yahoo search update popup, komische .exe crashes

saikorust · 19.06.2016, 00:19

Hi,
ich hatte Anfang der Woche plötzlich folgendes Popup auf dem Desktop (Win7), welches sich jede sekunde in den Vordergrund drängte.
hxxp://abload.de/img/screenshot-08.06.20162xar8.png
Google suche findet nur 2-3 Treffer auf reddit (https://www.reddit.com/r/computerviruses/comments/3q3r5l/yahoo_chromium_malwarevirus_popup/ https://www.reddit.com/r/techsupport/comments/3valaz/i_have_a_popup_asking_to_update_yahoo_that_im/) zu dem Problem. Im Popup habe ich nichts angeklickt, sondern im Taskmanager die zugehörige mshta.exe gekillt und wie im reddit Post empfohlen den die .exe startenden Eintrag im Windows Taskplaner gelöscht und den entsprechenden Ordner in %Appdata%/.
Habe daraufhin MSE scannen lassen, das fand aber nur bundlemodder verdächtig (Payday 2 mod tool), hab ich löschen lassen. Hijackthis fand 1-2 Einträge in Chrome, log vom 14.6 hab ich noch da falls relevant.
Das Popup kam seitdem nicht wieder, war aber noch unsicher und habe vorhin Sophos Anti Rootkit laufen lassen. Bis 50-60% fand es nur 'unbekannte unsichtbare' setup Dateien von allen möglichen seriösen Programmen. Plötzlich kamen jedoch folgende Fehlermeldungen kurz hintereinander hxxp://abload.de/img/screenshot-18.06.2016b5kea.png . Hatte nebenher den Resourcenmonitor offen und sah, dass MSE auch auf die von Sophos gescannten Dateien zugriff. Außerdem war zwischen den MSE Einträgen auch die tzscqt.exe.
An dem Punkt hab ich den Rechner abgeschaltet, aus Angst dass da ein Crypto Trojaner auf der hohen CPU und HDD Auslastungswelle mitsurft und die aktuell zugegriffenen Dateien verschlüsselt (Oder startet das Sophos Tool random.exe Dateien für seine scans?).

Evtl. relevant, aber vermutlich nicht: Seit Wochen habe ich hin und wieder in Spielen kurzzeitig starke Performance Einbrüche die zum einen durch MsMpEng.exe ausgelöst werden, das eigentlich nur scannen dürfte wenn der PC idle ist und zum andern von einer .exe (an deren Name ich mich nicht erinnere), die laut Google zu irgendwelchen W10 Update Vorbreitungsanalysen gehört.

Momentan bin ich mit einem Live Linux Mint unterwegs, wie sollte ich weiter vorgehen?

