 0x134c HomeGroupProvider - ok
10:56:22.0127 0x134c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:56:22.0138 0x134c HpSAMD - ok
10:56:22.0156 0x134c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:56:22.0185 0x134c HTTP - ok
10:56:22.0189 0x134c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:56:22.0198 0x134c hwpolicy - ok
10:56:22.0203 0x134c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:56:22.0216 0x134c i8042prt - ok
10:56:22.0227 0x134c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:56:22.0244 0x134c iaStorV - ok
10:56:22.0263 0x134c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:56:22.0290 0x134c idsvc - ok
10:56:22.0294 0x134c IEEtwCollectorService - ok
10:56:22.0299 0x134c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:56:22.0308 0x134c iirsp - ok
10:56:22.0327 0x134c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
10:56:22.0355 0x134c IKEEXT - ok
10:56:22.0361 0x134c IntcAzAudAddService - ok
10:56:22.0364 0x134c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:56:22.0373 0x134c intelide - ok
10:56:22.0377 0x134c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
10:56:22.0388 0x134c intelppm - ok
10:56:22.0392 0x134c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:56:22.0421 0x134c IPBusEnum - ok
10:56:22.0426 0x134c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:56:22.0454 0x134c IpFilterDriver - ok
10:56:22.0467 0x134c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:56:22.0492 0x134c iphlpsvc - ok
10:56:22.0497 0x134c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:56:22.0508 0x134c IPMIDRV - ok
10:56:22.0513 0x134c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:56:22.0541 0x134c IPNAT - ok
10:56:22.0555 0x134c [ F4B68F7C1666A2A6CD1D37A08F1D6DF1, 63A3D85B07D10E6B3F4E84FDD6EA6C00F2756E1C9B3E57C11A2FFCD815E99946 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:56:22.0577 0x134c iPod Service - ok
10:56:22.0581 0x134c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:56:22.0594 0x134c IRENUM - ok
10:56:22.0597 0x134c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:56:22.0597 0x18d0 Object send P2P result: true
10:56:22.0606 0x134c isapnp - ok
10:56:22.0614 0x134c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:56:22.0628 0x134c iScsiPrt - ok
10:56:22.0632 0x134c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:56:22.0642 0x134c kbdclass - ok
10:56:22.0645 0x134c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:56:22.0655 0x134c kbdhid - ok
10:56:22.0658 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] KeyIso C:\Windows\system32\lsass.exe
10:56:22.0667 0x134c KeyIso - ok
10:56:22.0672 0x134c [ 033D1EA0A55D92B4C0F7EDB7DF8F0E5A, 31E48564C7F3AD6BB71C0E366D25D4FD55A60B48CD2B28FCB8A7A834ED7568E6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:56:22.0682 0x134c KSecDD - ok
10:56:22.0688 0x134c [ 1FA53C950F443B25A79C731EF8362E7D, 00A5D62BF1F953848B3019A3771CB240915E34D536A43EA5B35F312D6F67EDC4 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:56:22.0700 0x134c KSecPkg - ok
10:56:22.0704 0x134c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:56:22.0732 0x134c ksthunk - ok
10:56:22.0742 0x134c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:56:22.0778 0x134c KtmRm - ok
10:56:22.0787 0x134c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:56:22.0824 0x134c LanmanServer - ok
10:56:22.0830 0x134c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:56:22.0859 0x134c LanmanWorkstation - ok
10:56:22.0865 0x134c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:56:22.0896 0x134c lltdio - ok
10:56:22.0905 0x134c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:56:22.0939 0x134c lltdsvc - ok
10:56:22.0943 0x134c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:56:22.0971 0x134c lmhosts - ok
10:56:22.0978 0x134c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:56:22.0989 0x134c LSI_FC - ok
10:56:22.0994 0x134c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:56:23.0005 0x134c LSI_SAS - ok
10:56:23.0009 0x134c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:56:23.0020 0x134c LSI_SAS2 - ok
10:56:23.0025 0x134c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:56:23.0037 0x134c LSI_SCSI - ok
10:56:23.0042 0x134c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:56:23.0072 0x134c luafv - ok
10:56:23.0083 0x134c [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
10:56:23.0098 0x134c LVRS64 - ok
10:56:23.0197 0x134c [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
10:56:23.0311 0x134c LVUVC64 - ok
10:56:23.0323 0x134c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:56:23.0336 0x134c Mcx2Svc - ok
10:56:23.0340 0x134c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
10:56:23.0351 0x134c megasas - ok
10:56:23.0359 0x134c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:56:23.0375 0x134c MegaSR - ok
