| |
| |||||||
Log-Analyse und Auswertung: "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll"Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.06.2016, 09:10
| #1 |
 |  "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Hallo liebe community, ich habe gerade ein clean install von Windows 7 auf Windows 10 durchgeführt. Nachdem alle Update installiert waren, habe ich direkt Avira installiert. Der Echtzeit-Scanner hat direkt ein Trojaner gefunden. Code:
ATTFilter Muster 'TR/Crypt.XPACK.Gen [trojan]'
in Datei 'C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll gefunden.
Durchgeführte Aktion: Übergeben an Scanner
Code:
ATTFilter 09:47:55.0896 0x108c TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:47:55.0896 0x108c UEFI system
09:48:02.0646 0x108c ============================================================
09:48:02.0646 0x108c Current date / time: 2016/06/06 09:48:02.0646
09:48:02.0646 0x108c SystemInfo:
09:48:02.0646 0x108c
09:48:02.0646 0x108c OS Version: 10.0.10586 ServicePack: 0.0
09:48:02.0646 0x108c Product type: Workstation
09:48:02.0646 0x108c ComputerName: DESKTOP-CBE9C5A
09:48:02.0646 0x108c UserName: Inkognito
09:48:02.0646 0x108c Windows directory: C:\WINDOWS
09:48:02.0646 0x108c System windows directory: C:\WINDOWS
09:48:02.0646 0x108c Running under WOW64
09:48:02.0646 0x108c Processor architecture: Intel x64
09:48:02.0646 0x108c Number of processors: 4
09:48:02.0646 0x108c Page size: 0x1000
09:48:02.0646 0x108c Boot type: Normal boot
09:48:02.0646 0x108c ============================================================
09:48:02.0709 0x108c KLMD registered as C:\WINDOWS\system32\drivers\42923565.sys
09:48:02.0756 0x108c System UUID: {4E3EE568-06FE-F5ED-C039-DCC45918E470}
09:48:03.0006 0x108c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:48:03.0006 0x108c Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1115E00 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:48:03.0006 0x108c ============================================================
09:48:03.0006 0x108c \Device\Harddisk0\DR0:
09:48:03.0006 0x108c GPT partitions:
09:48:03.0006 0x108c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {73940099-94DD-4FFB-9F6C-60DC5810590C}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xE1000
09:48:03.0006 0x108c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A388C7E3-89A8-447C-B1E3-C1794E777437}, Name: EFI system partition, StartLBA 0xE1800, BlocksNum 0x32000
09:48:03.0006 0x108c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E3620855-4D11-4A42-A5FE-464394DDA17C}, Name: Microsoft reserved partition, StartLBA 0x113800, BlocksNum 0x8000
09:48:03.0006 0x108c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9C568A7A-6FA9-4824-A1B3-ABC4F39B8540}, Name: Basic data partition, StartLBA 0x11B800, BlocksNum 0x3A26A000
09:48:03.0006 0x108c MBR partitions:
09:48:03.0006 0x108c \Device\Harddisk1\DR1:
09:48:03.0287 0x108c MBR partitions:
09:48:03.0287 0x108c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E080AC
09:48:03.0287 0x108c ============================================================
09:48:03.0303 0x108c C: <-> \Device\Harddisk0\DR0\Partition4
09:48:03.0318 0x108c D: <-> \Device\Harddisk1\DR1\Partition1
09:48:03.0318 0x108c ============================================================
09:48:03.0318 0x108c Initialize success
09:48:03.0318 0x108c ============================================================
09:48:58.0836 0x1990 ============================================================
09:48:58.0836 0x1990 Scan started
09:48:58.0836 0x1990 Mode: Manual; SigCheck; TDLFS;
09:48:58.0836 0x1990 ============================================================
09:48:58.0836 0x1990 KSN ping started
09:49:01.0164 0x1990 KSN ping finished: true
09:49:01.0801 0x1990 ================ Scan system memory ========================
09:49:01.0801 0x1990 System memory - ok
09:49:01.0801 0x1990 ================ Scan services =============================
09:49:01.0848 0x1990 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:49:01.0895 0x1990 1394ohci - ok
09:49:01.0895 0x1990 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:49:01.0911 0x1990 3ware - ok
09:49:01.0926 0x1990 [ 469441BAE3FF8A16826FC62C51EF5E18, E1204677B87F47222D05F670F8DF3DB65EA0881782A8DCFBE0103478ED71187C ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:49:01.0950 0x1990 ACPI - ok
09:49:01.0950 0x1990 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:49:01.0966 0x1990 acpiex - ok
09:49:01.0966 0x1990 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:49:01.0982 0x1990 acpipagr - ok
09:49:01.0982 0x1990 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:49:01.0997 0x1990 AcpiPmi - ok
09:49:01.0997 0x1990 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:49:02.0013 0x1990 acpitime - ok
09:49:02.0013 0x1990 [ BEE9FD66BC285BAC23407255EDEB7C06, DFD0EE36AA57537B004D4666443222F75FBD5D74BF2822806A018CEDC8641F5B ] AdaptiveSleepService C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe
09:49:02.0013 0x1990 AdaptiveSleepService - detected UnsignedFile.Multi.Generic ( 1 )
09:49:04.0330 0x1990 Detect skipped due to KSN trusted
09:49:04.0330 0x1990 AdaptiveSleepService - ok
09:49:04.0392 0x1990 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:49:04.0423 0x1990 ADP80XX - ok
09:49:04.0439 0x1990 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:49:04.0455 0x1990 AFD - ok
09:49:04.0455 0x1990 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:49:04.0470 0x1990 agp440 - ok
09:49:04.0470 0x1990 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:49:04.0486 0x1990 ahcache - ok
09:49:04.0486 0x1990 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:49:04.0486 0x1990 AJRouter - ok
09:49:04.0502 0x1990 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
09:49:04.0502 0x1990 ALG - ok
09:49:04.0517 0x1990 [ 3CB9E747A8E0E164622597770399533C, B1E640B9ACF236564DED88BF194EAD40FF997F02A106685E2CF2EDF7837CCA87 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
09:49:04.0533 0x1990 AMD External Events Utility - ok
09:49:04.0533 0x1990 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:49:04.0548 0x1990 AmdK8 - ok
09:49:04.0548 0x1990 amdkmdag - ok
09:49:04.0564 0x1990 [ 1F16C42264A3328CD99B721AB32D2EE4, 15C1601727E0418B9C345BA4038525CB22073C3CAC42AF4E0CB32DC9CAEB69CD ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
09:49:04.0580 0x1990 amdkmdap - ok
09:49:04.0595 0x1990 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:49:04.0611 0x1990 AmdPPM - ok
09:49:04.0611 0x1990 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:49:04.0627 0x1990 amdsata - ok
09:49:04.0627 0x1990 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:49:04.0642 0x1990 amdsbs - ok
09:49:04.0642 0x1990 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:49:04.0658 0x1990 amdxata - ok
09:49:04.0673 0x1990 [ 157DA3885AA4F03C80C10DAEB0949CAA, 69EA1C9F904FBDFE904A3BC52CB0E188AF18A93EA87A119E5E6234C6F5D4742E ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
09:49:04.0705 0x1990 AntiVirMailService - ok
09:49:04.0705 0x1990 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:49:04.0720 0x1990 AntiVirSchedulerService - ok
09:49:04.0736 0x1990 [ BD65021AB0EC790AECC503C394E61BA4, 51AD9C6F1192A3604902AE4F3B4B791DF1D58EA0B39B12AE4FA38F59E02F6D68 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:49:04.0752 0x1990 AntiVirService - ok
09:49:04.0767 0x1990 [ CF586007CB1F9189CDF07D0D5A02C448, 7BA6E27A835A0851C12A7A115C24665631CC77D857DAF32D24BF2D2AF676FE30 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
09:49:04.0798 0x1990 AntiVirWebService - ok
09:49:04.0798 0x1990 [ EDDB0D726DBECDFC1DBCC6DB464E5A13, 98D128D1E6FA270ED9ADBFE50078F68A794C00D4CBB86E28EC6161FFAD0CA8FF ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:49:04.0814 0x1990 AppID - ok
09:49:04.0814 0x1990 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:49:04.0830 0x1990 AppIDSvc - ok
09:49:04.0830 0x1990 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:49:04.0845 0x1990 Appinfo - ok
09:49:04.0861 0x1990 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:49:04.0877 0x1990 AppReadiness - ok
09:49:04.0908 0x1990 [ 087FBBC026DCC0F693E91079B9901B7E, 544DEC1255923DBDC8351B6CE2220FBC9929F2FFE52C91062C23DE7734DA7A2F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:49:04.0955 0x1990 AppXSvc - ok
09:49:04.0970 0x1990 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:49:04.0986 0x1990 arcsas - ok
09:49:05.0002 0x1990 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
09:49:05.0017 0x1990 asComSvc - ok
09:49:05.0048 0x1990 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
09:49:05.0048 0x1990 AsIO - ok
09:49:05.0064 0x1990 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:49:05.0064 0x1990 AsyncMac - ok
09:49:05.0080 0x1990 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:49:05.0080 0x1990 atapi - ok
09:49:05.0142 0x1990 [ 41DFF214D30294F18F64257167F1CCBA, 87BB8BC1AB5EC4F5DAD84CB0B16CDD4634F10DC687264E4C84E47EFEFF4310F6 ] athr C:\WINDOWS\System32\drivers\athw8x.sys
09:49:05.0252 0x1990 athr - ok
09:49:05.0252 0x1990 [ 7FFB1E6F81C7BFD5B64D02A5B344B1D2, FE5BD7254C9AA926224F0184E7370ACD83CE565E4535BE48AA526504978D483B ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
09:49:05.0267 0x1990 AtiHDAudioService - ok
09:49:05.0283 0x1990 [ 42BF7FA295F453618104B5A50BEE105B, AB44BA2AD2FC5AF3B6BE4489C444C03FD1AB02C22109BF5F39BE459294C4CB18 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:49:05.0298 0x1990 AudioEndpointBuilder - ok
09:49:05.0314 0x1990 [ 2A2C0983B6FE62F02E7183335B1F5C20, 07845269FE72894D31D3FC927EECE26333AE9A2149A995DA4AE007276B05C647 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:49:05.0345 0x1990 Audiosrv - ok
09:49:05.0345 0x1990 [ 5CF5E80616F74B769AABCF76FEA791D1, CA56643D41DB4E139FE85098DCD67187AAC126CE2414276364A97334E15F9F53 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:49:05.0345 0x1990 avgntflt - ok
09:49:05.0361 0x1990 [ 8EF22CC03EFA1CB6810003C6A3B287D3, 352FE3194713D86BBD900A74AF033D5FE96A71389CC63DFC4821B43A55837206 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:49:05.0361 0x1990 avipbb - ok
09:49:05.0361 0x1990 [ 8E6214E8C6100222BEB6A14F9B908A7E, 268279AE0D87E4B1CC227355DF12B7E8113F8355B1D20447AA723830D706021A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
09:49:05.0377 0x1990 Avira.OE.ServiceHost - ok
09:49:05.0377 0x1990 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:49:05.0377 0x1990 avkmgr - ok
09:49:05.0377 0x1990 [ 899D89FDF015BBAF628076987D74C295, 7534A10F652FBE559431B9B1C6BC13874E8BC7438D7AFD7553F96811FD3E59BD ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
09:49:05.0392 0x1990 avnetflt - ok
09:49:05.0392 0x1990 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:49:05.0408 0x1990 AxInstSV - ok
09:49:05.0408 0x1990 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:49:05.0439 0x1990 b06bdrv - ok
09:49:05.0439 0x1990 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:49:05.0455 0x1990 BasicDisplay - ok
09:49:05.0455 0x1990 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:49:05.0470 0x1990 BasicRender - ok
09:49:05.0470 0x1990 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
09:49:05.0486 0x1990 bcmfn - ok
09:49:05.0486 0x1990 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:49:05.0486 0x1990 bcmfn2 - ok
09:49:05.0502 0x1990 [ F374C27099807E99A156953F8416D34A, D267B8CD837290F9FC6B4FFD2DB8F54867D808FB155698FC7713BCAB3AE475B5 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:49:05.0517 0x1990 BDESVC - ok
09:49:05.0517 0x1990 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:49:05.0533 0x1990 Beep - ok
09:49:05.0548 0x1990 [ 37F5E2385CB4D10AB42186974B9C241A, D38FA2B8CE19AC32056060F04B04D031F1621C07528DEDCCD5A8C01AB0A35995 ] BFE C:\WINDOWS\System32\bfe.dll
09:49:05.0564 0x1990 BFE - ok
09:49:05.0595 0x1990 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
09:49:05.0627 0x1990 BITS - ok
09:49:05.0627 0x1990 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:49:05.0642 0x1990 bowser - ok
09:49:05.0658 0x1990 [ 492FB85E61768950CDD27C87AED6E8FA, 1BFF11D899581E406D1AB5F2C66C9D816161ECF4B81AAACCCA3663875E86C0A5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:49:05.0673 0x1990 BrokerInfrastructure - ok
09:49:05.0673 0x1990 [ A617BE5E429A035A1CA8217C1B16F0BB, 197EE6C6EB22FF8A626540886F5A2163CC4CB177504C5423856F54BF01EB0FF1 ] Browser C:\WINDOWS\System32\browser.dll
09:49:05.0689 0x1990 Browser - ok
09:49:05.0705 0x1990 [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys
09:49:05.0720 0x1990 BtFilter - ok
09:49:05.0720 0x1990 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:49:05.0736 0x1990 BthAvrcpTg - ok
09:49:05.0736 0x1990 [ A0718F7B48F08347800FB29844A6AF91, F43A8BCB1794D9EB8C09E95B3A672CBEA8C67034AD92ACEF3C897B5F2174B7AC ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
09:49:05.0752 0x1990 BthEnum - ok
09:49:05.0752 0x1990 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:49:05.0767 0x1990 BthHFEnum - ok
09:49:05.0767 0x1990 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:49:05.0783 0x1990 bthhfhid - ok
09:49:05.0783 0x1990 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:49:05.0798 0x1990 BthHFSrv - ok
09:49:05.0814 0x1990 [ 3B3BF88BB54CB9A18DE1EF07292B5A3D, 7B9C1E7E07435B976E4AE89425F10541E1DEB153172A375CBC2D03A4D7B7F3D2 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
09:49:05.0830 0x1990 BthLEEnum - ok
09:49:05.0830 0x1990 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:49:05.0845 0x1990 BTHMODEM - ok
09:49:05.0845 0x1990 [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
09:49:05.0861 0x1990 BthPan - ok
09:49:05.0877 0x1990 [ A289FE26F5D8B5121D84DDEE6241CC26, 76549DBC55ACDB53FDA8A4F87EC8A52408ADDED469D2F3DAAE54C0218B8A872E ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
09:49:05.0908 0x1990 BTHPORT - ok
09:49:05.0923 0x1990 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
09:49:05.0939 0x1990 bthserv - ok
