Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Log-Analyse und Auswertung: Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 30.05.2016, 15:44   #1
Eisenhower
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Hallo Leute,
bin komplett neu hier. Zudem noch jungfräulich was Foren generell angeht. Sollte ich einen Fehler machen, weist mich drauf hin, aber zerfleischt micht bitte nicht.

Mein Problem fing vor einiger Zeit an: Kein Browser ließ sich mehr öffnen. Weder Mozilla, noch Edge, auch nicht aus einem Link in einer Email etc. Der Virenscanner (GDATA; aktuell) fand nichts. Auch Ein USB-Boot-Scan fand nichts. Ich hielt es für eine passable Idee eine Systemwiederherstellung durchzuführen, et voila: Browser gingen wieder.

Nochmal einen USB-Boot-Scan mit dem Heise Stick: ein Trojaner. Wurde entfernt. Bäm. Soweit so gut.

Jetzt kommen meine aktuelle Probleme: Jedesmal wenn ich meinen PC Neustarte (Windows 10), sind meine Desktopsymbole anders angeordnet. Was aber noch viel nerviger ist: Mein Ping bewegt sich über 500, meist jedoch über 1000ms, was mir jegliches arbeiten/Surfen etc. verwährt, während er bei meinem Mitbewohner (über DLAN im Netz) bei 60ms liegt - es muss also an meinem Rechner liegen. Ich selbst bin über Kabel verbunden.

Ich weiß nicht mehr weiter. Habe jetzt mit diesem HijackThis einen Logfile erstellt, ich hoffe er hilft weiter oder ihr könnt mir weitere Tips geben. Falls andere Fragen kommen: Ich bin 22 Jahre alt, benutze meinen PC aber nur zum Arbeiten, Surfen und Entertainment - studiere also kein Informatik und möchte Erklärungen und HowTos bekommen, falls ich etwas tun muss. (oder zumindest was ich googlen soll)

VIelen Dank!

Hier der Logfile:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 16:22:58, on 30.05.2016
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.10586.0020)


Boot mode: Normal

Running processes:
P:\Programme\GDATA\AVKTray\AVKTray.exe
C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GDKBFltExe32.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
P:\Programme\Creative Soundblaster\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
P:\Programme\GDATA\Firewall\GDFirewallTray.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyCrashService.exe
C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe
C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe
P:\Programme\HiJackThis\HijackThis_2.0.5.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [UpdReg] C:\Windows\UpdReg.EXE
O4 - HKLM\..\Run: [Sound Blaster Recon3D PCIe Control Panel] "P:\Programme\Creative Soundblaster\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe" /r
O4 - HKLM\..\Run: [Duet Display] P:\Programme\Duet\duet.exe
O4 - HKLM\..\Run: [GDFirewallTray] P:\Programme\GDATA\Firewall\GDFirewallTray.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Gregor\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
O4 - HKCU\..\Run: [Skype] "P:\Programme\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Lokaler Dienst')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'Netzwerkdienst')
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{A515F102-5FAD-4F09-B5C5-AC5972E7FCF9}: NameServer = 192.168.7.1
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: G*DATA*ANTIVIRUS Proxy (AVKProxy) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
O23 - Service: G*DATA Scheduler (AVKService) - G Data Software AG - P:\Programme\GDATA\AVK\AVKService.exe
O23 - Service: G DATA Dateisystem Wächter (AVKWCtl) - G Data Software AG - P:\Programme\GDATA\AVK\AVKWCtlx64.exe
O23 - Service: Dienst "Bonjour" (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @oem4.inf,%Creative.CTHdaSvcDesc%;Sound Blaster Service (CtHdaSvc) - Creative Technology Ltd - C:\Windows\sysWow64\CtHdaSvc.exe
O23 - Service: ddmgr - Unknown owner - C:\Windows\system32\ddmgr.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: DuetUpdater - Kairos - P:\Programme\Duet\DuetUpdater.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: G*DATA Personal Firewall (GDFwSvc) - G Data Software AG - P:\Programme\GDATA\Firewall\GDFwSvcx64.exe
O23 - Service: G*DATA Scanner (GDScan) - G Data Software AG - C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-Dienst (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - P:\Programme\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - P:\Programme\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10970 bytes

Alt 30.05.2016, 16:24   #2
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.




Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Schritt 1


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 30.05.2016, 16:37   #3
Eisenhower
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Vielen Dank!

Ich poste also zuerst die FRST und dann die Addition. Zwischendurch als ich das Programm runtergeladen hab, hat sich GDATA mt einem Fund von einer erund.exe (oder so) gemeldet. Weiß nicht ob das jetzt mit dem Scan Tool korreliert oder nicht. Ist auf jeden fall schonmal in der Quarantäne.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-05-2016 02
durchgeführt von Gregor (Administrator) auf DESKTOP-VVKP3TM (30-05-2016 17:31:45)
Gestartet von P:\Downloads
Geladene Profile: Gregor (Verfügbare Profile: Gregor)
Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) P:\Programme\GDATA\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) P:\Programme\GDATA\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHdaSvc.exe
(OSBASE) C:\Windows\System32\ddmgr.exe
(TeamViewer GmbH) P:\Programme\TeamViewer\TeamViewer_Service.exe
(G Data Software AG) P:\Programme\GDATA\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(G Data Software AG) P:\Programme\GDATA\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Creative Technology Ltd) P:\Programme\Creative Soundblaster\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
() P:\Programme\Duet\duet.exe
(G DATA Software AG) P:\Programme\GDATA\Firewall\GDFirewallTray.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Spotify Ltd) C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(TeamViewer GmbH) P:\Programme\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) P:\Programme\TeamViewer\tv_w32.exe
(TeamViewer GmbH) P:\Programme\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Mozilla Corporation) P:\Programme\Mozilla Firefox\firefox.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [5006536 2016-03-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [iTunesHelper] => P:\Programme\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE
HKLM-x32\...\Run: [Sound Blaster Recon3D PCIe Control Panel] => P:\Programme\Creative Soundblaster\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe [976896 2012-12-18] (Creative Technology Ltd)
HKLM-x32\...\Run: [Duet Display] => P:\Programme\Duet\duet.exe [2087848 2016-03-01] ()
HKLM-x32\...\Run: [GDFirewallTray] => P:\Programme\GDATA\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,P:\Programme\GDATA\AVKTray\AVKTray.exe
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8813784 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [Spotify Web Helper] => C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1554032 2016-05-28] (Spotify Ltd)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [Spotify] => C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe [6859888 2016-05-28] (Spotify Ltd)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [Skype] => P:\Programme\Skype\Phone\Skype.exe [51660416 2016-04-01] (Skype Technologies S.A.)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\MountPoints2: {b6be84d4-00dd-11e6-98dd-00270e03c7c1} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Users\Gregor\Documents\matrix3\matrix.scr [92214 2016-04-17] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a92ff90-94d7-4343-b6e7-8c701fd57d2a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A515F102-5FAD-4F09-B5C5-AC5972E7FCF9}: [NameServer] 192.168.7.1

Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gregor\AppData\Roaming\Mozilla\Firefox\Profiles\drd01y9k.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> P:\Programme\VLC\npvlc.dll [2016-01-20] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> P:\Programme\Acrobat Reader\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Gregor\AppData\Roaming\Mozilla\Firefox\Profiles\drd01y9k.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-13]
StartMenuInternet: FIREFOX.EXE - P:\Programme\Mozilla Firefox\firefox.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2738296 2015-09-16] (G Data Software AG)
R2 AVKService; P:\Programme\GDATA\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG)
R2 AVKWCtl; P:\Programme\GDATA\AVK\AVKWCtlx64.exe [3842504 2015-09-16] (G Data Software AG)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2012-10-08] (Creative Technology Ltd) [Datei ist nicht signiert]
R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [112648 2015-06-19] (Creative Technology Ltd)
R2 ddmgr; C:\Windows\system32\ddmgr.exe [1664672 2016-02-10] (OSBASE)
S3 DuetUpdater; P:\Programme\Duet\DuetUpdater.exe [734632 2016-03-01] (Kairos)
R3 GDFwSvc; P:\Programme\GDATA\Firewall\GDFwSvcx64.exe [3203392 2015-09-15] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG)
S2 SkypeUpdate; P:\Programme\Skype\Updater\Updater.exe [327808 2016-03-23] (Skype Technologies)
R2 TeamViewer; P:\Programme\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [111120 2016-03-01] (Advanced Micro Devices)
R3 cthda; C:\Windows\system32\drivers\cthda.sys [1058600 2015-06-19] (Creative Technology Ltd)
R3 cthdb; C:\Windows\system32\DRIVERS\cthdb.sys [37160 2015-06-19] (Creative Technology Ltd)
R4 ddkmd; C:\WINDOWS\system32\drivers\ddkmd.sys [254968 2016-02-10] (OSBASE)
R0 ddkmdldr; C:\Windows\System32\drivers\ddkmdldr.sys [16888 2016-02-10] (OSBASE)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2016-05-13] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [28672 2016-05-13] (G Data Software AG)
R3 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2016-05-13] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [231936 2016-05-13] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2016-05-13] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [69120 2016-05-13] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2016-05-13] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [126464 2016-05-13] (G Data Software AG)
R3 S332x64; C:\Windows\system32\DRIVERS\S332x64.sys [78080 2012-02-27] (Identive                                                    )
R0 TS4NT; C:\Windows\System32\Drivers\TS4nt.sys [100352 2016-04-12] (G DATA Software AG)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 17:31 - 2016-05-30 17:31 - 00000000 ____D C:\FRST
2016-05-27 20:39 - 2016-05-27 20:39 - 00000000 ____D C:\ProgramData\ATI
2016-05-25 16:22 - 2016-05-25 16:22 - 00161389 _____ C:\Users\Gregor\Desktop\Exposè-Lenz_2.pdf
2016-05-19 14:49 - 2016-05-30 17:25 - 00000000 ____D C:\Users\Gregor\AppData\Local\D1E31A19-DCFF-486F-9698-E0E668FF2230.aplzod
2016-05-19 14:49 - 2016-05-19 14:49 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2016-05-19 14:48 - 2016-05-30 16:15 - 00000000 ___RD C:\Users\Gregor\iCloudDrive
2016-05-19 14:48 - 2016-05-19 14:49 - 00000000 ____D C:\Users\Gregor\AppData\Local\Apple Inc
2016-05-19 14:44 - 2016-05-19 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2016-05-13 22:37 - 2016-04-30 08:31 - 03591168 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-05-13 22:37 - 2016-04-23 08:12 - 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-05-13 22:37 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-05-13 22:37 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCensus.exe
2016-05-13 22:37 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-05-13 22:37 - 2016-04-23 07:24 - 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-05-13 22:37 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-05-13 22:37 - 2016-04-23 07:10 - 03673424 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-05-13 22:37 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-05-13 22:37 - 2016-04-23 07:09 - 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-05-13 22:37 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-05-13 22:37 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2016-05-13 22:37 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-05-13 22:37 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2016-05-13 22:37 - 2016-04-23 07:08 - 04515256 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-05-13 22:37 - 2016-04-23 07:01 - 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-05-13 22:37 - 2016-04-23 06:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-05-13 22:37 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-05-13 22:37 - 2016-04-23 06:30 - 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-05-13 22:37 - 2016-04-23 06:30 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-05-13 22:37 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2016-05-13 22:37 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-05-13 22:37 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-05-13 22:37 - 2016-04-23 06:23 - 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-05-13 22:37 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-05-13 22:37 - 2016-04-23 06:22 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-05-13 22:37 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-05-13 22:37 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-05-13 22:37 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2016-05-13 22:37 - 2016-04-23 06:19 - 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-05-13 22:37 - 2016-04-23 06:19 - 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-05-13 22:37 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-05-13 22:37 - 2016-04-23 06:19 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-05-13 22:37 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\CredProvDataModel.dll
2016-05-13 22:37 - 2016-04-23 06:18 - 24604672 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-05-13 22:37 - 2016-04-23 06:18 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-05-13 22:37 - 2016-04-23 06:18 - 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-05-13 22:37 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\Windows\system32\modernexecserver.dll
2016-05-13 22:37 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-05-13 22:37 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-05-13 22:37 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-05-13 22:37 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-05-13 22:37 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredProvDataModel.dll
2016-05-13 22:37 - 2016-04-23 06:14 - 13383168 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-05-13 22:37 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-05-13 22:37 - 2016-04-23 06:13 - 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-05-13 22:37 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-05-13 22:37 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-05-13 22:37 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-05-13 22:37 - 2016-04-23 06:09 - 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-05-13 22:37 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-05-13 22:37 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-05-13 22:37 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-05-13 22:37 - 2016-04-23 06:06 - 06974464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-05-13 22:37 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-05-13 22:37 - 2016-04-23 06:05 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-05-13 22:37 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-05-13 22:37 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2016-05-13 22:37 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-05-13 22:37 - 2016-04-23 06:03 - 04894208 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-05-13 22:37 - 2016-04-23 06:03 - 02280960 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-05-13 22:37 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-05-13 22:37 - 2016-04-23 06:02 - 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-05-13 22:37 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-05-13 22:36 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdport.sys
2016-05-13 22:36 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptngc.dll
2016-05-13 22:36 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2016-05-13 22:36 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnr.dll
2016-05-13 22:36 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\NgcCtnrSvc.dll
2016-05-13 22:36 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\Windows\system32\ngccredprov.dll
2016-05-13 22:36 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\cryptngc.dll
2016-05-13 22:36 - 2016-05-06 05:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-05-13 22:36 - 2016-04-30 08:42 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-05-13 22:36 - 2016-04-23 08:12 - 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-05-13 22:36 - 2016-04-23 08:12 - 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-05-13 22:36 - 2016-04-23 08:12 - 00294592 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-05-13 22:36 - 2016-04-23 08:12 - 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-05-13 22:36 - 2016-04-23 08:12 - 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-05-13 22:36 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-05-13 22:36 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-05-13 22:36 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-05-13 22:36 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\Windows\system32\CoreMessaging.dll
2016-05-13 22:36 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2016-05-13 22:36 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2016-05-13 22:36 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2016-05-13 22:36 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-05-13 22:36 - 2016-04-23 07:18 - 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-05-13 22:36 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-05-13 22:36 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2016-05-13 22:36 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-05-13 22:36 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-05-13 22:36 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFCaptureEngine.dll
2016-05-13 22:36 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-05-13 22:36 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-05-13 22:36 - 2016-04-23 07:11 - 00696672 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-05-13 22:36 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\Windows\system32\MFCaptureEngine.dll
2016-05-13 22:36 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2016-05-13 22:36 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufxsynopsys.sys
2016-05-13 22:36 - 2016-04-23 07:11 - 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-05-13 22:36 - 2016-04-23 07:10 - 00330072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-05-13 22:36 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-05-13 22:36 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-05-13 22:36 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-05-13 22:36 - 2016-04-23 07:09 - 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-05-13 22:36 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-05-13 22:36 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-05-13 22:36 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-05-13 22:36 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-05-13 22:36 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2016-05-13 22:36 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2016-05-13 22:36 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\Windows\system32\wininit.exe
2016-05-13 22:36 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2016-05-13 22:36 - 2016-04-23 07:01 - 00650304 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-05-13 22:36 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-05-13 22:36 - 2016-04-23 07:01 - 00577368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-05-13 22:36 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-05-13 22:36 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2016-05-13 22:36 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2016-05-13 22:36 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01594920 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01372304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\Windows\system32\directmanipulation.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\directmanipulation.dll
2016-05-13 22:36 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\Windows\system32\dwminit.dll
2016-05-13 22:36 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2016-05-13 22:36 - 2016-04-23 06:39 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-05-13 22:36 - 2016-04-23 06:35 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-05-13 22:36 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbser.sys
2016-05-13 22:36 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\hmkd.dll
2016-05-13 22:36 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-05-13 22:36 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\NFCProvisioningPlugin.dll
2016-05-13 22:36 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2016-05-13 22:36 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\UcmCx.sys
2016-05-13 22:36 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\ByteCodeGenerator.exe
2016-05-13 22:36 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\wificonnapi.dll
2016-05-13 22:36 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-13 22:36 - 2016-04-23 06:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-05-13 22:36 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-05-13 22:36 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\provisioningcsp.dll
2016-05-13 22:36 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\VEStoreEventHandlers.dll
2016-05-13 22:36 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\filecrypt.sys
2016-05-13 22:36 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\MDMAppInstaller.exe
2016-05-13 22:36 - 2016-04-23 06:29 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-05-13 22:36 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hmkd.dll
2016-05-13 22:36 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ByteCodeGenerator.exe
2016-05-13 22:36 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-05-13 22:36 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\CloudDomainJoinDataModelServer.dll
2016-05-13 22:36 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\VEDataLayerHelpers.dll
2016-05-13 22:36 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\BluetoothApis.dll
2016-05-13 22:36 - 2016-04-23 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-05-13 22:36 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshbth.dll
2016-05-13 22:36 - 2016-04-23 06:27 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-05-13 22:36 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfdprov.dll
2016-05-13 22:36 - 2016-04-23 06:26 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-05-13 22:36 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-05-13 22:36 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\PhoneProviders.dll
2016-05-13 22:36 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2016-05-13 22:36 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2016-05-13 22:36 - 2016-04-23 06:25 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\provengine.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\provhandlers.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\SubscriptionMgr.dll
2016-05-13 22:36 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEDataLayerHelpers.dll
2016-05-13 22:36 - 2016-04-23 06:23 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-05-13 22:36 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-05-13 22:36 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\BrowserSettingSync.dll
2016-05-13 22:36 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BluetoothApis.dll
2016-05-13 22:36 - 2016-04-23 06:22 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-05-13 22:36 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-05-13 22:36 - 2016-04-23 06:21 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-05-13 22:36 - 2016-04-23 06:20 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-05-13 22:36 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-05-13 22:36 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\Windows\system32\ActivationManager.dll
2016-05-13 22:36 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-05-13 22:36 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll
2016-05-13 22:36 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2016-05-13 22:36 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BrowserSettingSync.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00988672 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-05-13 22:36 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\Windows\system32\OneDriveSettingSyncProvider.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupShim.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2016-05-13 22:36 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-05-13 22:36 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-05-13 22:36 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2016-05-13 22:36 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-05-13 22:36 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2016-05-13 22:36 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-05-13 22:36 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-05-13 22:36 - 2016-04-23 06:15 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-05-13 22:36 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2016-05-13 22:36 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll
2016-05-13 22:36 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OneDriveSettingSyncProvider.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\Windows\system32\TokenBroker.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupShim.dll
2016-05-13 22:36 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2016-05-13 22:36 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-05-13 22:36 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll
2016-05-13 22:36 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LogonController.dll
2016-05-13 22:36 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AzureSettingSyncProvider.dll
2016-05-13 22:36 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TokenBroker.dll
2016-05-13 22:36 - 2016-04-23 06:07 - 02598912 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-05-13 22:36 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-05-13 22:36 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-05-13 22:36 - 2016-04-23 06:05 - 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-05-13 22:36 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-05-13 22:36 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-05-13 22:36 - 2016-04-23 06:05 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-05-13 22:36 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-05-13 22:36 - 2016-04-23 06:04 - 01731072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-05-13 22:36 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-05-13 22:36 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-05-13 22:36 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-05-13 22:36 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-05-13 22:36 - 2016-04-23 06:00 - 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-05-13 22:36 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-05-13 22:36 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CoreMessaging.dll
2016-05-13 22:36 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-05-13 22:36 - 2016-04-23 04:10 - 00002186 _____ C:\Windows\system32\AppxProvisioning.xml
2016-05-13 22:36 - 2016-04-19 00:30 - 00002186 _____ C:\Windows\SysWOW64\AppxProvisioning.xml
2016-05-13 21:40 - 2016-05-13 21:40 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys
2016-05-13 21:40 - 2016-05-13 21:40 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys
2016-05-13 21:34 - 2016-05-13 21:34 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00231936 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00126464 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00069120 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00028672 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00020992 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBFlt64.sys
2016-05-13 21:33 - 2016-05-13 21:33 - 00000778 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2016-05-13 21:33 - 2016-05-13 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2016-05-13 21:29 - 2016-05-13 21:29 - 00002212 _____ C:\Users\Gregor\Desktop\G Data Internet Security 2016 - CHIP Downloader.lnk
2016-05-13 21:01 - 2016-04-22 09:57 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-05-07 13:32 - 2016-05-07 13:33 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\Guitar Pro 6
2016-05-07 13:32 - 2016-05-07 13:32 - 00000000 ____D C:\Users\Gregor\Desktop\Tabs
2016-05-07 13:32 - 2016-05-07 13:32 - 00000000 ____D C:\ProgramData\Guitar Pro 6
2016-05-07 13:31 - 2016-05-13 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guitar Pro 6
2016-05-04 12:16 - 2016-05-04 12:16 - 00000000 ____D C:\Users\Gregor\Documents\Adobe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-05-30 17:25 - 2016-04-13 14:34 - 00000000 ____D C:\Users\Gregor\Documents\Outlook-Dateien
2016-05-30 17:25 - 2016-04-12 21:22 - 00000000 ____D C:\Users\Gregor\AppData\Local\Spotify
2016-05-30 17:18 - 2015-10-30 08:28 - 00032768 ___SH C:\Windows\system32\config\ELAM
2016-05-30 17:00 - 2016-04-22 23:50 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-30 16:47 - 2016-04-12 21:22 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\Spotify
2016-05-30 16:19 - 2016-04-12 20:45 - 01708398 _____ C:\Windows\system32\PerfStringBackup.INI
2016-05-30 16:19 - 2016-04-12 20:40 - 00000000 ____D C:\Users\Gregor\AppData\Local\VirtualStore
2016-05-30 16:19 - 2016-02-13 18:59 - 00737872 _____ C:\Windows\system32\perfh007.dat
2016-05-30 16:19 - 2016-02-13 18:59 - 00147558 _____ C:\Windows\system32\perfc007.dat
2016-05-30 16:19 - 2015-10-30 09:21 - 00000000 ____D C:\Windows\INF
2016-05-30 16:15 - 2016-04-17 18:37 - 00000443 _____ C:\Users\Gregor\AppData\Roaming\CSharpAnalytics-MeasurementSession
2016-05-30 16:14 - 2016-04-12 21:40 - 00000000 _____ C:\Windows\system32\Drivers\lvuvc.hs
2016-05-30 16:14 - 2016-02-13 19:26 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-30 16:14 - 2016-02-13 10:22 - 00348704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-30 16:14 - 2015-10-30 08:28 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-05-30 14:58 - 2016-04-13 12:56 - 00002284 ____H C:\Users\Gregor\Documents\Default.rdp
2016-05-30 11:23 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\AppReadiness
2016-05-29 13:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-25 17:18 - 2016-04-13 11:36 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\TeamViewer
2016-05-23 23:50 - 2016-04-12 20:39 - 00000000 ____D C:\Users\Gregor
2016-05-23 14:15 - 2016-04-13 11:41 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-19 14:48 - 2016-04-13 11:46 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\Apple Computer
2016-05-19 14:44 - 2016-04-13 11:46 - 00000000 ____D C:\Users\Gregor\AppData\Local\Apple Computer
2016-05-19 14:44 - 2016-04-13 11:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-05-19 12:04 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\rescache
2016-05-19 09:00 - 2016-02-13 19:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-19 01:15 - 2016-02-13 19:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-19 01:15 - 2015-10-30 09:24 - 00015703 _____ C:\Windows\system32\OEMDefaultAssociations.xml
2016-05-19 01:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\oobe
2016-05-19 01:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-19 01:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\Provisioning
2016-05-19 01:15 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\bcastdvr
2016-05-14 00:10 - 2016-04-12 22:01 - 00000000 ____D C:\ProgramData\G Data
2016-05-14 00:03 - 2015-10-30 09:11 - 00000000 ____D C:\Windows\CbsTemp
2016-05-14 00:02 - 2016-04-13 14:08 - 00000000 ____D C:\Windows\system32\MRT
2016-05-13 23:58 - 2016-04-13 14:08 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-05-13 21:55 - 2016-04-17 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duet Display
2016-05-13 21:55 - 2016-04-13 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-05-13 21:55 - 2016-04-13 11:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-05-13 21:55 - 2016-04-13 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-05-13 21:55 - 2016-04-13 11:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-05-13 21:55 - 2016-04-12 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-13 21:55 - 2016-04-12 22:05 - 00000000 ____D C:\ProgramData\G DATA Software
2016-05-13 21:55 - 2016-04-12 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2016-05-13 21:55 - 2016-04-12 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-13 21:55 - 2016-04-12 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-05-13 21:55 - 2016-02-13 19:13 - 00000000 ____D C:\Windows\ShellNew
2016-05-13 21:55 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-05-13 21:55 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\L2Schemas
2016-05-13 21:55 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\system32\Sysprep
2016-05-13 21:55 - 2015-10-30 08:28 - 00000000 ____D C:\Windows\servicing
2016-05-13 21:54 - 2016-04-13 14:21 - 00000000 __RHD C:\MSOCache
2016-05-13 21:54 - 2016-04-12 20:58 - 00000000 ____D C:\Users\Gregor\AppData\Local\Mozilla
2016-05-13 21:54 - 2016-04-12 20:40 - 00000000 ____D C:\Users\Gregor\AppData\Roaming\Adobe
2016-05-13 21:54 - 2016-04-12 20:40 - 00000000 ____D C:\Users\Gregor\AppData\Local\Packages
2016-05-13 21:54 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\registration
2016-05-13 21:54 - 2015-10-30 09:24 - 00000000 ____D C:\Windows\appcompat
2016-05-13 21:40 - 2016-04-13 14:35 - 00000000 ____D C:\Users\Gregor\AppData\Local\G DATA
2016-05-13 21:33 - 2015-10-30 09:24 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-05-13 21:13 - 2016-04-13 11:42 - 00003972 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-13 21:06 - 2016-04-12 22:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA TOTAL PROTECTION
2016-05-13 21:01 - 2016-04-22 23:50 - 00003870 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-11 21:57 - 2015-10-30 09:26 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-06 15:05 - 2016-04-13 12:03 - 00000000 ____D C:\Users\Gregor\AppData\Local\Adobe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-17 18:37 - 2016-05-30 16:15 - 0000443 _____ () C:\Users\Gregor\AppData\Roaming\CSharpAnalytics-MeasurementSession
2016-04-12 22:06 - 2016-04-12 22:06 - 0000000 _____ () C:\Users\Gregor\AppData\Roaming\gdfw.log
2016-04-12 22:06 - 2016-05-13 21:33 - 0002534 _____ () C:\Users\Gregor\AppData\Roaming\gdscan.log

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-05-23 16:09

==================== Ende von FRST.txt ============================
Und Nummer 2:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-05-2016 02
durchgeführt von Gregor (2016-05-30 17:32:13)
Gestartet von P:\Downloads
Windows 10 Pro Version 1511 (X64) (2016-04-12 18:39:09)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2159652744-4213428789-1342335983-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2159652744-4213428789-1342335983-503 - Limited - Disabled)
Gast (S-1-5-21-2159652744-4213428789-1342335983-501 - Limited - Disabled)
Gregor (S-1-5-21-2159652744-4213428789-1342335983-1001 - Administrator - Enabled) => C:\Users\Gregor

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20041 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0321.1015.16463 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.03 - Creative Technology Limited)
Duet Display (HKLM-x32\...\Duet Display 1.3.2) (Version: 1.3.2 - Kairos)
Duet Display (Version: 1.3.2 - Kairos) Hidden
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.9 - G DATA Software AG)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kairos Display (HKLM\...\{26FF0635-2319-4DA6-8B7D-D35E9CD40E85}) (Version: 1.00.2622 - Kairos)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x64 de) (HKLM\...\Mozilla Firefox 45.0.2 (x64 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2 - Mozilla)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.108 - Skype Technologies S.A.)
Sound Blaster Recon3D PCIe (HKLM-x32\...\{E9DF9D95-BF8F-4264-B54E-988DAD71EE92}) (Version: 1.02.03 - Creative Technology Limited)
Sound Blaster Recon3D PCIe Extras (HKLM-x32\...\{204FCF73-1450-407D-BCF9-1233EC5F5787}) (Version: 1.0 - Creative Technology Limited)
Spotify (HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\Spotify) (Version: 1.0.29.92.g67727800 - Spotify AB)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.2 - VideoLAN)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2159652744-4213428789-1342335983-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gregor\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2EDD91F7-CD4D-413E-916B-FBF55F8D768C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)
Task: {41AE6CCE-1E54-4A76-9379-3BEF070A9073} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F1C5B273-D65B-43FB-9CC2-13E5A464DF7C} - System32\Tasks\DuetUpdater => P:\Programme\Duet\DuetUpdater.exe [2016-03-01] (Kairos)
Task: {FE0B686E-CB9F-44B2-BC36-6AB59226846C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-09-22 04:44 - 2015-09-22 04:44 - 00387192 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\system32\CoreUIComponents.dll
2016-04-13 14:06 - 2016-03-29 12:20 - 02656952 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-02-13 19:02 - 2016-02-13 19:02 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-13 22:36 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-03-11 22:49 - 2016-03-11 22:49 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-03-01 12:22 - 2016-03-01 12:22 - 02087848 _____ () P:\Programme\Duet\duet.exe
2016-04-19 17:12 - 2016-04-19 17:12 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-13 22:37 - 2016-04-23 06:02 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-13 22:37 - 2016-04-23 05:58 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-13 22:37 - 2016-04-23 05:58 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-13 22:37 - 2016-04-23 06:01 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-13 22:37 - 2016-04-23 05:58 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-19 17:12 - 2016-04-19 17:12 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 17:12 - 2016-04-19 17:12 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 02:42 - 2015-11-11 02:42 - 01045672 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 09:24 - 2015-10-30 09:21 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "Duet Display"
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2159652744-4213428789-1342335983-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{9EAC7BD8-DF04-4845-AF75-23491F4EC927}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{78AD0D2F-D7D0-46C7-8AEF-B8F14EC11C2B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E7C6E0DC-6C14-4BC1-A0B1-1FFAB18095D5}] => (Allow) P:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{9AAFDC9A-D502-457C-9EEA-12E639FE6E8E}] => (Allow) P:\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{0B5EADBE-A27A-4BBA-8ED9-D3A4EC9FEE38}C:\users\gregor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gregor\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{18767FF5-14C9-406A-ABCE-6F00957B16B3}C:\users\gregor\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gregor\appdata\roaming\spotify\spotify.exe
FirewallRules: [{5847724D-EC76-46EB-ADA0-99815CC4B494}] => (Allow) P:\Programme\Skype\Phone\Skype.exe
FirewallRules: [{0F0BB99B-A0E4-4957-826A-FD1763E5E4D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F068A11B-8C1E-49E1-A212-4BE1FE4A2951}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AD96BDAC-0740-483E-98CA-7CADBCB980F1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{652FA543-0945-402C-9FDA-79E2D2EB6335}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9A2A17BD-6DC4-484D-8528-7631A62B7923}] => (Allow) P:\Programme\iTunes\iTunes.exe
FirewallRules: [{F64C05E3-348F-4425-9DE4-D901E2701E11}] => (Allow) P:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{489ED28C-65CB-453F-AC1F-94BE4FB87FCE}] => (Allow) P:\Programme\TeamViewer\TeamViewer.exe
FirewallRules: [{C8056AB0-A510-4735-AD06-97C396F05D3C}] => (Allow) P:\Programme\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{75514F27-DF70-4559-A60E-21CA8DFA6785}] => (Allow) P:\Programme\TeamViewer\TeamViewer_Service.exe