10:56:23.0379 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:56:23.0409 0x134c MMCSS - ok
10:56:23.0413 0x134c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:56:23.0442 0x134c Modem - ok
10:56:23.0446 0x134c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:56:23.0460 0x134c monitor - ok
10:56:23.0464 0x134c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:56:23.0474 0x134c mouclass - ok
10:56:23.0478 0x134c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:56:23.0489 0x134c mouhid - ok
10:56:23.0494 0x134c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:56:23.0505 0x134c mountmgr - ok
10:56:23.0510 0x134c [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:56:23.0522 0x134c MozillaMaintenance - ok
10:56:23.0531 0x134c [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:56:23.0549 0x134c MpFilter - ok
10:56:23.0555 0x134c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:56:23.0567 0x134c mpio - ok
10:56:23.0571 0x134c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:56:23.0600 0x134c mpsdrv - ok
10:56:23.0619 0x134c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:56:23.0664 0x134c MpsSvc - ok
10:56:23.0671 0x134c [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:56:23.0687 0x134c MRxDAV - ok
10:56:23.0694 0x134c [ A3A4D13D413D4F39BE3AD4C59ECACDED, 0C4AF0A66E68233D76B958A9D99C09BFCADFB0347855FB6EA5CE3F4356542B83 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:56:23.0710 0x134c mrxsmb - ok
10:56:23.0719 0x134c [ 62C90A2C681A85B33E365D259B74EAC5, 510E5FD19AF98D9B56666F9AE3DAC89399677D51C48A3602A4C125EE12203621 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:56:23.0735 0x134c mrxsmb10 - ok
10:56:23.0740 0x134c [ 3751A25C842BDE4B7AF895F70A3EE3A2, 8C3DA4C03B88A0D860DBA907B115C2AE99D7F168DA7BB36A8D3C9F1D19678A8C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:56:23.0753 0x134c mrxsmb20 - ok
10:56:23.0756 0x134c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:56:23.0766 0x134c msahci - ok
10:56:23.0772 0x134c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:56:23.0784 0x134c msdsm - ok
10:56:23.0789 0x134c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:56:23.0804 0x134c MSDTC - ok
10:56:23.0810 0x134c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:56:23.0839 0x134c Msfs - ok
10:56:23.0842 0x134c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:56:23.0870 0x134c mshidkmdf - ok
10:56:23.0873 0x134c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:56:23.0882 0x134c msisadrv - ok
10:56:23.0888 0x134c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:56:23.0920 0x134c MSiSCSI - ok
10:56:23.0923 0x134c msiserver - ok
10:56:23.0926 0x134c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:56:23.0954 0x134c MSKSSRV - ok
10:56:23.0957 0x134c [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:56:23.0968 0x134c MsMpSvc - ok
10:56:23.0971 0x134c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:56:23.0999 0x134c MSPCLOCK - ok
10:56:24.0002 0x134c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:56:24.0031 0x134c MSPQM - ok
10:56:24.0042 0x134c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:56:24.0058 0x134c MsRPC - ok
10:56:24.0064 0x134c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
10:56:24.0074 0x134c mssmbios - ok
10:56:24.0077 0x134c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:56:24.0104 0x134c MSTEE - ok
10:56:24.0107 0x134c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:56:24.0117 0x134c MTConfig - ok
10:56:24.0121 0x134c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:56:24.0131 0x134c Mup - ok
10:56:24.0143 0x134c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:56:24.0179 0x134c napagent - ok
10:56:24.0189 0x134c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:56:24.0209 0x134c NativeWifiP - ok
10:56:24.0230 0x134c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:56:24.0260 0x134c NDIS - ok
10:56:24.0265 0x134c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:56:24.0293 0x134c NdisCap - ok
10:56:24.0297 0x134c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:56:24.0324 0x134c NdisTapi - ok
10:56:24.0328 0x134c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:56:24.0356 0x134c Ndisuio - ok
10:56:24.0362 0x134c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:56:24.0391 0x134c NdisWan - ok
10:56:24.0395 0x134c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:56:24.0422 0x134c NDProxy - ok
10:56:24.0425 0x134c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:56:24.0453 0x134c NetBIOS - ok
10:56:24.0461 0x134c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:56:24.0492 0x134c NetBT - ok
10:56:24.0496 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] Netlogon C:\Windows\system32\lsass.exe