09:49:05.0939 0x1990 [ 281439D412441B2A39B63D20EE3E5D88, CAE6312F622427309C07017508291EF02C7DE2EA3B1929745C1D9B4A069AE726 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
09:49:05.0955 0x1990 BTHUSB - ok
09:49:05.0955 0x1990 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:49:05.0970 0x1990 buttonconverter - ok
09:49:05.0970 0x1990 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:49:05.0986 0x1990 CapImg - ok
09:49:05.0986 0x1990 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:49:06.0002 0x1990 cdfs - ok
09:49:06.0017 0x1990 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:49:06.0033 0x1990 CDPSvc - ok
09:49:06.0033 0x1990 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:49:06.0048 0x1990 cdrom - ok
09:49:06.0048 0x1990 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:49:06.0064 0x1990 CertPropSvc - ok
09:49:06.0064 0x1990 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:49:06.0080 0x1990 circlass - ok
09:49:06.0095 0x1990 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:49:06.0111 0x1990 CLFS - ok
09:49:06.0111 0x1990 [ F7526C133AC265F283012E9CD751F873, 6AABDD92FD880F49F63C1CC478C3D8291AF670802CEC58B32730E7675D858D88 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:49:06.0127 0x1990 ClipSVC - ok
09:49:06.0142 0x1990 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:49:06.0158 0x1990 CmBatt - ok
09:49:06.0158 0x1990 [ 3B866F8CB10719A5AF9E410B1B149714, B0A32B526290ED8E1DD93C70AB49DD417B82CA23D6B815163131247091D61DBA ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:49:06.0189 0x1990 CNG - ok
09:49:06.0189 0x1990 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:49:06.0189 0x1990 cnghwassist - ok
09:49:06.0205 0x1990 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
09:49:06.0220 0x1990 CompositeBus - ok
09:49:06.0220 0x1990 COMSysApp - ok
09:49:06.0220 0x1990 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:49:06.0236 0x1990 condrv - ok
09:49:06.0252 0x1990 [ 86BE19C6A177AEB93302EA5C4FBE2D11, 5404AB84D270549B1A46574EBDC857525F71B117BE3BA0098FA0A696E56D5C39 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:49:06.0267 0x1990 CoreMessagingRegistrar - ok
09:49:06.0283 0x1990 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:49:06.0283 0x1990 CryptSvc - ok
09:49:06.0283 0x1990 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
09:49:06.0299 0x1990 dam - ok
09:49:06.0314 0x1990 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:49:06.0345 0x1990 DcomLaunch - ok
09:49:06.0345 0x1990 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
09:49:06.0361 0x1990 DcpSvc - ok
09:49:06.0377 0x1990 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:49:06.0392 0x1990 defragsvc - ok
09:49:06.0408 0x1990 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:49:06.0423 0x1990 DeviceAssociationService - ok
09:49:06.0423 0x1990 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:49:06.0439 0x1990 DeviceInstall - ok
09:49:06.0439 0x1990 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:49:06.0455 0x1990 DevQueryBroker - ok
09:49:06.0455 0x1990 [ 935823F79CBEDB91637B63D37E3A5A36, BE9A46F1CA631B9252C71758901D55456DC3C143053003D9FA7D67811A1E5026 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:49:06.0470 0x1990 Dfsc - ok
09:49:06.0470 0x1990 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:49:06.0486 0x1990 Dhcp - ok
09:49:06.0502 0x1990 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:49:06.0502 0x1990 diagnosticshub.standardcollector.service - ok
09:49:06.0533 0x1990 [ 15D174719872A30F2FDD6B5B1B8BA5D9, B0E6FF6FC47B731C204F110D4B768231906B144B31F602ECE8EAC24D70BA880D ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:49:06.0564 0x1990 DiagTrack - ok
09:49:06.0564 0x1990 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
09:49:06.0580 0x1990 disk - ok
09:49:06.0595 0x1990 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:49:06.0611 0x1990 DmEnrollmentSvc - ok
09:49:06.0611 0x1990 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:49:06.0627 0x1990 dmvsc - ok
09:49:06.0627 0x1990 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:49:06.0627 0x1990 dmwappushservice - ok
09:49:06.0642 0x1990 [ 5839A317C25F70979433E0905DFABB1B, 7F1CD50C77A33A10259D8A208A355BE7ECAFEA69F810AD908EF8878A792741AF ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:49:06.0658 0x1990 Dnscache - ok
09:49:06.0674 0x1990 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:49:06.0674 0x1990 dot3svc - ok
09:49:06.0689 0x1990 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
09:49:06.0705 0x1990 DPS - ok
09:49:06.0705 0x1990 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:49:06.0705 0x1990 drmkaud - ok
09:49:06.0720 0x1990 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:49:06.0720 0x1990 DsmSvc - ok
09:49:06.0736 0x1990 [ FBC8C56814642A7CA88ACBCA8DD1121F, 108690704A359991C3D6577477E232F5F2F46B36DF6B4B0738A893EF05D7D4EB ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:49:06.0752 0x1990 DsSvc - ok
09:49:06.0783 0x1990 [ 48D8729FACC784900B831212AE56F824, 6AAE1E78B84D0C12B99BE050B787AA167E6BA0B5AA621BEE0DB5312A4771DA63 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:49:06.0830 0x1990 DXGKrnl - ok
09:49:06.0830 0x1990 [ E716140ACA798A5EC48531F0739A0290, C585F1D9B08A406FE0ED35E07C2F20E793E67F8E153314A449701125C8EA7A4B ] e1iexpress C:\WINDOWS\System32\drivers\e1i63x64.sys
09:49:06.0861 0x1990 e1iexpress - ok
09:49:06.0861 0x1990 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:49:06.0877 0x1990 Eaphost - ok
09:49:06.0924 0x1990 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:49:07.0002 0x1990 ebdrv - ok
09:49:07.0002 0x1990 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
09:49:07.0002 0x1990 EFS - ok
09:49:07.0017 0x1990 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:49:07.0017 0x1990 EhStorClass - ok
09:49:07.0017 0x1990 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:49:07.0033 0x1990 EhStorTcgDrv - ok
09:49:07.0049 0x1990 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:49:07.0049 0x1990 embeddedmode - ok
09:49:07.0064 0x1990 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:49:07.0080 0x1990 EntAppSvc - ok
09:49:07.0080 0x1990 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:49:07.0080 0x1990 ErrDev - ok
09:49:07.0095 0x1990 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
09:49:07.0111 0x1990 EventSystem - ok
09:49:07.0127 0x1990 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:49:07.0142 0x1990 exfat - ok
09:49:07.0158 0x1990 [ C330883C06E2D4CE4F6982F048265D37, 26044DE176056B7F5BF2A50A659243CFD7F25CFEE035B3A3C3165B3699872926 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:49:07.0174 0x1990 fastfat - ok
09:49:07.0189 0x1990 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
09:49:07.0205 0x1990 Fax - ok
09:49:07.0220 0x1990 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:49:07.0220 0x1990 fdc - ok
09:49:07.0220 0x1990 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:49:07.0236 0x1990 fdPHost - ok
09:49:07.0236 0x1990 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:49:07.0252 0x1990 FDResPub - ok
09:49:07.0267 0x1990 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:49:07.0267 0x1990 fhsvc - ok
09:49:07.0283 0x1990 [ 8F2523C9D8F1448FF2156452AF60FA00, 1D39CA54F5F1E62385D9EC041F9445BDDCB63740859B9418AE904FDF3D8388ED ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:49:07.0283 0x1990 FileCrypt - ok
09:49:07.0283 0x1990 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:49:07.0298 0x1990 FileInfo - ok
09:49:07.0298 0x1990 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:49:07.0314 0x1990 Filetrace - ok
09:49:07.0314 0x1990 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:49:07.0330 0x1990 flpydisk - ok
09:49:07.0330 0x1990 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:49:07.0345 0x1990 FltMgr - ok
09:49:07.0380 0x1990 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
09:49:07.0427 0x1990 FontCache - ok
09:49:07.0427 0x1990 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:49:07.0443 0x1990 FsDepends - ok
09:49:07.0443 0x1990 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:49:07.0459 0x1990 Fs_Rec - ok
09:49:07.0459 0x1990 [ 50DFE05C698E9B0A63D95E3D669A105C, 3A7D5AE4A01B90C2ECF22AD2783A84C2329EAB9BACFA5237A7DCC3DC5995A864 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:49:07.0481 0x1990 fvevol - ok
09:49:07.0481 0x1990 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:49:07.0497 0x1990 gagp30kx - ok
09:49:07.0497 0x1990 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:49:07.0512 0x1990 gencounter - ok
09:49:07.0512 0x1990 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:49:07.0528 0x1990 genericusbfn - ok
09:49:07.0528 0x1990 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:49:07.0544 0x1990 GPIOClx0101 - ok
09:49:07.0559 0x1990 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:49:07.0612 0x1990 gpsvc - ok
09:49:07.0612 0x1990 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:49:07.0628 0x1990 GpuEnergyDrv - ok
09:49:07.0644 0x1990 [ 0F93EBE9071A6BB1548BF0F816EEA24B, 79A99544C00F59996980D299BFACA0463D86158BFA51C8045CE4FF4951779A44 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
09:49:07.0659 0x1990 HdAudAddService - ok
09:49:07.0659 0x1990 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:49:07.0677 0x1990 HDAudBus - ok
09:49:07.0681 0x1990 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:49:07.0683 0x1990 HidBatt - ok
09:49:07.0683 0x1990 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:49:07.0698 0x1990 HidBth - ok
09:49:07.0698 0x1990 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:49:07.0714 0x1990 hidi2c - ok
09:49:07.0714 0x1990 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:49:07.0730 0x1990 hidinterrupt - ok
09:49:07.0730 0x1990 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:49:07.0745 0x1990 HidIr - ok
09:49:07.0745 0x1990 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:49:07.0761 0x1990 hidserv - ok
09:49:07.0761 0x1990 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:49:07.0776 0x1990 HidUsb - ok
09:49:07.0776 0x1990 [ 7CEC266216126BC9A0E1072E1A7E5702, 6B2C0768C8F2590E65B9520D266C07D1A9D89B9E185CC359B0453F399836759F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:49:07.0792 0x1990 HomeGroupListener - ok
09:49:07.0808 0x1990 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:49:07.0823 0x1990 HomeGroupProvider - ok
09:49:07.0823 0x1990 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:49:07.0839 0x1990 HpSAMD - ok
09:49:07.0855 0x1990 [ 63C3F74DC398A1C1A77E39DFB9C312CA, 283A13899838B4313BFBC406E832042696C549640A1AB11E23C0B9E499289836 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:49:07.0886 0x1990 HTTP - ok
09:49:07.0886 0x1990 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:49:07.0886 0x1990 hwpolicy - ok
09:49:07.0901 0x1990 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:49:07.0901 0x1990 hyperkbd - ok
09:49:07.0917 0x1990 [ 40115A0F8E7FF9E786EBBD1D33D39AD7, 5190D3970950251CD0946521C428BF26BF7D68C2984B990B8EFDD406EC9CDFE1 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:49:07.0917 0x1990 HyperVideo - ok
09:49:07.0933 0x1990 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:49:07.0933 0x1990 i8042prt - ok
09:49:07.0948 0x1990 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
09:49:07.0964 0x1990 iai2c - ok
09:49:07.0964 0x1990 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:49:07.0980 0x1990 iaLPSS2i_I2C - ok
09:49:07.0980 0x1990 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:49:07.0995 0x1990 iaLPSSi_GPIO - ok
09:49:07.0995 0x1990 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:49:08.0011 0x1990 iaLPSSi_I2C - ok
09:49:08.0011 0x1990 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:49:08.0042 0x1990 iaStorAV - ok
09:49:08.0058 0x1990 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:49:08.0073 0x1990 iaStorV - ok
09:49:08.0073 0x1990 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:49:08.0089 0x1990 ibbus - ok
09:49:08.0105 0x1990 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:49:08.0120 0x1990 icssvc - ok
09:49:08.0120 0x1990 IEEtwCollectorService - ok
09:49:08.0136 0x1990 [ 95A03F67830FDCB950E70261128D540D, D052CB703500E2871CF51E015E444F2A99FA9A7579AC422104F0E411F6107BD0 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:49:08.0167 0x1990 IKEEXT - ok
09:49:08.0167 0x1990 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:49:08.0167 0x1990 intelide - ok
09:49:08.0183 0x1990 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:49:08.0183 0x1990 intelpep - ok
09:49:08.0198 0x1990 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:49:08.0214 0x1990 intelppm - ok
09:49:08.0214 0x1990 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
09:49:08.0214 0x1990 IoQos - ok
09:49:08.0230 0x1990 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:49:08.0230 0x1990 IpFilterDriver - ok
09:49:08.0245 0x1990 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:49:08.0276 0x1990 iphlpsvc - ok
09:49:08.0292 0x1990 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:49:08.0308 0x1990 IPMIDRV - ok
09:49:08.0308 0x1990 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:49:08.0323 0x1990 IPNAT - ok
09:49:08.0323 0x1990 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:49:08.0339 0x1990 IRENUM - ok
09:49:08.0339 0x1990 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:49:08.0339 0x1990 isapnp - ok
09:49:08.0355 0x1990 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:49:08.0370 0x1990 iScsiPrt - ok
09:49:08.0370 0x1990 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:49:08.0386 0x1990 kbdclass - ok
09:49:08.0386 0x1990 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:49:08.0401 0x1990 kbdhid - ok
09:49:08.0401 0x1990 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:49:08.0417 0x1990 kdnic - ok
09:49:08.0417 0x1990 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:49:08.0417 0x1990 KeyIso - ok
09:49:08.0433 0x1990 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:49:08.0448 0x1990 KSecDD - ok