==================== Wiederherstellungspunkte =========================

13-05-2016 23:57:39 Windows Update
19-05-2016 13:59:21 Installed iCloud
27-05-2016 20:20:49 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/30/2016 04:14:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d7ba
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1686
Ausnahmecode: 0xc0000602
Fehleroffset: 0x000000000022885f
ID des fehlerhaften Prozesses: 0xa0c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5

Error: (05/30/2016 04:14:09 PM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (2572) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)

Error: (05/30/2016 04:02:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version: 10.0.10586.306, Zeitstempel: 0x571afaa5
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af9f6
Ausnahmecode: 0xc000027b
Fehleroffset: 0x000000000048c009
ID des fehlerhaften Prozesses: 0x5d0
Startzeit der fehlerhaften Anwendung: 0xShellExperienceHost.exe0
Pfad der fehlerhaften Anwendung: ShellExperienceHost.exe1
Pfad des fehlerhaften Moduls: ShellExperienceHost.exe2
Berichtskennung: ShellExperienceHost.exe3
Vollständiger Name des fehlerhaften Pakets: ShellExperienceHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ShellExperienceHost.exe5

Error: (05/30/2016 03:54:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SearchUI.exe, Version: 10.0.10586.306, Zeitstempel: 0x571af796
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af9f6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000036bd98
ID des fehlerhaften Prozesses: 0x252c
Startzeit der fehlerhaften Anwendung: 0xSearchUI.exe0
Pfad der fehlerhaften Anwendung: SearchUI.exe1
Pfad des fehlerhaften Moduls: SearchUI.exe2
Berichtskennung: SearchUI.exe3
Vollständiger Name des fehlerhaften Pakets: SearchUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SearchUI.exe5

Error: (05/30/2016 03:30:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: duet.exe, Version: 1.3.2.0, Zeitstempel: 0x56d5cfe9
Name des fehlerhaften Moduls: atiumd64.dll, Version: 9.14.10.1183, Zeitstempel: 0x56effb76
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000057691
ID des fehlerhaften Prozesses: 0x1a44
Startzeit der fehlerhaften Anwendung: 0xduet.exe0
Pfad der fehlerhaften Anwendung: duet.exe1
Pfad des fehlerhaften Moduls: duet.exe2
Berichtskennung: duet.exe3
Vollständiger Name des fehlerhaften Pakets: duet.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: duet.exe5

Error: (05/30/2016 03:30:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: duet.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 00007FFEA4887691

Error: (05/27/2016 08:20:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/19/2016 01:59:22 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (05/14/2016 12:02:12 AM) (Source: Perflib) (EventID: 1017) (User: )
Description: Outlook

Error: (05/14/2016 12:02:12 AM) (Source: Perflib) (EventID: 1021) (User: )
Description: Outlook8


Systemfehler:
=============
Error: (05/30/2016 04:14:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 04:14:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_be67cad" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 04:14:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/30/2016 02:18:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/30/2016 01:18:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_b1fda3f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2016 01:18:36 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (05/29/2016 10:28:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_b13fcb9 erreicht.

Error: (05/29/2016 10:28:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VVKP3TM)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/29/2016 10:28:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VVKP3TM)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (05/29/2016 10:28:46 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-VVKP3TM)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


CodeIntegrity:
===================================
  Date: 2016-05-19 14:49:11.627
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-19 08:59:24.086
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-18 23:24:37.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 15:25:42.892
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 14:37:37.855
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-09 18:59:52.608
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-08 12:46:27.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-20 17:08:28.150
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 15:05:43.421
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-13 14:30:18.618
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz
Prozentuale Nutzung des RAM: 38%
Installierter physikalischer RAM: 8182.45 MB
Verfügbarer physikalischer RAM: 5037.93 MB
Summe virtueller Speicher: 9462.45 MB
Verfügbarer virtueller Speicher: 5945.47 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:172.78 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive p: (Volume) (Fixed) (Total:2794.39 GB) (Free:2329.88 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 8AAABA74)
Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
__________________
Alt 30.05.2016, 18:12   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Glaube nicht an ein Malwareproblem...Aber mach mal die Routinescans:

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 30.05.2016, 21:15   #5
Eisenhower
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Hier das Logfile. Gefunden wurde nichts. Ich muss den Log aufgrund der Länge in zwei Teile aufteilen.