10:56:24.0508 0x134c Netlogon - ok
10:56:24.0518 0x134c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:56:24.0554 0x134c Netman - ok
10:56:24.0560 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0573 0x134c NetMsmqActivator - ok
10:56:24.0578 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0591 0x134c NetPipeActivator - ok
10:56:24.0603 0x134c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:56:24.0641 0x134c netprofm - ok
10:56:24.0647 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0660 0x134c NetTcpActivator - ok
10:56:24.0665 0x134c [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:56:24.0677 0x134c NetTcpPortSharing - ok
10:56:24.0681 0x134c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:56:24.0691 0x134c nfrd960 - ok
10:56:24.0697 0x134c [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:56:24.0711 0x134c NisDrv - ok
10:56:24.0720 0x134c [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:56:24.0739 0x134c NisSrv - ok
10:56:24.0747 0x134c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
10:56:24.0768 0x134c NlaSvc - ok
10:56:24.0772 0x134c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:56:24.0800 0x134c Npfs - ok
10:56:24.0803 0x134c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:56:24.0833 0x134c nsi - ok
10:56:24.0836 0x134c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:56:24.0865 0x134c nsiproxy - ok
10:56:24.0903 0x134c [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:56:24.0948 0x134c Ntfs - ok
10:56:24.0954 0x134c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:56:24.0982 0x134c Null - ok
10:56:24.0989 0x134c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:56:25.0001 0x134c nvraid - ok
10:56:25.0007 0x134c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:56:25.0020 0x134c nvstor - ok
10:56:25.0025 0x134c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:56:25.0036 0x134c nv_agp - ok
10:56:25.0041 0x134c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:56:25.0053 0x134c ohci1394 - ok
10:56:25.0060 0x134c [ 2D1931102E3FA5942DA27A8F3942418B, 30BAB70BA85274D373A11D41E8C20CB8556D7EF7FFFB8D82C88C4002CCA79B37 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:56:25.0075 0x134c ose - ok
10:56:25.0180 0x134c [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:56:25.0300 0x134c osppsvc - ok
10:56:25.0317 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:56:25.0337 0x134c p2pimsvc - ok
10:56:25.0349 0x134c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:56:25.0368 0x134c p2psvc - ok
10:56:25.0373 0x134c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
10:56:25.0385 0x134c Parport - ok
10:56:25.0389 0x134c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:56:25.0399 0x134c partmgr - ok
10:56:25.0406 0x134c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:56:25.0424 0x134c PcaSvc - ok
10:56:25.0431 0x134c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:56:25.0443 0x134c pci - ok
10:56:25.0446 0x134c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:56:25.0455 0x134c pciide - ok
10:56:25.0462 0x134c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:56:25.0476 0x134c pcmcia - ok
10:56:25.0480 0x134c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:56:25.0490 0x134c pcw - ok
10:56:25.0506 0x134c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:56:25.0530 0x134c PEAUTH - ok
10:56:25.0559 0x134c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
10:56:25.0601 0x134c PeerDistSvc - ok
10:56:25.0624 0x134c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:56:25.0635 0x134c PerfHost - ok
10:56:25.0669 0x134c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:56:25.0727 0x134c pla - ok
10:56:25.0740 0x134c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:56:25.0763 0x134c PlugPlay - ok
10:56:25.0767 0x134c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:56:25.0778 0x134c PNRPAutoReg - ok
10:56:25.0787 0x134c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:56:25.0804 0x134c PNRPsvc - ok
10:56:25.0817 0x134c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:56:25.0853 0x134c PolicyAgent - ok
10:56:25.0861 0x134c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:56:25.0892 0x134c Power - ok
10:56:25.0898 0x134c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:56:25.0926 0x134c PptpMiniport - ok
10:56:25.0931 0x134c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
10:56:25.0943 0x134c Processor - ok
10:56:25.0951 0x134c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
10:56:25.0969 0x134c ProfSvc - ok
10:56:25.0973 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:56:25.0983 0x134c ProtectedStorage - ok
10:56:25.0990 0x134c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:56:26.0020 0x134c Psched - ok