09:49:08.0448 0x1990 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:49:08.0464 0x1990 KSecPkg - ok
09:49:08.0464 0x1990 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:49:08.0480 0x1990 ksthunk - ok
09:49:08.0480 0x1990 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:49:08.0511 0x1990 KtmRm - ok
09:49:08.0511 0x1990 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:49:08.0526 0x1990 LanmanServer - ok
09:49:08.0542 0x1990 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:49:08.0558 0x1990 LanmanWorkstation - ok
09:49:08.0558 0x1990 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:49:08.0558 0x1990 lfsvc - ok
09:49:08.0573 0x1990 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:49:08.0573 0x1990 LicenseManager - ok
09:49:08.0573 0x1990 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:49:08.0589 0x1990 lltdio - ok
09:49:08.0605 0x1990 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:49:08.0620 0x1990 lltdsvc - ok
09:49:08.0620 0x1990 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:49:08.0636 0x1990 lmhosts - ok
09:49:08.0636 0x1990 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:49:08.0651 0x1990 LSI_SAS - ok
09:49:08.0651 0x1990 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:49:08.0667 0x1990 LSI_SAS2i - ok
09:49:08.0667 0x1990 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:49:08.0683 0x1990 LSI_SAS3i - ok
09:49:08.0683 0x1990 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:49:08.0698 0x1990 LSI_SSS - ok
09:49:08.0711 0x1990 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
09:49:08.0731 0x1990 LSM - ok
09:49:08.0731 0x1990 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:49:08.0746 0x1990 luafv - ok
09:49:08.0746 0x1990 [ 56B24B359838BE86B013C2CFD38BDFC4, 38EA2D320F0CD80E3654AA1A5CA1CCAB1CA5519A562EEE41DC2E5EDF47CEF3F4 ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:49:08.0762 0x1990 MapsBroker - ok
09:49:08.0762 0x1990 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:49:08.0777 0x1990 megasas - ok
09:49:08.0793 0x1990 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:49:08.0809 0x1990 megasr - ok
09:49:08.0824 0x1990 [ 6D1671CB2E5402F01D2F13ECF764CAA1, 4778630F602FE8F9B9112DC5BB7A179632000D10D80C28E93711404108FCC6E0 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:49:08.0832 0x1990 MEIx64 - ok
09:49:08.0832 0x1990 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:49:08.0832 0x1990 MessagingService - ok
09:49:08.0847 0x1990 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:49:08.0878 0x1990 mlx4_bus - ok
09:49:08.0878 0x1990 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:49:08.0894 0x1990 MMCSS - ok
09:49:08.0894 0x1990 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:49:08.0910 0x1990 Modem - ok
09:49:08.0910 0x1990 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:49:08.0927 0x1990 monitor - ok
09:49:08.0931 0x1990 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:49:08.0931 0x1990 mouclass - ok
09:49:08.0931 0x1990 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:49:08.0947 0x1990 mouhid - ok
09:49:08.0947 0x1990 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:49:08.0963 0x1990 mountmgr - ok
09:49:08.0963 0x1990 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:49:08.0978 0x1990 mpsdrv - ok
09:49:08.0994 0x1990 [ 0B28F2ACE5103586D322AD98FAA01309, CE3053DEB6E452C6DCDFD371CF113EB0D740DED6C1C537CB749D1BE5E97FAB09 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:49:09.0027 0x1990 MpsSvc - ok
09:49:09.0031 0x1990 [ BF6CA7EA5ECD6CF72D3D76652A9B8280, 8EC031D0D8E75CB583B129CBA518701097697498621307108388FA05FBF604BB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:49:09.0047 0x1990 MRxDAV - ok
09:49:09.0047 0x1990 [ 0B3B0C1D86050355676640488FA897D3, DBED9D6F7AAFB11F4C00C1F69DB7A887A3058E5FA66615A1640242439822B60C ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:49:09.0062 0x1990 mrxsmb - ok
09:49:09.0078 0x1990 [ 1A490555FD330CA2764D89191177C867, 1004AE2F80BEA9A6DBA3E6B5D2DDFA44FBA253F7137D60B000B094699DE1CB12 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:49:09.0094 0x1990 mrxsmb10 - ok
09:49:09.0094 0x1990 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:49:09.0109 0x1990 mrxsmb20 - ok
09:49:09.0109 0x1990 [ A4411C522D41707D5BCA817A5BB9E30B, EF7505BE475ECAB2B5E66A7419EDAF42A7E7A65BAD3BBE346A8CEE5DD69782CC ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:49:09.0125 0x1990 MsBridge - ok
09:49:09.0140 0x1990 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:49:09.0156 0x1990 MSDTC - ok
09:49:09.0156 0x1990 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:49:09.0172 0x1990 Msfs - ok
09:49:09.0172 0x1990 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:49:09.0172 0x1990 msgpiowin32 - ok
09:49:09.0187 0x1990 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:49:09.0187 0x1990 mshidkmdf - ok
09:49:09.0203 0x1990 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:49:09.0203 0x1990 mshidumdf - ok
09:49:09.0203 0x1990 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:49:09.0219 0x1990 msisadrv - ok
09:49:09.0219 0x1990 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:49:09.0234 0x1990 MSiSCSI - ok
09:49:09.0234 0x1990 msiserver - ok
09:49:09.0234 0x1990 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:49:09.0250 0x1990 MSKSSRV - ok
09:49:09.0250 0x1990 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:49:09.0265 0x1990 MsLldp - ok
09:49:09.0265 0x1990 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:49:09.0281 0x1990 MSPCLOCK - ok
09:49:09.0281 0x1990 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:49:09.0297 0x1990 MSPQM - ok
09:49:09.0297 0x1990 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:49:09.0312 0x1990 MsRPC - ok
09:49:09.0312 0x1990 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:49:09.0328 0x1990 mssmbios - ok
09:49:09.0328 0x1990 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:49:09.0344 0x1990 MSTEE - ok
09:49:09.0344 0x1990 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:49:09.0359 0x1990 MTConfig - ok
09:49:09.0359 0x1990 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:49:09.0375 0x1990 Mup - ok
09:49:09.0375 0x1990 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:49:09.0390 0x1990 mvumis - ok
09:49:09.0390 0x1990 [ AA4CD20708B7E0412A5316D7E2875103, 4E60A0865B7656735F3AB34AF5FE48304138F47DE961D4D16661617D711DEBC0 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:49:09.0422 0x1990 NativeWifiP - ok
09:49:09.0422 0x1990 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:49:09.0437 0x1990 NcaSvc - ok
09:49:09.0437 0x1990 [ 24146738C422814EEB2A98FF1FC5C6E1, 3C70C6768681CE63DED339822EFB36194037B987D92456B9E955061A3A3C63BC ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:49:09.0453 0x1990 NcbService - ok
09:49:09.0453 0x1990 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:49:09.0469 0x1990 NcdAutoSetup - ok
09:49:09.0469 0x1990 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:49:09.0484 0x1990 ndfltr - ok
09:49:09.0500 0x1990 [ E582DA849A58524E645545FB68B6625D, B74E2CF078F6C575EFC4A2E4293D03FE6BA933307D656E0E57FFA17EF324948D ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:49:09.0531 0x1990 NDIS - ok
09:49:09.0531 0x1990 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:49:09.0547 0x1990 NdisCap - ok
09:49:09.0547 0x1990 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:49:09.0562 0x1990 NdisImPlatform - ok
09:49:09.0562 0x1990 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:49:09.0578 0x1990 NdisTapi - ok
09:49:09.0578 0x1990 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:49:09.0594 0x1990 Ndisuio - ok
09:49:09.0594 0x1990 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:49:09.0609 0x1990 NdisVirtualBus - ok
09:49:09.0609 0x1990 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:49:09.0625 0x1990 NdisWan - ok
09:49:09.0625 0x1990 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:49:09.0640 0x1990 ndiswanlegacy - ok
09:49:09.0640 0x1990 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:49:09.0656 0x1990 ndproxy - ok
09:49:09.0672 0x1990 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:49:09.0672 0x1990 Ndu - ok
09:49:09.0672 0x1990 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:49:09.0687 0x1990 NetBIOS - ok
09:49:09.0687 0x1990 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:49:09.0703 0x1990 NetBT - ok
09:49:09.0703 0x1990 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:49:09.0719 0x1990 Netlogon - ok
09:49:09.0719 0x1990 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
09:49:09.0734 0x1990 Netman - ok
09:49:09.0750 0x1990 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:49:09.0765 0x1990 netprofm - ok
09:49:09.0781 0x1990 [ 9C6EE1DE9CF7B77FF550A737816EB6DB, 586D561E1A318778668D148B8367D1F7452E770D1743ED5F8EE6EAB03DB31916 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:49:09.0781 0x1990 NetSetupSvc - ok
09:49:09.0797 0x1990 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:49:09.0812 0x1990 NetTcpPortSharing - ok
09:49:09.0812 0x1990 [ 2BB62723C835F75F0C7C9E6A736881FB, CBA690F5205BE8AE1E8ED8A47BC1594E05391DAC30AAEE0A055366F24602346C ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
09:49:09.0828 0x1990 netvsc - ok
09:49:09.0828 0x1990 [ 0FB83658FBB2C5A18AB98C5C94DB9FAF, 2D15A49F47D8185D7914D26916D1237FCBE2F8351A64877CDDDDE26E766C3D2F ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:49:09.0844 0x1990 NgcCtnrSvc - ok
09:49:09.0859 0x1990 [ 7AAA9916AA10F4B0E9743798A5BA6549, 2E38EEF3F487A7DD0B719A048FFA0EB36B2487A1068BB322553E9DD2FCE46711 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
09:49:09.0875 0x1990 NgcSvc - ok
09:49:09.0890 0x1990 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:49:09.0906 0x1990 NlaSvc - ok
09:49:09.0906 0x1990 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:49:09.0922 0x1990 Npfs - ok
09:49:09.0922 0x1990 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:49:09.0937 0x1990 npsvctrig - ok
09:49:09.0937 0x1990 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
09:49:09.0937 0x1990 nsi - ok
09:49:09.0953 0x1990 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:49:09.0953 0x1990 nsiproxy - ok
09:49:09.0984 0x1990 [ 19BD8A88AAC580592668B070AC0727D9, 60DB84895C40E6412BEB2D0E4D7F05891446B9DE992D70579CC90BA3FB27FC01 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
09:49:10.0047 0x1990 NTFS - ok
09:49:10.0047 0x1990 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:49:10.0062 0x1990 Null - ok
09:49:10.0062 0x1990 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:49:10.0078 0x1990 nvraid - ok
09:49:10.0078 0x1990 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:49:10.0094 0x1990 nvstor - ok
09:49:10.0094 0x1990 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:49:10.0109 0x1990 nv_agp - ok
09:49:10.0109 0x1990 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:49:10.0140 0x1990 OneSyncSvc - ok
09:49:10.0140 0x1990 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:49:10.0156 0x1990 p2pimsvc - ok
09:49:10.0172 0x1990 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:49:10.0187 0x1990 p2psvc - ok
09:49:10.0187 0x1990 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:49:10.0203 0x1990 Parport - ok
09:49:10.0203 0x1990 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:49:10.0219 0x1990 partmgr - ok
09:49:10.0219 0x1990 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:49:10.0234 0x1990 PcaSvc - ok
09:49:10.0250 0x1990 [ CFFE69B6C276A3418687109EA8AC9E7D, A516B2F4BFB0CD8B38219E3BF783C0BD99CD9EA1BACBE2284987F6DC0976BD36 ] pci C:\WINDOWS\system32\drivers\pci.sys
09:49:10.0265 0x1990 pci - ok
09:49:10.0265 0x1990 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:49:10.0265 0x1990 pciide - ok
09:49:10.0281 0x1990 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:49:10.0297 0x1990 pcmcia - ok
09:49:10.0297 0x1990 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:49:10.0297 0x1990 pcw - ok
09:49:10.0312 0x1990 [ 67B9684B8272D5EBD1CCBB1DBD425EC8, 09BE2A2EB3A71E594D08B8D817820965DEEAD283029EBB0B74CCC658A2706233 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:49:10.0312 0x1990 pdc - ok
09:49:10.0328 0x1990 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:49:10.0359 0x1990 PEAUTH - ok
09:49:10.0375 0x1990 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:49:10.0375 0x1990 percsas2i - ok
09:49:10.0390 0x1990 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:49:10.0390 0x1990 percsas3i - ok
09:49:10.0422 0x1990 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:49:10.0422 0x1990 PerfHost - ok
09:49:10.0437 0x1990 [ 57606281E23B0F53347527691E947B2B, 7030182E706CEBE6BD52BDC71CA8F2230AD445AE6554188E76F09A5E2612BD2E ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
09:49:10.0469 0x1990 PhoneSvc - ok
09:49:10.0484 0x1990 [ 04F7878E7017105AB782353231561749, FB2811D98216720D4FDF0AC0EDF16C6CD33D7224B4CAFA752B4D2A839E6DD88A ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:49:10.0500 0x1990 PimIndexMaintenanceSvc - ok
09:49:10.0515 0x1990 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
09:49:10.0562 0x1990 pla - ok
09:49:10.0562 0x1990 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:49:10.0578 0x1990 PlugPlay - ok
09:49:10.0578 0x1990 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:49:10.0594 0x1990 PNRPAutoReg - ok
09:49:10.0609 0x1990 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:49:10.0609 0x1990 PNRPsvc - ok
09:49:10.0625 0x1990 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:49:10.0656 0x1990 PolicyAgent - ok
09:49:10.0656 0x1990 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
09:49:10.0672 0x1990 Power - ok
09:49:10.0672 0x1990 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:49:10.0687 0x1990 PptpMiniport - ok
09:49:10.0734 0x1990 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
09:49:10.0812 0x1990 PrintNotify - ok