Code:
ATTFilter
22:08:20.0457 0x1c74  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:08:25.0550 0x1c74  ============================================================
22:08:25.0550 0x1c74  Current date / time: 2016/05/30 22:08:25.0550
22:08:25.0550 0x1c74  SystemInfo:
22:08:25.0550 0x1c74  
22:08:25.0550 0x1c74  OS Version: 10.0.10586 ServicePack: 0.0
22:08:25.0550 0x1c74  Product type: Workstation
22:08:25.0550 0x1c74  ComputerName: DESKTOP-VVKP3TM
22:08:25.0550 0x1c74  UserName: Gregor
22:08:25.0550 0x1c74  Windows directory: C:\Windows
22:08:25.0550 0x1c74  System windows directory: C:\Windows
22:08:25.0550 0x1c74  Running under WOW64
22:08:25.0550 0x1c74  Processor architecture: Intel x64
22:08:25.0550 0x1c74  Number of processors: 8
22:08:25.0550 0x1c74  Page size: 0x1000
22:08:25.0550 0x1c74  Boot type: Normal boot
22:08:25.0550 0x1c74  ============================================================
22:08:25.0581 0x1c74  KLMD registered as C:\Windows\system32\drivers\88220606.sys
22:08:25.0851 0x1c74  System UUID: {4B259464-44B3-1E17-E9EB-60E92CA2B0FC}
22:08:26.0273 0x1c74  Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:08:26.0273 0x1c74  Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x112FF, SectorsPerTrack: 0x1E, TracksPerCylinder: 0xDE, Type 'K0', Flags 0x00000040
22:08:26.0320 0x1c74  ============================================================
22:08:26.0320 0x1c74  \Device\Harddisk0\DR0:
22:08:26.0320 0x1c74  GPT partitions:
22:08:26.0351 0x1c74  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {108860D8-DD36-4C86-AEB1-2D886FBAD020}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
22:08:26.0351 0x1c74  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E369FD4E-D333-4BB8-B06F-B20971605C37}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
22:08:26.0351 0x1c74  MBR partitions:
22:08:26.0351 0x1c74  \Device\Harddisk1\DR1:
22:08:26.0351 0x1c74  MBR partitions:
22:08:26.0351 0x1c74  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0x1BE29000
22:08:26.0351 0x1c74  ============================================================
22:08:26.0351 0x1c74  C: <-> \Device\Harddisk1\DR1\Partition1
22:08:26.0367 0x1c74  P: <-> \Device\Harddisk0\DR0\Partition2
22:08:26.0367 0x1c74  ============================================================
22:08:26.0367 0x1c74  Initialize success
22:08:26.0367 0x1c74  ============================================================
22:08:29.0749 0x2178  ============================================================
22:08:29.0749 0x2178  Scan started
22:08:29.0749 0x2178  Mode: Manual; 
22:08:29.0749 0x2178  ============================================================
22:08:29.0749 0x2178  KSN ping started
22:08:33.0812 0x2178  KSN ping finished: true
22:08:35.0237 0x2178  ================ Scan system memory ========================
22:08:35.0237 0x2178  System memory - ok
22:08:35.0237 0x2178  ================ Scan services =============================
22:08:35.0284 0x2178  [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
22:08:35.0299 0x2178  1394ohci - ok
22:08:35.0315 0x2178  [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware           C:\Windows\system32\drivers\3ware.sys
22:08:35.0315 0x2178  3ware - ok
22:08:35.0330 0x2178  [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:08:35.0330 0x2178  ACPI - ok
22:08:35.0346 0x2178  [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
22:08:35.0346 0x2178  acpiex - ok
22:08:35.0346 0x2178  [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
22:08:35.0346 0x2178  acpipagr - ok
22:08:35.0346 0x2178  [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
22:08:35.0346 0x2178  AcpiPmi - ok
22:08:35.0362 0x2178  [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime        C:\Windows\System32\drivers\acpitime.sys
22:08:35.0362 0x2178  acpitime - ok
22:08:35.0362 0x2178  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:08:35.0362 0x2178  AdobeARMservice - ok
22:08:35.0393 0x2178  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:08:35.0393 0x2178  AdobeFlashPlayerUpdateSvc - ok
22:08:35.0424 0x2178  [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
22:08:35.0440 0x2178  ADP80XX - ok
22:08:35.0455 0x2178  [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD             C:\Windows\system32\drivers\afd.sys
22:08:35.0471 0x2178  AFD - ok
22:08:35.0471 0x2178  [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440          C:\Windows\system32\drivers\agp440.sys
22:08:35.0471 0x2178  agp440 - ok
22:08:35.0471 0x2178  [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
22:08:35.0487 0x2178  ahcache - ok
22:08:35.0487 0x2178  [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter        C:\Windows\System32\AJRouter.dll
22:08:35.0487 0x2178  AJRouter - ok
22:08:35.0487 0x2178  [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG             C:\Windows\System32\alg.exe
22:08:35.0487 0x2178  ALG - ok
22:08:35.0502 0x2178  [ D2AC5BEE06DAD97FBDB9E0D743C800A4, 8BCE35C6808DABB657CD587B6F97E5EA006A50B9942FE3D1DAEDDF9702FA0136 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:08:35.0502 0x2178  AMD External Events Utility - ok
22:08:35.0518 0x2178  [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
22:08:35.0518 0x2178  AmdK8 - ok
22:08:35.0518 0x2178  [ B28145E732EDEBBEDABC311DBA56D52A, 43745C17A3AC2A7A6FB0DBF1A2158C6B365198581E8E3B1F7E7E9EE9763A2735 ] amdkmafd        C:\Windows\system32\drivers\amdkmafd.sys
22:08:35.0518 0x2178  amdkmafd - ok
22:08:35.0518 0x2178  amdkmdag - ok
22:08:35.0534 0x2178  [ DF91A7FE2D8F487EE5769BAC2D297D76, B401E2A14AB1E4194C19DF5C938A57262B55751C344E94864DCCC6304F1027FF ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:08:35.0549 0x2178  amdkmdap - ok
22:08:35.0549 0x2178  [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
22:08:35.0565 0x2178  AmdPPM - ok
22:08:35.0565 0x2178  [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:08:35.0565 0x2178  amdsata - ok
22:08:35.0565 0x2178  [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:08:35.0580 0x2178  amdsbs - ok
22:08:35.0580 0x2178  [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:08:35.0580 0x2178  amdxata - ok
22:08:35.0580 0x2178  [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID           C:\Windows\system32\drivers\appid.sys
22:08:35.0596 0x2178  AppID - ok
22:08:35.0596 0x2178  [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:08:35.0596 0x2178  AppIDSvc - ok
22:08:35.0596 0x2178  [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo         C:\Windows\System32\appinfo.dll
22:08:35.0596 0x2178  Appinfo - ok
22:08:35.0612 0x2178  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:08:35.0612 0x2178  Apple Mobile Device Service - ok
22:08:35.0612 0x2178  [ B4AE5296C9597F45E1CFE0B1DBE7739E, C9DCA8EF32720D68119CC23DF4BCD783FFB5F999D14EDCC7937D17C590323B4B ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:08:35.0612 0x2178  AppMgmt - ok
22:08:35.0627 0x2178  [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
22:08:35.0643 0x2178  AppReadiness - ok
22:08:35.0690 0x2178  [ 087FBBC026DCC0F693E91079B9901B7E, 544DEC1255923DBDC8351B6CE2220FBC9929F2FFE52C91062C23DE7734DA7A2F ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
22:08:35.0721 0x2178  AppXSvc - ok
22:08:35.0721 0x2178  [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:08:35.0737 0x2178  arcsas - ok
22:08:35.0737 0x2178  [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac        C:\Windows\System32\drivers\asyncmac.sys
22:08:35.0737 0x2178  AsyncMac - ok
22:08:35.0737 0x2178  [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:08:35.0737 0x2178  atapi - ok
22:08:35.0737 0x2178  [ 2A38B5218A7BE3CE0E0B3D92E3844782, 2B0799EF6E5A5EE65AC91E394F6C0EDE95067BB96567FD25DA0C003F9FB7E84E ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWT6.sys
22:08:35.0752 0x2178  AtiHDAudioService - ok
22:08:35.0752 0x2178  [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
22:08:35.0752 0x2178  AudioEndpointBuilder - ok
22:08:35.0784 0x2178  [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:08:35.0799 0x2178  Audiosrv - ok
22:08:35.0862 0x2178  [ BC949A3706983328D8034D061E3F99B9, 2EAEE4F664B355C9E381B239F3E83EABBBC39A4FEA891D30F11B85D1057A652E ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
22:08:35.0909 0x2178  AVKProxy - ok
22:08:35.0955 0x2178  [ 57E9F462DE5ED77574116782BA05AB0F, 611987C8205E113DFA206F50EF4959AA5D6CE252A73EC1E74C043CBFD7172E3D ] AVKService      P:\Programme\GDATA\AVK\AVKService.exe
22:08:35.0971 0x2178  AVKService - ok
22:08:36.0065 0x2178  [ 961339CE4E9801865631C7BF1358A758, 4BE294D019C2DF3F94DB912B96DDEF329BDF7E3E9D6DFF63BBBC840F86E3C471 ] AVKWCtl         P:\Programme\GDATA\AVK\AVKWCtlx64.exe
22:08:36.0112 0x2178  AVKWCtl - ok
22:08:36.0127 0x2178  [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:08:36.0127 0x2178  AxInstSV - ok
22:08:36.0143 0x2178  [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:08:36.0159 0x2178  b06bdrv - ok
22:08:36.0159 0x2178  [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
22:08:36.0159 0x2178  BasicDisplay - ok
22:08:36.0174 0x2178  [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
22:08:36.0174 0x2178  BasicRender - ok
22:08:36.0174 0x2178  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\Windows\System32\drivers\bcmfn.sys
22:08:36.0174 0x2178  bcmfn - ok
22:08:36.0190 0x2178  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
22:08:36.0190 0x2178  bcmfn2 - ok
22:08:36.0205 0x2178  [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:08:36.0205 0x2178  BDESVC - ok
22:08:36.0205 0x2178  [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:08:36.0205 0x2178  Beep - ok
22:08:36.0237 0x2178  [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE             C:\Windows\System32\bfe.dll
22:08:36.0237 0x2178  BFE - ok
22:08:36.0268 0x2178  [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS            C:\Windows\System32\qmgr.dll
22:08:36.0284 0x2178  BITS - ok
22:08:36.0299 0x2178  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:08:36.0315 0x2178  Bonjour Service - ok
22:08:36.0315 0x2178  [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:08:36.0315 0x2178  bowser - ok
22:08:36.0330 0x2178  [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
22:08:36.0346 0x2178  BrokerInfrastructure - ok
22:08:36.0346 0x2178  [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser         C:\Windows\System32\browser.dll
22:08:36.0362 0x2178  Browser - ok
22:08:36.0364 0x2178  [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
22:08:36.0364 0x2178  BthAvrcpTg - ok
22:08:36.0364 0x2178  [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
22:08:36.0364 0x2178  BthHFEnum - ok
22:08:36.0364 0x2178  [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
22:08:36.0364 0x2178  bthhfhid - ok
22:08:36.0379 0x2178  [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
22:08:36.0379 0x2178  BthHFSrv - ok
22:08:36.0395 0x2178  [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
22:08:36.0395 0x2178  BTHMODEM - ok
22:08:36.0395 0x2178  [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv         C:\Windows\system32\bthserv.dll
22:08:36.0395 0x2178  bthserv - ok
22:08:36.0411 0x2178  [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
22:08:36.0411 0x2178  buttonconverter - ok
22:08:36.0411 0x2178  [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg          C:\Windows\System32\drivers\capimg.sys
22:08:36.0411 0x2178  CapImg - ok
22:08:36.0411 0x2178  [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:08:36.0411 0x2178  cdfs - ok
22:08:36.0426 0x2178  [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc          C:\Windows\System32\CDPSvc.dll
22:08:36.0426 0x2178  CDPSvc - ok
22:08:36.0442 0x2178  [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
22:08:36.0442 0x2178  cdrom - ok
22:08:36.0442 0x2178  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc     C:\Windows\System32\certprop.dll
22:08:36.0460 0x2178  CertPropSvc - ok
22:08:36.0464 0x2178  [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass        C:\Windows\System32\drivers\circlass.sys
22:08:36.0465 0x2178  circlass - ok
22:08:36.0476 0x2178  [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
22:08:36.0482 0x2178  CLFS - ok
22:08:36.0500 0x2178  [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC         C:\Windows\System32\ClipSVC.dll
22:08:36.0510 0x2178  ClipSVC - ok
22:08:36.0516 0x2178  [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
22:08:36.0517 0x2178  CmBatt - ok
22:08:36.0533 0x2178  [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG             C:\Windows\system32\Drivers\cng.sys
22:08:36.0543 0x2178  CNG - ok
22:08:36.0547 0x2178  [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist     C:\Windows\system32\DRIVERS\cnghwassist.sys
22:08:36.0548 0x2178  cnghwassist - ok
22:08:36.0564 0x2178  [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus    C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
22:08:36.0565 0x2178  CompositeBus - ok
22:08:36.0567 0x2178  COMSysApp - ok
22:08:36.0572 0x2178  [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv          C:\Windows\system32\drivers\condrv.sys
22:08:36.0573 0x2178  condrv - ok
22:08:36.0591 0x2178  [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
22:08:36.0603 0x2178  CoreMessagingRegistrar - ok
22:08:36.0611 0x2178  [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:08:36.0613 0x2178  CryptSvc - ok
22:08:36.0628 0x2178  [ 5D578EAAFB6FD4F59523E5878B541296, 73573124787B79179880AFAF9CB8427237A1605A9F13D7783228DE24D18963C0 ] CSC             C:\Windows\system32\drivers\csc.sys
22:08:36.0636 0x2178  CSC - ok
22:08:36.0655 0x2178  [ 5F07CCEE514894C9474AEDCA50B6C2C7, 38F54897C91A2E7D80D00852CEB173B26E822D7C68F35D31228245F811E028A8 ] CscService      C:\Windows\System32\cscsvc.dll
22:08:36.0667 0x2178  CscService - ok
22:08:36.0681 0x2178  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
22:08:36.0688 0x2178  CTAudSvcService - ok
22:08:36.0713 0x2178  [ FD70A153B4C0BE67743A1BD0574EC120, B0419E6981B7472A25C8EE5825248365BAF44B64DC3D620AB0EC92832F059FF6 ] cthda           C:\Windows\system32\drivers\cthda.sys
22:08:36.0730 0x2178  cthda - ok
22:08:36.0752 0x2178  [ BB776BDDBA1EB56C02FB9BDFE8256288, 0597506CF23EE141264849801404A242B8A644AAF084B6FE095A5B9EF06A8A2E ] CtHdaSvc        C:\Windows\sysWow64\CtHdaSvc.exe
22:08:36.0754 0x2178  CtHdaSvc - ok
22:08:36.0758 0x2178  [ 111C2183E72B0018D7F57AF31E7499DB, 2CD6E0FFC1CD210B45FC51EB7CEB0B336CDD9B910651B3551247E5116F019846 ] cthdb           C:\Windows\system32\DRIVERS\cthdb.sys
22:08:36.0759 0x2178  cthdb - ok
22:08:36.0762 0x2178  [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam             C:\Windows\system32\drivers\dam.sys
22:08:36.0762 0x2178  dam - ok
22:08:36.0778 0x2178  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:08:36.0794 0x2178  DcomLaunch - ok
22:08:36.0809 0x2178  [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc          C:\Windows\system32\dcpsvc.dll
22:08:36.0809 0x2178  DcpSvc - ok
22:08:36.0809 0x2178  [ 9BE154B6C73469E3923A7890BB8DEFF3, A434AE42E66689FD37C829632FCD87B0E64B9CA2DED13F0B6EA7DC9A27B0B916 ] ddkmd           C:\WINDOWS\system32\drivers\ddkmd.sys
22:08:36.0825 0x2178  ddkmd - ok
22:08:36.0825 0x2178  [ EA3C811417E8EFA4ED236472D577608A, 2970C6A8AFE5266AE88078A9AEFAEE8E634735A9A2CF949154FF10C802A3E245 ] ddkmdldr        C:\Windows\system32\drivers\ddkmdldr.sys
22:08:36.0825 0x2178  ddkmdldr - ok
22:08:36.0856 0x2178  [ 0631A8557CC89A9B2C813C4DA036B63A, 4257DB094F358F39F9D64909EE58AAECAFCBCDFB4999FB84A0B1697A0E6941C7 ] ddmgr           C:\Windows\system32\ddmgr.exe
22:08:36.0887 0x2178  ddmgr - ok
22:08:36.0903 0x2178  [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:08:36.0919 0x2178  defragsvc - ok
22:08:36.0934 0x2178  [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\Windows\system32\das.dll
22:08:36.0934 0x2178  DeviceAssociationService - ok
22:08:36.0934 0x2178  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
22:08:36.0950 0x2178  DeviceInstall - ok
22:08:36.0950 0x2178  [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker  C:\Windows\system32\DevQueryBroker.dll
22:08:36.0950 0x2178  DevQueryBroker - ok
22:08:36.0950 0x2178  [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
22:08:36.0950 0x2178  Dfsc - ok
22:08:36.0966 0x2178  [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:08:36.0966 0x2178  Dhcp - ok
22:08:36.0981 0x2178  [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:08:36.0981 0x2178  diagnosticshub.standardcollector.service - ok
22:08:37.0012 0x2178  [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:08:37.0044 0x2178  DiagTrack - ok
22:08:37.0044 0x2178  [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk            C:\Windows\system32\drivers\disk.sys
22:08:37.0044 0x2178  disk - ok
22:08:37.0059 0x2178  [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
22:08:37.0059 0x2178  DmEnrollmentSvc - ok
22:08:37.0059 0x2178  [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
22:08:37.0075 0x2178  dmvsc - ok
22:08:37.0075 0x2178  [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
22:08:37.0075 0x2178  dmwappushservice - ok
22:08:37.0075 0x2178  [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:08:37.0091 0x2178  Dnscache - ok
22:08:37.0091 0x2178  [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc         C:\Windows\System32\dot3svc.dll
22:08:37.0106 0x2178  dot3svc - ok
22:08:37.0106 0x2178  [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS             C:\Windows\system32\dps.dll
22:08:37.0106 0x2178  DPS - ok
22:08:37.0106 0x2178  [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud         C:\Windows\System32\drivers\drmkaud.sys
22:08:37.0122 0x2178  drmkaud - ok
22:08:37.0122 0x2178  [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
22:08:37.0122 0x2178  DsmSvc - ok
22:08:37.0137 0x2178  [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc           C:\Windows\System32\DsSvc.dll
22:08:37.0137 0x2178  DsSvc - ok
22:08:37.0137 0x2178  DuetUpdater - ok
22:08:37.0184 0x2178  [ 48D8729FACC784900B831212AE56F824, 6AAE1E78B84D0C12B99BE050B787AA167E6BA0B5AA621BEE0DB5312A4771DA63 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:08:37.0216 0x2178  DXGKrnl - ok
22:08:37.0231 0x2178  [ E716140ACA798A5EC48531F0739A0290, C585F1D9B08A406FE0ED35E07C2F20E793E67F8E153314A449701125C8EA7A4B ] e1iexpress      C:\Windows\System32\drivers\e1i63x64.sys
22:08:37.0247 0x2178  e1iexpress - ok
22:08:37.0247 0x2178  [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost         C:\Windows\System32\eapsvc.dll
22:08:37.0247 0x2178  Eaphost - ok
22:08:37.0325 0x2178  [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:08:37.0372 0x2178  ebdrv - ok
22:08:37.0372 0x2178  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS             C:\Windows\System32\lsass.exe
22:08:37.0387 0x2178  EFS - ok
22:08:37.0387 0x2178  [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
22:08:37.0387 0x2178  EhStorClass - ok
22:08:37.0387 0x2178  [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
22:08:37.0403 0x2178  EhStorTcgDrv - ok
22:08:37.0403 0x2178  [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode    C:\Windows\System32\embeddedmodesvc.dll
22:08:37.0403 0x2178  embeddedmode - ok
22:08:37.0419 0x2178  [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc       C:\Windows\system32\EnterpriseAppMgmtSvc.dll
22:08:37.0419 0x2178  EntAppSvc - ok
22:08:37.0419 0x2178  [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev          C:\Windows\System32\drivers\errdev.sys
22:08:37.0419 0x2178  ErrDev - ok
22:08:37.0434 0x2178  [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem     C:\Windows\system32\es.dll
22:08:37.0450 0x2178  EventSystem - ok
22:08:37.0466 0x2178  [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:08:37.0466 0x2178  exfat - ok
22:08:37.0481 0x2178  [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:08:37.0481 0x2178  fastfat - ok
22:08:37.0497 0x2178  [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax             C:\Windows\system32\fxssvc.exe
22:08:37.0512 0x2178  Fax - ok
22:08:37.0512 0x2178  [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc             C:\Windows\System32\drivers\fdc.sys
22:08:37.0512 0x2178  fdc - ok
22:08:37.0512 0x2178  [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost         C:\Windows\system32\fdPHost.dll
22:08:37.0512 0x2178  fdPHost - ok
22:08:37.0528 0x2178  [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub        C:\Windows\system32\fdrespub.dll
22:08:37.0528 0x2178  FDResPub - ok
22:08:37.0528 0x2178  [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc           C:\Windows\system32\fhsvc.dll
22:08:37.0528 0x2178  fhsvc - ok
22:08:37.0528 0x2178  [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt       C:\Windows\system32\drivers\filecrypt.sys
22:08:37.0528 0x2178  FileCrypt - ok
22:08:37.0544 0x2178  [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:08:37.0544 0x2178  FileInfo - ok
22:08:37.0544 0x2178  [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:08:37.0544 0x2178  Filetrace - ok
22:08:37.0544 0x2178  [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
22:08:37.0544 0x2178  flpydisk - ok
22:08:37.0559 0x2178  [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:08:37.0559 0x2178  FltMgr - ok
22:08:37.0606 0x2178  [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache       C:\Windows\system32\FntCache.dll
22:08:37.0637 0x2178  FontCache - ok
22:08:37.0637 0x2178  [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:08:37.0637 0x2178  FsDepends - ok
22:08:37.0637 0x2178  [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:08:37.0637 0x2178  Fs_Rec - ok
22:08:37.0653 0x2178  [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:08:37.0669 0x2178  fvevol - ok
22:08:37.0669 0x2178  [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:08:37.0669 0x2178  gagp30kx - ok