M-K-D-B · 19.06.2016, 12:19

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

saikorust · 19.06.2016, 14:58

Hi,
Danke für die Hilfe

FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 19-06-2016
durchgeführt von no-w10 (Administrator) auf NO-W10-PC (19-06-2016 15:46:35)
Gestartet von C:\Users\no-w10\Desktop
Geladene Profile: no-w10 (Verfügbare Profile: no-w10)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(TrueCrypt Foundation) C:\Program Files\TrueCrypt\TrueCrypt.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
(DonationCoder) C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(GIGA-BYTE TECHNOLOGY CO., LTD.) C:\Program Files (x86)\Gigabyte\SIV\thermald.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Microsoft Corporation) C:\Windows\System32\perfmon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXUX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15818872 2016-04-29] (Logitech Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6603520 2016-06-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-02-17] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1174816 2015-02-25] (Intel Corporation)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2770944 2016-05-07] (Dominik Reichl)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-06-08] (LogMeIn Inc.)
HKLM-x32\...\RunOnce: [PreRun] => C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe [8192 2013-04-29] ()
HKLM-x32\...\RunOnce: [SIV] => C:\Program Files (x86)\Gigabyte\SIV\sivro.exe [12096 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
HKU\S-1-5-21-1245940347-1992669390-3634341320-1000\...\Run: [TrueCrypt] => C:\Program Files\TrueCrypt\TrueCrypt.exe [1516496 2016-05-14] (TrueCrypt Foundation)
HKU\S-1-5-21-1245940347-1992669390-3634341320-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1245940347-1992669390-3634341320-1000\...\Run: [Screenshot Captor] => C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe [9385648 2016-01-04] (DonationCoder)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{544E0C81-431F-4907-9079-6366D186B3B4}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com/search?FORM=INCOH1&PC=IC05&PTAG=ICO-e7fd4b0a
HKU\S-1-5-21-1245940347-1992669390-3634341320-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1245940347-1992669390-3634341320-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1245940347-1992669390-3634341320-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=INCOH2&PC=IC05&PTAG=ICO-e7fd4b0a&q={searchTerms}
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-15] (Oracle Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (James White) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2016-05-14]
CHR Extension: (OneTab) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-06-06]
CHR Extension: (uBlock Origin) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2016-05-14]
CHR Extension: (HTTPS Everywhere) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2016-06-10]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2016-05-14]
CHR Extension: (Ghostery) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2016-05-14]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-14]
CHR Extension: (Citavi Picker) - C:\Users\no-w10\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2016-06-01]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 gadjservice; C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe [16896 2015-04-14] () [Datei ist nicht signiert]
S3 HwmRecordService; C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe [62784 2015-07-01] (GIGA-BYTE TECHNOLOGY CO., LTD.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344168 2015-08-10] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-06-07] (LogMeIn, Inc.)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193656 2016-04-29] (Logitech Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2016-05-13] (Realtek Semiconductor.) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 hcw17bda; C:\Windows\System32\drivers\hcw17b64.sys [77144 2015-08-24] (Hauppauge Computer Works, Inc.)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-05-27] (REALiX(tm))
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31728 2015-11-12] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [85160 2016-04-19] (Logitech Inc.)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2015-02-25] (Intel Corporation)
S3 MEMSWEEP2; C:\Windows\system32\F18F.tmp [6144 2009-06-18] (Sophos Plc) [Datei ist nicht signiert]
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13512 2015-12-09] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2016-05-15] (Duplex Secure Ltd.)
R2 WinRing0_1_2_0; C:\Users\no-w10\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys [14544 2014-04-15] (OpenLibSys.org)
U3 ad77omqf; C:\Windows\System32\Drivers\ad77omqf.sys [0 ] (Microsoft Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S1 fhfyalxx; \??\C:\Windows\system32\drivers\fhfyalxx.sys [X]
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 VBAudioVACMME; system32\DRIVERS\vbaudio_cable64_win7.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-19 15:46 - 2016-06-19 15:46 - 00015597 _____ C:\Users\no-w10\Desktop\FRST.txt
2016-06-19 15:22 - 2016-06-19 15:24 - 00220956 _____ C:\TDSSKiller.3.1.0.9_19.06.2016_15.22.46_log.txt
2016-06-19 15:15 - 2016-06-19 15:46 - 00000000 ____D C:\FRST
2016-06-19 15:14 - 2016-06-19 15:14 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\no-w10\Desktop\tdsskiller.exe
2016-06-19 15:13 - 2016-06-19 15:13 - 02387456 _____ (Farbar) C:\Users\no-w10\Desktop\FRST64.exe
2016-06-18 22:40 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\F18F.tmp
2016-06-18 22:40 - 2009-06-18 12:54 - 00006144 ____N (Sophos Plc) C:\Windows\system32\40A7.tmp
2016-06-18 22:39 - 2016-06-18 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2016-06-18 22:39 - 2016-06-18 22:39 - 00000000 ____D C:\Program Files (x86)\Sophos
2016-06-17 00:59 - 2016-06-18 19:29 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 00:58 - 2016-06-17 00:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-17 00:57 - 2016-06-17 00:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-17 00:57 - 2016-06-17 00:57 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-17 00:57 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-17 00:57 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-17 00:57 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-16 21:41 - 2016-06-16 21:41 - 00000000 ____D C:\Users\no-w10\Documents\My Cheat Tables
2016-06-16 21:41 - 2016-06-16 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.5.1
2016-06-16 21:41 - 2016-06-16 21:41 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5.1
2016-06-16 20:03 - 2016-06-16 20:03 - 00000000 ____D C:\Users\no-w10\AppData\LocalLow\Trash
2016-06-16 18:41 - 2016-06-16 18:41 - 00000000 ____D C:\Windows\pss
2016-06-16 03:04 - 2016-06-16 20:21 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2016-06-16 02:14 - 2016-06-16 02:14 - 00000000 ____D C:\Users\no-w10\Documents\OneNote-Notizbücher
2016-06-15 16:49 - 2016-06-15 17:05 - 00000000 ____D C:\Users\no-w10\Documents\The Crew
2016-06-15 16:49 - 2016-06-15 16:52 - 00000000 ____D C:\Users\no-w10\Documents\ProfileCache
2016-06-15 16:49 - 2016-06-15 16:49 - 00000000 ____D C:\Users\no-w10\AppData\Local\Ubisoft
2016-06-15 14:29 - 2016-06-15 14:29 - 00000000 ___HD C:\ProgramData\CanonIJFAX
2016-06-15 14:29 - 2012-09-21 09:33 - 00321024 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLL.dll
2016-06-15 14:29 - 2012-05-25 09:21 - 00103936 _____ (CANON INC.) C:\Windows\SysWOW64\CNC_BLU.dll
2016-06-15 14:29 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\SysWOW64\CNC176BD.TBL
2016-06-15 14:29 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\Windows\SysWOW64\CNHMCA.dll
2016-06-15 14:28 - 2012-09-21 09:34 - 00366080 _____ (CANON INC.) C:\Windows\system32\CNC_BLL.dll
2016-06-15 14:28 - 2012-09-20 05:00 - 00390656 _____ (CANON INC.) C:\Windows\system32\CNMLMBL.DLL
2016-06-15 14:28 - 2012-05-25 09:21 - 00282624 _____ (CANON INC.) C:\Windows\system32\CNC_BLC.dll
2016-06-15 14:28 - 2012-05-25 09:20 - 00106496 _____ (CANON INC.) C:\Windows\system32\CNC_BLI.dll
2016-06-15 14:28 - 2012-05-15 15:58 - 00098048 _____ C:\Windows\system32\CNC176BD.TBL
2016-06-15 14:27 - 2016-06-15 14:28 - 00000000 ___HD C:\Program Files\CanonBJ
2016-06-15 14:27 - 2012-09-21 05:00 - 00303104 _____ (CANON INC.) C:\Windows\system32\CNCALBL.DLL
2016-06-14 23:17 - 2016-06-14 23:19 - 00000000 ____D C:\Users\no-w10\AppData\Local\Ubisoft Game Launcher
2016-06-14 23:17 - 2016-06-14 23:17 - 00001205 _____ C:\Users\no-w10\Desktop\Uplay.lnk
2016-06-14 23:17 - 2016-06-14 23:17 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2016-06-14 23:17 - 2016-06-14 23:17 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2016-06-14 04:44 - 2016-06-14 04:44 - 00000000 ____D C:\Users\no-w10\AppData\Local\id Software
2016-06-14 03:45 - 2016-04-12 03:23 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 03:45 - 2016-04-12 03:23 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-14 03:45 - 2016-04-12 03:20 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-14 03:45 - 2016-04-12 03:20 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-14 03:45 - 2016-04-12 03:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-14 03:45 - 2016-04-12 03:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-14 03:45 - 2016-04-12 03:01 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-14 03:45 - 2016-04-12 03:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-14 03:45 - 2016-04-12 02:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-14 03:45 - 2016-04-12 02:43 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-14 03:45 - 2016-04-12 02:43 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-14 03:45 - 2016-04-12 02:43 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-14 03:45 - 2016-04-12 02:42 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-14 03:45 - 2016-04-12 02:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-14 03:45 - 2016-04-12 02:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-14 03:45 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-14 03:45 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-14 03:45 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-14 03:45 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-14 03:45 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-14 03:45 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-14 03:44 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-14 03:44 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-14 03:44 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-14 03:44 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-14 03:44 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-14 03:44 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-14 03:44 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-14 03:44 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-14 03:44 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-14 03:44 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-14 03:44 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-14 03:44 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-13 22:44 - 2016-06-14 00:01 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-10 02:19 - 2016-06-11 00:03 - 00000000 ____D C:\Users\no-w10\AppData\Local\PAYDAY 2
2016-06-10 02:19 - 2016-06-10 02:19 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-06-10 02:19 - 2016-06-10 02:19 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\ATI
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\Users\no-w10\AppData\Local\ATI
2016-06-09 22:50 - 2016-06-09 22:50 - 00000000 ____D C:\ProgramData\ATI
2016-06-08 19:49 - 2016-06-08 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-06-08 19:49 - 2016-06-08 19:49 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-06-08 19:49 - 2016-06-08 10:56 - 00034720 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2016-06-08 10:17 - 2016-06-14 03:32 - 00000000 ____D C:\AdwCleaner
2016-06-05 19:26 - 2016-06-05 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-05 19:26 - 2016-06-05 19:26 - 00000000 ____D C:\Program Files\CPUID
2016-06-05 00:16 - 2016-06-05 17:52 - 00000000 ____D C:\irc
2016-06-04 16:00 - 2016-06-04 16:00 - 00000000 ____D C:\Program Files\VB
2016-06-02 23:14 - 2016-06-02 23:14 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00141280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00137136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00122704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-06-02 23:14 - 2016-06-02 23:14 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-06-02 23:13 - 2016-06-02 23:13 - 08883384 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-06-02 23:11 - 2016-06-02 23:11 - 00297216 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-06-02 23:08 - 2016-06-02 23:08 - 26990080 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-06-02 23:02 - 2016-06-02 23:02 - 48616960 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-06-02 23:02 - 2016-06-02 23:02 - 00252928 _____ C:\Windows\system32\clinfo.exe
2016-06-02 23:01 - 2016-06-02 23:01 - 38098432 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-06-02 23:00 - 2016-06-02 23:00 - 00096256 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-06-02 23:00 - 2016-06-02 23:00 - 00087040 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-06-02 22:58 - 2016-06-02 22:58 - 27433472 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-06-02 22:58 - 2016-06-02 22:58 - 21600768 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-06-02 22:58 - 2016-06-02 22:58 - 08699904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-06-02 22:54 - 2016-06-02 22:54 - 06952448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-06-02 22:45 - 2016-06-02 22:45 - 00096256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2016-06-02 22:43 - 2016-06-02 22:43 - 00103424 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2016-06-02 22:42 - 2016-06-02 22:42 - 30188032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-06-02 22:42 - 2016-06-02 22:42 - 00732160 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-06-02 22:42 - 2016-06-02 22:42 - 00607744 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-06-02 22:42 - 2016-06-02 22:42 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-06-02 22:42 - 2016-06-02 22:42 - 00117760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-06-02 22:41 - 2016-06-02 22:41 - 06965248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-06-02 22:38 - 2016-06-02 22:38 - 05643776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-06-02 22:38 - 2016-06-02 22:38 - 00717520 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-06-02 22:38 - 2016-06-02 22:38 - 00717520 _____ C:\Windows\system32\atiapfxx.blb
2016-06-02 22:37 - 2016-06-02 22:37 - 15711744 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-06-02 22:37 - 2016-06-02 22:37 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-06-02 22:37 - 2016-06-02 22:37 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-06-02 22:37 - 2016-06-02 22:37 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-06-02 22:37 - 2016-06-02 22:37 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-06-02 22:37 - 2016-06-02 22:37 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-06-02 22:36 - 2016-06-02 22:36 - 14302720 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-06-02 22:35 - 2016-06-02 22:35 - 24836096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-06-02 22:35 - 2016-06-02 22:35 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-06-02 22:35 - 2016-06-02 22:35 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-06-02 22:34 - 2016-06-02 22:34 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-06-02 22:34 - 2016-06-02 22:34 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-06-02 22:32 - 2016-06-02 22:32 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-06-02 22:31 - 2016-06-02 22:31 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-06-02 22:31 - 2016-06-02 22:31 - 00274432 _____ C:\Windows\system32\dgtrayicon.exe
2016-06-02 22:31 - 2016-06-02 22:31 - 00258560 _____ C:\Windows\system32\GameManager64.dll
2016-06-02 22:31 - 2016-06-02 22:31 - 00212480 _____ C:\Windows\system32\atieah64.exe
2016-06-02 22:30 - 2016-06-02 22:30 - 00588288 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-06-02 22:30 - 2016-06-02 22:30 - 00306688 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-06-02 22:30 - 2016-06-02 22:30 - 00270336 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-06-02 22:30 - 2016-06-02 22:30 - 00230912 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-06-02 22:30 - 2016-06-02 22:30 - 00202752 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-06-02 22:30 - 2016-06-02 22:30 - 00190464 _____ C:\Windows\SysWOW64\atieah32.exe
2016-06-02 22:30 - 2016-06-02 22:30 - 00093696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-06-02 22:28 - 2016-06-02 22:28 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-06-02 22:26 - 2016-06-02 22:26 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-06-02 22:26 - 2016-06-02 22:26 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-06-02 22:26 - 2016-06-02 22:26 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-06-02 22:26 - 2016-06-02 22:26 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-06-02 22:26 - 2016-06-02 22:26 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-06-02 22:26 - 2016-06-02 22:26 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-06-02 22:25 - 2016-06-02 22:25 - 00497664 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-06-02 22:25 - 2016-06-02 22:25 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-06-02 22:25 - 2016-06-02 22:25 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-06-02 22:25 - 2016-06-02 22:25 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-06-02 22:23 - 2016-06-02 22:23 - 00251392 _____ C:\Windows\system32\hsa-thunk64.dll
2016-06-02 22:23 - 2016-06-02 22:23 - 00217088 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-06-01 07:24 - 2016-06-13 22:10 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\avidemux
2016-06-01 04:41 - 2016-06-01 04:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-01 04:34 - 2016-06-01 04:36 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Swiss Academic Software
2016-06-01 04:34 - 2016-06-01 04:35 - 00000000 ____D C:\Users\no-w10\Documents\Citavi 5
2016-06-01 04:34 - 2016-06-01 04:34 - 00000000 ____D C:\ProgramData\Swiss Academic Software
2016-06-01 04:33 - 2016-06-14 23:12 - 00020734 _____ C:\Users\no-w10\Desktop\1.6.16.kdbx
2016-06-01 04:32 - 2016-06-01 04:32 - 00001961 _____ C:\Users\Public\Desktop\Citavi 5.lnk
2016-06-01 04:32 - 2016-06-01 04:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citavi 5
2016-06-01 04:32 - 2016-06-01 04:32 - 00000000 ____D C:\Program Files (x86)\Citavi 5
2016-06-01 04:31 - 2016-06-01 04:31 - 00000000 ____D C:\Users\no-w10\AppData\Local\Downloaded Installations
2016-06-01 03:49 - 2016-05-30 10:07 - 00131072 _____ C:\entbaheader
2016-05-31 06:12 - 2016-05-31 06:12 - 00003045 _____ C:\Users\no-w10\Desktop\Cuttermaran 1.70.lnk
2016-05-31 06:12 - 2016-05-31 06:12 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cuttermaran
2016-05-31 06:12 - 2016-05-31 06:12 - 00000000 ____D C:\Program Files (x86)\Cuttermaran
2016-05-30 05:04 - 2016-06-19 15:35 - 00000000 ____D C:\!demux-cut
2016-05-30 02:52 - 2016-05-30 02:58 - 00000000 ____D C:\Users\no-w10\Documents\Witcher 2
2016-05-30 02:52 - 2016-05-30 02:52 - 00000000 ____D C:\Users\no-w10\AppData\Local\The Witcher 2
2016-05-29 23:58 - 2016-05-29 23:58 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2016-05-29 23:54 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2016-05-29 23:54 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2016-05-29 23:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2016-05-29 23:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2016-05-29 23:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2016-05-29 23:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2016-05-29 22:41 - 2016-05-30 04:56 - 00000000 ____D C:\Users\no-w10\Documents\My Games
2016-05-28 01:48 - 2016-05-28 01:48 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\MediaInfo
2016-05-27 03:05 - 2016-05-27 03:05 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2016-05-27 03:05 - 2016-05-27 03:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2016-05-27 03:05 - 2016-05-27 03:05 - 00000000 ____D C:\Program Files\HWiNFO64
2016-05-27 02:44 - 2016-06-13 18:59 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\obs-studio
2016-05-25 17:55 - 2016-05-25 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-05-22 01:41 - 2016-05-22 02:23 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\livestreamer
2016-05-22 01:41 - 2016-05-22 01:41 - 00000000 ____D C:\Program Files (x86)\Livestreamer
2016-05-21 06:06 - 2016-05-28 01:01 - 00013272 _____ C:\Users\no-w10\Desktop\warframe verkaufsliste.xlsx
2016-05-20 21:44 - 2016-05-20 21:48 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Audacity
2016-05-20 21:43 - 2016-06-19 15:45 - 00000000 ____D C:\Windows\system32\appmgmt
2016-05-20 21:33 - 2016-05-20 21:42 - 00001474 _____ C:\Users\no-w10\AppData\Local\RecConfig.xml
2016-05-20 19:28 - 2016-05-21 01:33 - 00000000 ____D C:\Users\noadmin
2016-05-20 18:34 - 2016-05-20 18:36 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Cuttermaran
2016-05-20 18:32 - 2016-05-20 18:32 - 00000956 _____ C:\Users\no-w10\Desktop\ProjectX.jar - Verknüpfung.lnk
2016-05-20 00:46 - 2016-05-20 00:46 - 00000000 ____D C:\Users\no-w10\AppData\LocalLow\Adobe
2016-05-20 00:15 - 2016-05-20 00:15 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-06-19 15:45 - 2016-05-15 19:34 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-19 15:43 - 2011-04-12 09:55 - 00000000 ____D C:\Windows\ShellNew
2016-06-19 15:43 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-06-19 15:43 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-19 15:43 - 2009-07-14 04:34 - 00000387 _____ C:\Windows\win.ini
2016-06-19 15:31 - 2016-05-13 15:58 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Adobe
2016-06-19 15:25 - 2009-07-14 06:45 - 00020304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-19 15:25 - 2009-07-14 06:45 - 00020304 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-19 15:15 - 2011-04-12 09:43 - 00699726 _____ C:\Windows\system32\perfh007.dat
2016-06-19 15:15 - 2011-04-12 09:43 - 00149364 _____ C:\Windows\system32\perfc007.dat
2016-06-19 15:15 - 2009-07-14 07:13 - 01621742 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-19 15:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-19 15:10 - 2016-05-17 15:54 - 00000000 ____D C:\Users\no-w10\AppData\Local\LogMeIn Hamachi
2016-06-19 15:10 - 2016-05-14 02:58 - 00000000 __SHD C:\Users\no-w10\IntelGraphicsProfiles
2016-06-19 15:10 - 2016-05-13 14:50 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-19 15:10 - 2016-05-13 14:44 - 00026192 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2016-06-19 15:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-18 23:25 - 2016-05-14 03:50 - 00003026 _____ C:\Windows\System32\Tasks\MSIAfterburner
2016-06-18 23:25 - 2016-05-13 15:20 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Nettalk
2016-06-18 23:24 - 2016-05-14 11:41 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\TS3Client
2016-06-18 22:35 - 2016-05-14 04:05 - 00007609 _____ C:\Users\no-w10\AppData\Local\Resmon.ResmonCfg
2016-06-18 22:34 - 2016-05-18 00:53 - 00000306 __RSH C:\ProgramData\ntuser.pol
2016-06-18 22:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2016-06-18 22:33 - 2016-05-14 04:00 - 00000000 ____D C:\Users\no-w10\AppData\Local\Warframe
2016-06-18 20:50 - 2016-05-13 16:09 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-18 02:50 - 2016-05-15 15:00 - 00000000 ____D C:\Users\no-w10\.mediathek3
2016-06-18 00:02 - 2016-05-13 14:51 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-17 01:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2016-06-17 00:54 - 2016-05-18 01:54 - 00000180 _____ C:\Users\no-w10\AppData\Roaming\WB.CFG
2016-06-16 22:53 - 2016-05-16 16:55 - 00000000 ____D C:\Users\no-w10\AppData\Local\SmartDVB
2016-06-16 03:07 - 2016-05-14 02:43 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\KeePass
2016-06-16 02:49 - 2016-05-15 19:45 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\vlc
2016-06-15 22:40 - 2010-11-21 05:27 - 00484008 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-06-15 17:05 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-15 14:30 - 2016-05-15 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-06-15 14:30 - 2016-05-15 18:11 - 00000000 ____D C:\Program Files (x86)\Canon
2016-06-15 14:29 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-06-15 10:05 - 2016-05-14 02:58 - 00000000 ____D C:\Users\no-w10\AppData\Local\AMD
2016-06-14 03:35 - 2016-05-13 03:22 - 00000000 ____D C:\Users\no-w10\AppData\Local\VirtualStore
2016-06-14 00:45 - 2016-05-13 14:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-13 23:52 - 2016-05-15 19:22 - 00000000 ____D C:\Users\no-w10\AppData\Local\Adobe
2016-06-13 22:44 - 2016-05-15 04:57 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-06-13 22:44 - 2016-05-15 04:56 - 00000000 ____D C:\ProgramData\Adobe
2016-06-13 04:15 - 2016-05-16 02:25 - 00000000 ____D C:\Users\no-w10\Documents\Euro Truck Simulator 2
2016-06-13 04:08 - 2016-05-16 02:27 - 00000761 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-06-13 04:08 - 2016-05-16 02:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP
2016-06-12 22:20 - 2016-05-14 03:36 - 00000000 ____D C:\Program Files (x86)\RivaTuner Statistics Server
2016-06-10 20:34 - 2016-05-14 03:30 - 00000000 ____D C:\Program Files (x86)\MSI Afterburner
2016-06-09 22:51 - 2016-05-14 02:55 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-06-09 22:51 - 2016-05-14 02:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-06-09 22:50 - 2016-05-14 02:52 - 00000000 ____D C:\Program Files\AMD
2016-06-09 22:45 - 2016-05-14 02:51 - 00000000 ____D C:\AMD
2016-06-09 17:37 - 2016-05-15 04:52 - 00185733 _____ C:\Windows\SysWOW64\bios.ini
2016-06-06 10:42 - 2016-05-14 03:04 - 00000000 ____D C:\Users\no-w10\AppData\Local\Thunderbird
2016-06-05 22:33 - 2016-05-15 05:06 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\Notepad++
2016-06-05 19:34 - 2016-05-13 14:45 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-05 19:34 - 2016-05-13 14:39 - 00000000 ____D C:\Program Files\Intel
2016-06-02 23:14 - 2016-05-11 01:09 - 01512192 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-06-02 23:14 - 2016-05-11 01:09 - 01243344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-06-02 23:14 - 2016-05-11 01:09 - 00166488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-06-02 23:14 - 2016-05-11 01:09 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-06-02 23:14 - 2016-05-11 01:09 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-06-02 23:13 - 2016-05-11 01:09 - 10700864 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-06-02 23:13 - 2016-05-11 01:09 - 09798560 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-06-02 23:13 - 2016-05-11 01:09 - 08865344 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-06-02 23:13 - 2016-05-11 01:09 - 08577456 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-06-02 23:13 - 2016-05-11 01:09 - 06999496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-06-02 22:39 - 2016-05-11 00:36 - 00865280 _____ (AMD) C:\Windows\system32\coinst_16.20.dll
2016-06-02 22:31 - 2016-05-11 00:27 - 00223744 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-06-02 22:26 - 2016-05-11 00:22 - 01304576 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-06-02 22:26 - 2016-05-11 00:22 - 00973824 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-06-01 23:04 - 2016-05-19 18:17 - 00003382 _____ C:\Windows\System32\Tasks\log gaming software
2016-05-30 03:02 - 2016-05-14 03:36 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-05-29 09:33 - 2016-05-16 02:29 - 00000000 ____D C:\Users\no-w10\Documents\ETS2MP
2016-05-29 03:00 - 2016-05-14 03:10 - 00000000 ____D C:\Users\no-w10\AppData\Local\Battle.net
2016-05-29 00:00 - 2016-05-14 03:10 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-05-28 01:48 - 2016-05-15 05:04 - 00001532 _____ C:\Users\no-w10\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2016-05-27 03:10 - 2016-05-15 05:07 - 00001202 _____ C:\Users\Public\Desktop\OBS Studio.lnk
2016-05-25 17:55 - 2016-05-14 02:54 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-05-23 11:15 - 2016-05-15 05:08 - 00000000 ____D C:\Users\no-w10\AppData\Roaming\TeamViewer
2016-05-20 22:32 - 2016-05-14 03:10 - 00001261 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-05-20 15:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-20 02:50 - 2016-05-14 10:59 - 00000000 ____D C:\Users\no-w10\Documents\Diablo III