10:56:26.0053 0x134c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:56:26.0094 0x134c ql2300 - ok
10:56:26.0102 0x134c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:56:26.0114 0x134c ql40xx - ok
10:56:26.0123 0x134c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:56:26.0143 0x134c QWAVE - ok
10:56:26.0147 0x134c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:56:26.0162 0x134c QWAVEdrv - ok
10:56:26.0166 0x134c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:56:26.0194 0x134c RasAcd - ok
10:56:26.0198 0x134c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:56:26.0226 0x134c RasAgileVpn - ok
10:56:26.0231 0x134c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:56:26.0262 0x134c RasAuto - ok
10:56:26.0267 0x134c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:56:26.0295 0x134c Rasl2tp - ok
10:56:26.0304 0x134c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:56:26.0337 0x134c RasMan - ok
10:56:26.0342 0x134c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:56:26.0373 0x134c RasPppoe - ok
10:56:26.0378 0x134c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:56:26.0408 0x134c RasSstp - ok
10:56:26.0417 0x134c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:56:26.0451 0x134c rdbss - ok
10:56:26.0455 0x134c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:56:26.0468 0x134c rdpbus - ok
10:56:26.0471 0x134c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:56:26.0500 0x134c RDPCDD - ok
10:56:26.0509 0x134c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
10:56:26.0526 0x134c RDPDR - ok
10:56:26.0530 0x134c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:56:26.0561 0x134c RDPENCDD - ok
10:56:26.0566 0x134c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:56:26.0595 0x134c RDPREFMP - ok
10:56:26.0601 0x134c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:56:26.0615 0x134c RdpVideoMiniport - ok
10:56:26.0624 0x134c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:56:26.0642 0x134c RDPWD - ok
10:56:26.0649 0x134c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:56:26.0664 0x134c rdyboost - ok
10:56:26.0670 0x134c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:56:26.0700 0x134c RemoteAccess - ok
10:56:26.0707 0x134c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:56:26.0739 0x134c RemoteRegistry - ok
10:56:26.0743 0x134c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:56:26.0773 0x134c RpcEptMapper - ok
10:56:26.0776 0x134c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:56:26.0787 0x134c RpcLocator - ok
10:56:26.0799 0x134c [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs C:\Windows\system32\rpcss.dll
10:56:26.0820 0x134c RpcSs - ok
10:56:26.0825 0x134c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:56:26.0853 0x134c rspndr - ok
10:56:26.0876 0x134c [ F668E1FA742B84FEF0F25E8933BD0CC8, 9755826C8A472C342B4948D8D36D190E54DAD05188D4A6E05994ECE529B13CCD ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:56:26.0909 0x134c RTL8167 - ok
10:56:26.0913 0x134c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
10:56:26.0923 0x134c s3cap - ok
10:56:26.0927 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] SamSs C:\Windows\system32\lsass.exe
10:56:26.0938 0x134c SamSs - ok
10:56:26.0943 0x134c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:56:26.0955 0x134c sbp2port - ok
10:56:26.0962 0x134c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:56:26.0994 0x134c SCardSvr - ok
10:56:26.0998 0x134c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:56:27.0025 0x134c scfilter - ok
10:56:27.0050 0x134c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
10:56:27.0088 0x134c Schedule - ok
10:56:27.0095 0x134c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:56:27.0122 0x134c SCPolicySvc - ok
10:56:27.0129 0x134c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:56:27.0146 0x134c SDRSVC - ok
10:56:27.0150 0x134c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:56:27.0164 0x134c secdrv - ok
10:56:27.0168 0x134c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
10:56:27.0182 0x134c seclogon - ok
10:56:27.0186 0x134c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
10:56:27.0215 0x134c SENS - ok
10:56:27.0218 0x134c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:56:27.0233 0x134c SensrSvc - ok
10:56:27.0236 0x134c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:56:27.0247 0x134c Serenum - ok
10:56:27.0251 0x134c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:56:27.0263 0x134c Serial - ok
10:56:27.0267 0x134c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:56:27.0278 0x134c sermouse - ok
10:56:27.0287 0x134c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:56:27.0317 0x134c SessionEnv - ok
10:56:27.0321 0x134c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:56:27.0333 0x134c sffdisk - ok