22:08:37.0684 0x2178  [ B7E2F3D1F561B2C1EBDE2CB6109D8713, 8089277B2C6AA7F430278BABB3E04E288D162E5447B222430D8AB8B892A6FB16 ] GDBehave        C:\Windows\system32\drivers\GDBehave.sys
22:08:37.0684 0x2178  GDBehave - ok
22:08:37.0684 0x2178  [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam          C:\Windows\system32\DRIVERS\GDElam.sys
22:08:37.0684 0x2178  GDElam - ok
22:08:37.0794 0x2178  [ FB57FFB3173D0FF3D0CAE922D5FEFED1, 99B09EADB8FAE597BA4BFFBE126CC5DAF999B4D41C8C7C4B20161E1E7B6BE318 ] GDFwSvc         P:\Programme\GDATA\Firewall\GDFwSvcx64.exe
22:08:37.0841 0x2178  GDFwSvc - ok
22:08:37.0856 0x2178  [ 12E38C6D63568AAA7D5DF7E63CF57A03, 98CE7817DCA5428E665525671D999EBE2D1D690D4B81054C6F6A11E04A27B6C0 ] GDKBB           C:\Windows\system32\drivers\GDKBB64.sys
22:08:37.0856 0x2178  GDKBB - ok
22:08:37.0856 0x2178  [ BCC0091369B34DEA340494D4BD9DE180, C7257124FCFA643601EEA1B5AE8C94E3B67FF9226A22A7B5A97C366690928C3C ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys
22:08:37.0856 0x2178  GDKBFlt - ok
22:08:37.0872 0x2178  [ 0B549D3253214B29F7EB4120C7349ADD, 6274DA6378DF4351FE4E1133D786FF85E6978EA31031055B6F2875CB189B7B7F ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
22:08:37.0874 0x2178  GDMnIcpt - ok
22:08:37.0874 0x2178  [ B9727505039A56E2413601FD30A59AD1, F11968EF5AAD3653ECA0667169B782DE2BA43717F6CCE162C1A4372D5FEE3092 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
22:08:37.0874 0x2178  GDPkIcpt - ok
22:08:37.0905 0x2178  [ E9B7AF2C5C7B9AD739718AA7ED5F1911, 52C1B75B97DBCF343A6A7045E1F42C8BB35FF23CC2B463EA1B858FCD5B85678F ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
22:08:37.0905 0x2178  GDScan - ok
22:08:37.0921 0x2178  [ 1228EF60B2F067191BDFE09783C76300, 9A8136A2A4C461D8F2815741D270F36B3336AD116F22C8B8FA7E0FFF98D4529C ] gdwfpcd         C:\Windows\system32\drivers\gdwfpcd64.sys
22:08:37.0921 0x2178  gdwfpcd - ok
22:08:37.0921 0x2178  [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
22:08:37.0921 0x2178  gencounter - ok
22:08:37.0921 0x2178  [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn    C:\Windows\System32\drivers\genericusbfn.sys
22:08:37.0921 0x2178  genericusbfn - ok
22:08:37.0937 0x2178  [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
22:08:37.0937 0x2178  GPIOClx0101 - ok
22:08:37.0968 0x2178  [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:08:37.0983 0x2178  gpsvc - ok
22:08:37.0983 0x2178  [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv    C:\Windows\system32\drivers\gpuenergydrv.sys
22:08:37.0983 0x2178  GpuEnergyDrv - ok
22:08:37.0999 0x2178  [ CC708C622ECD93248158682AF088830E, C7FCF70E284F095E2D400BC0E7F807F772F385916C258E5F4F05C8CDACCF8754 ] GRD             C:\Windows\system32\drivers\GRD.sys
22:08:37.0999 0x2178  GRD - ok
22:08:37.0999 0x2178  [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
22:08:38.0015 0x2178  HdAudAddService - ok
22:08:38.0015 0x2178  [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
22:08:38.0015 0x2178  HDAudBus - ok
22:08:38.0030 0x2178  [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
22:08:38.0030 0x2178  HidBatt - ok
22:08:38.0030 0x2178  [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
22:08:38.0030 0x2178  HidBth - ok
22:08:38.0030 0x2178  [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
22:08:38.0030 0x2178  hidi2c - ok
22:08:38.0046 0x2178  [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt    C:\Windows\System32\drivers\hidinterrupt.sys
22:08:38.0046 0x2178  hidinterrupt - ok
22:08:38.0046 0x2178  [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr           C:\Windows\System32\drivers\hidir.sys
22:08:38.0046 0x2178  HidIr - ok
22:08:38.0046 0x2178  [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv         C:\Windows\system32\hidserv.dll
22:08:38.0046 0x2178  hidserv - ok
22:08:38.0046 0x2178  [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
22:08:38.0062 0x2178  HidUsb - ok
22:08:38.0062 0x2178  [ 7CEC266216126BC9A0E1072E1A7E5702, 6B2C0768C8F2590E65B9520D266C07D1A9D89B9E185CC359B0453F399836759F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:08:38.0062 0x2178  HomeGroupListener - ok
22:08:38.0077 0x2178  [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:08:38.0093 0x2178  HomeGroupProvider - ok
22:08:38.0093 0x2178  [ 6E37145A33E7236A8F285DB07BC30957, 753770AE55959B65BE258DAE0130319903A61D231E4E73D5DBEDE9899569AC1D ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
22:08:38.0093 0x2178  HookCentre - ok
22:08:38.0108 0x2178  [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:08:38.0108 0x2178  HpSAMD - ok
22:08:38.0124 0x2178  [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:08:38.0140 0x2178  HTTP - ok
22:08:38.0155 0x2178  [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:08:38.0155 0x2178  hwpolicy - ok
22:08:38.0155 0x2178  [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
22:08:38.0155 0x2178  hyperkbd - ok
22:08:38.0155 0x2178  [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
22:08:38.0155 0x2178  HyperVideo - ok
22:08:38.0171 0x2178  [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
22:08:38.0171 0x2178  i8042prt - ok
22:08:38.0171 0x2178  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\Windows\System32\drivers\iai2c.sys
22:08:38.0171 0x2178  iai2c - ok
22:08:38.0187 0x2178  [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C    C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
22:08:38.0187 0x2178  iaLPSS2i_I2C - ok
22:08:38.0187 0x2178  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
22:08:38.0187 0x2178  iaLPSSi_GPIO - ok
22:08:38.0187 0x2178  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
22:08:38.0202 0x2178  iaLPSSi_I2C - ok
22:08:38.0218 0x2178  [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
22:08:38.0218 0x2178  iaStorAV - ok
22:08:38.0233 0x2178  [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:08:38.0233 0x2178  iaStorV - ok
22:08:38.0249 0x2178  [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus           C:\Windows\System32\drivers\ibbus.sys
22:08:38.0265 0x2178  ibbus - ok
22:08:38.0265 0x2178  [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc          C:\Windows\System32\tetheringservice.dll
22:08:38.0265 0x2178  icssvc - ok
22:08:38.0280 0x2178  IEEtwCollectorService - ok
22:08:38.0296 0x2178  [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:08:38.0312 0x2178  IKEEXT - ok
22:08:38.0327 0x2178  [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide        C:\Windows\system32\drivers\intelide.sys
22:08:38.0327 0x2178  intelide - ok
22:08:38.0327 0x2178  [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep        C:\Windows\system32\drivers\intelpep.sys
22:08:38.0327 0x2178  intelpep - ok
22:08:38.0327 0x2178  [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
22:08:38.0327 0x2178  intelppm - ok
22:08:38.0343 0x2178  [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos           C:\Windows\system32\drivers\ioqos.sys
22:08:38.0343 0x2178  IoQos - ok
22:08:38.0343 0x2178  [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:08:38.0343 0x2178  IpFilterDriver - ok
22:08:38.0358 0x2178  [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:08:38.0374 0x2178  iphlpsvc - ok
22:08:38.0390 0x2178  [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
22:08:38.0390 0x2178  IPMIDRV - ok
22:08:38.0390 0x2178  [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:08:38.0390 0x2178  IPNAT - ok
22:08:38.0421 0x2178  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:08:38.0421 0x2178  iPod Service - ok
22:08:38.0421 0x2178  [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:08:38.0421 0x2178  IRENUM - ok
22:08:38.0436 0x2178  [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:08:38.0436 0x2178  isapnp - ok
22:08:38.0436 0x2178  [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
22:08:38.0452 0x2178  iScsiPrt - ok
22:08:38.0452 0x2178  [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
22:08:38.0452 0x2178  kbdclass - ok
22:08:38.0452 0x2178  [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
22:08:38.0452 0x2178  kbdhid - ok
22:08:38.0452 0x2178  [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic           C:\Windows\System32\drivers\kdnic.sys
22:08:38.0452 0x2178  kdnic - ok
22:08:38.0468 0x2178  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso          C:\Windows\system32\lsass.exe
22:08:38.0468 0x2178  KeyIso - ok
22:08:38.0468 0x2178  [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:08:38.0468 0x2178  KSecDD - ok
22:08:38.0483 0x2178  [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:08:38.0483 0x2178  KSecPkg - ok
22:08:38.0483 0x2178  [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:08:38.0483 0x2178  ksthunk - ok
22:08:38.0499 0x2178  [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:08:38.0515 0x2178  KtmRm - ok
22:08:38.0515 0x2178  [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:08:38.0530 0x2178  LanmanServer - ok
22:08:38.0530 0x2178  [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:08:38.0546 0x2178  LanmanWorkstation - ok
22:08:38.0546 0x2178  [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc           C:\Windows\System32\lfsvc.dll
22:08:38.0546 0x2178  lfsvc - ok
22:08:38.0546 0x2178  [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager  C:\Windows\system32\LicenseManagerSvc.dll
22:08:38.0546 0x2178  LicenseManager - ok
22:08:38.0546 0x2178  [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio          C:\Windows\system32\drivers\lltdio.sys
22:08:38.0562 0x2178  lltdio - ok
22:08:38.0562 0x2178  [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:08:38.0562 0x2178  lltdsvc - ok
22:08:38.0577 0x2178  [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:08:38.0577 0x2178  lmhosts - ok
22:08:38.0577 0x2178  [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:08:38.0577 0x2178  LSI_SAS - ok
22:08:38.0593 0x2178  [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i       C:\Windows\system32\drivers\lsi_sas2i.sys
22:08:38.0593 0x2178  LSI_SAS2i - ok
22:08:38.0593 0x2178  [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i       C:\Windows\system32\drivers\lsi_sas3i.sys
22:08:38.0593 0x2178  LSI_SAS3i - ok
22:08:38.0593 0x2178  [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
22:08:38.0593 0x2178  LSI_SSS - ok
22:08:38.0624 0x2178  [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM             C:\Windows\System32\lsm.dll
22:08:38.0624 0x2178  LSM - ok
22:08:38.0640 0x2178  [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv           C:\Windows\system32\drivers\luafv.sys
22:08:38.0640 0x2178  luafv - ok
22:08:38.0655 0x2178  [ B2085E335F2B57077B0CBADB6F1245CD, 69C81753B2ABAE8C89CEDADFCB73FB332E5FCD555576959AD412BF036EC9E343 ] lvpopf64        C:\Windows\system32\DRIVERS\lvpopf64.sys
22:08:38.0655 0x2178  lvpopf64 - ok
22:08:38.0671 0x2178  [ 986C1CB787A007BAA5F74E7D316D7246, 8846D5FF09A669816F57C98507FBCBE60F770B22BC784269765E46B36EE38D9D ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
22:08:38.0671 0x2178  LVRS64 - ok
22:08:38.0812 0x2178  [ 5747BC465ABEA2858C5D037252AED84E, 1D62E05ED1D3265FEFDD02C8653B2901B05994091F1D417632E2FBF053C5D451 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
22:08:38.0921 0x2178  LVUVC64 - ok
22:08:38.0921 0x2178  [ 56B24B359838BE86B013C2CFD38BDFC4, 38EA2D320F0CD80E3654AA1A5CA1CCAB1CA5519A562EEE41DC2E5EDF47CEF3F4 ] MapsBroker      C:\Windows\System32\moshost.dll
22:08:38.0921 0x2178  MapsBroker - ok
22:08:38.0937 0x2178  [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:08:38.0937 0x2178  megasas - ok
22:08:38.0952 0x2178  [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr          C:\Windows\system32\drivers\megasr.sys
22:08:38.0952 0x2178  megasr - ok
22:08:38.0952 0x2178  [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\Windows\System32\MessagingService.dll
22:08:38.0968 0x2178  MessagingService - ok
22:08:38.0983 0x2178  [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus        C:\Windows\System32\drivers\mlx4_bus.sys
22:08:38.0999 0x2178  mlx4_bus - ok
22:08:38.0999 0x2178  [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS           C:\Windows\system32\drivers\mmcss.sys
22:08:38.0999 0x2178  MMCSS - ok
22:08:38.0999 0x2178  [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem           C:\Windows\system32\drivers\modem.sys
22:08:38.0999 0x2178  Modem - ok
22:08:39.0015 0x2178  [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor         C:\Windows\System32\drivers\monitor.sys
22:08:39.0015 0x2178  monitor - ok
22:08:39.0015 0x2178  [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass        C:\Windows\System32\drivers\mouclass.sys
22:08:39.0015 0x2178  mouclass - ok
22:08:39.0015 0x2178  [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid          C:\Windows\System32\drivers\mouhid.sys
22:08:39.0015 0x2178  mouhid - ok
22:08:39.0030 0x2178  [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:08:39.0030 0x2178  mountmgr - ok
22:08:39.0030 0x2178  [ 4E5648356B2DE66B8C037A250771B966, 7D7D365A24E02628866DE17941297769A38A489DF08CBFA0E14CC384BDF3855C ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:08:39.0030 0x2178  MozillaMaintenance - ok
22:08:39.0046 0x2178  [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:08:39.0046 0x2178  mpsdrv - ok
22:08:39.0061 0x2178  [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:08:39.0077 0x2178  MpsSvc - ok
22:08:39.0093 0x2178  [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:08:39.0093 0x2178  MRxDAV - ok
22:08:39.0108 0x2178  [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:08:39.0108 0x2178  mrxsmb - ok
22:08:39.0124 0x2178  [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:08:39.0124 0x2178  mrxsmb10 - ok
22:08:39.0124 0x2178  [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:08:39.0140 0x2178  mrxsmb20 - ok
22:08:39.0140 0x2178  [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge        C:\Windows\system32\drivers\bridge.sys
22:08:39.0140 0x2178  MsBridge - ok
22:08:39.0155 0x2178  [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC           C:\Windows\System32\msdtc.exe
22:08:39.0155 0x2178  MSDTC - ok
22:08:39.0155 0x2178  [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:08:39.0155 0x2178  Msfs - ok
22:08:39.0155 0x2508  Object required for P2P: [ 6A050671F2C76FB48131F12786802807 ] AdobeFlashPlayerUpdateSvc
22:08:39.0155 0x2178  [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
22:08:39.0155 0x2178  msgpiowin32 - ok
22:08:39.0171 0x2178  [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:08:39.0171 0x2178  mshidkmdf - ok
22:08:39.0171 0x2178  [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
22:08:39.0171 0x2178  mshidumdf - ok
22:08:39.0171 0x2178  [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:08:39.0171 0x2178  msisadrv - ok
22:08:39.0171 0x2178  [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:08:39.0187 0x2178  MSiSCSI - ok
22:08:39.0187 0x2178  msiserver - ok
22:08:39.0187 0x2178  [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV         C:\Windows\system32\DRIVERS\MSKSSRV.sys
22:08:39.0187 0x2178  MSKSSRV - ok
22:08:39.0187 0x2178  [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp          C:\Windows\system32\drivers\mslldp.sys
22:08:39.0187 0x2178  MsLldp - ok
22:08:39.0202 0x2178  [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK        C:\Windows\system32\DRIVERS\MSPCLOCK.sys
22:08:39.0202 0x2178  MSPCLOCK - ok
22:08:39.0202 0x2178  [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM           C:\Windows\system32\DRIVERS\MSPQM.sys
22:08:39.0202 0x2178  MSPQM - ok
22:08:39.0202 0x2178  [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:08:39.0218 0x2178  MsRPC - ok
22:08:39.0218 0x2178  [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
22:08:39.0218 0x2178  mssmbios - ok
22:08:39.0218 0x2178  [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE           C:\Windows\system32\DRIVERS\MSTEE.sys
22:08:39.0218 0x2178  MSTEE - ok
22:08:39.0233 0x2178  [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
22:08:39.0233 0x2178  MTConfig - ok
22:08:39.0233 0x2178  [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:08:39.0233 0x2178  Mup - ok
22:08:39.0233 0x2178  [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
22:08:39.0233 0x2178  mvumis - ok
22:08:39.0265 0x2178  [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:08:39.0265 0x2178  NativeWifiP - ok
22:08:39.0265 0x2178  [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc          C:\Windows\System32\ncasvc.dll
22:08:39.0280 0x2178  NcaSvc - ok
22:08:39.0280 0x2178  [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService      C:\Windows\System32\ncbservice.dll
22:08:39.0296 0x2178  NcbService - ok
22:08:39.0296 0x2178  [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
22:08:39.0296 0x2178  NcdAutoSetup - ok
22:08:39.0311 0x2178  [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr          C:\Windows\System32\drivers\ndfltr.sys
22:08:39.0311 0x2178  ndfltr - ok
22:08:39.0343 0x2178  [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:08:39.0358 0x2178  NDIS - ok
22:08:39.0358 0x2178  [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap         C:\Windows\system32\drivers\ndiscap.sys
22:08:39.0358 0x2178  NdisCap - ok
22:08:39.0358 0x2178  [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform  C:\Windows\system32\drivers\NdisImPlatform.sys
22:08:39.0374 0x2178  NdisImPlatform - ok
22:08:39.0376 0x2178  [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:08:39.0376 0x2178  NdisTapi - ok
22:08:39.0376 0x2178  [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio         C:\Windows\system32\drivers\ndisuio.sys
22:08:39.0376 0x2178  Ndisuio - ok
22:08:39.0376 0x2178  [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
22:08:39.0376 0x2178  NdisVirtualBus - ok
22:08:39.0392 0x2178  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan         C:\Windows\System32\drivers\ndiswan.sys
22:08:39.0392 0x2178  NdisWan - ok
22:08:39.0392 0x2178  [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
22:08:39.0407 0x2178  ndiswanlegacy - ok
22:08:39.0407 0x2178  [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy         C:\Windows\system32\DRIVERS\NDProxy.sys
22:08:39.0407 0x2178  ndproxy - ok
22:08:39.0407 0x2178  [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu             C:\Windows\system32\drivers\Ndu.sys
22:08:39.0407 0x2178  Ndu - ok
22:08:39.0423 0x2178  [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS         C:\Windows\system32\drivers\netbios.sys
22:08:39.0423 0x2178  NetBIOS - ok
22:08:39.0439 0x2178  [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:08:39.0439 0x2178  NetBT - ok
22:08:39.0439 0x2178  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon        C:\Windows\system32\lsass.exe
22:08:39.0439 0x2178  Netlogon - ok
22:08:39.0454 0x2178  [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman          C:\Windows\System32\netman.dll
22:08:39.0454 0x2178  Netman - ok
22:08:39.0470 0x2178  [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm        C:\Windows\System32\netprofmsvc.dll
22:08:39.0486 0x2178  netprofm - ok
22:08:39.0486 0x2178  [ 9C6EE1DE9CF7B77FF550A737816EB6DB, 586D561E1A318778668D148B8367D1F7452E770D1743ED5F8EE6EAB03DB31916 ] NetSetupSvc     C:\Windows\System32\NetSetupSvc.dll
22:08:39.0486 0x2178  NetSetupSvc - ok
22:08:39.0501 0x2178  [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:08:39.0501 0x2178  NetTcpPortSharing - ok
22:08:39.0501 0x2178  [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc          C:\Windows\System32\drivers\netvsc.sys
22:08:39.0517 0x2178  netvsc - ok
22:08:39.0517 0x2178  [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc      C:\Windows\System32\NgcCtnrSvc.dll
22:08:39.0532 0x2178  NgcCtnrSvc - ok
22:08:39.0548 0x2178  [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc          C:\Windows\system32\ngcsvc.dll
22:08:39.0564 0x2178  NgcSvc - ok
22:08:39.0564 0x2178  [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:08:39.0579 0x2178  NlaSvc - ok
22:08:39.0579 0x2178  [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:08:39.0579 0x2178  Npfs - ok
22:08:39.0579 0x2178  [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
22:08:39.0579 0x2178  npsvctrig - ok
22:08:39.0595 0x2178  [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi             C:\Windows\system32\nsisvc.dll
22:08:39.0595 0x2178  nsi - ok
22:08:39.0595 0x2178  [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:08:39.0595 0x2178  nsiproxy - ok
22:08:39.0642 0x2178  [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS            C:\Windows\system32\drivers\NTFS.sys
22:08:39.0673 0x2178  NTFS - ok
22:08:39.0689 0x2178  [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null            C:\Windows\system32\drivers\Null.sys
22:08:39.0689 0x2178  Null - ok
22:08:39.0689 0x2178  [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:08:39.0689 0x2178  nvraid - ok
22:08:39.0704 0x2178  [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:08:39.0704 0x2178  nvstor - ok
22:08:39.0704 0x2178  [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:08:39.0704 0x2178  nv_agp - ok
22:08:39.0720 0x2178  [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc      C:\Windows\System32\APHostService.dll
22:08:39.0720 0x2178  OneSyncSvc - ok
22:08:39.0736 0x2178  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:08:39.0736 0x2178  ose - ok
22:08:39.0829 0x2178  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:08:39.0907 0x2178  osppsvc - ok
22:08:39.0923 0x2178  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:08:39.0939 0x2178  p2pimsvc - ok
22:08:39.0939 0x2178  [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc          C:\Windows\system32\p2psvc.dll
22:08:39.0954 0x2178  p2psvc - ok
22:08:39.0954 0x2178  [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport         C:\Windows\System32\drivers\parport.sys
22:08:39.0954 0x2178  Parport - ok