09:49:10.0812 0x1990 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:49:10.0828 0x1990 Processor - ok
09:49:10.0844 0x1990 [ 7E0078F1EFEB6F8F47CF85C1D73C7EBC, 831BC3CE72F29AD259DEE7121D6F785CE0A8462CFB69DD7FB1F3BDAF16CDBF3E ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:49:10.0859 0x1990 ProfSvc - ok
09:49:10.0859 0x1990 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:49:10.0875 0x1990 Psched - ok
09:49:10.0875 0x1990 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:49:10.0890 0x1990 QWAVE - ok
09:49:10.0890 0x1990 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:49:10.0906 0x1990 QWAVEdrv - ok
09:49:10.0906 0x1990 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:49:10.0922 0x1990 RasAcd - ok
09:49:10.0922 0x1990 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:49:10.0937 0x1990 RasAgileVpn - ok
09:49:10.0937 0x1990 [ D60BA4C76D194472D6602FF3D2D51ADE, 01272663897685C75FFBC3F1C0CFDB8D0E1A58182049E0B607D634536A8F6400 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:49:10.0953 0x1990 RasAuto - ok
09:49:10.0953 0x1990 [ E3C82823B22463BC38AA4F8ADA852624, FF601B117F4003E2CC65B6143C2A270331EB257EE82B3BC020247D1AB1CD625F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:49:10.0969 0x1990 Rasl2tp - ok
09:49:10.0984 0x1990 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:49:11.0000 0x1990 RasMan - ok
09:49:11.0000 0x1990 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
09:49:11.0015 0x1990 RasPppoe - ok
09:49:11.0015 0x1990 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:49:11.0031 0x1990 RasSstp - ok
09:49:11.0047 0x1990 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:49:11.0062 0x1990 rdbss - ok
09:49:11.0062 0x1990 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:49:11.0078 0x1990 rdpbus - ok
09:49:11.0078 0x1990 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:49:11.0094 0x1990 RDPDR - ok
09:49:11.0094 0x1990 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:49:11.0109 0x1990 RdpVideoMiniport - ok
09:49:11.0109 0x1990 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:49:11.0125 0x1990 rdyboost - ok
09:49:11.0156 0x1990 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:49:11.0172 0x1990 ReFSv1 - ok
09:49:11.0187 0x1990 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:49:11.0203 0x1990 RemoteAccess - ok
09:49:11.0219 0x1990 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:49:11.0234 0x1990 RemoteRegistry - ok
09:49:11.0250 0x1990 [ CFF943806EBAD5CFAC26FD3DF304E79F, 4992AFB7CE3E2117A11B97FD92ED2EC02183D461F89179B6EA42C8F5AC973374 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:49:11.0281 0x1990 RetailDemo - ok
09:49:11.0281 0x1990 [ AEEF76F938188EBF27DF70C1806877F2, 08560C5DE13EBC46EE77F369E92B89350135D5E01A2AF61AA2EA46BEC41EEDD6 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
09:49:11.0297 0x1990 RFCOMM - ok
09:49:11.0297 0x1990 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:49:11.0312 0x1990 RpcEptMapper - ok
09:49:11.0312 0x1990 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:49:11.0328 0x1990 RpcLocator - ok
09:49:11.0344 0x1990 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:49:11.0359 0x1990 RpcSs - ok
09:49:11.0359 0x1990 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:49:11.0375 0x1990 rspndr - ok
09:49:11.0375 0x1990 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:49:11.0390 0x1990 s3cap - ok
09:49:11.0390 0x1990 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
09:49:11.0406 0x1990 SamSs - ok
09:49:11.0406 0x1990 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:49:11.0422 0x1990 sbp2port - ok
09:49:11.0422 0x1990 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:49:11.0437 0x1990 SCardSvr - ok
09:49:11.0437 0x1990 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:49:11.0453 0x1990 ScDeviceEnum - ok
09:49:11.0453 0x1990 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:49:11.0469 0x1990 scfilter - ok
09:49:11.0484 0x1990 [ EA195B8BC11C1CDB313CFD456EFFA0E9, EEDF349C59ED0645B04040707906BB4496527243858C2A6BE46BE7029B4A7F37 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:49:11.0515 0x1990 Schedule - ok
09:49:11.0531 0x1990 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:49:11.0531 0x1990 SCPolicySvc - ok
09:49:11.0547 0x1990 [ B24408471C1BCB17FC44F5B47EA8DEA3, 1CFE07C793F2A3D883E9071B8703C01A7619C8C0A02AAEBAA1130F36654AFD4F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:49:11.0562 0x1990 sdbus - ok
09:49:11.0562 0x1990 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:49:11.0578 0x1990 SDRSVC - ok
09:49:11.0578 0x1990 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:49:11.0594 0x1990 sdstor - ok
09:49:11.0594 0x1990 [ EBD07BD20B5E0E92A398566EF8720F79, 8A88C861D4113B9938C32CBD28FD3D7F1C3133E700E23E17F5DFD7B26CCDA04A ] seclogon C:\WINDOWS\system32\seclogon.dll
09:49:11.0609 0x1990 seclogon - ok
09:49:11.0609 0x1990 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
09:49:11.0625 0x1990 SENS - ok
09:49:11.0640 0x1990 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:49:11.0687 0x1990 SensorDataService - ok
09:49:11.0687 0x1990 [ 45D26646E3AD737E5DE3DB91CCCE7DBA, B05AB32700998C8347BC5797B18EB97F303FCB2302BED852348F2703DEDE72F9 ] SensorService C:\WINDOWS\system32\SensorService.dll
09:49:11.0703 0x1990 SensorService - ok
09:49:11.0719 0x1990 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:49:11.0719 0x1990 SensrSvc - ok
09:49:11.0734 0x1990 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:49:11.0734 0x1990 SerCx - ok
09:49:11.0750 0x1990 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:49:11.0750 0x1990 SerCx2 - ok
09:49:11.0765 0x1990 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:49:11.0765 0x1990 Serenum - ok
09:49:11.0765 0x1990 [ 249A563C48DFD9E42A37587653E003BB, D022FAE2B7AC9D99B9F230A4DF0B045891588162587E1F468B5E05C8DA98AA9A ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:49:11.0781 0x1990 Serial - ok
09:49:11.0781 0x1990 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:49:11.0797 0x1990 sermouse - ok
09:49:11.0812 0x1990 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:49:11.0812 0x1990 SessionEnv - ok
09:49:11.0828 0x1990 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:49:11.0828 0x1990 sfloppy - ok
09:49:11.0844 0x1990 [ F8083C536BEDE61AFB4069D8A8C16DA7, 13AADAD7B5582911B8ABBE0CF7132CC517F7413A361CCF8ED502F803D061FFA3 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:49:11.0859 0x1990 SharedAccess - ok
09:49:11.0875 0x1990 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:49:11.0906 0x1990 ShellHWDetection - ok
09:49:11.0906 0x1990 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:49:11.0922 0x1990 SiSRaid2 - ok
09:49:11.0922 0x1990 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:49:11.0937 0x1990 SiSRaid4 - ok
09:49:11.0937 0x1990 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
09:49:11.0953 0x1990 smphost - ok
09:49:11.0953 0x1990 [ F07301C282AA222C33F8C28B4F545275, 2938943A3A62B33C8296DF3B57897D32293F5395A5E2A01C76B0160A98C12520 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:49:11.0984 0x1990 SmsRouter - ok
09:49:11.0984 0x1990 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:49:12.0000 0x1990 SNMPTRAP - ok
09:49:12.0000 0x1990 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:49:12.0031 0x1990 spaceport - ok
09:49:12.0031 0x1990 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:49:12.0047 0x1990 SpbCx - ok
09:49:12.0062 0x1990 [ D1241DFC397FA8CCFB4BB4B63AAD31AC, F8C57C2F7CA8B6D8FEE1505A143A3FECF502C8DCFFC375F9C8848A87D9714C9E ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:49:12.0078 0x1990 Spooler - ok
09:49:12.0172 0x1990 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:49:12.0281 0x1990 sppsvc - ok
09:49:12.0297 0x1990 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:49:12.0328 0x1990 srv - ok
09:49:12.0328 0x1990 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:49:12.0359 0x1990 srv2 - ok
09:49:12.0359 0x1990 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:49:12.0390 0x1990 srvnet - ok
09:49:12.0390 0x1990 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:49:12.0406 0x1990 SSDPSRV - ok
09:49:12.0406 0x1990 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:49:12.0422 0x1990 SstpSvc - ok
09:49:12.0469 0x1990 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:49:12.0531 0x1990 StateRepository - ok
09:49:12.0531 0x1990 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:49:12.0547 0x1990 stexstor - ok
09:49:12.0562 0x1990 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:49:12.0578 0x1990 stisvc - ok
09:49:12.0578 0x1990 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:49:12.0594 0x1990 storahci - ok
09:49:12.0594 0x1990 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:49:12.0609 0x1990 storflt - ok
09:49:12.0609 0x1990 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:49:12.0625 0x1990 stornvme - ok
09:49:12.0625 0x1990 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:49:12.0625 0x1990 storqosflt - ok
09:49:12.0640 0x1990 [ FE42F8A07885E518ED1E846C93E4B78C, 264B21A5E07654F159A3E324F3B38A8C11AF619F61B5779A46367DD99EBD00A6 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:49:12.0672 0x1990 StorSvc - ok
|
|
06.06.2016, 09:11
| #2 |
| | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll"Code:
ATTFilter 09:49:12.0672 0x1990 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:49:12.0672 0x1990 storufs - ok
09:49:12.0687 0x1990 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:49:12.0687 0x1990 storvsc - ok
09:49:12.0703 0x1990 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
09:49:12.0703 0x1990 svsvc - ok
09:49:12.0703 0x1990 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:49:12.0719 0x1990 swenum - ok
09:49:12.0734 0x1990 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
09:49:12.0750 0x1990 swprv - ok
09:49:12.0750 0x1990 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:49:12.0765 0x1990 Synth3dVsc - ok
09:49:12.0781 0x1990 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
09:49:12.0812 0x1990 SysMain - ok
09:49:12.0828 0x1990 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:49:12.0844 0x1990 SystemEventsBroker - ok
09:49:12.0844 0x1990 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:49:12.0859 0x1990 TabletInputService - ok
09:49:12.0859 0x1990 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:49:12.0875 0x1990 TapiSrv - ok
09:49:12.0906 0x1990 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:49:12.0953 0x1990 Tcpip - ok
09:49:12.0984 0x1990 [ 083A727D784009F9CCFB120C7841B7AF, 14242ECC3EB17154AD856A2C5229324BA6914291F4E2CD93E6AE251A31130448 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:49:13.0031 0x1990 Tcpip6 - ok
09:49:13.0031 0x1990 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:49:13.0047 0x1990 tcpipreg - ok
09:49:13.0062 0x1990 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:49:13.0062 0x1990 tdx - ok
09:49:13.0078 0x1990 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:49:13.0078 0x1990 terminpt - ok
09:49:13.0094 0x1990 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
09:49:13.0125 0x1990 TermService - ok
09:49:13.0140 0x1990 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
09:49:13.0156 0x1990 Themes - ok
09:49:13.0156 0x1990 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:49:13.0187 0x1990 TieringEngineService - ok
09:49:13.0187 0x1990 [ 82BC3D304654F8EBEFABDDC2AD70AFE3, 466334A46F6579E7C3F619B15243B270AACE9D04FE06E5228B4759FD619BDDD9 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:49:13.0203 0x1990 tiledatamodelsvc - ok
09:49:13.0219 0x1990 [ 7E81E3E0D7F83BFE3C3975020B6C7F12, 316F9415646CC7A4E9A5F1E07310D433457E623B3E589543E4A6C73C4F77712C ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:49:13.0234 0x1990 TimeBroker - ok
09:49:13.0234 0x1990 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
09:49:13.0250 0x1990 TPM - ok
09:49:13.0250 0x1990 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:49:13.0265 0x1990 TrkWks - ok
09:49:13.0265 0x1990 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:49:13.0281 0x1990 TrustedInstaller - ok
09:49:13.0281 0x1990 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:49:13.0281 0x1990 tsusbflt - ok
09:49:13.0297 0x1990 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:49:13.0297 0x1990 TsUsbGD - ok
09:49:13.0312 0x1990 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
09:49:13.0328 0x1990 tunnel - ok
09:49:13.0328 0x1990 [ 56C238ACFE4CB020D3E38508249039EA, 172868080F07D98175229A02410FE751B5958ED5A3D567D4AE5736F4025DF432 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
09:49:13.0328 0x1990 tzautoupdate - ok
09:49:13.0344 0x1990 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:49:13.0344 0x1990 uagp35 - ok
09:49:13.0359 0x1990 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:49:13.0375 0x1990 UASPStor - ok
09:49:13.0375 0x1990 [ 82D3B1F4D80057826AA649D78147DE36, 344A738F6866BFD3095BB802206DDB2F9E9AD89DC39CAA7DE96455F410683829 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:49:13.0390 0x1990 UcmCx0101 - ok
09:49:13.0390 0x1990 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:49:13.0406 0x1990 UcmUcsi - ok
09:49:13.0406 0x1990 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:49:13.0422 0x1990 Ucx01000 - ok
09:49:13.0422 0x1990 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:49:13.0437 0x1990 UdeCx - ok
09:49:13.0437 0x1990 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:49:13.0469 0x1990 udfs - ok
09:49:13.0469 0x1990 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:49:13.0469 0x1990 UEFI - ok
09:49:13.0484 0x1990 [ 28B8E1C6CBCF9FFE2FABFF3160C26ADF, 1C90E6C4E17C9B5555151943970BB6CC196E7EFC6665D9B9DCBB1EC51C70C715 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:49:13.0500 0x1990 Ufx01000 - ok
09:49:13.0500 0x1990 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:49:13.0515 0x1990 UfxChipidea - ok