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-05-14 03:23 - 2016-05-14 03:27 - 0000842 _____ () C:\Users\no-w10\AppData\Roaming\Drives Meter_Settings.ini
2016-05-18 01:54 - 2016-06-17 00:54 - 0000180 _____ () C:\Users\no-w10\AppData\Roaming\WB.CFG
2016-05-16 18:52 - 2016-05-16 18:52 - 0000058 _____ () C:\Users\no-w10\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2016-05-20 21:33 - 2016-05-20 21:42 - 0001474 _____ () C:\Users\no-w10\AppData\Local\RecConfig.xml
2016-05-14 04:05 - 2016-06-18 22:35 - 0007609 _____ () C:\Users\no-w10\AppData\Local\Resmon.ResmonCfg
2016-05-13 14:48 - 2016-05-13 14:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\no-w10\AppData\Local\Temp\JDSetup131079991060935492.exe
C:\Users\no-w10\AppData\Local\Temp\JDSetup131079991795117485.exe
C:\Users\no-w10\AppData\Local\Temp\npp.6.9.2.Installer.exe
C:\Users\no-w10\AppData\Local\Temp\ose00000.exe
C:\Users\no-w10\AppData\Local\Temp\ose00001.exe
C:\Users\no-w10\AppData\Local\Temp\procexp64.exe
C:\Users\no-w10\AppData\Local\Temp\proxy_vole7168657147576605454.dll
C:\Users\no-w10\AppData\Local\Temp\svmflm.exe
C:\Users\no-w10\AppData\Local\Temp\vbgsdf.exe
C:\Users\no-w10\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-07 19:45

==================== Ende von FRST.txt ============================

Addition

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 19-06-2016
durchgeführt von no-w10 (2016-06-19 15:46:46)
Gestartet von C:\Users\no-w10\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-05-13 01:22:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1245940347-1992669390-3634341320-500 - Administrator - Disabled)
Gast (S-1-5-21-1245940347-1992669390-3634341320-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1245940347-1992669390-3634341320-1002 - Limited - Enabled)
no-w10 (S-1-5-21-1245940347-1992669390-3634341320-1000 - Administrator - Enabled) => C:\Users\no-w10

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

@BIOS B15.0630.1 (HKLM-x32\...\InstallShield_{C9D46F25-5F9D-4E25-B24F-BC00E9EDF529}) (Version: 3.00.0000 - GIGABYTE)
@BIOS B15.0630.1 (x32 Version: 3.00.0000 - GIGABYTE) Hidden
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Abloadtool (HKLM-x32\...\Abloadtool) (Version:  - Tim Demkowsky)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
APP Center (HKLM-x32\...\InstallShield_{F3D47276-0E35-42CF-A677-B45118470E21}) (Version: 1.16.0503 - Gigabyte)
APP Center (x32 Version: 1.16.0503 - Gigabyte) Hidden
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.12.160304 - )
Bastion (HKLM\...\Steam App 107100) (Version:  - Supergiant Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Black Rose (HKLM\...\Steam App 453890) (Version:  - Sir Bedlam Productions)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.01 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.9.0.0 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0602.1651.28487 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.5.1 (HKLM-x32\...\Cheat Engine 6.5.1_is1) (Version:  - Cheat Engine)
Citavi 5  (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.3.1.0 - Swiss Academic Software)
CPUID CPU-Z 1.76 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
Cuttermaran 1.70 (HKLM-x32\...\{5F499D33-546A-442B-B0F9-4C58F3B5B6E3}) (Version: 1.7.0 - toarnold)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM\...\Steam App 205100) (Version:  - Arkane Studios)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
Fast Boot (HKLM-x32\...\InstallShield_{FA8FB4F2-F524-48E1-A06C-45602FBF26CD}) (Version: 1.15.0626 - GIGABYTE)
Fast Boot (x32 Version: 1.15.0626 - GIGABYTE) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
HWiNFO64 Version 5.24 (HKLM\...\HWiNFO64_is1) (Version: 5.24 - Martin Malík - REALiX)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Network Connections 18.8.136.0 (HKLM\...\PROSetDX) (Version: 18.8.136.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.4.65 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.26 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
KeePass Password Safe 2.33 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.33 - Dominik Reichl)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version:  - )
Logitech Gaming Software 8.83 (HKLM\...\Logitech Gaming Software) (Version: 8.83.85 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.472 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.472 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaInfo 0.7.85 (HKLM\...\MediaInfo) (Version: 0.7.85 - MediaArea.net)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mountain (HKLM\...\Steam App 313340) (Version:  - David OReilly)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.1.1 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
MPC-HC 1.7.10 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI Afterburner 4.2.0 (HKLM-x32\...\Afterburner) (Version: 4.2.0 - MSI Co., LTD)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Nettalk 6.7 (HKLM-x32\...\Nettalk_is1) (Version:  - Nicolas Kruse)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.2 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 0.14.2 - OBS Project)
Outlast (HKLM\...\Steam App 238320) (Version:  - Red Barrels)
PAYDAY 2 (HKLM\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Quassel (remove only) (HKLM-x32\...\Quassel) (Version: 0.12.3 - KDE)
Red Faction: Guerrilla Steam Edition (HKLM\...\Steam App 20500) (Version:  - Volition)
RivaTuner Statistics Server 6.4.1 (HKLM-x32\...\RTSS) (Version: 6.4.1 - Unwinder)
Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version:  - )
SIV (HKLM-x32\...\InstallShield_{AAA057C3-10DC-4EB9-A3D6-8208C1BB7411}) (Version: 1.15.0701 - GIGABYTE)
SIV (x32 Version: 1.15.0701 - GIGABYTE) Hidden
SmartDVB (HKLM-x32\...\{B3A552DB-CD70-4C0E-BA00-79C3C42116AA}) (Version: 1.3.125 - SmartWARE)
Sophos Anti-Rootkit 1.5.0 (HKLM-x32\...\Sophos-AntiRootkit) (Version: 1.5.0 - Sophos Plc)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Terraria (HKLM\...\Steam App 105600) (Version:  - Re-Logic)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM\...\Steam App 20920) (Version:  - CD PROJEKT RED)
TruckersMP 0.2.0.9.2.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.9.2.2 Alpha - ETS2MP Team)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Uplay (HKLM-x32\...\Uplay) (Version: 20.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.0 (HKLM\...\VulkanRT1.0.11.0-2) (Version: 1.0.11.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.11.0 (Version: 1.0.11.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1-2) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (Version: 1.0.3.1 - LunarG, Inc.) Hidden
Warframe (HKLM\...\Steam App 230410) (Version:  - Digital Extremes)
XMedia Recode Version 3.3.1.9 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.3.1.9 - XMedia Recode)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {281A4CF2-945C-427E-89A6-E0B9012A21A7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-13] (Google Inc.)
Task: {4C4105C7-EC25-4484-8CD1-BE45BFFBB534} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-13] (Google Inc.)
Task: {85768AFB-F722-45CD-8B74-80F4A4AE4819} - System32\Tasks\log gaming software => C:\Program Files\Logitech Gaming Software\LCore.exe [2016-04-29] (Logitech Inc.)
Task: {A2BEE3B8-52EE-4DD2-AAE3-B0980144DCA5} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-06-02] (Advanced Micro Devices, Inc.)
Task: {DAE62F08-2D15-4BC0-B374-D9667A216515} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2015-12-09] ()