Alt 30.05.2016, 21:16   #6
Eisenhower
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Und nun Nummer 2:

Code:
ATTFilter
22:08:39.0970 0x2178  [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:08:39.0970 0x2178  partmgr - ok
22:08:39.0970 0x1d00  Object required for P2P: [ BC949A3706983328D8034D061E3F99B9 ] AVKProxy
22:08:39.0986 0x2178  [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:08:39.0986 0x2178  PcaSvc - ok
22:08:40.0001 0x2178  [ CFFE69B6C276A3418687109EA8AC9E7D, A516B2F4BFB0CD8B38219E3BF783C0BD99CD9EA1BACBE2284987F6DC0976BD36 ] pci             C:\Windows\system32\drivers\pci.sys
22:08:40.0001 0x2178  pci - ok
22:08:40.0017 0x2178  [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:08:40.0017 0x2178  pciide - ok
22:08:40.0017 0x2178  [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:08:40.0017 0x2178  pcmcia - ok
22:08:40.0017 0x2178  [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:08:40.0017 0x2178  pcw - ok
22:08:40.0032 0x2178  [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc             C:\Windows\system32\drivers\pdc.sys
22:08:40.0032 0x2178  pdc - ok
22:08:40.0048 0x2178  [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:08:40.0064 0x2178  PEAUTH - ok
22:08:40.0111 0x2178  [ C7D210982B6C8454E52191D0DCF6DC52, D53D575CD9A0AB7EA94E7D1B9730ABE0A582CA3460AEAC4680D01034D69D3949 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:08:40.0142 0x2178  PeerDistSvc - ok
22:08:40.0142 0x2178  [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i       C:\Windows\system32\drivers\percsas2i.sys
22:08:40.0142 0x2178  percsas2i - ok
22:08:40.0142 0x2178  [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i       C:\Windows\system32\drivers\percsas3i.sys
22:08:40.0157 0x2178  percsas3i - ok
22:08:40.0173 0x2178  [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:08:40.0173 0x2178  PerfHost - ok
22:08:40.0220 0x2178  [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc        C:\Windows\System32\PhoneService.dll
22:08:40.0220 0x2178  PhoneSvc - ok
22:08:40.0236 0x2178  [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
22:08:40.0236 0x2178  PimIndexMaintenanceSvc - ok
22:08:40.0282 0x2178  [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla             C:\Windows\system32\pla.dll
22:08:40.0298 0x2178  pla - ok
22:08:40.0314 0x2178  [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:08:40.0314 0x2178  PlugPlay - ok
22:08:40.0314 0x2178  [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:08:40.0314 0x2178  PNRPAutoReg - ok
22:08:40.0329 0x2178  [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:08:40.0329 0x2178  PNRPsvc - ok
22:08:40.0345 0x2178  [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:08:40.0345 0x2178  PolicyAgent - ok
22:08:40.0361 0x2178  [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power           C:\Windows\system32\umpo.dll
22:08:40.0361 0x2178  Power - ok
22:08:40.0361 0x2178  [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport    C:\Windows\System32\drivers\raspptp.sys
22:08:40.0361 0x2178  PptpMiniport - ok
22:08:40.0439 0x2178  [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
22:08:40.0501 0x2178  PrintNotify - ok
22:08:40.0501 0x2178  [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor       C:\Windows\System32\drivers\processr.sys
22:08:40.0501 0x2178  Processor - ok
22:08:40.0517 0x2178  [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc         C:\Windows\system32\profsvc.dll
22:08:40.0517 0x2178  ProfSvc - ok
22:08:40.0532 0x2178  [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched          C:\Windows\system32\drivers\pacer.sys
22:08:40.0532 0x2178  Psched - ok
22:08:40.0548 0x2178  [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE           C:\Windows\system32\qwave.dll
22:08:40.0548 0x2178  QWAVE - ok
22:08:40.0548 0x2178  [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:08:40.0548 0x2178  QWAVEdrv - ok
22:08:40.0564 0x2178  [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:08:40.0564 0x2178  RasAcd - ok
22:08:40.0564 0x2178  [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn     C:\Windows\System32\drivers\AgileVpn.sys
22:08:40.0564 0x2178  RasAgileVpn - ok
22:08:40.0564 0x2178  [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto         C:\Windows\System32\rasauto.dll
22:08:40.0579 0x2178  RasAuto - ok
22:08:40.0579 0x2178  [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp         C:\Windows\System32\drivers\rasl2tp.sys
22:08:40.0579 0x2178  Rasl2tp - ok
22:08:40.0595 0x2178  [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan          C:\Windows\System32\rasmans.dll
22:08:40.0611 0x2178  RasMan - ok
22:08:40.0611 0x2178  [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe        C:\Windows\System32\drivers\raspppoe.sys
22:08:40.0611 0x2178  RasPppoe - ok
22:08:40.0626 0x2178  [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp         C:\Windows\System32\drivers\rassstp.sys
22:08:40.0626 0x2178  RasSstp - ok
22:08:40.0642 0x2178  [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:08:40.0642 0x2178  rdbss - ok
22:08:40.0642 0x2178  [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
22:08:40.0642 0x2178  rdpbus - ok
22:08:40.0657 0x2178  [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:08:40.0657 0x2178  RDPDR - ok
22:08:40.0657 0x2178  [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:08:40.0657 0x2178  RdpVideoMiniport - ok
22:08:40.0673 0x2178  [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:08:40.0673 0x2178  rdyboost - ok
22:08:40.0704 0x2178  [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1          C:\Windows\system32\drivers\ReFSv1.sys
22:08:40.0720 0x2178  ReFSv1 - ok
22:08:40.0736 0x2178  [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:08:40.0736 0x2178  RemoteAccess - ok
22:08:40.0751 0x2178  [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:08:40.0751 0x2178  RemoteRegistry - ok
22:08:40.0767 0x2178  [ CFF943806EBAD5CFAC26FD3DF304E79F, 4992AFB7CE3E2117A11B97FD92ED2EC02183D461F89179B6EA42C8F5AC973374 ] RetailDemo      C:\Windows\system32\RDXService.dll
22:08:40.0798 0x2178  RetailDemo - ok
22:08:40.0798 0x2178  [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:08:40.0798 0x2178  RpcEptMapper - ok
22:08:40.0798 0x2178  [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator      C:\Windows\system32\locator.exe
22:08:40.0798 0x2178  RpcLocator - ok
22:08:40.0829 0x2178  [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs           C:\Windows\system32\rpcss.dll
22:08:40.0845 0x2178  RpcSs - ok
22:08:40.0845 0x2178  [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr          C:\Windows\system32\drivers\rspndr.sys
22:08:40.0861 0x2178  rspndr - ok
22:08:40.0861 0x2178  [ 80E2EB4F965F209F62771C39E2CF493B, 773762A7129AFB39B39B08C41962A63DF7127ADDA18B44074C95608B2988A76E ] S332x64         C:\Windows\system32\DRIVERS\S332x64.sys
22:08:40.0861 0x2178  S332x64 - ok
22:08:40.0861 0x2178  [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
22:08:40.0861 0x2178  s3cap - ok
22:08:40.0861 0x2178  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs           C:\Windows\system32\lsass.exe
22:08:40.0876 0x2178  SamSs - ok
22:08:40.0878 0x2178  [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:08:40.0878 0x2178  sbp2port - ok
22:08:40.0878 0x2178  [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:08:40.0894 0x2178  SCardSvr - ok
22:08:40.0894 0x2178  [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
22:08:40.0910 0x2178  ScDeviceEnum - ok
22:08:40.0910 0x2178  [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:08:40.0910 0x2178  scfilter - ok
22:08:40.0925 0x2178  [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule        C:\Windows\system32\schedsvc.dll
22:08:40.0941 0x2178  Schedule - ok
22:08:40.0956 0x2178  [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:08:40.0956 0x2178  SCPolicySvc - ok
22:08:40.0972 0x2178  [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus           C:\Windows\System32\drivers\sdbus.sys
22:08:40.0972 0x2178  sdbus - ok
22:08:40.0972 0x2178  [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:08:40.0988 0x2178  SDRSVC - ok
22:08:40.0988 0x2178  [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
22:08:40.0988 0x2178  sdstor - ok
22:08:40.0988 0x2178  [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon        C:\Windows\system32\seclogon.dll
22:08:40.0988 0x2178  seclogon - ok
22:08:41.0003 0x2178  [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS            C:\Windows\System32\sens.dll
22:08:41.0003 0x2178  SENS - ok
22:08:41.0035 0x2178  [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\Windows\System32\SensorDataService.exe
22:08:41.0050 0x2178  SensorDataService - ok
22:08:41.0066 0x0404  Object required for P2P: [ 2619DC483579DB9FE804044C1ADFFD1A ] dam
22:08:41.0066 0x2178  [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService   C:\Windows\system32\SensorService.dll
22:08:41.0066 0x2178  SensorService - ok
22:08:41.0082 0x2178  [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:08:41.0082 0x2178  SensrSvc - ok
22:08:41.0082 0x2178  [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx           C:\Windows\system32\drivers\SerCx.sys
22:08:41.0082 0x2178  SerCx - ok
22:08:41.0097 0x2178  [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
22:08:41.0097 0x2178  SerCx2 - ok
22:08:41.0097 0x2178  [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum         C:\Windows\System32\drivers\serenum.sys
22:08:41.0097 0x2178  Serenum - ok
22:08:41.0113 0x2178  [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial          C:\Windows\System32\drivers\serial.sys
22:08:41.0113 0x2178  Serial - ok
22:08:41.0113 0x2178  [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
22:08:41.0113 0x2178  sermouse - ok
22:08:41.0128 0x2178  [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv      C:\Windows\system32\sessenv.dll
22:08:41.0128 0x2178  SessionEnv - ok
22:08:41.0128 0x2178  [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
22:08:41.0128 0x2178  sfloppy - ok
22:08:41.0144 0x2178  [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:08:41.0160 0x2178  SharedAccess - ok
22:08:41.0175 0x2178  [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:08:41.0191 0x2178  ShellHWDetection - ok
22:08:41.0191 0x2178  [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:08:41.0191 0x2178  SiSRaid2 - ok
22:08:41.0191 0x2178  [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:08:41.0206 0x2178  SiSRaid4 - ok
22:08:41.0238 0x2178  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     P:\Programme\Skype\Updater\Updater.exe
22:08:41.0238 0x2178  SkypeUpdate - ok
22:08:41.0238 0x2178  [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost         C:\Windows\System32\smphost.dll
22:08:41.0253 0x2178  smphost - ok
22:08:41.0269 0x2178  [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter       C:\Windows\system32\SmsRouterSvc.dll
22:08:41.0285 0x2178  SmsRouter - ok
22:08:41.0285 0x2178  [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:08:41.0285 0x2178  SNMPTRAP - ok
22:08:41.0300 0x2178  [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport       C:\Windows\system32\drivers\spaceport.sys
22:08:41.0300 0x2178  spaceport - ok
22:08:41.0316 0x2178  [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
22:08:41.0316 0x2178  SpbCx - ok
22:08:41.0331 0x2178  [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler         C:\Windows\System32\spoolsv.exe
22:08:41.0347 0x2178  Spooler - ok
22:08:41.0512 0x2178  [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc          C:\Windows\system32\sppsvc.exe
22:08:41.0615 0x2178  sppsvc - ok
22:08:41.0634 0x2178  [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:08:41.0640 0x2178  srv - ok
22:08:41.0666 0x2178  [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:08:41.0687 0x2178  srv2 - ok
22:08:41.0695 0x2178  [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:08:41.0700 0x2178  srvnet - ok
22:08:41.0706 0x27f0  Object required for P2P: [ FB57FFB3173D0FF3D0CAE922D5FEFED1 ] GDFwSvc
22:08:41.0708 0x2178  [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:08:41.0714 0x2178  SSDPSRV - ok
22:08:41.0722 0x2178  [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:08:41.0727 0x2178  SstpSvc - ok
22:08:41.0779 0x2178  [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\Windows\system32\windows.staterepository.dll
22:08:41.0825 0x2178  StateRepository - ok
22:08:41.0825 0x2178  [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:08:41.0825 0x2178  stexstor - ok
22:08:41.0841 0x2178  [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc          C:\Windows\System32\wiaservc.dll
22:08:41.0857 0x2178  stisvc - ok
22:08:41.0857 0x2178  [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci        C:\Windows\system32\drivers\storahci.sys
22:08:41.0872 0x2178  storahci - ok
22:08:41.0872 0x2178  [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:08:41.0872 0x2178  storflt - ok
22:08:41.0872 0x2178  [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme        C:\Windows\system32\drivers\stornvme.sys
22:08:41.0872 0x2178  stornvme - ok
22:08:41.0888 0x2178  [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt      C:\Windows\system32\drivers\storqosflt.sys
22:08:41.0888 0x2178  storqosflt - ok
22:08:41.0904 0x2178  [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc         C:\Windows\system32\storsvc.dll
22:08:41.0919 0x2178  StorSvc - ok
22:08:41.0919 0x27d4  Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
22:08:41.0919 0x2178  [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs         C:\Windows\system32\drivers\storufs.sys
22:08:41.0919 0x2178  storufs - ok
22:08:41.0919 0x2178  [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:08:41.0919 0x2178  storvsc - ok
22:08:41.0919 0x2178  [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc           C:\Windows\system32\svsvc.dll
22:08:41.0935 0x2178  svsvc - ok
22:08:41.0935 0x2178  [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum          C:\Windows\System32\drivers\swenum.sys
22:08:41.0935 0x2178  swenum - ok
22:08:41.0950 0x2178  [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv           C:\Windows\System32\swprv.dll
22:08:41.0950 0x2178  swprv - ok
22:08:41.0966 0x2178  [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc      C:\Windows\System32\drivers\Synth3dVsc.sys
22:08:41.0966 0x2178  Synth3dVsc - ok
22:08:41.0982 0x2178  [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain         C:\Windows\system32\sysmain.dll
22:08:41.0997 0x2178  SysMain - ok
22:08:42.0013 0x2178  [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
22:08:42.0029 0x2178  SystemEventsBroker - ok
22:08:42.0029 0x2178  [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:08:42.0029 0x2178  TabletInputService - ok
22:08:42.0044 0x2178  [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:08:42.0044 0x2178  TapiSrv - ok
22:08:42.0107 0x2178  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:08:42.0138 0x2178  Tcpip - ok
22:08:42.0185 0x2178  [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6          C:\Windows\system32\drivers\tcpip.sys
22:08:42.0232 0x2178  Tcpip6 - ok
22:08:42.0232 0x2178  [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:08:42.0232 0x2178  tcpipreg - ok
22:08:42.0247 0x2178  [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:08:42.0247 0x2178  tdx - ok
22:08:42.0419 0x2178  [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer      P:\Programme\TeamViewer\TeamViewer_Service.exe
22:08:42.0513 0x2178  TeamViewer - ok
22:08:42.0529 0x2178  [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
22:08:42.0529 0x2178  terminpt - ok
22:08:42.0544 0x2178  [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService     C:\Windows\System32\termsrv.dll
22:08:42.0575 0x2178  TermService - ok
22:08:42.0575 0x2178  [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes          C:\Windows\system32\themeservice.dll
22:08:42.0575 0x2178  Themes - ok
22:08:42.0591 0x2178  [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
22:08:42.0591 0x2178  TieringEngineService - ok
22:08:42.0607 0x2178  [ 82BC3D304654F8EBEFABDDC2AD70AFE3, 466334A46F6579E7C3F619B15243B270AACE9D04FE06E5228B4759FD619BDDD9 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
22:08:42.0622 0x2178  tiledatamodelsvc - ok
22:08:42.0622 0x2178  [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
22:08:42.0622 0x2178  TimeBroker - ok
22:08:42.0638 0x2178  [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM             C:\Windows\System32\drivers\tpm.sys
22:08:42.0638 0x2178  TPM - ok
22:08:42.0638 0x2178  [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks          C:\Windows\System32\trkwks.dll
22:08:42.0654 0x2178  TrkWks - ok
22:08:42.0654 0x2178  [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:08:42.0654 0x2178  TrustedInstaller - ok
22:08:42.0654 0x2178  [ CA3B8AD1A520FD002200F3E5F97ADD79, 7C60745A70EA35DA6FDA83601B5B87F7F82B78B8562811E6D25065E1FED1A5E4 ] TS4NT           C:\Windows\system32\Drivers\TS4nt.sys
22:08:42.0669 0x2178  TS4NT - ok
22:08:42.0669 0x2178  [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt        C:\Windows\system32\drivers\TsUsbFlt.sys
22:08:42.0669 0x2178  tsusbflt - ok
22:08:42.0669 0x2178  [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
22:08:42.0669 0x2178  TsUsbGD - ok
22:08:42.0685 0x2178  [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel          C:\Windows\System32\drivers\tunnel.sys
22:08:42.0685 0x2178  tunnel - ok
22:08:42.0685 0x2178  [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate    C:\Windows\system32\tzautoupdate.dll
22:08:42.0685 0x2178  tzautoupdate - ok
22:08:42.0685 0x1cb4  Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
22:08:42.0700 0x2178  [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:08:42.0700 0x2178  uagp35 - ok
22:08:42.0700 0x2178  [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
22:08:42.0700 0x2178  UASPStor - ok
22:08:42.0700 0x2178  [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101       C:\Windows\system32\Drivers\UcmCx.sys
22:08:42.0700 0x2178  UcmCx0101 - ok
22:08:42.0716 0x2178  [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi         C:\Windows\System32\drivers\UcmUcsi.sys
22:08:42.0716 0x2178  UcmUcsi - ok
22:08:42.0716 0x2178  [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000        C:\Windows\system32\drivers\ucx01000.sys
22:08:42.0732 0x2178  Ucx01000 - ok
22:08:42.0732 0x2178  [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx           C:\Windows\system32\drivers\udecx.sys
22:08:42.0732 0x2178  UdeCx - ok
22:08:42.0732 0x2178  [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:08:42.0747 0x2178  udfs - ok
22:08:42.0747 0x2178  [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
22:08:42.0747 0x2178  UEFI - ok
22:08:42.0763 0x2178  [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000        C:\Windows\system32\drivers\ufx01000.sys
22:08:42.0763 0x2178  Ufx01000 - ok
22:08:42.0763 0x2178  [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea     C:\Windows\System32\drivers\UfxChipidea.sys
22:08:42.0763 0x2178  UfxChipidea - ok
22:08:42.0779 0x2178  [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys     C:\Windows\System32\drivers\ufxsynopsys.sys
22:08:42.0779 0x2178  ufxsynopsys - ok
22:08:42.0779 0x2178  [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:08:42.0779 0x2178  UI0Detect - ok
22:08:42.0794 0x2178  [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:08:42.0794 0x2178  uliagpkx - ok
22:08:42.0794 0x2178  [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus           C:\Windows\System32\drivers\umbus.sys
22:08:42.0794 0x2178  umbus - ok
22:08:42.0794 0x2178  [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass          C:\Windows\System32\drivers\umpass.sys
22:08:42.0794 0x2178  UmPass - ok
22:08:42.0810 0x2178  [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:08:42.0810 0x2178  UmRdpService - ok
22:08:42.0841 0x2178  [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc     C:\Windows\System32\unistore.dll
22:08:42.0872 0x2178  UnistoreSvc - ok
22:08:42.0888 0x2178  [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost        C:\Windows\System32\upnphost.dll
22:08:42.0888 0x2178  upnphost - ok
22:08:42.0904 0x2178  [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea     C:\Windows\System32\drivers\urschipidea.sys
22:08:42.0904 0x2178  UrsChipidea - ok
22:08:42.0904 0x2178  [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000      C:\Windows\system32\drivers\urscx01000.sys
22:08:42.0904 0x2178  UrsCx01000 - ok
22:08:42.0904 0x2178  [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys     C:\Windows\System32\drivers\urssynopsys.sys
22:08:42.0904 0x2178  UrsSynopsys - ok
22:08:42.0919 0x2178  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
22:08:42.0919 0x2178  USBAAPL64 - ok
22:08:42.0919 0x2178  [ 9F9D5E2086BB9AEEA96E9BF73B7B2D32, AFA84CE1E96C07EBFB7A05D0181C876E027B848AF6C6DB932765912B814CAF56 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:08:42.0919 0x2178  usbaudio - ok
22:08:42.0935 0x2178  [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
22:08:42.0935 0x2178  usbccgp - ok
22:08:42.0935 0x2178  [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir          C:\Windows\System32\drivers\usbcir.sys
22:08:42.0935 0x2178  usbcir - ok
22:08:42.0950 0x2178  [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci         C:\Windows\System32\drivers\usbehci.sys
22:08:42.0950 0x2178  usbehci - ok
22:08:42.0966 0x2178  [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub          C:\Windows\System32\drivers\usbhub.sys
22:08:42.0966 0x2178  usbhub - ok