10:56:27.0337 0x134c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:56:27.0350 0x134c sffp_mmc - ok
10:56:27.0353 0x134c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:56:27.0365 0x134c sffp_sd - ok
10:56:27.0369 0x134c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:56:27.0379 0x134c sfloppy - ok
10:56:27.0391 0x134c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:56:27.0426 0x134c SharedAccess - ok
10:56:27.0438 0x134c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:56:27.0474 0x134c ShellHWDetection - ok
10:56:27.0479 0x134c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:56:27.0489 0x134c SiSRaid2 - ok
10:56:27.0494 0x134c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:56:27.0505 0x134c SiSRaid4 - ok
10:56:27.0515 0x134c [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:56:27.0532 0x134c SkypeUpdate - ok
10:56:27.0538 0x134c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:56:27.0569 0x134c Smb - ok
10:56:27.0576 0x134c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:56:27.0588 0x134c SNMPTRAP - ok
10:56:27.0591 0x134c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:56:27.0600 0x134c spldr - ok
10:56:27.0615 0x134c [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
10:56:27.0654 0x134c Spooler - ok
10:56:27.0729 0x134c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:56:27.0834 0x134c sppsvc - ok
10:56:27.0844 0x134c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:56:27.0874 0x134c sppuinotify - ok
10:56:27.0887 0x134c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:56:27.0910 0x134c srv - ok
10:56:27.0921 0x134c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:56:27.0940 0x134c srv2 - ok
10:56:27.0947 0x134c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:56:27.0961 0x134c srvnet - ok
10:56:27.0968 0x134c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:56:28.0001 0x134c SSDPSRV - ok
10:56:28.0006 0x134c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:56:28.0038 0x134c SstpSvc - ok
10:56:28.0057 0x134c [ BE826A247D22F2FDF24B92AD40049F89, 06996ECCE5A694DEFDC99DB56F45DD0ABD9A2150581F1FD132FBBD863C474DE3 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
10:56:28.0082 0x134c Steam Client Service - ok
10:56:28.0087 0x134c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:56:28.0097 0x134c stexstor - ok
10:56:28.0112 0x134c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:56:28.0140 0x134c stisvc - ok
10:56:28.0145 0x134c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
10:56:28.0155 0x134c storflt - ok
10:56:28.0159 0x134c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
10:56:28.0173 0x134c StorSvc - ok
10:56:28.0178 0x134c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
10:56:28.0187 0x134c storvsc - ok
10:56:28.0190 0x134c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
10:56:28.0200 0x134c swenum - ok
10:56:28.0213 0x134c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:56:28.0253 0x134c swprv - ok
10:56:28.0290 0x134c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
10:56:28.0433 0x134c SysMain - ok
10:56:28.0441 0x134c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:56:28.0459 0x134c TabletInputService - ok
10:56:28.0469 0x134c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:56:28.0503 0x134c TapiSrv - ok
10:56:28.0545 0x134c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:56:28.0595 0x134c Tcpip - ok
10:56:28.0638 0x134c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:56:28.0686 0x134c TCPIP6 - ok
10:56:28.0695 0x134c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:56:28.0706 0x134c tcpipreg - ok
10:56:28.0711 0x134c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:56:28.0725 0x134c TDPIPE - ok
10:56:28.0728 0x134c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:56:28.0739 0x134c TDTCP - ok
10:56:28.0745 0x134c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:56:28.0757 0x134c tdx - ok
10:56:28.0761 0x134c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
10:56:28.0772 0x134c TermDD - ok
10:56:28.0789 0x134c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
10:56:28.0818 0x134c TermService - ok
10:56:28.0823 0x134c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:56:28.0840 0x134c Themes - ok
10:56:28.0845 0x134c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:56:28.0875 0x134c THREADORDER - ok
10:56:28.0883 0x134c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:56:28.0915 0x134c TrkWks - ok
10:56:28.0921 0x134c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:56:28.0952 0x134c TrustedInstaller - ok
10:56:28.0958 0x134c [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:56:28.0972 0x134c tssecsrv - ok
10:56:28.0976 0x134c [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:56:28.0990 0x134c TsUsbFlt - ok