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-11-23 18:44 - 2015-11-23 18:44 - 00403456 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2015-04-14 15:27 - 2015-04-14 15:27 - 00016896 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2016-04-29 00:49 - 2016-04-29 00:49 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2016-04-29 00:49 - 2016-04-29 00:49 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-12-09 09:59 - 2015-12-09 09:59 - 00580296 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2016-05-13 03:25 - 2015-08-10 11:45 - 00393320 _____ () C:\Windows\system32\igfxTray.exe
2015-06-25 17:34 - 2015-06-25 17:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 17:37 - 2015-06-25 17:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 17:35 - 2015-06-25 17:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 17:38 - 2015-06-25 17:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 16:53 - 2015-06-25 16:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 16:51 - 2015-06-25 16:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-07-30 09:52 - 2015-07-30 09:52 - 01244456 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ApCent.exe
2015-12-02 11:19 - 2015-12-02 11:19 - 00205000 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2015-11-23 18:43 - 2015-11-23 18:43 - 00031232 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer64.exe
2015-11-23 18:44 - 2015-11-23 18:44 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2015-12-07 18:43 - 2015-12-07 18:43 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00057856 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00225792 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2015-12-07 18:43 - 2015-12-07 18:43 - 00357888 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2015-12-07 18:44 - 2015-12-07 18:44 - 00657408 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00356864 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2014-01-22 13:53 - 2014-01-22 13:53 - 01607680 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\BDR_info.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\AppCenter\ycc.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00353792 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2015-11-23 18:43 - 2015-11-23 18:43 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2015-04-14 14:05 - 2015-04-14 14:05 - 01974272 _____ () C:\Program Files (x86)\Gigabyte\SIV\MFCCPU.dll
2015-02-16 10:47 - 2015-02-16 10:47 - 00105472 _____ () C:\Program Files (x86)\Gigabyte\SIV\ycc.dll
2015-02-25 14:15 - 2015-02-25 14:15 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1245940347-1992669390-3634341320-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\no-w10\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^Users^no-w10^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{DAC78A47-7C5D-45B5-B63D-F19D520017CD}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [UDP Query User{6EED027F-F1F1-4FFE-9338-BAEFDD8290F8}C:\program files (x86)\gigabyte\appcenter\gbupdate.exe] => (Allow) C:\program files (x86)\gigabyte\appcenter\gbupdate.exe
FirewallRules: [{D1F89242-D1E0-4BE4-8990-23C2C1DB19E9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F13BA63B-08B0-425C-A57C-D95AA761473D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC092A1E-5BE0-40FF-A646-F6BCA6A703A0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{649AE0A2-04BC-4A04-BD18-3E43D913759E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{12C92304-A76A-4877-B27B-E6CB2A13ECAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{CBD94E07-FDF4-4036-B91B-B65743EBC885}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bastion\Bastion.exe
FirewallRules: [{9DDF3F52-8571-4710-8597-C68A7FB2A0CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{2C8DF026-D34F-4E16-BC14-D0330AD96D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Outlast\OutlastLauncher.exe
FirewallRules: [TCP Query User{7EDEDB56-BF98-4D9E-B99C-F93033CD8F12}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{08922300-E8F4-43FA-8B9E-A1553F4459D7}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{6688A09A-F5A3-4ED0-B349-EFC1B67402BB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A7D13581-4C46-41EF-B7F5-2A8099B9FC9E}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{53F847C7-F47D-4CFC-94C4-6B605B951871}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [UDP Query User{D6EB3AE0-520B-47D3-B523-980AEDAB9B8D}C:\program files (x86)\gigabyte\@bios\flashbios.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\flashbios.exe
FirewallRules: [{4BD2DBD7-ADA0-41CD-9629-C822801CE306}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{081D58EA-816C-4603-AB24-A180961F5FED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{EFC35F1B-0A09-428A-B2DD-1699A57CAE0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{83BAE2EC-80C0-4FFE-8355-B5D7292CB36A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ABC690D7-7054-48CC-B336-ED4DBDAA4710}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3B3816DD-8CA3-44CB-8CE7-CB0564DBE566}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{0B801416-2900-47BE-91AE-152330548565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B0E49D01-B478-4A2C-8686-7C66427F409F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4A167AA5-9C80-4A1E-AC94-B10F89953CE3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{DDC96243-136D-40A5-976E-DE8892570DB0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{2713AA0D-7F3B-402B-9D2E-98647EEDE4AA}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7C6ECBFD-F27E-4B74-9878-98F81306F9B5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{26652D67-1E43-4C8B-9F3D-F3E43924B42B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{684FA9F9-275D-4680-A211-CFCAC983ABDF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{BF7CBA21-2346-4547-AF75-6F2AC1DE4EAC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3330A4AA-21A7-4B0A-9973-C36A32CBAB46}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{BA1A8019-9755-4B60-9D2D-CB7203F9E1A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{3AD14FA4-327C-4EB7-8548-E5729EF7F3DE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{3FB021BC-5ACC-4493-94C6-4A84A21F6B7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{52450707-2267-4D6B-9DD4-3345D2308268}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{749B258A-BAC0-49F2-AA30-7B24C47CF28E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{9756A391-A26A-483D-9A64-5F6C5DE7466B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{F6869F8E-DD86-4235-A70E-E0CED5F22464}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [{102C1E7E-35D1-4DF6-980C-498CF46C60DA}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
FirewallRules: [TCP Query User{7F011C54-8EE4-4509-BF65-04E1C19DC177}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe
FirewallRules: [UDP Query User{74053162-94FF-4F14-923B-6E23F319EE78}C:\program files (x86)\livestreamer\livestreamer.exe] => (Allow) C:\program files (x86)\livestreamer\livestreamer.exe
FirewallRules: [{0E935299-0988-4A51-B521-A2EB6B6ED08D}] => (Block) C:\program files (x86)\livestreamer\livestreamer.exe
FirewallRules: [{F5A5EE18-B4EE-406C-97C0-1BD89E235F9B}] => (Block) C:\program files (x86)\livestreamer\livestreamer.exe
FirewallRules: [{B7094D10-CE99-4A4D-BD57-BAABB61D504D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Rose\Black Rose.exe
FirewallRules: [{3F90C7EE-FC5A-4012-982E-126E03DDC083}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Black Rose\Black Rose.exe
FirewallRules: [{B48C9FDA-66C3-48A0-ADB8-3D24663E3D6E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Faction Guerrilla\rfg_launcher.exe
FirewallRules: [{190FE46A-248B-4D74-B49E-D4E8A68FB9C6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Faction Guerrilla\rfg_launcher.exe
FirewallRules: [{2095B156-D01E-4EC1-8AB5-591767F17F4C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Faction Guerrilla\rfg.exe
FirewallRules: [{86E3B18D-4AC5-4C0D-9766-FAA5ED9F8759}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Red Faction Guerrilla\rfg.exe
FirewallRules: [{BAF70DD6-CF30-407A-80FB-97D9FA8357A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{B08B174C-34F8-4B26-B823-D447678BC2FD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{9DE56A48-FDC9-49A5-84CE-4260634B3F86}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [{86FADD65-08DD-47F5-AC23-ECE76A800C7A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\the witcher 2\Launcher.exe
FirewallRules: [TCP Query User{4DB431F1-1488-4D46-B84B-DB46D7217A64}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [UDP Query User{2C766116-ACD3-4D70-8500-8BB063514477}C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{08738947-99FB-4209-9D9C-0A786DA1DF42}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{3B3D47BB-F2E6-4781-8E02-B56B8B9F8831}] => (Block) C:\program files (x86)\steam\steamapps\common\the witcher 2\bin\witcher2.exe
FirewallRules: [{70443E54-5231-4F2E-A42E-625DF9D039B9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{D947EFA5-CCF0-4E2C-A34E-B0C60AB5842B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{9FF62411-0793-4481-B264-34C10FC277A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{84D2F60C-944B-4DC1-9E76-DB8FB38A2C4D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3A1EA1D8-1B2B-4D31-861C-D4B8F14B137C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mountain\Mountain.exe
FirewallRules: [{3EEC5B55-2F8A-4E68-BADA-1CECB095AA32}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mountain\Mountain.exe
FirewallRules: [{1F53CF04-0D86-4D6F-8950-1CB3FAAE78FF}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{5290470B-AD4E-4BA4-9BDE-7587B999E87C}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\PrinceOfPersia.EXE
FirewallRules: [{7402A662-4FA8-424F-A6F9-4B6901FCA5B3}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{6EBCF737-5C90-4122-9130-BEF8CA814E0B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Prince of Persia Sands of Time\POP.EXE
FirewallRules: [{B0268BE2-F7EF-425C-9FC6-D1F64B766ACD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4035B982-7B50-4F86-A70F-788A6D96E08F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9C93CD73-BD99-459F-B669-5F0E0824D7C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1F5A5578-57C0-4B29-BCD6-6C155098DD7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{A68F1163-2EFD-4C4D-BD38-7FE2BDF36475}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

29-04-2016 14:50:50 Windows Update
29-04-2016 16:55:00 Configured SIV
29-04-2016 16:57:27 Removed @BIOS B15.0630.1
29-04-2016 17:00:19 Installed APP Center
29-04-2016 17:02:39 Installed @BIOS B15.0630.1
29-04-2016 17:02:58 Installed Fast Boot
29-04-2016 17:03:23 Installed VTuner
29-04-2016 17:04:38 Installed SIV
03-05-2016 03:23:25 Windows Update
06-05-2016 04:50:23 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte
06-05-2016 04:50:52 Gerätetreiber-Paketinstallation: Advanced Micro Devices Audio-, Video- und Gamecontroller
07-05-2016 05:05:05 Windows Update
07-05-2016 10:14:33 Removed APP Center
07-05-2016 10:26:20 IIF_MSI
08-05-2016 03:08:08 Removed Microsoft Silverlight
10-05-2016 20:57:57 Windows Update
14-05-2016 01:12:08 Removed 7-Zip 9.22 (x64 edition)
14-05-2016 01:29:28 Removed Java 7 Update 79 (64-bit)
14-05-2016 01:29:51 Removed Java SE Development Kit 7 Update 79 (64-bit)
29-05-2016 06:43:40 Windows Update
15-06-2016 10:05:07 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
16-06-2016 02:54:58 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
16-06-2016 03:03:29 DirectX wurde installiert
16-06-2016 04:00:57 DirectX wurde installiert
16-06-2016 20:21:36 DirectX wurde installiert
18-06-2016 17:45:04 Windows Update
19-06-2016 15:43:10 Removed Microsoft Office Enterprise 2007
19-06-2016 15:45:45 Microsoft Office File Validation Add-In wird entfernt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (06/19/2016 03:10:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/19/2016 03:10:09 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/19/2016 03:10:08 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (06/18/2016 11:10:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: tzscqt.exe, Version: 0.0.0.0, Zeitstempel: 0x4a3a2b36
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a73e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000331f6
ID des fehlerhaften Prozesses: 0xa94
Startzeit der fehlerhaften Anwendung: 0xtzscqt.exe0
Pfad der fehlerhaften Anwendung: tzscqt.exe1
Pfad des fehlerhaften Moduls: tzscqt.exe2
Berichtskennung: tzscqt.exe3

Error: (06/18/2016 11:10:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vbgsdf.exe, Version: 0.0.0.0, Zeitstempel: 0x4a3a2b36
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a73e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000331f6
ID des fehlerhaften Prozesses: 0x1144
Startzeit der fehlerhaften Anwendung: 0xvbgsdf.exe0
Pfad der fehlerhaften Anwendung: vbgsdf.exe1
Pfad des fehlerhaften Moduls: vbgsdf.exe2
Berichtskennung: vbgsdf.exe3

Error: (06/18/2016 11:09:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svmflm.exe, Version: 0.0.0.0, Zeitstempel: 0x4a3a2b36
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a73e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000331f6
ID des fehlerhaften Prozesses: 0xcec
Startzeit der fehlerhaften Anwendung: 0xsvmflm.exe0
Pfad der fehlerhaften Anwendung: svmflm.exe1
Pfad des fehlerhaften Moduls: svmflm.exe2
Berichtskennung: svmflm.exe3

Error: (06/18/2016 10:34:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/18/2016 10:34:41 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
   bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/18/2016 10:34:40 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
Description: ATI EEU Client event error

Error: (06/18/2016 06:23:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (06/18/2016 10:50:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 10:50:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\F18F.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/18/2016 10:40:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 10:40:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\F18F.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/18/2016 10:40:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 10:40:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\40A7.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/18/2016 10:40:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MEMSWEEP2" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275 = Der Treiber konnte nicht geladen werden.