22:08:42.0982 0x2178  [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
22:08:42.0997 0x2178  USBHUB3 - ok
22:08:42.0997 0x2178  [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
22:08:42.0997 0x2178  usbohci - ok
22:08:42.0997 0x2178  [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
22:08:42.0997 0x2178  usbprint - ok
22:08:43.0013 0x2178  [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser          C:\Windows\System32\drivers\usbser.sys
22:08:43.0013 0x2178  usbser - ok
22:08:43.0013 0x2178  [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
22:08:43.0013 0x2178  USBSTOR - ok
22:08:43.0029 0x2178  [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
22:08:43.0029 0x2178  usbuhci - ok
22:08:43.0029 0x2178  [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:08:43.0029 0x2178  usbvideo - ok
22:08:43.0044 0x2178  [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
22:08:43.0060 0x2178  USBXHCI - ok
22:08:43.0091 0x2178  [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc     C:\Windows\System32\userdataservice.dll
22:08:43.0107 0x2178  UserDataSvc - ok
22:08:43.0138 0x2178  [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager     C:\Windows\System32\usermgr.dll
22:08:43.0154 0x2178  UserManager - ok
22:08:43.0169 0x2178  [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc          C:\Windows\system32\usocore.dll
22:08:43.0185 0x2178  UsoSvc - ok
22:08:43.0185 0x2178  [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc        C:\Windows\system32\lsass.exe
22:08:43.0185 0x2178  VaultSvc - ok
22:08:43.0185 0x2178  [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:08:43.0185 0x2178  vdrvroot - ok
22:08:43.0200 0x2178  [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds             C:\Windows\System32\vds.exe
22:08:43.0216 0x2178  vds - ok
22:08:43.0232 0x2178  [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
22:08:43.0232 0x2178  VerifierExt - ok
22:08:43.0247 0x2178  [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
22:08:43.0263 0x2178  vhdmp - ok
22:08:43.0263 0x2178  [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf             C:\Windows\System32\drivers\vhf.sys
22:08:43.0263 0x2178  vhf - ok
22:08:43.0279 0x2178  [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:08:43.0279 0x2178  vmbus - ok
22:08:43.0279 0x2178  [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
22:08:43.0279 0x2178  VMBusHID - ok
22:08:43.0294 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\Windows\System32\ICSvc.dll
22:08:43.0294 0x2178  vmicguestinterface - ok
22:08:43.0310 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
22:08:43.0325 0x2178  vmicheartbeat - ok
22:08:43.0341 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\Windows\System32\ICSvc.dll
22:08:43.0357 0x2178  vmickvpexchange - ok
22:08:43.0357 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv         C:\Windows\System32\ICSvc.dll
22:08:43.0372 0x2178  vmicrdv - ok
22:08:43.0388 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown    C:\Windows\System32\ICSvc.dll
22:08:43.0388 0x2178  vmicshutdown - ok
22:08:43.0404 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync    C:\Windows\System32\ICSvc.dll
22:08:43.0419 0x2178  vmictimesync - ok
22:08:43.0435 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession   C:\Windows\System32\ICSvc.dll
22:08:43.0435 0x2178  vmicvmsession - ok
22:08:43.0450 0x2508  Object send P2P result: true
22:08:43.0450 0x2508  Object required for P2P: [ DF91A7FE2D8F487EE5769BAC2D297D76 ] amdkmdap
22:08:43.0450 0x2178  [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss         C:\Windows\System32\ICSvc.dll
22:08:43.0466 0x2178  vmicvss - ok
22:08:43.0466 0x2178  [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:08:43.0466 0x2178  volmgr - ok
22:08:43.0482 0x2178  [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:08:43.0482 0x2178  volmgrx - ok
22:08:43.0497 0x2178  [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:08:43.0513 0x2178  volsnap - ok
22:08:43.0513 0x2178  [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci            C:\Windows\System32\drivers\vpci.sys
22:08:43.0513 0x2178  vpci - ok
22:08:43.0513 0x2178  [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:08:43.0529 0x2178  vsmraid - ok
22:08:43.0560 0x2178  [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS             C:\Windows\system32\vssvc.exe
22:08:43.0576 0x2178  VSS - ok
22:08:43.0591 0x2178  [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
22:08:43.0591 0x2178  VSTXRAID - ok
22:08:43.0591 0x2178  [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:08:43.0607 0x2178  vwifibus - ok
22:08:43.0607 0x2178  [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt        C:\Windows\system32\drivers\vwififlt.sys
22:08:43.0607 0x2178  vwififlt - ok
22:08:43.0622 0x2178  [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time         C:\Windows\system32\w32time.dll
22:08:43.0622 0x2178  W32Time - ok
22:08:43.0638 0x2178  [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
22:08:43.0638 0x2178  WacomPen - ok
22:08:43.0654 0x2178  [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService   C:\Windows\system32\WalletService.dll
22:08:43.0654 0x2178  WalletService - ok
22:08:43.0669 0x2178  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
22:08:43.0669 0x2178  wanarp - ok
22:08:43.0669 0x2178  [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:08:43.0669 0x2178  wanarpv6 - ok
22:08:43.0700 0x2178  [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine        C:\Windows\system32\wbengine.exe
22:08:43.0732 0x2178  wbengine - ok
22:08:43.0747 0x2178  [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:08:43.0763 0x2178  WbioSrvc - ok
22:08:43.0779 0x2178  [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
22:08:43.0794 0x2178  Wcmsvc - ok
22:08:43.0810 0x2178  [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:08:43.0810 0x2178  wcncsvc - ok
22:08:43.0810 0x2178  [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:08:43.0826 0x2178  WcsPlugInService - ok
22:08:43.0826 0x2178  [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
22:08:43.0826 0x2178  WdBoot - ok
22:08:43.0826 0x2178  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\Windows\System32\drivers\wdcsam64.sys
22:08:43.0826 0x2178  WDC_SAM - ok
22:08:43.0857 0x2178  [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:08:43.0857 0x2178  Wdf01000 - ok
22:08:43.0872 0x2178  [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
22:08:43.0872 0x2178  WdFilter - ok
22:08:43.0888 0x2178  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:08:43.0888 0x2178  WdiServiceHost - ok
22:08:43.0888 0x2178  [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:08:43.0888 0x2178  WdiSystemHost - ok
22:08:43.0905 0x2178  [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi         C:\Windows\system32\DRIVERS\wdiwifi.sys
22:08:43.0921 0x2178  wdiwifi - ok
22:08:43.0936 0x2178  [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
22:08:43.0936 0x2178  WdNisDrv - ok
22:08:43.0936 0x2178  WdNisSvc - ok
22:08:43.0936 0x2178  [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient       C:\Windows\System32\webclnt.dll
22:08:43.0952 0x2178  WebClient - ok
22:08:43.0952 0x2178  [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:08:43.0968 0x2178  Wecsvc - ok
22:08:43.0968 0x2178  [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
22:08:43.0968 0x2178  WEPHOSTSVC - ok
22:08:43.0968 0x2178  [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:08:43.0968 0x2178  wercplsupport - ok
22:08:43.0983 0x2178  [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:08:43.0983 0x2178  WerSvc - ok
22:08:43.0999 0x2178  [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS         C:\Windows\system32\drivers\wfplwfs.sys
22:08:43.0999 0x2178  WFPLWFS - ok
22:08:43.0999 0x2178  [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc          C:\Windows\System32\wiarpc.dll
22:08:43.0999 0x2178  WiaRpc - ok
22:08:43.0999 0x2178  [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:08:44.0015 0x2178  WIMMount - ok
22:08:44.0015 0x2178  WinDefend - ok
22:08:44.0015 0x2178  [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
22:08:44.0015 0x2178  WindowsTrustedRT - ok
22:08:44.0015 0x2178  [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
22:08:44.0030 0x2178  WindowsTrustedRTProxy - ok
22:08:44.0046 0x2178  [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
22:08:44.0061 0x2178  WinHttpAutoProxySvc - ok
22:08:44.0061 0x2178  [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad          C:\Windows\System32\drivers\winmad.sys
22:08:44.0061 0x2178  WinMad - ok
22:08:44.0077 0x2178  [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:08:44.0077 0x2178  Winmgmt - ok
22:08:44.0140 0x2178  [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM           C:\Windows\system32\WsmSvc.dll
22:08:44.0171 0x2178  WinRM - ok
22:08:44.0186 0x2178  [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB          C:\Windows\System32\drivers\WinUSB.SYS
22:08:44.0186 0x2178  WINUSB - ok
22:08:44.0202 0x2178  [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs        C:\Windows\System32\drivers\winverbs.sys
22:08:44.0202 0x2178  WinVerbs - ok
22:08:44.0249 0x2178  [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc         C:\Windows\System32\wlansvc.dll
22:08:44.0280 0x2178  WlanSvc - ok
22:08:44.0327 0x2178  [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
22:08:44.0374 0x2178  wlidsvc - ok
22:08:44.0374 0x2178  [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
22:08:44.0374 0x2178  WmiAcpi - ok
22:08:44.0390 0x2178  [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:08:44.0390 0x2178  wmiApSrv - ok
22:08:44.0390 0x2178  WMPNetworkSvc - ok
22:08:44.0390 0x2178  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\Windows\system32\drivers\Wof.sys
22:08:44.0405 0x2178  Wof - ok
22:08:44.0437 0x2178  [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
22:08:44.0468 0x2178  workfolderssvc - ok
22:08:44.0483 0x2178  [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
22:08:44.0483 0x2178  wpcfltr - ok
22:08:44.0483 0x2178  [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:08:44.0483 0x2178  WPDBusEnum - ok
22:08:44.0499 0x2178  [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
22:08:44.0499 0x2178  WpdUpFltr - ok
22:08:44.0499 0x2178  [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService      C:\Windows\system32\WpnService.dll
22:08:44.0499 0x2178  WpnService - ok
22:08:44.0499 0x2178  [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:08:44.0499 0x2178  ws2ifsl - ok
22:08:44.0515 0x2178  [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:08:44.0515 0x2178  wscsvc - ok
22:08:44.0515 0x2178  [ F517CB0182B1DA5C0E0FC6B548FF60CC, F09CA4172D611487F157973C808627F04B0CF0A71CE19D49280BFBEA4AE6027B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
22:08:44.0515 0x2178  WSDPrintDevice - ok
22:08:44.0530 0x2178  WSearch - ok
22:08:44.0608 0x2178  [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService       C:\Windows\System32\WSService.dll
22:08:44.0655 0x2178  WSService - ok
22:08:44.0702 0x2178  [ 8A88DBA247BFF23BD284C2189F41FDA5, 86A617CB7C7473306DA2889AA30B488ABB9B824F7DCA31AA675DA6EB3974887C ] wuauserv        C:\Windows\system32\wuaueng.dll
22:08:44.0749 0x2178  wuauserv - ok
22:08:44.0749 0x2178  [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:08:44.0749 0x2178  WudfPf - ok
22:08:44.0765 0x2178  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
22:08:44.0765 0x2178  WUDFRd - ok
22:08:44.0765 0x2178  [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:08:44.0780 0x2178  wudfsvc - ok
22:08:44.0780 0x2178  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
22:08:44.0780 0x2178  WUDFWpdFs - ok
22:08:44.0796 0x2178  [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
22:08:44.0796 0x2178  WUDFWpdMtp - ok
22:08:44.0827 0x2178  [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:08:44.0843 0x2178  WwanSvc - ok
22:08:44.0874 0x2178  [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager  C:\Windows\System32\XblAuthManager.dll
22:08:44.0890 0x2178  XblAuthManager - ok
22:08:44.0921 0x2178  [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave     C:\Windows\System32\XblGameSave.dll
22:08:44.0937 0x2178  XblGameSave - ok
22:08:44.0952 0x2178  [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip         C:\Windows\System32\drivers\xboxgip.sys
22:08:44.0952 0x2178  xboxgip - ok
22:08:44.0983 0x2178  [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc   C:\Windows\system32\XboxNetApiSvc.dll
22:08:44.0999 0x2178  XboxNetApiSvc - ok
22:08:44.0999 0x2178  [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid       C:\Windows\System32\drivers\xinputhid.sys
22:08:44.0999 0x2178  xinputhid - ok
22:08:44.0999 0x2178  ================ Scan global ===============================
22:08:45.0015 0x2178  [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\Windows\system32\basesrv.dll
22:08:45.0015 0x2178  [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\Windows\system32\winsrv.dll
22:08:45.0030 0x2178  [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\Windows\system32\sxssrv.dll
22:08:45.0030 0x2178  [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\Windows\system32\services.exe
22:08:45.0046 0x2178  [ Global ] - ok
22:08:45.0046 0x2178  ================ Scan MBR ==================================
22:08:45.0046 0x2178  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:08:45.0062 0x2178  \Device\Harddisk0\DR0 - ok
22:08:45.0062 0x2178  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:08:45.0140 0x2178  \Device\Harddisk1\DR1 - ok
22:08:45.0140 0x2178  ================ Scan VBR ==================================
22:08:45.0140 0x2178  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
22:08:45.0140 0x2178  \Device\Harddisk0\DR0\Partition1 - ok
22:08:45.0140 0x2178  [ 99E12C09E11F8264260CE0C7BDB471D1 ] \Device\Harddisk0\DR0\Partition2
22:08:45.0186 0x2178  \Device\Harddisk0\DR0\Partition2 - ok
22:08:45.0186 0x2178  [ 9376CEAC6AAE42B618FBF145F4C73CF6 ] \Device\Harddisk1\DR1\Partition1
22:08:45.0186 0x2178  \Device\Harddisk1\DR1\Partition1 - ok
22:08:45.0186 0x2178  ================ Scan generic autorun ======================
22:08:45.0186 0x2178  [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
22:08:45.0186 0x2178  Logitech Download Assistant - ok
22:08:45.0296 0x2178  [ E41245791F9B6F4022F8C46154C358E8, 3E1597352DC9DBBAD8262B8271FC532F38C39EBB2D7461DE6839880A0D099E2F ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
22:08:45.0374 0x2178  StartCN - ok
22:08:45.0423 0x2178  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] P:\Programme\iTunes\iTunesHelper.exe
22:08:45.0423 0x2178  iTunesHelper - ok
22:08:45.0423 0x2178  [ C419DF63E0121D72411285780C2FC6CC, F47F854D327C589D174D3BB5B55D5C05F5ACA73DF52A6BEF47596B9010190291 ] C:\Windows\UpdReg.EXE
22:08:45.0423 0x2178  UpdReg - ok
22:08:45.0486 0x2178  [ 6F98C7DA1AE54B3151358971336B7B46, 3FE79211467DCC020C3D284B2DFA286677375004E92A742030EAE29A49A0BF76 ] P:\Programme\Creative Soundblaster\Sound Blaster Recon3D PCIe Control Panel\SBRnPCIe.exe
22:08:45.0501 0x2178  Sound Blaster Recon3D PCIe Control Panel - ok
22:08:45.0579 0x2178  [ 2B70BC6A2F5E7EBFC7AE9594041A15F7, 656198A552768E8662E858BAB3ABE99DF35EC2666DD8292022DD3606B9E8C572 ] P:\Programme\Duet\duet.exe
22:08:45.0611 0x2178  Duet Display - ok
22:08:45.0689 0x2178  [ 0DB20318CEB155799880FEC174988933, 3840A7C9DF01F118048E806D71BDC5686A8FCF316FB35E65045988B0271532D8 ] P:\Programme\GDATA\Firewall\GDFirewallTray.exe
22:08:45.0720 0x2178  GDFirewallTray - ok
22:08:45.0908 0x2178  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:08:45.0970 0x1d00  Object send P2P result: true
22:08:45.0970 0x1d00  Object required for P2P: [ 961339CE4E9801865631C7BF1358A758 ] AVKWCtl
22:08:46.0033 0x2178  OneDriveSetup - ok
22:08:46.0220 0x2178  [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
22:08:46.0345 0x2178  OneDriveSetup - ok
22:08:46.0361 0x2178  [ 61F488AC3053DEB2AADB6A34DEBC8876, B5C5E0325F0FB4A37E80F08273B7483630F676C6342519564798CE7D1F121CB7 ] C:\Users\Gregor\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:08:46.0376 0x2178  OneDrive - ok
22:08:46.0584 0x2178  [ 35C570B08308326298DB8298376226A8, 2932C15E6B8BC854C2648DBF66F14531A4CF672C5D84244C9310CA8EEE1C55BC ] C:\Program Files\CCleaner\CCleaner64.exe
22:08:46.0728 0x2178  CCleaner Monitoring - ok
22:08:46.0774 0x2178  [ AC3D7040644600F31F8DCA5FD3127168, 38B893F92A68C5BB8E3D4B82F01756F8F87888B9F73D27FA56B6DA08758A9DE8 ] C:\Users\Gregor\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:08:46.0793 0x2178  Spotify Web Helper - ok
22:08:46.0934 0x2178  [ 593D1833AEEB34AC07FEB1F65D88487B, DF854B68DA7883EA14FD74C4F541FFAE59B26B61DA541DECFFA3553E7C55AF4C ] C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe
22:08:47.0090 0x2178  Spotify - ok
22:08:47.0105 0x2178  Skype - ok
22:08:47.0121 0x2178  [ F7BF95877017F53DDAEBC4E87A309168, F7849DBC61E5E7C42B97D011364ADC7C20257994FECBFA988C8CB2E779392F80 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:08:47.0121 0x2178  iCloudServices - ok
22:08:47.0121 0x2178  [ 3558EC1B95ACC52F77BC401D08B47D84, 6BAD7D79003414DCADE127FD2CFE4E3019D4D3CD26083BA45562B39C97AEB9C5 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
22:08:47.0121 0x2178  iCloudDrive - ok
22:08:47.0137 0x2178  [ 054EBE0E187606965B43AA7C7DCF77F2, B65F1EB130E677E05EEE1BAFDE0D0F85B288A6A826878BF3C8787EA79C0BD609 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
22:08:47.0137 0x2178  iCloudPhotos - ok
22:08:47.0137 0x2178  Waiting for KSN requests completion. In queue: 337
22:08:48.0152 0x2178  Waiting for KSN requests completion. In queue: 337
22:08:48.0656 0x0404  Object send P2P result: true
22:08:49.0156 0x2178  Waiting for KSN requests completion. In queue: 308
22:08:50.0160 0x2178  Waiting for KSN requests completion. In queue: 281
22:08:50.0457 0x27f0  Object send P2P result: true
22:08:50.0519 0x27d4  Object send P2P result: true
22:08:50.0519 0x27d4  Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
22:08:51.0175 0x2178  Waiting for KSN requests completion. In queue: 253
22:08:52.0184 0x2178  Waiting for KSN requests completion. In queue: 253
22:08:52.0309 0x1cb4  Object send P2P result: true
22:08:52.0309 0x2508  Object send P2P result: true
22:08:53.0188 0x2178  Waiting for KSN requests completion. In queue: 230
22:08:53.0407 0x1d00  Object send P2P result: true
22:08:54.0047 0x1564  Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
22:08:54.0141 0x27d4  Object send P2P result: true
22:08:54.0204 0x2178  Waiting for KSN requests completion. In queue: 181
22:08:55.0207 0x2178  Waiting for KSN requests completion. In queue: 181
22:08:56.0210 0x2178  Waiting for KSN requests completion. In queue: 181
22:08:57.0216 0x2178  Waiting for KSN requests completion. In queue: 181
22:08:57.0903 0x1564  Object send P2P result: true
22:08:57.0903 0x1564  Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
22:08:58.0232 0x2178  Waiting for KSN requests completion. In queue: 161
22:08:59.0234 0x2178  Waiting for KSN requests completion. In queue: 161
22:09:00.0250 0x2178  Waiting for KSN requests completion. In queue: 161
22:09:01.0254 0x2178  Waiting for KSN requests completion. In queue: 161
22:09:01.0532 0x1564  Object send P2P result: true
22:09:01.0546 0x1564  Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
22:09:02.0264 0x2178  Waiting for KSN requests completion. In queue: 80
22:09:03.0280 0x2178  Waiting for KSN requests completion. In queue: 80
22:09:04.0284 0x2178  Waiting for KSN requests completion. In queue: 80
22:09:05.0146 0x1564  Object send P2P result: true
22:09:05.0162 0x1564  Object required for P2P: [ E41245791F9B6F4022F8C46154C358E8 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
22:09:05.0287 0x2178  Waiting for KSN requests completion. In queue: 15
22:09:06.0303 0x2178  Waiting for KSN requests completion. In queue: 15
22:09:07.0308 0x2178  Waiting for KSN requests completion. In queue: 15
22:09:08.0313 0x2178  Waiting for KSN requests completion. In queue: 15
22:09:08.0969 0x1564  Object send P2P result: true
22:09:08.0969 0x1564  Object required for P2P: [ 2B70BC6A2F5E7EBFC7AE9594041A15F7 ] P:\Programme\Duet\duet.exe
22:09:09.0328 0x2178  Waiting for KSN requests completion. In queue: 11
22:09:10.0332 0x2178  Waiting for KSN requests completion. In queue: 11
22:09:11.0336 0x2178  Waiting for KSN requests completion. In queue: 11
22:09:12.0341 0x2178  Waiting for KSN requests completion. In queue: 11
22:09:12.0576 0x1564  Object send P2P result: true
22:09:12.0576 0x1564  Object required for P2P: [ 593D1833AEEB34AC07FEB1F65D88487B ] C:\Users\Gregor\AppData\Roaming\Spotify\Spotify.exe
22:09:13.0357 0x2178  Waiting for KSN requests completion. In queue: 4
22:09:14.0359 0x2178  Waiting for KSN requests completion. In queue: 4
22:09:15.0375 0x2178  Waiting for KSN requests completion. In queue: 4
22:09:16.0004 0x1564  Object send P2P result: true
22:09:16.0410 0x2178  AV detected via SS2: G DATA INTERNET SECURITY, P:\Programme\GDATA\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
22:09:16.0410 0x2178  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
22:09:16.0410 0x2178  FW detected via SS2: G DATA Personal Firewall, P:\Programme\GDATA\Firewall\GDFwSvcx64.exe ( 22.0.0.1 ), 0x41010 ( enabled )
22:09:20.0520 0x2178  ============================================================
22:09:20.0520 0x2178  Scan finished
22:09:20.0520 0x2178  ============================================================
22:09:20.0520 0x21a4  Detected object count: 0
22:09:20.0520 0x21a4  Actual detected object count: 0
22:09:26.0430 0x2070  Deinitialize success
Hast du noch ideen?