10:56:28.0993 0x134c [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:56:29.0006 0x134c TsUsbGD - ok
10:56:29.0012 0x134c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:56:29.0041 0x134c tunnel - ok
10:56:29.0045 0x134c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:56:29.0056 0x134c uagp35 - ok
10:56:29.0066 0x134c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:56:29.0098 0x134c udfs - ok
10:56:29.0105 0x134c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:56:29.0118 0x134c UI0Detect - ok
10:56:29.0122 0x134c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:56:29.0131 0x134c uliagpkx - ok
10:56:29.0136 0x134c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:56:29.0147 0x134c umbus - ok
10:56:29.0150 0x134c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
10:56:29.0160 0x134c UmPass - ok
10:56:29.0167 0x134c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
10:56:29.0182 0x134c UmRdpService - ok
10:56:29.0194 0x134c [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
10:56:29.0211 0x134c UMVPFSrv - ok
10:56:29.0222 0x134c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:56:29.0257 0x134c upnphost - ok
10:56:29.0262 0x134c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
10:56:29.0277 0x134c USBAAPL64 - ok
10:56:29.0282 0x134c [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A, DE1CDDEEF2285CC8387E88ACB13C000576DC8819DF6DC648C988068B5C83BB15 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
10:56:29.0297 0x134c usbaudio - ok
10:56:29.0302 0x134c [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:56:29.0314 0x134c usbccgp - ok
10:56:29.0319 0x134c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:56:29.0333 0x134c usbcir - ok
10:56:29.0337 0x134c [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:56:29.0348 0x134c usbehci - ok
10:56:29.0353 0x134c [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
10:56:29.0362 0x134c usbfilter - ok
10:56:29.0372 0x134c [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:56:29.0389 0x134c usbhub - ok
10:56:29.0393 0x134c [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
10:56:29.0403 0x134c usbohci - ok
10:56:29.0407 0x134c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
10:56:29.0420 0x134c usbprint - ok
10:56:29.0425 0x134c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:56:29.0439 0x134c USBSTOR - ok
10:56:29.0443 0x134c [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:56:29.0454 0x134c usbuhci - ok
10:56:29.0458 0x134c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:56:29.0487 0x134c UxSms - ok
10:56:29.0491 0x134c [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] VaultSvc C:\Windows\system32\lsass.exe
10:56:29.0501 0x134c VaultSvc - ok
10:56:29.0505 0x134c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:56:29.0515 0x134c vdrvroot - ok
10:56:29.0528 0x134c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:56:29.0566 0x134c vds - ok
10:56:29.0571 0x134c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:56:29.0583 0x134c vga - ok
10:56:29.0587 0x134c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:56:29.0614 0x134c VgaSave - ok
10:56:29.0621 0x134c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:56:29.0634 0x134c vhdmp - ok
10:56:29.0638 0x134c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:56:29.0647 0x134c viaide - ok
10:56:29.0654 0x134c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
10:56:29.0667 0x134c vmbus - ok
10:56:29.0671 0x134c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
10:56:29.0681 0x134c VMBusHID - ok
10:56:29.0686 0x134c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:56:29.0696 0x134c volmgr - ok
10:56:29.0707 0x134c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:56:29.0723 0x134c volmgrx - ok
10:56:29.0732 0x134c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:56:29.0747 0x134c volsnap - ok
10:56:29.0754 0x134c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:56:29.0766 0x134c vsmraid - ok
10:56:29.0801 0x134c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:56:29.0864 0x134c VSS - ok
10:56:29.0875 0x134c [ 9B84E527379C3F4482F7F6A218B5751F, E00DAC7252D675F9E9F9531364CC74D02D72CE82B2C06DFCF70D8882DC6B3BF4 ] VUSB3HUB C:\Windows\system32\DRIVERS\ViaHub3.sys
10:56:29.0893 0x134c VUSB3HUB - ok
10:56:29.0897 0x134c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:56:29.0911 0x134c vwifibus - ok
10:56:29.0922 0x134c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:56:29.0959 0x134c W32Time - ok
10:56:29.0973 0x134c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] W3SVC C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:29.0993 0x134c W3SVC - ok
10:56:29.0997 0x134c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:56:30.0008 0x134c WacomPen - ok