Error: (06/18/2016 10:40:10 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\system32\40A7.tmp nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/16/2016 04:09:42 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.223.1640.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.9.0218.00

	Quellpfad: 4.9.0218.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (06/15/2016 10:35:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053 = Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.



CodeIntegrity:
===================================
  Date: 2016-06-18 22:50:58.112
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\F18F.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:50:58.086
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\F18F.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:53.794
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\F18F.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:53.770
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\F18F.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:29.467
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\40A7.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:29.443
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\40A7.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:10.609
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\40A7.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-06-18 22:40:10.584
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\40A7.tmp" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4570 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 13%
Installierter physikalischer RAM: 32573.38 MB
Verfügbarer physikalischer RAM: 28295.38 MB
Summe virtueller Speicher: 36667.56 MB
Verfügbarer virtueller Speicher: 31906.34 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:268.17 GB) NTFS
Drive d: (Volume) (Fixed) (Total:1863.01 GB) (Free:913.49 GB) NTFS
Drive e: () (Fixed) (Total:232.79 GB) (Free:48.76 GB) NTFS
Drive f: (datenschleuder) (Fixed) (Total:1863.01 GB) (Free:660.21 GB) NTFS
Drive g: (m4crucialssd) (Fixed) (Total:117.19 GB) (Free:103.29 GB) NTFS
Drive h: (WD BLACK) (Fixed) (Total:1863.01 GB) (Free:377.99 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 67FCBDFE)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3EED3A14)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: CD64322A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 3EED3A17)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2A131CC1)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 119.2 GB) (Disk ID: 17F4B358)

Partition: GPT.

==================== Ende von Addition.txt ============================

saikorust · 19.06.2016, 15:01

TDSSKILLER

Code:

ATTFilter

15:58:57.0163 0x1820  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:59:00.0221 0x1820  ============================================================
15:59:00.0221 0x1820  Current date / time: 2016/06/19 15:59:00.0221
15:59:00.0221 0x1820  SystemInfo:
15:59:00.0221 0x1820  
15:59:00.0221 0x1820  OS Version: 6.1.7601 ServicePack: 1.0
15:59:00.0221 0x1820  Product type: Workstation
15:59:00.0221 0x1820  ComputerName: NO-W10-PC
15:59:00.0221 0x1820  UserName: no-w10
15:59:00.0221 0x1820  Windows directory: C:\Windows
15:59:00.0221 0x1820  System windows directory: C:\Windows
15:59:00.0221 0x1820  Running under WOW64
15:59:00.0221 0x1820  Processor architecture: Intel x64
15:59:00.0221 0x1820  Number of processors: 4
15:59:00.0221 0x1820  Page size: 0x1000
15:59:00.0221 0x1820  Boot type: Normal boot
15:59:00.0221 0x1820  ============================================================
15:59:00.0486 0x1820  KLMD registered as C:\Windows\system32\drivers\18598011.sys
15:59:00.0907 0x1820  System UUID: {52D9F95E-60C7-B044-B12E-3282B78EC1BC}
15:59:01.0235 0x1820  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:01.0235 0x1820  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:01.0235 0x1820  Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:01.0235 0x1820  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:01.0235 0x1820  Drive \Device\Harddisk4\DR4 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:59:01.0251 0x1820  Drive \Device\Harddisk5\DR5 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:59:01.0251 0x1820  ============================================================
15:59:01.0251 0x1820  \Device\Harddisk0\DR0:
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:59:01.0251 0x1820  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:59:01.0251 0x1820  \Device\Harddisk1\DR1:
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:59:01.0251 0x1820  \Device\Harddisk2\DR2:
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:59:01.0251 0x1820  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
15:59:01.0251 0x1820  \Device\Harddisk3\DR3:
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:59:01.0251 0x1820  \Device\Harddisk4\DR4:
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
15:59:01.0251 0x1820  \Device\Harddisk5\DR5:
15:59:01.0251 0x1820  GPT partitions:
15:59:01.0251 0x1820  \Device\Harddisk5\DR5\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {61935E7E-D71D-47B5-9006-58A7A8B04FD2}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xEA60000
15:59:01.0251 0x1820  MBR partitions:
15:59:01.0251 0x1820  ============================================================
15:59:01.0251 0x1820  C: <-> \Device\Harddisk0\DR0\Partition2
15:59:01.0266 0x1820  H: <-> \Device\Harddisk4\DR4\Partition1
15:59:01.0953 0x1820  F: <-> \Device\Harddisk1\DR1\Partition1
15:59:02.0389 0x1820  D: <-> \Device\Harddisk3\DR3\Partition1
15:59:02.0389 0x1820  E: <-> \Device\Harddisk2\DR2\Partition2
15:59:02.0389 0x1820  G: <-> \Device\Harddisk5\DR5\Partition1
15:59:02.0389 0x1820  ============================================================
15:59:02.0389 0x1820  Initialize success
15:59:02.0389 0x1820  ============================================================
15:59:08.0739 0x01cc  ============================================================
15:59:08.0739 0x01cc  Scan started
15:59:08.0739 0x01cc  Mode: Manual; SigCheck; TDLFS; 
15:59:08.0739 0x01cc  ============================================================
15:59:08.0739 0x01cc  KSN ping started
15:59:22.0467 0x01cc  KSN ping finished: true
15:59:22.0825 0x01cc  ================ Scan system memory ========================
15:59:22.0825 0x01cc  System memory - ok
15:59:22.0825 0x01cc  ================ Scan services =============================
15:59:22.0888 0x01cc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:59:22.0919 0x01cc  1394ohci - ok
15:59:22.0935 0x01cc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:59:22.0935 0x01cc  ACPI - ok
15:59:22.0950 0x01cc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:59:22.0950 0x01cc  AcpiPmi - ok
15:59:22.0950 0x01cc  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:59:22.0966 0x01cc  AdobeARMservice - ok
15:59:22.0966 0x01cc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:59:22.0981 0x01cc  adp94xx - ok
15:59:22.0997 0x01cc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:59:22.0997 0x01cc  adpahci - ok
15:59:23.0013 0x01cc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:59:23.0013 0x01cc  adpu320 - ok
15:59:23.0013 0x01cc  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:59:23.0028 0x01cc  AeLookupSvc - ok
15:59:23.0028 0x01cc  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:59:23.0044 0x01cc  AFD - ok
15:59:23.0044 0x01cc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:59:23.0059 0x01cc  agp440 - ok
15:59:23.0059 0x01cc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:59:23.0059 0x01cc  ALG - ok
15:59:23.0075 0x01cc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:59:23.0075 0x01cc  aliide - ok
15:59:23.0075 0x01cc  [ 8F00AFF1E0E57F71A7EB33437ABC1D54, 1A91BADFB0F6CE2D0ED4405C9409F910C94B032170C3E0530FE65CB7134F3C9D ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:59:23.0091 0x01cc  AMD External Events Utility - ok
15:59:23.0091 0x01cc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:59:23.0106 0x01cc  amdide - ok
15:59:23.0106 0x01cc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:59:23.0106 0x01cc  AmdK8 - ok
15:59:23.0106 0x01cc  amdkmdag - ok
15:59:23.0122 0x01cc  [ 15405DCCC66146E61A72DBFDDE67A922, E1D8B8BF39A160353422B294B316895130BCC43058665850436A9FBFD9C7A2F6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:59:23.0137 0x01cc  amdkmdap - ok
15:59:23.0137 0x01cc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:59:23.0137 0x01cc  AmdPPM - ok
15:59:23.0153 0x01cc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:59:23.0153 0x01cc  amdsata - ok
15:59:23.0169 0x01cc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:59:23.0169 0x01cc  amdsbs - ok
15:59:23.0169 0x01cc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:59:23.0184 0x01cc  amdxata - ok
15:59:23.0184 0x01cc  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
15:59:23.0184 0x01cc  AppID - ok
15:59:23.0184 0x01cc  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:59:23.0200 0x01cc  AppIDSvc - ok
15:59:23.0200 0x01cc  [ B62867835B41BCD839D9896AB4D7DF09, 98036D0202DB6171E90485898175833AC44873A85E6453EBE928E433B364CE07 ] Appinfo         C:\Windows\System32\appinfo.dll
15:59:23.0200 0x01cc  Appinfo - ok
15:59:23.0215 0x01cc  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:59:23.0215 0x01cc  AppMgmt - ok
15:59:23.0215 0x01cc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:59:23.0231 0x01cc  arc - ok
15:59:23.0231 0x01cc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:59:23.0231 0x01cc  arcsas - ok
15:59:23.0247 0x01cc  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:59:23.0247 0x01cc  aspnet_state - ok
15:59:23.0262 0x01cc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:59:23.0278 0x01cc  AsyncMac - ok
15:59:23.0278 0x01cc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:59:23.0278 0x01cc  atapi - ok
15:59:23.0293 0x01cc  [ 7405228DEA13CBD65080E548EA01A8C7, 91894BD53982A6D63601B58FF71CC5A44046770FA9B74093D4FCBFEC78B1AB57 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
15:59:23.0293 0x01cc  AtiHDAudioService - ok
15:59:23.0309 0x01cc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:59:23.0325 0x01cc  AudioEndpointBuilder - ok
15:59:23.0340 0x01cc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:59:23.0356 0x01cc  AudioSrv - ok
15:59:23.0356 0x01cc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:59:23.0356 0x01cc  AxInstSV - ok
15:59:23.0371 0x01cc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:59:23.0387 0x01cc  b06bdrv - ok
15:59:23.0387 0x01cc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:59:23.0403 0x01cc  b57nd60a - ok
15:59:23.0403 0x01cc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:59:23.0418 0x01cc  BDESVC - ok
15:59:23.0418 0x01cc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:59:23.0434 0x01cc  Beep - ok
15:59:23.0449 0x01cc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:59:23.0465 0x01cc  BFE - ok
15:59:23.0481 0x01cc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:59:23.0512 0x01cc  BITS - ok
15:59:23.0512 0x01cc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:59:23.0512 0x01cc  blbdrive - ok
15:59:23.0512 0x01cc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:59:23.0527 0x01cc  bowser - ok
15:59:23.0527 0x01cc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:59:23.0543 0x01cc  BrFiltLo - ok
15:59:23.0543 0x01cc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:59:23.0543 0x01cc  BrFiltUp - ok
15:59:23.0543 0x01cc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:59:23.0559 0x01cc  Browser - ok
15:59:23.0559 0x01cc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:59:23.0574 0x01cc  Brserid - ok
15:59:23.0574 0x01cc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:59:23.0590 0x01cc  BrSerWdm - ok
15:59:23.0590 0x01cc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:59:23.0590 0x01cc  BrUsbMdm - ok
15:59:23.0590 0x01cc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:59:23.0605 0x01cc  BrUsbSer - ok
15:59:23.0605 0x01cc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:59:23.0621 0x01cc  BTHMODEM - ok
15:59:23.0621 0x01cc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:59:23.0637 0x01cc  bthserv - ok
15:59:23.0637 0x01cc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:59:23.0652 0x01cc  cdfs - ok
15:59:23.0668 0x01cc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:59:23.0668 0x01cc  cdrom - ok
15:59:23.0683 0x01cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:59:23.0699 0x01cc  CertPropSvc - ok
15:59:23.0699 0x01cc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:59:23.0699 0x01cc  circlass - ok
15:59:23.0715 0x01cc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:59:23.0730 0x01cc  CLFS - ok
15:59:23.0730 0x01cc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:59:23.0730 0x01cc  clr_optimization_v2.0.50727_32 - ok
15:59:23.0730 0x01cc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:59:23.0746 0x01cc  clr_optimization_v2.0.50727_64 - ok
15:59:23.0746 0x01cc  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:59:23.0761 0x01cc  clr_optimization_v4.0.30319_32 - ok
15:59:23.0761 0x01cc  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:59:23.0777 0x01cc  clr_optimization_v4.0.30319_64 - ok
15:59:23.0777 0x01cc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:59:23.0777 0x01cc  CmBatt - ok
15:59:23.0777 0x01cc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:59:23.0793 0x01cc  cmdide - ok
15:59:23.0793 0x01cc  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:59:23.0808 0x01cc  CNG - ok
15:59:23.0824 0x01cc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:59:23.0824 0x01cc  Compbatt - ok
15:59:23.0824 0x01cc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:59:23.0839 0x01cc  CompositeBus - ok
15:59:23.0839 0x01cc  COMSysApp - ok
15:59:23.0855 0x01cc  [ 51FF4559448EF162BAF25DEB122B6DEE, FD78BADB2E601F25D0F5E0F6891A2E0709A2C82C5DA8D69AEF8BC576C6EE11D2 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:59:23.0871 0x01cc  cphs - ok
15:59:23.0871 0x01cc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:59:23.0871 0x01cc  crcdisk - ok
15:59:23.0886 0x01cc  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:59:23.0886 0x01cc  CryptSvc - ok
15:59:23.0917 0x01cc  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:59:23.0933 0x01cc  CSC - ok
15:59:23.0933 0x01cc  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:59:23.0949 0x01cc  CscService - ok
15:59:23.0964 0x01cc  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:59:23.0980 0x01cc  DcomLaunch - ok
15:59:23.0980 0x01cc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:59:24.0011 0x01cc  defragsvc - ok
15:59:24.0011 0x01cc  [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:59:24.0011 0x01cc  DfsC - ok
15:59:24.0027 0x01cc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:59:24.0027 0x01cc  Dhcp - ok
15:59:24.0058 0x01cc  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
15:59:24.0089 0x01cc  DiagTrack - ok
15:59:24.0089 0x01cc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:59:24.0105 0x01cc  discache - ok
15:59:24.0105 0x01cc  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
15:59:24.0120 0x01cc  Disk - ok
15:59:24.0120 0x01cc  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
15:59:24.0120 0x01cc  dmvsc - ok
15:59:24.0120 0x01cc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:59:24.0136 0x01cc  Dnscache - ok
15:59:24.0136 0x01cc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:59:24.0167 0x01cc  dot3svc - ok
15:59:24.0167 0x01cc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:59:24.0183 0x01cc  DPS - ok
15:59:24.0183 0x01cc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:59:24.0198 0x01cc  drmkaud - ok
15:59:24.0214 0x01cc  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:59:24.0229 0x01cc  DXGKrnl - ok
15:59:24.0245 0x01cc  [ CC2DE631888782989B27B775B09F6FCD, 911009FF41EE5B05EDD76950A696FA1631F93107BEE6CEB153EEB6EEFC8A922A ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
15:59:24.0245 0x01cc  e1dexpress - ok
15:59:24.0261 0x01cc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:59:24.0276 0x01cc  EapHost - ok
15:59:24.0323 0x01cc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:59:24.0370 0x01cc  ebdrv - ok
15:59:24.0385 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] EFS             C:\Windows\System32\lsass.exe
15:59:24.0385 0x01cc  EFS - ok
15:59:24.0401 0x01cc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:59:24.0417 0x01cc  ehRecvr - ok
15:59:24.0417 0x01cc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:59:24.0432 0x01cc  ehSched - ok
15:59:24.0432 0x01cc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:59:24.0448 0x01cc  elxstor - ok
15:59:24.0448 0x01cc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:59:24.0463 0x01cc  ErrDev - ok
15:59:24.0463 0x01cc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:59:24.0495 0x01cc  EventSystem - ok
15:59:24.0495 0x01cc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:59:24.0526 0x01cc  exfat - ok
15:59:24.0526 0x01cc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:59:24.0541 0x01cc  fastfat - ok
15:59:24.0557 0x01cc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:59:24.0573 0x01cc  Fax - ok
15:59:24.0573 0x01cc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:59:24.0588 0x01cc  fdc - ok
15:59:24.0588 0x01cc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:59:24.0604 0x01cc  fdPHost - ok
15:59:24.0604 0x01cc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:59:24.0619 0x01cc  FDResPub - ok
15:59:24.0635 0x01cc  fhfyalxx - ok
15:59:24.0635 0x01cc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:59:24.0635 0x01cc  FileInfo - ok
15:59:24.0635 0x01cc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:59:24.0666 0x01cc  Filetrace - ok
15:59:24.0666 0x01cc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:59:24.0666 0x01cc  flpydisk - ok