Alt 31.05.2016, 18:02   #7
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Standard

Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


Scan wurde nicht mit den richtigen Einstellungen durchgeführt. Bitte wiederholen, falls Funde bitte posten. Ansonsten weiter mit:

ESET-Suchscan

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.
antivirus, bho, bonjour, browser, defender, email, fehler, flash player, frage, gdata, google, hijack, hijackthis, internet, internet explorer, logfile, logfile auswerten, mozilla, ping extrem, problem, scan, senden, software, stick, trojaner, trojaner?, windows


« Win 7 Pro 64: Webseiten werden auf Werbung umgeleitet | Win 10: Old Explorer unterbricht in kurzen Abständen »


Ähnliche Themen: Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei.


  1. Landespolizeidirection Schadsoftware - OTPle Logfile anbei
    Log-Analyse und Auswertung - 06.11.2013 (17)
  2. 2 Trojaner gefunden: Ransom und Badur, anbei logfile OTL
    Log-Analyse und Auswertung - 07.09.2013 (15)
  3. BKA-Trojaner hat auch mich erwischt-OTL-Logfile anbei!
    Log-Analyse und Auswertung - 02.05.2012 (4)
  4. Trojaner-Baukasten für Mac OS X kostet 1000 US-Dollar
    Nachrichten - 03.05.2011 (0)
  5. Rechner stürzt reglmäßig ab und läuft viel zu langsam; anbei logfile
    Log-Analyse und Auswertung - 26.01.2011 (3)
  6. Trojaner eingefangen: TR/ATRAPS.G​en Logfile anbei
    Log-Analyse und Auswertung - 10.05.2010 (2)
  7. Desktop friert ein beim Hochfahren - HiJackThis Logfile anbei - Rat gesucht
    Log-Analyse und Auswertung - 28.01.2010 (3)
  8. Trojaner Flut, 1000 stk.+, Was machen?
    Plagegeister aller Art und deren Bekämpfung - 29.06.2009 (1)
  9. Bitte um Hilfe bei FraudLoad Virus, HiJackthis LogFile anbei
    Log-Analyse und Auswertung - 27.07.2008 (0)
  10. CID und werbung bitte helfen!!! Logfile anbei
    Mülltonne - 05.11.2007 (1)
  11. Backdoor-Trojaner unzerstörbar? Logfile anbei
    Log-Analyse und Auswertung - 25.12.2005 (2)
  12. Ping(Counterstrike) bei 1000!
    Log-Analyse und Auswertung - 22.05.2005 (12)
  13. Internetzugang blockiert | Logfile anbei
    Log-Analyse und Auswertung - 03.05.2005 (4)
  14. Bitte um Hilfe. Logfile anbei
    Log-Analyse und Auswertung - 04.04.2005 (4)
  15. Laptop startet extrem langsam; logfile anbei...
    Log-Analyse und Auswertung - 10.02.2005 (3)
  16. erbitte hilfe! ...logfile anbei...
    Log-Analyse und Auswertung - 03.02.2005 (5)
  17. Hintergrundbild=Trojaner? (Logfile anbei)
    Log-Analyse und Auswertung - 29.09.2004 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. - Hallo Leute, bin komplett neu hier. Zudem noch jungfräulich was Foren generell angeht. Sollte ich einen Fehler machen, weist mich drauf hin, aber zerfleischt micht bitte nicht. Mein Problem fing - Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei....
Archiv
Du betrachtest: Ping>1000 Trojaner? Einstellungengsfrage? Logfile anbei. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130