10:56:30.0013 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0041 0x134c WANARP - ok
10:56:30.0045 0x134c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:56:30.0073 0x134c Wanarpv6 - ok
10:56:30.0085 0x134c [ B32009DB1972E7F2C227499289C4384A, D491CD90ACE895EC60A5A2F995EAE39F8ED662B71BC548C3FF5BBDBC60054788 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
10:56:30.0104 0x134c WAS - ok
10:56:30.0137 0x134c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:56:30.0184 0x134c wbengine - ok
10:56:30.0194 0x134c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:56:30.0213 0x134c WbioSrvc - ok
10:56:30.0224 0x134c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:56:30.0245 0x134c wcncsvc - ok
10:56:30.0250 0x134c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:56:30.0265 0x134c WcsPlugInService - ok
10:56:30.0268 0x134c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
10:56:30.0277 0x134c Wd - ok
10:56:30.0295 0x134c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:56:30.0322 0x134c Wdf01000 - ok
10:56:30.0328 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:56:30.0344 0x134c WdiServiceHost - ok
10:56:30.0349 0x134c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:56:30.0361 0x134c WdiSystemHost - ok
10:56:30.0369 0x134c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
10:56:30.0388 0x134c WebClient - ok
10:56:30.0397 0x134c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:56:30.0430 0x134c Wecsvc - ok
10:56:30.0435 0x134c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:56:30.0466 0x134c wercplsupport - ok
10:56:30.0471 0x134c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:56:30.0501 0x134c WerSvc - ok
10:56:30.0504 0x134c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:56:30.0531 0x134c WfpLwf - ok
10:56:30.0535 0x134c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:56:30.0548 0x134c WIMMount - ok
10:56:30.0556 0x134c WinDefend - ok
10:56:30.0558 0x1abc Object required for P2P: [ DA0FAEE45D6F03D7647851A20977A7D0 ] MpFilter
10:56:30.0562 0x134c WinHttpAutoProxySvc - ok
10:56:30.0575 0x134c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:56:30.0610 0x134c Winmgmt - ok
10:56:30.0655 0x134c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
10:56:30.0716 0x134c WinRM - ok
10:56:30.0726 0x134c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:56:30.0739 0x134c WinUsb - ok
10:56:30.0760 0x134c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:56:30.0793 0x134c Wlansvc - ok
10:56:30.0798 0x134c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:56:30.0809 0x134c WmiAcpi - ok
10:56:30.0817 0x134c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:56:30.0832 0x134c wmiApSrv - ok
10:56:30.0835 0x134c WMPNetworkSvc - ok
10:56:30.0839 0x134c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:56:30.0854 0x134c WPCSvc - ok
10:56:30.0860 0x134c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:56:30.0874 0x134c WPDBusEnum - ok
10:56:30.0879 0x134c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:56:30.0909 0x134c ws2ifsl - ok
10:56:30.0915 0x134c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
10:56:30.0932 0x134c wscsvc - ok
10:56:30.0937 0x134c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:56:30.0950 0x134c WSDPrintDevice - ok
10:56:30.0953 0x134c WSearch - ok
10:56:31.0012 0x134c [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
10:56:31.0081 0x134c wuauserv - ok
10:56:31.0090 0x134c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:56:31.0105 0x134c WudfPf - ok
10:56:31.0111 0x134c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:56:31.0125 0x134c WUDFRd - ok
10:56:31.0130 0x134c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:56:31.0143 0x134c wudfsvc - ok
10:56:31.0151 0x134c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
10:56:31.0169 0x134c WwanSvc - ok
10:56:31.0179 0x134c [ 05E47B40CE30DEEF07E49B41178B3273, 1504C086E46ADC020D2C600393F5A58656BBC8885FA8777F307F0A9F2F1E8465 ] xhcdrv C:\Windows\system32\DRIVERS\xhcdrv.sys
10:56:31.0197 0x134c xhcdrv - ok
10:56:31.0201 0x134c ================ Scan global ===============================
10:56:31.0204 0x134c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
10:56:31.0211 0x134c [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0222 0x134c [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
10:56:31.0230 0x134c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:56:31.0239 0x134c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
10:56:31.0246 0x134c [ Global ] - ok
10:56:31.0246 0x134c ================ Scan MBR ==================================
10:56:31.0248 0x134c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:56:31.0314 0x134c \Device\Harddisk0\DR0 - ok
10:56:31.0314 0x134c ================ Scan VBR ==================================