15:59:24.0682 0x01cc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:59:24.0682 0x01cc  FltMgr - ok
15:59:24.0697 0x01cc  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
15:59:24.0729 0x01cc  FontCache - ok
15:59:24.0729 0x01cc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:59:24.0729 0x01cc  FontCache3.0.0.0 - ok
15:59:24.0744 0x01cc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:59:24.0744 0x01cc  FsDepends - ok
15:59:24.0744 0x01cc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:59:24.0760 0x01cc  Fs_Rec - ok
15:59:24.0760 0x01cc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:59:24.0775 0x01cc  fvevol - ok
15:59:24.0775 0x01cc  [ A4D2E469EC6F1EC307764954594AA2C4, 2598DBB47DB123C6F76C9000A71DFE5233CC7AD0B62B383C4616F351E9FB4F78 ] gadjservice     C:\Program Files (x86)\Gigabyte\AppCenter\AdjustService.exe
15:59:24.0775 0x01cc  gadjservice - detected UnsignedFile.Multi.Generic ( 1 )
15:59:27.0131 0x01cc  Detect skipped due to KSN trusted
15:59:27.0131 0x01cc  gadjservice - ok
15:59:27.0147 0x01cc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:59:27.0147 0x01cc  gagp30kx - ok
15:59:27.0147 0x01cc  [ 9AB9F3B75A2EB87FAFB1B7361BE9DFB3, 31F4CFB4C71DA44120752721103A16512444C13C2AC2D857A7E6F13CB679B427 ] gdrv            C:\Windows\gdrv.sys
15:59:27.0162 0x01cc  gdrv - ok
15:59:27.0178 0x01cc  [ FE91DC3D9A696CCDDB9F51C25ACBC53A, 4E1A7BB3AC57530A1DF8AB7E981087275E89E6AC629F881C98E40F13150ED532 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:59:27.0193 0x01cc  gpsvc - ok
15:59:27.0193 0x01cc  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:59:27.0193 0x01cc  gupdate - ok
15:59:27.0209 0x01cc  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:59:27.0209 0x01cc  gupdatem - ok
15:59:27.0209 0x01cc  [ 9D327D726F1F805CCC33AD7D40B01747, 4EC94313FE623D478D66686E4028D3D100704B1E4E54B45224E3817D01CFF631 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
15:59:27.0225 0x01cc  hamachi - ok
15:59:27.0256 0x01cc  [ 486E549690E2A312D1FC93AEE90EEA64, 319B09C50E632695EE8B2ADAAD2254142E94BB70A2D1EB4C37B0438E6E740FBE ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:59:27.0303 0x01cc  Hamachi2Svc - ok
15:59:27.0303 0x01cc  [ 46059839961E3515519A15C9F8ABA076, B595F2F6B37BAE36298624FBE5A3A75A421F6AD38EA3F68B0AD79CB5D62C3E20 ] hcw17bda        C:\Windows\system32\drivers\hcw17b64.sys
15:59:27.0318 0x01cc  hcw17bda - ok
15:59:27.0318 0x01cc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:59:27.0318 0x01cc  hcw85cir - ok
15:59:27.0334 0x01cc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:59:27.0334 0x01cc  HdAudAddService - ok
15:59:27.0349 0x01cc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:59:27.0349 0x01cc  HDAudBus - ok
15:59:27.0349 0x01cc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:59:27.0365 0x01cc  HidBatt - ok
15:59:27.0365 0x01cc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:59:27.0365 0x01cc  HidBth - ok
15:59:27.0381 0x01cc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:59:27.0381 0x01cc  HidIr - ok
15:59:27.0381 0x01cc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:59:27.0412 0x01cc  hidserv - ok
15:59:27.0412 0x01cc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:59:27.0412 0x01cc  HidUsb - ok
15:59:27.0412 0x01cc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:59:27.0427 0x01cc  hkmsvc - ok
15:59:27.0443 0x01cc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:59:27.0443 0x01cc  HomeGroupListener - ok
15:59:27.0459 0x01cc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:59:27.0459 0x01cc  HomeGroupProvider - ok
15:59:27.0459 0x01cc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:59:27.0474 0x01cc  HpSAMD - ok
15:59:27.0490 0x01cc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:59:27.0505 0x01cc  HTTP - ok
15:59:27.0505 0x01cc  [ EF558A02D734A1403583E95CCEEC2487, F0D052DAF48A62E4A90D067BFCB5EE9563804DE68D0EA82E0E11C8D16AD19D29 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO64A.SYS
15:59:27.0505 0x01cc  HWiNFO32 - ok
15:59:27.0505 0x01cc  [ 43AE1029048BD96ABBAA16CA4DD8AEDB, B43EB8879653AEBC05D2C457EE32634D238D133206FA311B2C7342B36BF0E15F ] HwmRecordService C:\Program Files (x86)\GIGABYTE\SIV\HwmRecordService.exe
15:59:27.0521 0x01cc  HwmRecordService - ok
15:59:27.0521 0x01cc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:59:27.0521 0x01cc  hwpolicy - ok
15:59:27.0521 0x01cc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:59:27.0537 0x01cc  i8042prt - ok
15:59:27.0552 0x01cc  [ 5C9AAE902452EF47D8C9EA5838E666B9, 9171558EE78B555312FD8D99EDF85849A4CDE87142EB91DB9E8AF92A1DDF664E ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
15:59:27.0583 0x01cc  iaStorA - ok
15:59:27.0599 0x01cc  [ 31BD488EE7F6ED608A7418F6A7C6948D, BB7DC889C0F73FDE089FC0E52D321F29CBB5A65A3D9F90B0B3A730EF938B6178 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:59:27.0599 0x01cc  IAStorDataMgrSvc - ok
15:59:27.0599 0x01cc  [ 1B15BCA5D82C0A928936EAC536ECA719, ACAD9D46929E6D0B520B7691FA2A3939134A00DFDB6AB8ABC09C619B75322ED7 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
15:59:27.0615 0x01cc  iaStorF - ok
15:59:27.0615 0x01cc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:59:27.0630 0x01cc  iaStorV - ok
15:59:27.0646 0x01cc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:59:27.0661 0x01cc  idsvc - ok
15:59:27.0661 0x01cc  IEEtwCollectorService - ok
15:59:27.0739 0x01cc  [ ED73CA2253B37B839845C7CBA53C33A1, 7C58D5C4151BD4ACE635DFA406C21605C50875D4F6AFE13EB2EDED7F52D15C23 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:59:27.0817 0x01cc  igfx - ok
15:59:27.0817 0x01cc  [ 8FE0C3616E69EDBA27B572873635C4F6, 33D6B1B046EC48E19F4EFB25C96F688A17410B40D189F3834C05A00BE2F51AB5 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
15:59:27.0833 0x01cc  igfxCUIService1.0.0.0 - ok
15:59:27.0833 0x01cc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:59:27.0849 0x01cc  iirsp - ok
15:59:27.0864 0x01cc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:59:27.0880 0x01cc  IKEEXT - ok
15:59:27.0880 0x01cc  IntcAzAudAddService - ok
15:59:27.0895 0x01cc  [ 9D01DDF5EA8494BBCBB73FF385E35D35, C575DC65275BEA8558A855C7DC6CFA84BD7F48D24BB0C522084E89DDC5CB02A7 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:59:27.0895 0x01cc  IntcDAud - ok
15:59:27.0911 0x01cc  [ 5E7F2CE9E9BF48521298D1C6729145C5, 0FD2350D5A26EDEA4F83F2E3D22FD0047AEA4623096C6FF7A70F8248B185FBC8 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
15:59:27.0942 0x01cc  Intel(R) Capability Licensing Service TCP IP Interface - ok
15:59:27.0942 0x01cc  [ FA6094444A7DC90449800F964E0A8668, A6DCF395649FA185596D55713888922BA2A61D96AD0D5E7860FD47EE30B7E4CF ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:59:27.0958 0x01cc  Intel(R) PROSet Monitoring Service - ok
15:59:27.0958 0x01cc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:59:27.0958 0x01cc  intelide - ok
15:59:27.0958 0x01cc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:59:27.0973 0x01cc  intelppm - ok
15:59:27.0973 0x01cc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:59:27.0989 0x01cc  IPBusEnum - ok
15:59:27.0989 0x01cc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:28.0005 0x01cc  IpFilterDriver - ok
15:59:28.0020 0x01cc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:59:28.0036 0x01cc  iphlpsvc - ok
15:59:28.0036 0x01cc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:59:28.0051 0x01cc  IPMIDRV - ok
15:59:28.0051 0x01cc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:59:28.0067 0x01cc  IPNAT - ok
15:59:28.0067 0x01cc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:59:28.0083 0x01cc  IRENUM - ok
15:59:28.0083 0x01cc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:59:28.0083 0x01cc  isapnp - ok
15:59:28.0098 0x01cc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:59:28.0098 0x01cc  iScsiPrt - ok
15:59:28.0114 0x01cc  [ 71BA329D2919AE51429ED2AF035B1433, BE4C4BE5C20B452D99ECC31D7553C15830E714F35DF00AE243B04AED4E9A92E8 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
15:59:28.0114 0x01cc  iusb3hcs - ok
15:59:28.0114 0x01cc  [ A9C28AFEDE53CF4B55FE98E66C3C7207, 3F612476DE94D4E6A05591FC9F9C158E96F3B861220676EB835EF05C9F80231D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
15:59:28.0129 0x01cc  iusb3hub - ok
15:59:28.0145 0x01cc  [ F144C98AC92F30C6897088855B19422F, 5D1516A83604EC82576A6358FFFDE3C941BE7F84744E4E16726116D7AE4BA0C0 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:59:28.0161 0x01cc  iusb3xhc - ok
15:59:28.0176 0x01cc  [ 1C3EF75B521DB60E951711440648B0D5, 95F594ADB6CCDE5CB7E0601B90A611D3A39485419D078CEB6DB84FFC0AC7E6A7 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
15:59:28.0176 0x01cc  jhi_service - ok
15:59:28.0176 0x01cc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:59:28.0192 0x01cc  kbdclass - ok
15:59:28.0192 0x01cc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:59:28.0192 0x01cc  kbdhid - ok
15:59:28.0207 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] KeyIso          C:\Windows\system32\lsass.exe
15:59:28.0207 0x01cc  KeyIso - ok
15:59:28.0207 0x01cc  [ 033D1EA0A55D92B4C0F7EDB7DF8F0E5A, 31E48564C7F3AD6BB71C0E366D25D4FD55A60B48CD2B28FCB8A7A834ED7568E6 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:59:28.0223 0x01cc  KSecDD - ok
15:59:28.0223 0x01cc  [ 1FA53C950F443B25A79C731EF8362E7D, 00A5D62BF1F953848B3019A3771CB240915E34D536A43EA5B35F312D6F67EDC4 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:59:28.0223 0x01cc  KSecPkg - ok
15:59:28.0223 0x01cc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:59:28.0254 0x01cc  ksthunk - ok
15:59:28.0254 0x01cc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:59:28.0285 0x01cc  KtmRm - ok
15:59:28.0285 0x01cc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:59:28.0301 0x01cc  LanmanServer - ok
15:59:28.0317 0x01cc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:59:28.0332 0x01cc  LanmanWorkstation - ok
15:59:28.0332 0x01cc  [ 5E7641AECAC4CFC7B4B442B461A25C83, 1F6AF4ED863C17A1A326A4CB0D289EAABFAD748A6B0A7CE40CF842694572FDB7 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
15:59:28.0348 0x01cc  LGBusEnum - ok
15:59:28.0348 0x01cc  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
15:59:28.0348 0x01cc  LGCoreTemp - ok
15:59:28.0348 0x01cc  [ 7D24DEBE7BC0C01A30A9A65806B61453, 342E758AD6F88E3FA83B69F26836A9F54D1A3BE344D1D2F9C6394E085E5FCA92 ] LGJoyXlCore     C:\Windows\system32\drivers\LGJoyXlCore.sys
15:59:28.0363 0x01cc  LGJoyXlCore - ok
15:59:28.0363 0x01cc  [ DBEAB45BA2B47C057F3BAE5AD0654173, 9660B803F4AD4BD3427F1A24D09B2712E4DC0E25A18942984AF01750D77C118C ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
15:59:28.0379 0x01cc  LGVirHid - ok
15:59:28.0379 0x01cc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:59:28.0395 0x01cc  lltdio - ok
15:59:28.0395 0x01cc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:59:28.0426 0x01cc  lltdsvc - ok
15:59:28.0426 0x01cc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:59:28.0441 0x01cc  lmhosts - ok
15:59:28.0457 0x01cc  [ 58FA4A9CC1F6406B6B9FA57415989123, 8DA00EA4EECC6FA9A35CBA36551D22BE1B36EE41BB000085D83ADF433781A09E ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:59:28.0457 0x01cc  LMIGuardianSvc - ok
15:59:28.0473 0x01cc  [ 631ABC3E8FF50F9B70B9A52568B1F5F6, 9F3286C95A2D2BFA0D7082F648E2FBBA339C06188F950AE1FE3A797B644AD813 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:59:28.0488 0x01cc  LMS - ok
15:59:28.0488 0x01cc  [ B78534B305C93D18CAED123E1F9346E5, 19FE198E0D7C81AAF1A00700AB85F19E37E4198EDB8A59C55D1766E03D9E060F ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
15:59:28.0488 0x01cc  LogiRegistryService - ok
15:59:28.0504 0x01cc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:59:28.0504 0x01cc  LSI_FC - ok
15:59:28.0504 0x01cc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:59:28.0519 0x01cc  LSI_SAS - ok
15:59:28.0519 0x01cc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:59:28.0519 0x01cc  LSI_SAS2 - ok
15:59:28.0535 0x01cc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:59:28.0535 0x01cc  LSI_SCSI - ok
15:59:28.0535 0x01cc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:59:28.0566 0x01cc  luafv - ok
15:59:28.0566 0x01cc  [ 0C85B2B6FB74B36A251792D45E0EF860, 2E04204560C1159ABC25F273B0B7F81FDF9BA5E88C17929FD924C4E945DE5020 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
15:59:28.0582 0x01cc  LVRS64 - ok
15:59:28.0644 0x01cc  [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
15:59:28.0722 0x01cc  LVUVC64 - ok
15:59:28.0738 0x01cc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:59:28.0738 0x01cc  Mcx2Svc - ok
15:59:28.0738 0x01cc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:59:28.0753 0x01cc  megasas - ok
15:59:28.0753 0x01cc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:59:28.0769 0x01cc  MegaSR - ok
15:59:28.0769 0x01cc  [ 1BC9159CF58BABD89419072EA180A8F6, 6C9AB779C2355A341800A8F93AAAF9B19FAFF444CD6A7BD27C63D53F379A75EF ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:59:28.0769 0x01cc  MEIx64 - ok
15:59:28.0785 0x01cc  [ 1595FECFFBE9EA2417E06D5FD0BFA4C4, 96006C7F19FDC1700EEBA870F96433D3260DEA06AD7215EAD8F1D74C953E1B50 ] MEMSWEEP2       C:\Windows\system32\F18F.tmp
15:59:28.0785 0x01cc  MEMSWEEP2 - detected UnsignedFile.Multi.Generic ( 1 )
15:59:31.0140 0x01cc  Detect skipped due to KSN trusted
15:59:31.0140 0x01cc  MEMSWEEP2 - ok
15:59:31.0156 0x01cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:59:31.0171 0x01cc  MMCSS - ok
15:59:31.0171 0x01cc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:59:31.0203 0x01cc  Modem - ok
15:59:31.0203 0x01cc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:59:31.0203 0x01cc  monitor - ok
15:59:31.0203 0x01cc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:59:31.0218 0x01cc  mouclass - ok
15:59:31.0218 0x01cc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:59:31.0218 0x01cc  mouhid - ok
15:59:31.0218 0x01cc  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:59:31.0234 0x01cc  mountmgr - ok
15:59:31.0234 0x01cc  [ C410158EAB38FC64D026830B2E509ED0, 7BBF004CC78CDD763413268A1A2E151B6F1E8010827097B5C454CE8FFBD21974 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:59:31.0249 0x01cc  MozillaMaintenance - ok
15:59:31.0249 0x01cc  [ DA0FAEE45D6F03D7647851A20977A7D0, AFB1EA053CD4BCA903868896D020205D4C207C85314E6C56C4663922A3F9BD6A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:59:31.0265 0x01cc  MpFilter - ok
15:59:31.0265 0x01cc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:59:31.0281 0x01cc  mpio - ok
15:59:31.0281 0x01cc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:59:31.0296 0x01cc  mpsdrv - ok
15:59:31.0312 0x01cc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:59:31.0343 0x01cc  MpsSvc - ok
15:59:31.0343 0x01cc  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:59:31.0343 0x01cc  MRxDAV - ok
15:59:31.0359 0x01cc  [ A3A4D13D413D4F39BE3AD4C59ECACDED, 0C4AF0A66E68233D76B958A9D99C09BFCADFB0347855FB6EA5CE3F4356542B83 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:31.0359 0x01cc  mrxsmb - ok
15:59:31.0374 0x01cc  [ 62C90A2C681A85B33E365D259B74EAC5, 510E5FD19AF98D9B56666F9AE3DAC89399677D51C48A3602A4C125EE12203621 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:31.0374 0x01cc  mrxsmb10 - ok