09:49:13.0515 0x1990 [ 2A87EA182EA333D79AA0B03833EA67F2, 227792A8B4E63CF60A3DEECF829448C8FD59A40DEF3F42414E432820F8D34F64 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:49:13.0531 0x1990 ufxsynopsys - ok
09:49:13.0531 0x1990 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:49:13.0547 0x1990 UI0Detect - ok
09:49:13.0547 0x1990 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:49:13.0562 0x1990 uliagpkx - ok
09:49:13.0562 0x1990 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:49:13.0578 0x1990 umbus - ok
09:49:13.0594 0x1990 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:49:13.0594 0x1990 UmPass - ok
09:49:13.0609 0x1990 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:49:13.0625 0x1990 UmRdpService - ok
09:49:13.0640 0x1990 [ CB902A15DD21B363FECA5DCCF34F5C57, 6A0836A12A410EBD5C667982852B58CA9E9EDB11EA666C413CC0F811E01A549D ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:49:13.0672 0x1990 UnistoreSvc - ok
09:49:13.0687 0x1990 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
09:49:13.0703 0x1990 upnphost - ok
09:49:13.0719 0x1990 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:49:13.0734 0x1990 UrsChipidea - ok
09:49:13.0734 0x1990 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:49:13.0750 0x1990 UrsCx01000 - ok
09:49:13.0750 0x1990 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:49:13.0750 0x1990 UrsSynopsys - ok
09:49:13.0765 0x1990 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:49:13.0781 0x1990 usbccgp - ok
09:49:13.0781 0x1990 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:49:13.0797 0x1990 usbcir - ok
09:49:13.0797 0x1990 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:49:13.0812 0x1990 usbehci - ok
09:49:13.0828 0x1990 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:49:13.0844 0x1990 usbhub - ok
09:49:13.0859 0x1990 [ E7463CE8579A0418A98BE9BE42C647D7, 923CD51C82FCF9DC4E9EEA99E53634EE07EBF62FB5DFC337F01309D7D5C7622C ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:49:13.0875 0x1990 USBHUB3 - ok
09:49:13.0875 0x1990 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:49:13.0890 0x1990 usbohci - ok
09:49:13.0890 0x1990 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:49:13.0906 0x1990 usbprint - ok
09:49:13.0906 0x1990 [ 4AAD6547953D373A1EB5B2DF583D868B, 4E3DCEC9644550996C314FCC39F885DDE4AA7AD821B8596D96C5BEA5D60795F7 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:49:13.0922 0x1990 usbser - ok
09:49:13.0922 0x1990 [ 8949F77132A4F8F3BA17C6727099F002, 86AD4A2263B34983335180FDAE775D1744E042D2A11300D27DF546F15F285A25 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:49:13.0937 0x1990 USBSTOR - ok
09:49:13.0937 0x1990 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:49:13.0953 0x1990 usbuhci - ok
09:49:13.0953 0x1990 [ 9E9D58F5E1702955B2F4D62996F80E8E, 6C21C250B9D98346D0D5CB7D6C11AB120A1D195C28313BDB0CE532663F0114E2 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:49:13.0969 0x1990 USBXHCI - ok
09:49:14.0000 0x1990 [ 2771EBB565F5C121E66060B173991D4D, 1EB34A6262A18E47ADCA392FDB2D58E8428A1CA43EB4196D76A897F74A03CA7F ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:49:14.0031 0x1990 UserDataSvc - ok
09:49:14.0047 0x1990 [ 36EC82F0E399F36BD25F593D63DC144A, 2A9E916A098ACD5A5074A5FD053ECAB027A0932A348C728F20CD63EF16289533 ] UserManager C:\WINDOWS\System32\usermgr.dll
09:49:14.0078 0x1990 UserManager - ok
09:49:14.0094 0x1990 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:49:14.0109 0x1990 UsoSvc - ok
09:49:14.0109 0x1990 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:49:14.0109 0x1990 VaultSvc - ok
09:49:14.0109 0x1990 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:49:14.0125 0x1990 vdrvroot - ok
09:49:14.0140 0x1990 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
09:49:14.0172 0x1990 vds - ok
09:49:14.0172 0x1990 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:49:14.0187 0x1990 VerifierExt - ok
09:49:14.0203 0x1990 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:49:14.0219 0x1990 vhdmp - ok
09:49:14.0219 0x1990 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:49:14.0234 0x1990 vhf - ok
09:49:14.0234 0x1990 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:49:14.0250 0x1990 vmbus - ok
09:49:14.0250 0x1990 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:49:14.0265 0x1990 VMBusHID - ok
09:49:14.0265 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
09:49:14.0297 0x1990 vmicguestinterface - ok
09:49:14.0297 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:49:14.0312 0x1990 vmicheartbeat - ok
09:49:14.0328 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:49:14.0344 0x1990 vmickvpexchange - ok
09:49:14.0344 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:49:14.0375 0x1990 vmicrdv - ok
09:49:14.0375 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:49:14.0390 0x1990 vmicshutdown - ok
09:49:14.0406 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:49:14.0422 0x1990 vmictimesync - ok
09:49:14.0422 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
09:49:14.0453 0x1990 vmicvmsession - ok
09:49:14.0453 0x1990 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:49:14.0469 0x1990 vmicvss - ok
09:49:14.0469 0x1990 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:49:14.0484 0x1990 volmgr - ok
09:49:14.0500 0x1990 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:49:14.0515 0x1990 volmgrx - ok
09:49:14.0515 0x1990 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:49:14.0531 0x1990 volsnap - ok
09:49:14.0531 0x1990 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:49:14.0547 0x1990 vpci - ok
09:49:14.0562 0x1990 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:49:14.0562 0x1990 vsmraid - ok
09:49:14.0594 0x1990 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
09:49:14.0640 0x1990 VSS - ok
09:49:14.0640 0x1990 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:49:14.0656 0x1990 VSTXRAID - ok
09:49:14.0656 0x1990 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:49:14.0672 0x1990 vwifibus - ok
09:49:14.0672 0x1990 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:49:14.0687 0x1990 vwififlt - ok
09:49:14.0687 0x1990 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
09:49:14.0703 0x1990 vwifimp - ok
09:49:14.0719 0x1990 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
09:49:14.0750 0x1990 W32Time - ok
09:49:14.0750 0x1990 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:49:14.0765 0x1990 WacomPen - ok
09:49:14.0765 0x1990 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
09:49:14.0781 0x1990 WalletService - ok
09:49:14.0797 0x1990 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:49:14.0812 0x1990 wanarp - ok
09:49:14.0812 0x1990 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:49:14.0812 0x1990 wanarpv6 - ok
09:49:14.0850 0x1990 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
09:49:14.0882 0x1990 wbengine - ok
09:49:14.0897 0x1990 [ 642EFABF900374FA85639D83B5533AFD, 292692D6AAC2A785D237ADFBC7CA3D379E8FC79FA366A8CE7D06F5CA5CE6866B ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:49:14.0929 0x1990 WbioSrvc - ok
09:49:14.0929 0x1990 [ 0BF8D8C7EC9FB15D6480A12101E88B71, E7BC6A4E53D8C9D73BF83097DFE43ED8038B7BED0AE56E5AF7983F74562F15A3 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:49:14.0962 0x1990 Wcmsvc - ok
09:49:14.0966 0x1990 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:49:14.0982 0x1990 wcncsvc - ok
09:49:14.0982 0x1990 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:49:14.0997 0x1990 WcsPlugInService - ok
09:49:14.0997 0x1990 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:49:15.0013 0x1990 WdBoot - ok
09:49:15.0028 0x1990 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:49:15.0044 0x1990 Wdf01000 - ok
09:49:15.0044 0x1990 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:49:15.0066 0x1990 WdFilter - ok
09:49:15.0066 0x1990 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:49:15.0081 0x1990 WdiServiceHost - ok
09:49:15.0081 0x1990 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:49:15.0097 0x1990 WdiSystemHost - ok
09:49:15.0113 0x1990 [ 2BC2E99623119521EEF7910A11D0FDE0, 3F3E48A79534F0F65F961D9B170D534562E04901B630127B16DF02E6D42F2BBF ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:49:15.0144 0x1990 wdiwifi - ok
09:49:15.0144 0x1990 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:49:15.0159 0x1990 WdNisDrv - ok
09:49:15.0159 0x1990 WdNisSvc - ok
09:49:15.0159 0x1990 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:49:15.0175 0x1990 WebClient - ok
09:49:15.0191 0x1990 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:49:15.0206 0x1990 Wecsvc - ok
09:49:15.0206 0x1990 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:49:15.0222 0x1990 WEPHOSTSVC - ok
09:49:15.0222 0x1990 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:49:15.0238 0x1990 wercplsupport - ok
09:49:15.0238 0x1990 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:49:15.0253 0x1990 WerSvc - ok
09:49:15.0253 0x1990 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:49:15.0269 0x1990 WFPLWFS - ok
09:49:15.0269 0x1990 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:49:15.0284 0x1990 WiaRpc - ok
09:49:15.0284 0x1990 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:49:15.0284 0x1990 WIMMount - ok
09:49:15.0300 0x1990 WinDefend - ok
09:49:15.0300 0x1990 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:49:15.0316 0x1990 WindowsTrustedRT - ok
09:49:15.0316 0x1990 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:49:15.0316 0x1990 WindowsTrustedRTProxy - ok
09:49:15.0331 0x1990 [ FFD04E8263FC9CDB89BAD8C27C337223, 7021161D354F1536DA261D001524B92301466631DCFA161A7C6355AAC86BBE40 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:49:15.0363 0x1990 WinHttpAutoProxySvc - ok
09:49:15.0363 0x1990 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:49:15.0378 0x1990 WinMad - ok
09:49:15.0378 0x1990 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:49:15.0394 0x1990 Winmgmt - ok
09:49:15.0425 0x1990 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:49:15.0503 0x1990 WinRM - ok
09:49:15.0503 0x1990 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:49:15.0519 0x1990 WINUSB - ok
09:49:15.0519 0x1990 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:49:15.0534 0x1990 WinVerbs - ok
09:49:15.0566 0x1990 [ 453740989239803FE363FF8B40EA2E08, 25499705627C38D3431B3C336E0CF3BF55ABB0C461B88DA6D3767CAAE1E2B893 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:49:15.0628 0x1990 WlanSvc - ok
09:49:15.0659 0x1990 [ E48BBF1363F843E030757EC190DD33E6, B37199495115ED423BA99B7317377CE865BB482D4E847861E871480AC49D4A84 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:49:15.0706 0x1990 wlidsvc - ok
09:49:15.0706 0x1990 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:49:15.0722 0x1990 WmiAcpi - ok
09:49:15.0722 0x1990 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:49:15.0738 0x1990 wmiApSrv - ok
09:49:15.0738 0x1990 WMPNetworkSvc - ok
09:49:15.0753 0x1990 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:49:15.0753 0x1990 Wof - ok
09:49:15.0784 0x1990 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:49:15.0847 0x1990 workfolderssvc - ok
09:49:15.0847 0x1990 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:49:15.0863 0x1990 wpcfltr - ok
09:49:15.0863 0x1990 [ 45FA01F8B7971ACB65202038E34D04A3, 9B2C2ABC7DB716295B0BD0AF04DA08E6B4200D7CF1C7DB59DD8FD8FEBD56D94C ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:49:15.0863 0x1990 WPDBusEnum - ok
09:49:15.0878 0x1990 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:49:15.0878 0x1990 WpdUpFltr - ok
09:49:15.0894 0x1990 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
09:49:15.0894 0x1990 WpnService - ok
09:49:15.0894 0x1990 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:49:15.0909 0x1990 ws2ifsl - ok
09:49:15.0909 0x1990 [ 9C17CF2D05F8DA5AC66880B6BEE64E7D, 8930079A1AFA97657BE567038EE57C988D3DE9A6C24EA46160E2974837082535 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:49:15.0925 0x1990 wscsvc - ok
09:49:15.0925 0x1990 WSearch - ok
09:49:15.0972 0x1990 [ 6E04BBE242E2889B37300C4DF5CE1126, FBDAEAC62C48A4FC5EF412AE47FF10590AE83E8871412F76F6F9BAE910542DFA ] WSService C:\WINDOWS\System32\WSService.dll
09:49:16.0050 0x1990 WSService - ok
09:49:16.0081 0x1990 [ 8A88DBA247BFF23BD284C2189F41FDA5, 86A617CB7C7473306DA2889AA30B488ABB9B824F7DCA31AA675DA6EB3974887C ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:49:16.0144 0x1990 wuauserv - ok
09:49:16.0144 0x1990 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:49:16.0159 0x1990 WudfPf - ok
09:49:16.0159 0x1990 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:49:16.0175 0x1990 WUDFRd - ok
09:49:16.0175 0x1990 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:49:16.0191 0x1990 wudfsvc - ok
09:49:16.0191 0x1990 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:49:16.0206 0x1990 WUDFWpdFs - ok
09:49:16.0222 0x1990 [ 5DA95027DF2317174E8C39B4A8D1FCD8, 99B356411CB08B8BCCF2348DBF1FD5D4F417EA509D9C7CE23E5877C333F4D304 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:49:16.0253 0x1990 WwanSvc - ok
09:49:16.0284 0x1990 [ 5DFAF8BE5A3CABAABF6795BC09EB7876, 1AFD0BC50EA5C2CCB2874E97FE5205175C80849BD6C9BDAF9FBC49174D478997 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:49:16.0316 0x1990 XblAuthManager - ok
09:49:16.0331 0x1990 [ 7118498F6E48758A2EF5A7D1982E2B62, 1FF75AE64CB6DB263E8B35515E092B325AA71A6B2210F8F2B0AD087B3BA33345 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:49:16.0363 0x1990 XblGameSave - ok
09:49:16.0378 0x1990 [ F279536122B83FD0D8E158AA753E1B7C, 6A542F28E24B30DBDC2EEE24DA33C2F4ADB3596AEDDD71DC1495DD40577CE4BB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:49:16.0394 0x1990 xboxgip - ok
09:49:16.0409 0x1990 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:49:16.0441 0x1990 XboxNetApiSvc - ok
09:49:16.0441 0x1990 [ DA0807D87A62D076C29C4E30F1E84F46, CA3079350038091AEE04D4DA7C06865E9DB3095120AE61AAB575AA77E86A6223 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:49:16.0456 0x1990 xinputhid - ok