10:56:31.0316 0x134c [ 1657A05D297BC85A388212388AB7FBEA ] \Device\Harddisk0\DR0\Partition1
10:56:31.0317 0x134c \Device\Harddisk0\DR0\Partition1 - ok
10:56:31.0317 0x134c ================ Scan generic autorun ======================
10:56:31.0344 0x134c [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
10:56:31.0383 0x134c MSC - ok
10:56:31.0391 0x134c [ 404A6E6550DB206EA6E9B1AC642102B2, 33CAF3CDEF820DFC97844BBCA56B95B6D31D1C682C69A29D14F7A0C9058AC8EF ] C:\Program Files\iTunes\iTunesHelper.exe
10:56:31.0403 0x134c iTunesHelper - ok
10:56:31.0531 0x134c [ E7079E1F6631F12750B7708FB8F5D007, E4CB290D7AF6A28C02A26221618B83C29DD86BF9B26460B91FD42F4C7DEE4218 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
10:56:31.0670 0x134c StartCN - ok
10:56:31.0712 0x134c [ 69A649BFBD52265A71A26C17899EA287, 4C96F09BD69FAAAF3467BDF3883BE63651EA2EB9447E6CE28BCD7BF9EB9E17B5 ] C:\Program Files (x86)\SPEEDLINK\SPEEDLINK PRIME Gaming Mouse\Gaming Mouse.exe
10:56:31.0746 0x134c SPEEDLINK KUDOS - detected UnsignedFile.Multi.Generic ( 1 )
10:56:32.0992 0x1abc Object send P2P result: true
10:56:32.0996 0x1abc Object required for P2P: [ 6D79C8CB73187FBEAAD1F680FADF98D3 ] NisDrv
10:56:34.0067 0x134c SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - warning
10:56:35.0411 0x1abc Object send P2P result: true
10:56:35.0421 0x1abc Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
10:56:36.0429 0x134c [ 1504D15BCD8D3EC9C08F7BCB394CE5E2, 6B150B4819D9F7DF6893463986DB59ADDF71A05E03F10C2F59462480EF9486F4 ] C:\Program Files (x86)\Skiller PRO\Monitor.exe
10:56:36.0443 0x134c Skiller PRO - detected UnsignedFile.Multi.Generic ( 1 )
10:56:37.0836 0x1abc Object send P2P result: true
10:56:38.0768 0x134c Detect skipped due to KSN trusted
10:56:38.0768 0x134c Skiller PRO - ok
10:56:38.0768 0x134c Sidebar - ok
10:56:38.0773 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0789 0x134c mctadmin - ok
10:56:38.0789 0x134c Sidebar - ok
10:56:38.0794 0x134c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:56:38.0809 0x134c mctadmin - ok
10:56:38.0857 0x134c [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9, 62CEE1449AF368A5FA16DDF9690526965C32979564CF66BD8B3BB534110A910C ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:38.0895 0x134c Spotify Web Helper - ok
10:56:38.0957 0x134c [ 341ADA552AAC541FD34C262296C256EE, 32672460EDDD46550955508343904705D8F26E10F713E3CACDC84689567A9ECF ] C:\Program Files (x86)\Steam\steam.exe
10:56:39.0031 0x134c Steam - ok
10:56:39.0058 0x134c [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Thomas\AppData\Local\FluxSoftware\Flux\flux.exe
10:56:39.0090 0x134c f.lux - ok
10:56:39.0091 0x134c Waiting for KSN requests completion. In queue: 5
10:56:40.0092 0x134c Waiting for KSN requests completion. In queue: 5
10:56:41.0092 0x134c Waiting for KSN requests completion. In queue: 5
10:56:41.0413 0x1370 Object required for P2P: [ 8E3A4D64A060C5CAA90F3B0C15A7DFE9 ] C:\Users\Thomas\AppData\Roaming\Spotify\SpotifyWebHelper.exe
10:56:42.0092 0x134c Waiting for KSN requests completion. In queue: 3
10:56:43.0092 0x134c Waiting for KSN requests completion. In queue: 3
10:56:43.0841 0x1370 Object send P2P result: true
10:56:43.0841 0x1370 Object required for P2P: [ 341ADA552AAC541FD34C262296C256EE ] C:\Program Files (x86)\Steam\steam.exe
10:56:44.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:45.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:46.0092 0x134c Waiting for KSN requests completion. In queue: 2
10:56:46.0281 0x1370 Object send P2P result: true
10:56:47.0101 0x134c AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
10:56:47.0104 0x134c Win FW state via NFP2: enabled ( trusted )
10:56:49.0449 0x134c ============================================================
10:56:49.0449 0x134c Scan finished
10:56:49.0449 0x134c ============================================================
10:56:49.0455 0x12ac Detected object count: 2
10:56:49.0455 0x12ac Actual detected object count: 2
10:57:19.0472 0x12ac amdacpusrsvc ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0473 0x12ac amdacpusrsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:57:19.0473 0x12ac SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - skipped by user
10:57:19.0474 0x12ac SPEEDLINK KUDOS ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
29.05.2016, 19:31
| #5 |
| /// TB-Ausbilder /// Anleitungs-Guru | PC führt Programme zT wahllos aus/nicht aus User hat neuen Thread eröffnet.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu PC führt Programme zT wahllos aus/nicht aus |
| anklickbar, anti-malware, arbeitet, bytes, cs:go, datei, dateien, dnsapi.dll, essen, firefox, forum, funzt, gelöscht, hinzufügen, interne, langsam, microsoft, modus, nachfrage, neu, office 365, programme, security, stark, startet, symbol, taskleiste, tools |
Linear-Darstellung