09:49:16.0456 0x1990 ================ Scan global ===============================
09:49:16.0456 0x1990 [ 82E25186617BA6C15010F0D47C705705, 5BF9E38918E6EAE86448137E2D120B80318AA1143CDDF539A2BFBEE227646816 ] C:\WINDOWS\system32\basesrv.dll
09:49:16.0456 0x1990 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
09:49:16.0472 0x1990 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
09:49:16.0488 0x1990 [ 6FF8248F3A9D69A095C7F3F42BC29CB2, 9077B1AA0AFB8DB329FDED0E51085DE1C51B22A986162F29037FCA404A80D512 ] C:\WINDOWS\system32\services.exe
09:49:16.0488 0x1990 [ Global ] - ok
09:49:16.0488 0x1990 ================ Scan MBR ==================================
09:49:16.0488 0x1990 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:49:16.0519 0x1990 \Device\Harddisk0\DR0 - ok
09:49:16.0519 0x1990 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:49:16.0550 0x1990 \Device\Harddisk1\DR1 - ok
09:49:16.0550 0x1990 ================ Scan VBR ==================================
09:49:16.0550 0x1990 [ AA2A5875BA4612FC4F7C25C334F0BFC5 ] \Device\Harddisk0\DR0\Partition1
09:49:16.0550 0x1990 \Device\Harddisk0\DR0\Partition1 - ok
09:49:16.0566 0x1990 [ 3163F910D00521B37F8AC62C174B5F9C ] \Device\Harddisk0\DR0\Partition2
09:49:16.0566 0x1990 \Device\Harddisk0\DR0\Partition2 - ok
09:49:16.0566 0x1990 [ 9F228ECF0C3F84731C37459F5720891D ] \Device\Harddisk0\DR0\Partition3
09:49:16.0566 0x1990 \Device\Harddisk0\DR0\Partition3 - ok
09:49:16.0566 0x1990 [ B39E7E05513AE2B419746F4A2266F668 ] \Device\Harddisk0\DR0\Partition4
09:49:16.0566 0x1990 \Device\Harddisk0\DR0\Partition4 - ok
09:49:16.0566 0x1990 [ E8BC5CAE4863995E260B108C83B18996 ] \Device\Harddisk1\DR1\Partition1
09:49:16.0613 0x1990 \Device\Harddisk1\DR1\Partition1 - ok
09:49:16.0613 0x1990 ================ Scan generic autorun ======================
09:49:16.0722 0x1990 [ 70E07EAA803ABDC969B7456E63E37144, EB33AD81D338C36716F5FC62F80723A86F89E461C97C3211970A09A3F90213F8 ] C:\Program Files\AMD\CNext\CNext\cnext.exe
09:49:16.0800 0x1990 StartCN - ok
09:49:16.0816 0x1990 [ F316A9C0C8BBA9D2A98BE70EE0D8CA96, 20C83B6D1706DED7B645008CD29346A5FD14A4F67FCF17FED28E7A17F021E15B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
09:49:16.0831 0x1990 avgnt - ok
09:49:16.0831 0x1990 [ BB10E34B162FBEAE5636474A79026A0D, 700629C7497ED01E5B7DF99F0D8F56FF30BBA067ED65AC7A0D77B3765C596ECB ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
09:49:16.0847 0x1990 Avira Systray - ok
09:49:17.0003 0x1990 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:49:17.0144 0x1990 OneDriveSetup - ok
09:49:17.0253 0x1990 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:49:17.0347 0x1990 OneDriveSetup - ok
09:49:17.0378 0x1990 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Inkognito\AppData\Local\Microsoft\OneDrive\OneDrive.exe
09:49:17.0378 0x1990 OneDrive - ok
09:49:17.0378 0x1990 Waiting for KSN requests completion. In queue: 208
09:49:18.0394 0x1990 Waiting for KSN requests completion. In queue: 208
09:49:19.0410 0x1990 Waiting for KSN requests completion. In queue: 208
09:49:20.0472 0x1990 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.17.264 ), 0x41000 ( enabled : updated )
09:49:20.0472 0x1990 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
09:49:20.0488 0x1990 Win FW state via NFP2: enabled ( trusted )
09:49:22.0863 0x1990 ============================================================
09:49:22.0863 0x1990 Scan finished
09:49:22.0863 0x1990 ============================================================
09:49:22.0863 0x0ab0 Detected object count: 0
09:49:22.0863 0x0ab0 Actual detected object count: 0
Ist das wirklich ein Trojaner? lg keks |
|
06.06.2016, 10:33
| #3 |
| /// Malwareteam  | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Schaut für mich nach Avira Fehlalarm aus. Aber wir schauen mal mit FRST drüber. Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: Bitte Posten
__________________ |
|
06.06.2016, 10:40
| #4 |
| | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Hi Deathkid535, hier kommt die FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-06-2016 02
durchgeführt von Inkognito (Administrator) auf DESKTOP-CBE9C5A (06-06-2016 11:36:55)
Gestartet von C:\Users\Inkognito\Desktop
Geladene Profile: Inkognito (Verfügbare Profile: Inkognito)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(GOG.com) C:\Program Files (x86)\GalaxyClient\GalaxyClient Helper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Ubisoft) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UplayWebCore.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6564552 2016-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-06-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [67840 2016-05-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2341800309-767508254-2301830312-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-2341800309-767508254-2301830312-1001\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe [3985976 2016-05-12] (GOG.com)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{f8172d3b-4da1-4640-9a0e-8cbbfbdeb636}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-05-20] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-06-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-06-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-06-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-06-06] (Avira Operations GmbH & Co. KG)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2016-06-06] ()
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [276424 2016-05-04] (Avira Operations GmbH & Co. KG)
S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [246328 2016-05-12] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6167096 2016-05-12] (GOG.com)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [296648 2016-05-20] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [23240 2016-05-20] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-06-06] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [101376 2016-05-20] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-06-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-06-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-06-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-06-06] (Avira Operations GmbH & Co. KG)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [202032 2016-06-06] (Intel Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-06 11:36 - 2016-06-06 11:37 - 00008637 _____ C:\Users\Inkognito\Desktop\FRST.txt
2016-06-06 11:36 - 2016-06-06 11:36 - 02384896 _____ (Farbar) C:\Users\Inkognito\Desktop\FRST64.exe
2016-06-06 11:36 - 2016-06-06 11:36 - 00000000 ____D C:\FRST
2016-06-06 11:25 - 2016-06-06 11:26 - 00000000 ____D C:\Users\Inkognito\AppData\Local\Ubisoft Game Launcher
2016-06-06 11:25 - 2016-06-06 11:25 - 00001274 _____ C:\Users\Inkognito\Desktop\Uplay.lnk
2016-06-06 11:25 - 2016-06-06 11:25 - 00000000 ____D C:\Users\Inkognito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-06 11:25 - 2016-06-06 11:25 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-06 11:22 - 2016-06-06 11:22 - 00001124 _____ C:\Users\Public\Desktop\GOG Galaxy.lnk
2016-06-06 11:22 - 2016-06-06 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2016-06-06 11:22 - 2016-06-06 11:22 - 00000000 ____D C:\ProgramData\GOG.com
2016-06-06 11:22 - 2016-06-06 11:22 - 00000000 ____D C:\Program Files (x86)\GalaxyClient
2016-06-06 11:18 - 2016-06-06 11:19 - 00000000 ____D C:\Users\Inkognito\AppData\Local\GOG.com
2016-06-06 11:18 - 2016-06-06 11:18 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-06-06 11:18 - 2016-06-06 11:18 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-06 11:18 - 2016-06-06 11:18 - 00000000 ____D C:\Program Files\MSBuild
2016-06-06 11:18 - 2016-06-06 11:18 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-06-06 11:18 - 2016-06-06 11:18 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-06 11:18 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-06-06 11:18 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-06-06 11:18 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-06-06 11:18 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-06-06 11:18 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-06-06 11:18 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-06 10:44 - 2016-06-06 10:44 - 00000000 ____D C:\Users\Inkognito\AppData\Local\Steam
2016-06-06 10:44 - 2016-06-06 10:44 - 00000000 ____D C:\Users\Inkognito\AppData\Local\CEF
2016-06-06 10:43 - 2016-06-06 11:16 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-06 10:43 - 2016-06-06 10:43 - 00001032 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-06 10:43 - 2016-06-06 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-06 10:38 - 2016-06-06 10:38 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater
2016-06-06 10:38 - 2016-06-06 10:38 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-06 10:38 - 2016-04-27 22:59 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-06 10:38 - 2016-04-27 22:58 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-06 10:38 - 2016-04-27 22:58 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-06 10:38 - 2016-04-27 22:58 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-06 10:37 - 2016-06-06 10:37 - 00000000 ____D C:\Users\Inkognito\AppData\Roaming\ATI
2016-06-06 10:37 - 2016-06-06 10:37 - 00000000 ____D C:\Users\Inkognito\AppData\Local\ATI
2016-06-06 10:37 - 2016-06-06 10:37 - 00000000 ____D C:\ProgramData\ATI
2016-06-06 10:24 - 2016-06-06 10:24 - 00001211 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-06 10:22 - 2016-06-06 10:22 - 00000000 ____D C:\Users\Inkognito\Desktop\OOSU10
2016-06-06 10:07 - 2016-06-06 09:14 - 00000000 ___DC C:\WINDOWS\Panther
2016-06-06 10:06 - 2016-06-06 10:06 - 00000000 ____D C:\Windows.old
2016-06-06 10:05 - 2016-06-06 10:05 - 24604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 13383168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03673424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03591168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 03575296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02598912 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01731072 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01594920 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 01372304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-06 10:05 - 2016-06-06 10:05 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-06 10:05 - 2016-06-06 10:05 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-06-06 10:05 - 2016-06-06 10:05 - 00988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-06-06 10:05 - 2016-06-06 10:05 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-06-06 10:05 - 2016-06-06 10:05 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00696672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00650304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00605440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00577368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-06-06 10:05 - 2016-06-06 10:05 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-06-06 10:05 - 2016-06-06 10:05 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-06-06 10:05 - 2016-06-06 10:05 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00330072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00294592 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-06-06 10:05 - 2016-06-06 10:05 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-06 10:05 - 2016-06-06 10:05 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-06-06 10:05 - 2016-06-06 10:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-06-06 10:05 - 2016-06-06 10:05 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-06-06 10:03 - 2016-06-06 10:03 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-06-06 09:47 - 2016-06-06 10:11 - 00239476 _____ C:\TDSSKiller.3.1.0.9_06.06.2016_09.47.55_log.txt
2016-06-06 09:47 - 2016-06-06 09:47 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Inkognito\Desktop\tdsskiller.exe
2016-06-06 09:34 - 2016-06-06 09:34 - 00000000 ____D C:\Users\Inkognito\AppData\Roaming\Macromedia
2016-06-06 09:29 - 2016-06-06 09:29 - 00000000 ____D C:\Users\Inkognito\AppData\Local\Comms
2016-06-06 09:23 - 2016-06-06 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-06 09:23 - 2016-06-06 09:28 - 00000000 ____D C:\Users\Inkognito\AppData\Roaming\Avira
2016-06-06 09:23 - 2016-06-06 09:23 - 00000000 ____D C:\Users\Inkognito\AppData\Local\MicrosoftEdge
2016-06-06 09:21 - 2016-06-06 10:24 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-06 09:21 - 2016-06-06 10:23 - 00000000 ____D C:\ProgramData\Avira
2016-06-06 09:21 - 2016-06-06 09:24 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-06 09:21 - 2016-06-06 09:24 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-06 09:21 - 2016-06-06 09:24 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-06 09:21 - 2016-06-06 09:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-06 09:11 - 2016-06-06 09:11 - 00000000 ____D C:\Users\Inkognito\AppData\Local\ActiveSync
2016-06-06 09:10 - 2016-06-06 09:10 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-06-06 09:10 - 2016-06-06 09:10 - 00000020 ___SH C:\Users\Inkognito\ntuser.ini
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-06-06 09:10 - 2016-06-06 09:10 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-06-06 09:09 - 2016-06-06 09:09 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-06 09:08 - 2016-06-06 11:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-06 09:08 - 2016-06-06 10:38 - 00000000 ____D C:\Users\Inkognito
2016-06-06 09:08 - 2016-06-06 10:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-06-06 09:08 - 2016-06-06 09:09 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Vorlagen
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Startmenü
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Netzwerkumgebung
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Lokale Einstellungen
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Eigene Dateien
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Druckumgebung
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Documents\Eigene Videos
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Documents\Eigene Musik
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Documents\Eigene Bilder
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\AppData\Local\Verlauf
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\AppData\Local\Anwendungsdaten
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 _SHDL C:\Users\Inkognito\Anwendungsdaten
2016-06-06 09:08 - 2016-06-06 09:08 - 00000000 ____D C:\Program Files (x86)\AMD
2016-06-06 09:07 - 2016-06-06 10:38 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2016-06-06 09:07 - 2016-06-06 10:38 - 00000000 ____D C:\Program Files\AMD
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 ____D C:\Program Files\ASUS
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-06-06 09:07 - 2016-06-06 09:07 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-06-06 09:07 - 2016-06-06 08:37 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2016-06-06 09:07 - 2016-06-06 08:37 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2016-06-06 08:58 - 2016-06-06 09:10 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-06-06 08:58 - 2016-06-06 09:10 - 00009528 _____ C:\WINDOWS\diagerr.xml
2016-06-06 08:55 - 2016-06-06 08:55 - 00599240 _____ (Qualcomm Atheros) C:\WINDOWS\system32\Drivers\btfilter.sys
2016-06-06 08:55 - 2016-06-06 08:55 - 00246804 _____ C:\WINDOWS\system32\Drivers\AtherosBT.bin
2016-06-06 08:55 - 2016-06-06 08:55 - 00182784 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll
2016-06-06 08:55 - 2016-06-06 08:55 - 00181760 _____ (Qualcomm Atheros Communications Inc.) C:\WINDOWS\system32\btcoinst.dll
2016-06-06 08:55 - 2016-06-06 08:55 - 00048092 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020200.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00046748 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00046268 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020100.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00046212 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x11020000.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00040684 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010000_ss01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00038140 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x31010100.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00023532 _____ C:\WINDOWS\system32\Drivers\AthrBT_0x01020201.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00011264 _____ (Qualcomm®Atheros®) C:\WINDOWS\system32\BtContextMenu.dll.muien-US
2016-06-06 08:55 - 2016-06-06 08:55 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf0.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x21.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x11.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001926 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001922 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_SS01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40_nf01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001802 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020100_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001796 _____ C:\WINDOWS\system32\Drivers\ramps_0x11020000_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_SS01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_LV01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0xf1.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x22.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x12.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001516 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010000_40_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001512 _____ C:\WINDOWS\system32\Drivers\ramps_0x31010100_40_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001242 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001228 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x04.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001214 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x03.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40_0x02.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001204 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001198 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00001192 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020200_26_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000296 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000278 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x04.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x03.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40_0x02.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_40.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26_0x01.dfu
2016-06-06 08:55 - 2016-06-06 08:55 - 00000264 _____ C:\WINDOWS\system32\Drivers\ramps_0x01020201_26.dfu
2016-06-06 08:46 - 2016-04-22 09:57 - 00453288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-06 08:44 - 2016-06-06 08:44 - 00001243 _____ C:\Users\Inkognito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNext.lnk
2016-06-06 08:43 - 2016-06-06 08:45 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-06 08:43 - 2016-06-06 08:43 - 139319312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-06 08:39 - 2016-06-06 09:12 - 00002395 _____ C:\Users\Inkognito\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-06 08:39 - 2016-06-06 09:12 - 00000000 ___RD C:\Users\Inkognito\OneDrive
2016-06-06 08:39 - 2016-06-06 08:39 - 00000000 ____D C:\Users\Inkognito\AppData\Local\AMD
2016-06-06 08:38 - 2016-06-06 09:59 - 00000000 ____D C:\Users\Inkognito\AppData\Local\Packages
2016-06-06 08:38 - 2016-06-06 08:38 - 00202032 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-06-06 08:38 - 2016-06-06 08:38 - 00111120 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\SET732B.tmp
2016-06-06 08:38 - 2016-06-06 08:38 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-CBE9C5A_defaultuser0_HistoryPrediction.bin
2016-06-06 08:38 - 2016-06-06 08:38 - 00000000 ____D C:\Users\Inkognito\AppData\Roaming\Adobe
2016-06-06 08:38 - 2016-06-06 08:38 - 00000000 ____D C:\Users\Inkognito\AppData\Local\VirtualStore
2016-06-06 08:38 - 2016-06-06 08:38 - 00000000 ____D C:\Users\Inkognito\AppData\Local\TileDataLayer
2016-06-06 08:38 - 2016-06-06 08:38 - 00000000 ____D C:\Users\Inkognito\AppData\Local\Publishers
2016-06-06 08:38 - 2016-05-20 23:16 - 00101376 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\AtihdWT6.sys
2016-06-06 08:37 - 2016-06-06 10:35 - 00000000 ____D C:\AMD
2016-06-06 08:37 - 2016-06-06 08:37 - 23969776 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET4CD6.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 13313512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET5587.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 09105520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET4DF4.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 02356592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2016-06-06 08:37 - 2016-06-06 08:37 - 01519200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET5E5E.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 00873960 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll
2016-06-06 08:37 - 2016-06-06 08:37 - 00737410 _____ C:\WINDOWS\system32\atiicdxx.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00679912 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\SET5E18.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 00323588 _____ C:\WINDOWS\system32\ativvaxy_el.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00204952 _____ C:\WINDOWS\SysWOW64\ativvsvl.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00204952 _____ C:\WINDOWS\system32\ativvsvl.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00162744 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\SET5E2B.tmp
2016-06-06 08:37 - 2016-06-06 08:37 - 00157144 _____ C:\WINDOWS\SysWOW64\ativvsva.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00157144 _____ C:\WINDOWS\system32\ativvsva.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00140240 _____ C:\WINDOWS\system32\samu_krnl_ci.sbin
2016-06-06 08:37 - 2016-06-06 08:37 - 00138832 _____ C:\WINDOWS\system32\samu_krnl_isv_ci.sbin
2016-06-06 08:37 - 2016-06-06 08:37 - 00100832 _____ C:\WINDOWS\system32\ativce02.dat
2016-06-06 08:37 - 2016-06-06 08:37 - 00047664 _____ C:\WINDOWS\system32\kapp_ci.sbin
2016-06-06 08:37 - 2016-06-06 08:37 - 00043536 _____ C:\WINDOWS\system32\kapp_si.sbin
2016-06-06 08:37 - 2016-05-20 23:47 - 10694160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll
2016-06-06 08:37 - 2016-05-20 23:47 - 01511680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2016-06-06 08:37 - 2016-05-20 23:47 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll
2016-06-06 08:37 - 2016-05-20 23:46 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll
2016-06-06 08:37 - 2016-05-20 23:41 - 27015680 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys
2016-06-06 08:37 - 2016-05-20 22:57 - 00498176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys
2016-06-06 08:22 - 2016-06-06 10:43 - 01708398 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Programme
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-06-06 08:18 - 2016-06-06 08:18 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-06-06 08:16 - 2016-06-06 08:16 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-20 23:48 - 2016-05-20 23:48 - 00462080 _____ C:\WINDOWS\system32\amdmiracast.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2016-05-20 23:48 - 2016-05-20 23:48 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 08876704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 01242832 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2016-05-20 23:47 - 2016-05-20 23:47 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll
2016-05-20 23:46 - 2016-05-20 23:46 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll
2016-05-20 23:44 - 2016-05-20 23:44 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys
2016-05-20 23:42 - 2016-05-20 23:42 - 00023240 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\amdkmafd.sys
2016-05-20 23:35 - 2016-05-20 23:35 - 48616960 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll
2016-05-20 23:35 - 2016-05-20 23:35 - 00252928 _____ C:\WINDOWS\system32\clinfo.exe
2016-05-20 23:34 - 2016-05-20 23:34 - 38098432 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00096256 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-05-20 23:33 - 2016-05-20 23:33 - 00087040 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-05-20 23:32 - 2016-05-20 23:32 - 27433472 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll
2016-05-20 23:31 - 2016-05-20 23:31 - 21600768 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll
2016-05-20 23:30 - 2016-05-20 23:30 - 08699392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2016-05-20 23:26 - 2016-05-20 23:26 - 06951424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2016-05-20 23:16 - 2016-05-20 23:16 - 00103424 _____ (Advanced Micro Devices) C:\WINDOWS\system32\DelayAPO.dll
2016-05-20 23:15 - 2016-05-20 23:15 - 00184320 _____ C:\WINDOWS\system32\amdhdl64.dll
2016-05-20 23:15 - 2016-05-20 23:15 - 00164352 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll
2016-05-20 23:14 - 2016-05-20 23:14 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00730112 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2016-05-20 23:13 - 2016-05-20 23:13 - 00605696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_16.20.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2016-05-20 23:12 - 2016-05-20 23:12 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00716128 _____ C:\WINDOWS\system32\atiapfxx.blb
2016-05-20 23:09 - 2016-05-20 23:09 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2016-05-20 23:09 - 2016-05-20 23:09 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll
2016-05-20 23:09 - 2016-05-20 23:09 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll
2016-05-20 23:08 - 2016-05-20 23:08 - 14302720 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll
2016-05-20 23:06 - 2016-05-20 23:06 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll
2016-05-20 23:05 - 2016-05-20 23:05 - 08850432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2016-05-20 23:04 - 2016-05-20 23:04 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2016-05-20 23:02 - 2016-05-20 23:02 - 07261184 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00306688 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00274432 _____ C:\WINDOWS\system32\dgtrayicon.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00258560 _____ C:\WINDOWS\system32\GameManager64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00230912 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00223744 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00212480 _____ C:\WINDOWS\system32\atieah64.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00202752 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2016-05-20 23:02 - 2016-05-20 23:02 - 00190464 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2016-05-20 23:02 - 2016-05-20 23:02 - 00093696 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2016-05-20 23:01 - 2016-05-20 23:01 - 00270336 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll
2016-05-20 22:59 - 2016-05-20 22:59 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2016-05-20 22:57 - 2016-05-20 22:57 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll
2016-05-20 22:57 - 2016-05-20 22:57 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll
2016-05-20 22:56 - 2016-05-20 22:56 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00251392 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2016-05-20 22:55 - 2016-05-20 22:55 - 00217088 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2016-05-20 17:21 - 2016-05-20 17:21 - 02412544 _____ C:\WINDOWS\system32\amdacpusl.pdb
2016-05-20 17:12 - 2016-05-20 17:12 - 00364544 _____ (Advanced Micro Devices) C:\WINDOWS\system32\amdacpusl.dll
2016-05-20 17:12 - 2016-05-20 17:12 - 00306176 _____ C:\WINDOWS\system32\amdacpusl.pdb.pub
2016-05-20 17:12 - 2016-05-20 17:12 - 00248832 _____ (Advanced Micro Devices) C:\WINDOWS\SysWOW64\amdacpusl.dll
2016-05-09 07:05 - 2016-05-09 07:05 - 00874790 _____ C:\WINDOWS\system32\amdicdxx.dat
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-06 11:18 - 2016-04-27 07:13 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-06 11:18 - 2016-04-27 07:13 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-06 11:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-06-06 11:18 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-06-06 11:18 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-06-06 11:18 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-06 10:38 - 2016-04-27 07:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-06 10:38 - 2015-10-30 08:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-06 10:07 - 2015-10-30 09:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-06-06 10:06 - 2016-04-27 07:33 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-06 10:06 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-06 10:05 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-06-06 10:02 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-06 10:02 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-06 09:10 - 2016-04-27 07:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-06 09:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-06-06 09:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2016-06-06 09:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat
2016-06-06 09:10 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows NT
2016-06-06 09:09 - 2016-04-26 22:44 - 00194272 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-06 09:09 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-06 09:09 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-06 09:09 - 2015-07-10 11:05 - 00000000 ____D C:\Users\Default.migrated
2016-06-06 09:08 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-06 09:08 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-06 08:58 - 2016-04-27 09:16 - 00000000 ___HD C:\$WINDOWS.~BT
Einige Dateien in TEMP:
====================
C:\Users\Inkognito\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-06 09:07
==================== Ende von FRST.txt ============================
und hier die Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-06-2016 02
durchgeführt von Inkognito (2016-06-06 11:37:15)
Gestartet von C:\Users\Inkognito\Desktop
Windows 10 Home Version 1511 (X64) (2016-06-06 07:10:46)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2341800309-767508254-2301830312-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2341800309-767508254-2301830312-503 - Limited - Disabled)
Gast (S-1-5-21-2341800309-767508254-2301830312-501 - Limited - Disabled)
Inkognito (S-1-5-21-2341800309-767508254-2301830312-1001 - Administrator - Enabled) => C:\Users\Inkognito
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0520.1712.17 - Advanced Micro Devices, Inc.) Hidden
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{28d41884-9b36-4f54-bed2-92863f08e65d}) (Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.62.21333 - Avira Operations GmbH & Co. KG) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1129.2307.41591 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0520.1721.29404 - Advanced Micro Devices, Inc.) Hidden
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 19.1 - Ubisoft)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0) (Version: 1.0.11.0 - LunarG, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2341800309-767508254-2301830312-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Inkognito\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {CD8F4994-208B-49BB-8E8D-EF6337FD8E94} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-05-20] (Advanced Micro Devices, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-06 09:07 - 2016-06-06 08:37 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2016-06-06 10:05 - 2016-06-06 10:05 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-06 09:12 - 2016-06-06 09:12 - 00959168 _____ () C:\Users\Inkognito\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64\ClientTelemetry.dll
2016-04-27 07:17 - 2016-04-27 07:17 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-06 10:05 - 2016-06-06 10:05 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-06-06 09:07 - 2016-06-06 10:38 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-06-06 09:07 - 2016-06-06 08:37 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-06-06 10:44 - 2016-04-29 22:10 - 00785920 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-06-06 10:44 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-06-06 10:44 - 2016-04-30 02:10 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2016-06-06 10:44 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-06-06 10:44 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-06-06 10:44 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-06-06 10:44 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-06-06 10:44 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-06-06 10:44 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-06-06 10:44 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-06-06 10:44 - 2016-04-30 02:10 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-06-06 10:44 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-06-06 10:44 - 2016-04-28 03:00 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-06-06 10:44 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 45069312 _____ () C:\Program Files (x86)\GalaxyClient\libcef.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00500736 _____ () C:\Program Files (x86)\GalaxyClient\PocoUtil.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 01069568 _____ () C:\Program Files (x86)\GalaxyClient\PocoNet.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 01847296 _____ () C:\Program Files (x86)\GalaxyClient\PocoData.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00386048 _____ () C:\Program Files (x86)\GalaxyClient\PocoDataSQLite.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00513536 _____ () C:\Program Files (x86)\GalaxyClient\PocoXML.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 01582080 _____ () C:\Program Files (x86)\GalaxyClient\PocoFoundation.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00300544 _____ () C:\Program Files (x86)\GalaxyClient\PocoNetSSL.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00323584 _____ () C:\Program Files (x86)\GalaxyClient\PocoJSON.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00096768 _____ () C:\Program Files (x86)\GalaxyClient\zlib.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00265216 _____ () C:\Program Files (x86)\GalaxyClient\PocoZip.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00672768 _____ () C:\Program Files (x86)\GalaxyClient\sqlite.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00144896 _____ () C:\Program Files (x86)\GalaxyClient\expat.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00418304 _____ () C:\Program Files (x86)\GalaxyClient\pcre.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00150528 _____ () C:\Program Files (x86)\GalaxyClient\PocoCrypto.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 01643008 _____ () C:\Program Files (x86)\GalaxyClient\libglesv2.dll
2016-06-06 11:22 - 2016-05-12 16:05 - 00074752 _____ () C:\Program Files (x86)\GalaxyClient\libegl.dll
2016-05-19 14:22 - 2016-05-19 14:22 - 50601984 _____ () C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2341800309-767508254-2301830312-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Inkognito\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{185AC8E4-3EAF-4BA5-A394-333524B90130}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{39F3ABFB-2E86-4CFF-A4BE-E5213A4ABFE5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BC9A8946-22FB-4B91-B5FA-D492606561C4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6F53610D-0243-408F-B269-C4AEF09DBC1B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
==================== Wiederherstellungspunkte =========================
06-06-2016 10:24:08 O&O ShutUp10
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/06/2016 10:37:52 AM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: DESKTOP-CBE9C5A)
Description: Die Anwendung oder der Dienst "AdaptiveSleepService" konnte nicht neu gestartet werden.
Error: (06/06/2016 10:37:52 AM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Failed to stop service! Error code = 1062
Error: (06/06/2016 10:36:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.10586.306, Zeitstempel: 0x571af85f
Name des fehlerhaften Moduls: eModel.dll, Version: 11.0.10586.306, Zeitstempel: 0x571af463
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000129b5f
ID des fehlerhaften Prozesses: 0x1554
Startzeit der fehlerhaften Anwendung: 0xMicrosoftEdge.exe0
Pfad der fehlerhaften Anwendung: MicrosoftEdge.exe1
Pfad des fehlerhaften Moduls: MicrosoftEdge.exe2
Berichtskennung: MicrosoftEdge.exe3
Vollständiger Name des fehlerhaften Pakets: MicrosoftEdge.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge.exe5
Error: (06/06/2016 10:24:09 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (06/06/2016 09:59:30 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.10586.306, Zeitstempel: 0x571afa59
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00000000004aa737
ID des fehlerhaften Prozesses: 0x1644
Startzeit der fehlerhaften Anwendung: 0xmicrosoftedgecp.exe0
Pfad der fehlerhaften Anwendung: microsoftedgecp.exe1
Pfad des fehlerhaften Moduls: microsoftedgecp.exe2
Berichtskennung: microsoftedgecp.exe3
Vollständiger Name des fehlerhaften Pakets: microsoftedgecp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoftedgecp.exe5
Error: (06/06/2016 09:59:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.10586.20, Zeitstempel: 0x56540c35
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.10586.306, Zeitstempel: 0x571afa59
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004aa737
ID des fehlerhaften Prozesses: 0x1644
Startzeit der fehlerhaften Anwendung: 0xmicrosoftedgecp.exe0
Pfad der fehlerhaften Anwendung: microsoftedgecp.exe1
Pfad des fehlerhaften Moduls: microsoftedgecp.exe2
Berichtskennung: microsoftedgecp.exe3
Vollständiger Name des fehlerhaften Pakets: microsoftedgecp.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: microsoftedgecp.exe5
Error: (06/06/2016 09:48:38 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-CBE9C5A)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/06/2016 09:39:39 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-CBE9C5A)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/06/2016 09:34:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-CBE9C5A)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/06/2016 09:33:37 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-CBE9C5A)
Description: Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“ ist folgender Fehler aufgetreten: -2147024770. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (06/06/2016 10:44:48 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/06/2016 10:44:48 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (06/06/2016 10:38:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_2a53f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/06/2016 10:38:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _2a53f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/06/2016 10:38:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_2a53f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/06/2016 10:38:25 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_2a53f" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/06/2016 10:38:25 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (06/06/2016 09:28:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "StateRepository-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/06/2016 09:28:02 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-CBE9C5A)
Description: CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca
Error: (06/06/2016 09:27:58 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_111b00" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-06-06 09:07:37.603
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 83%
Installierter physikalischer RAM: 4033.54 MB
Verfügbarer physikalischer RAM: 673.1 MB
Summe virtueller Speicher: 5991.21 MB
Verfügbarer virtueller Speicher: 1187.89 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.21 GB) (Free:430.14 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 1C7B41E8)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
06.06.2016, 14:28
| #5 |
| /// Malwareteam | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Hi, ich seh da nix, wird ein Fehlalarm sein  |
|
06.06.2016, 15:48
| #6 |
| | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Vielen dank Dennis, für deine Bemühungen!  |
|
06.06.2016, 16:50
| #7 |
| /// Malwareteam | "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" Kein Ding. |
|
| Themen zu "TR/Crypt.XPACK.Gen" in "C:\Program Files\WindowsApps\Microsoft.NET.Native.Framework.1.3_1.3.23901.0_x86__8wekyb3d8bbwe\SharedLibrary.dll" |
| amd, asus, avira, boot, browser, cdrom, clean, code, computer, converter, data, datei, detected, dxgkrnl, filter, harddisk, monitor, rootkit, services, sigcheck, system32, tool, tr/crypt.xpack.gen, trojaner, update, windows, windows 7, windowsapps |
Linear-Darstellung