15:59:31.0374 0x01cc  [ 3751A25C842BDE4B7AF895F70A3EE3A2, 8C3DA4C03B88A0D860DBA907B115C2AE99D7F168DA7BB36A8D3C9F1D19678A8C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:31.0390 0x01cc  mrxsmb20 - ok
15:59:31.0390 0x01cc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:59:31.0390 0x01cc  msahci - ok
15:59:31.0405 0x01cc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:59:31.0405 0x01cc  msdsm - ok
15:59:31.0405 0x01cc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:59:31.0421 0x01cc  MSDTC - ok
15:59:31.0421 0x01cc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:59:31.0437 0x01cc  Msfs - ok
15:59:31.0437 0x01cc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:59:31.0468 0x01cc  mshidkmdf - ok
15:59:31.0468 0x01cc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:59:31.0468 0x01cc  msisadrv - ok
15:59:31.0468 0x01cc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:59:31.0499 0x01cc  MSiSCSI - ok
15:59:31.0499 0x01cc  msiserver - ok
15:59:31.0499 0x01cc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:59:31.0515 0x01cc  MSKSSRV - ok
15:59:31.0515 0x01cc  [ C66FE30BBA4604A06EE9E4180ABE4BD9, 43E60C15C05FF19082142BB9D1F29D1B3269AD4A7FB32AF109AE63FE5A6AA0A9 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:59:31.0530 0x01cc  MsMpSvc - ok
15:59:31.0530 0x01cc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:31.0546 0x01cc  MSPCLOCK - ok
15:59:31.0546 0x01cc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:59:31.0561 0x01cc  MSPQM - ok
15:59:31.0577 0x01cc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:59:31.0577 0x01cc  MsRPC - ok
15:59:31.0593 0x01cc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:59:31.0593 0x01cc  mssmbios - ok
15:59:31.0593 0x01cc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:59:31.0608 0x01cc  MSTEE - ok
15:59:31.0608 0x01cc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:59:31.0624 0x01cc  MTConfig - ok
15:59:31.0624 0x01cc  [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup             C:\Windows\system32\Drivers\mup.sys
15:59:31.0624 0x01cc  Mup - ok
15:59:31.0639 0x01cc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:59:31.0671 0x01cc  napagent - ok
15:59:31.0671 0x01cc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:59:31.0686 0x01cc  NativeWifiP - ok
15:59:31.0702 0x01cc  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:59:31.0717 0x01cc  NDIS - ok
15:59:31.0717 0x01cc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:31.0749 0x01cc  NdisCap - ok
15:59:31.0749 0x01cc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:31.0764 0x01cc  NdisTapi - ok
15:59:31.0764 0x01cc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:31.0780 0x01cc  Ndisuio - ok
15:59:31.0780 0x01cc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:31.0811 0x01cc  NdisWan - ok
15:59:31.0811 0x01cc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:59:31.0827 0x01cc  NDProxy - ok
15:59:31.0827 0x01cc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:59:31.0842 0x01cc  NetBIOS - ok
15:59:31.0858 0x01cc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:59:31.0873 0x01cc  NetBT - ok
15:59:31.0873 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] Netlogon        C:\Windows\system32\lsass.exe
15:59:31.0889 0x01cc  Netlogon - ok
15:59:31.0889 0x01cc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:59:31.0920 0x01cc  Netman - ok
15:59:31.0920 0x01cc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:31.0936 0x01cc  NetMsmqActivator - ok
15:59:31.0936 0x01cc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:31.0951 0x01cc  NetPipeActivator - ok
15:59:31.0951 0x01cc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:59:31.0983 0x01cc  netprofm - ok
15:59:31.0983 0x01cc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:31.0998 0x01cc  NetTcpActivator - ok
15:59:31.0998 0x01cc  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:31.0998 0x01cc  NetTcpPortSharing - ok
15:59:31.0998 0x01cc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:59:32.0014 0x01cc  nfrd960 - ok
15:59:32.0014 0x01cc  [ 6D79C8CB73187FBEAAD1F680FADF98D3, 0075B2CCC4FFF929023F95686D7BBE32C0FCE05DEB2159C0784AF85D64E1B66E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:59:32.0029 0x01cc  NisDrv - ok
15:59:32.0029 0x01cc  [ B8F4F580638373FBF72F2B572446D294, A5CD9ABCA5CDC335D2C6FDCB81327B600150E45BB867B88859A00AF974B42F85 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
15:59:32.0045 0x01cc  NisSrv - ok
15:59:32.0045 0x01cc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:59:32.0061 0x01cc  NlaSvc - ok
15:59:32.0061 0x01cc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:59:32.0076 0x01cc  Npfs - ok
15:59:32.0076 0x01cc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:59:32.0107 0x01cc  nsi - ok
15:59:32.0107 0x01cc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:59:32.0123 0x01cc  nsiproxy - ok
15:59:32.0154 0x01cc  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:59:32.0170 0x01cc  Ntfs - ok
15:59:32.0185 0x01cc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:59:32.0201 0x01cc  Null - ok
15:59:32.0201 0x01cc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:59:32.0217 0x01cc  nvraid - ok
15:59:32.0217 0x01cc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:59:32.0217 0x01cc  nvstor - ok
15:59:32.0232 0x01cc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:59:32.0232 0x01cc  nv_agp - ok
15:59:32.0232 0x01cc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:59:32.0248 0x01cc  ohci1394 - ok
15:59:32.0248 0x01cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:59:32.0263 0x01cc  p2pimsvc - ok
15:59:32.0263 0x01cc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:59:32.0279 0x01cc  p2psvc - ok
15:59:32.0279 0x01cc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:59:32.0295 0x01cc  Parport - ok
15:59:32.0295 0x01cc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:59:32.0295 0x01cc  partmgr - ok
15:59:32.0310 0x01cc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:59:32.0310 0x01cc  PcaSvc - ok
15:59:32.0310 0x01cc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:59:32.0326 0x01cc  pci - ok
15:59:32.0326 0x01cc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:59:32.0326 0x01cc  pciide - ok
15:59:32.0341 0x01cc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:59:32.0341 0x01cc  pcmcia - ok
15:59:32.0341 0x01cc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:59:32.0357 0x01cc  pcw - ok
15:59:32.0357 0x01cc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:59:32.0373 0x01cc  PEAUTH - ok
15:59:32.0404 0x01cc  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:59:32.0419 0x01cc  PeerDistSvc - ok
15:59:32.0451 0x01cc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:59:32.0451 0x01cc  PerfHost - ok
15:59:32.0482 0x01cc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:59:32.0513 0x01cc  pla - ok
15:59:32.0529 0x01cc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:59:32.0544 0x01cc  PlugPlay - ok
15:59:32.0544 0x01cc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:59:32.0544 0x01cc  PNRPAutoReg - ok
15:59:32.0560 0x01cc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:59:32.0560 0x01cc  PNRPsvc - ok
15:59:32.0575 0x01cc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:59:32.0591 0x01cc  PolicyAgent - ok
15:59:32.0607 0x01cc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:59:32.0622 0x01cc  Power - ok
15:59:32.0622 0x01cc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:59:32.0638 0x01cc  PptpMiniport - ok
15:59:32.0653 0x01cc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:59:32.0653 0x01cc  Processor - ok
15:59:32.0653 0x01cc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:59:32.0669 0x01cc  ProfSvc - ok
15:59:32.0669 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:59:32.0685 0x01cc  ProtectedStorage - ok
15:59:32.0685 0x01cc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:59:32.0700 0x01cc  Psched - ok
15:59:32.0731 0x01cc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:59:32.0747 0x01cc  ql2300 - ok
15:59:32.0763 0x01cc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:59:32.0763 0x01cc  ql40xx - ok
15:59:32.0763 0x01cc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:59:32.0778 0x01cc  QWAVE - ok
15:59:32.0778 0x01cc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:59:32.0794 0x01cc  QWAVEdrv - ok
15:59:32.0794 0x01cc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:59:32.0809 0x01cc  RasAcd - ok
15:59:32.0809 0x01cc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:59:32.0841 0x01cc  RasAgileVpn - ok
15:59:32.0841 0x01cc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:59:32.0856 0x01cc  RasAuto - ok
15:59:32.0856 0x01cc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:59:32.0887 0x01cc  Rasl2tp - ok
15:59:32.0887 0x01cc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:59:32.0919 0x01cc  RasMan - ok
15:59:32.0919 0x01cc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:59:32.0934 0x01cc  RasPppoe - ok
15:59:32.0934 0x01cc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:59:32.0965 0x01cc  RasSstp - ok
15:59:32.0965 0x01cc  [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:59:32.0981 0x01cc  rdbss - ok
15:59:32.0981 0x01cc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:59:32.0981 0x01cc  rdpbus - ok
15:59:32.0981 0x01cc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:59:33.0012 0x01cc  RDPCDD - ok
15:59:33.0012 0x01cc  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:59:33.0012 0x01cc  RDPDR - ok
15:59:33.0028 0x01cc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:59:33.0043 0x01cc  RDPENCDD - ok
15:59:33.0043 0x01cc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:59:33.0059 0x01cc  RDPREFMP - ok
15:59:33.0059 0x01cc  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:59:33.0075 0x01cc  RdpVideoMiniport - ok
15:59:33.0075 0x01cc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:59:33.0090 0x01cc  RDPWD - ok
15:59:33.0090 0x01cc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:59:33.0090 0x01cc  rdyboost - ok
15:59:33.0106 0x01cc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:59:33.0121 0x01cc  RemoteAccess - ok
15:59:33.0121 0x01cc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:59:33.0137 0x01cc  RemoteRegistry - ok
15:59:33.0153 0x01cc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:59:33.0168 0x01cc  RpcEptMapper - ok
15:59:33.0168 0x01cc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:59:33.0184 0x01cc  RpcLocator - ok
15:59:33.0184 0x01cc  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
15:59:33.0199 0x01cc  RpcSs - ok
15:59:33.0199 0x01cc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:59:33.0215 0x01cc  rspndr - ok
15:59:33.0231 0x01cc  [ 24061B0958874C1CB2A5A8E9D25482D4, F84F8173242B95F9F3C4FEA99B5555B33F9CE37CA8188B643871D261CB081496 ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
15:59:33.0231 0x01cc  RTCore64 - ok
15:59:33.0231 0x01cc  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:59:33.0231 0x01cc  s3cap - ok
15:59:33.0246 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] SamSs           C:\Windows\system32\lsass.exe
15:59:33.0246 0x01cc  SamSs - ok
15:59:33.0246 0x01cc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:59:33.0262 0x01cc  sbp2port - ok
15:59:33.0262 0x01cc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:59:33.0277 0x01cc  SCardSvr - ok
15:59:33.0277 0x01cc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:59:33.0309 0x01cc  scfilter - ok
15:59:33.0324 0x01cc  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:59:33.0340 0x01cc  Schedule - ok
15:59:33.0340 0x01cc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:59:33.0371 0x01cc  SCPolicySvc - ok
15:59:33.0371 0x01cc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:59:33.0387 0x01cc  SDRSVC - ok
15:59:33.0387 0x01cc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:59:33.0387 0x01cc  secdrv - ok
15:59:33.0387 0x01cc  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
15:59:33.0402 0x01cc  seclogon - ok
15:59:33.0402 0x01cc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:59:33.0418 0x01cc  SENS - ok
15:59:33.0418 0x01cc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:59:33.0433 0x01cc  SensrSvc - ok
15:59:33.0433 0x01cc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:59:33.0433 0x01cc  Serenum - ok
15:59:33.0433 0x01cc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:59:33.0449 0x01cc  Serial - ok
15:59:33.0449 0x01cc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:59:33.0449 0x01cc  sermouse - ok
15:59:33.0465 0x01cc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:59:33.0480 0x01cc  SessionEnv - ok
15:59:33.0480 0x01cc  [ 18A4EB256E35A6DD233C4D005835879A, 1993C6DC6578862B6DD2F1F85EF1101D40993600FB7E02FD6C289806C0CD71B2 ] SetupARService  C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe
15:59:33.0480 0x01cc  SetupARService - detected UnsignedFile.Multi.Generic ( 1 )
15:59:35.0851 0x01cc  Detect skipped due to KSN trusted
15:59:35.0851 0x01cc  SetupARService - ok
15:59:35.0867 0x01cc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:59:35.0867 0x01cc  sffdisk - ok
15:59:35.0867 0x01cc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:59:35.0883 0x01cc  sffp_mmc - ok
15:59:35.0883 0x01cc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:59:35.0898 0x01cc  sffp_sd - ok
15:59:35.0898 0x01cc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:59:35.0898 0x01cc  sfloppy - ok
15:59:35.0914 0x01cc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:59:35.0929 0x01cc  SharedAccess - ok
15:59:35.0945 0x01cc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:59:35.0961 0x01cc  ShellHWDetection - ok
15:59:35.0961 0x01cc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:59:35.0976 0x01cc  SiSRaid2 - ok
15:59:35.0976 0x01cc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:59:35.0976 0x01cc  SiSRaid4 - ok
15:59:35.0976 0x01cc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:59:36.0007 0x01cc  Smb - ok
15:59:36.0007 0x01cc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:59:36.0007 0x01cc  SNMPTRAP - ok
15:59:36.0007 0x01cc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:59:36.0023 0x01cc  spldr - ok
15:59:36.0023 0x01cc  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
15:59:36.0054 0x01cc  Spooler - ok
15:59:36.0101 0x01cc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:59:36.0179 0x01cc  sppsvc - ok
15:59:36.0179 0x01cc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:59:36.0210 0x01cc  sppuinotify - ok
15:59:36.0210 0x01cc  [ 74D30C2EF66C2EB19F17ED5423AA8038, F79AB2B2B60620565FB2169255F95F4B37F6113F0AF776D1BAD02681EBE0DB54 ] sptd            C:\Windows\System32\Drivers\sptd.sys
15:59:36.0226 0x01cc  sptd - ok
15:59:36.0226 0x01cc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:59:36.0241 0x01cc  srv - ok
15:59:36.0257 0x01cc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:59:36.0257 0x01cc  srv2 - ok
15:59:36.0273 0x01cc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:59:36.0273 0x01cc  srvnet - ok
15:59:36.0273 0x01cc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:59:36.0304 0x01cc  SSDPSRV - ok
15:59:36.0304 0x01cc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:59:36.0319 0x01cc  SstpSvc - ok
15:59:36.0351 0x01cc  [ A4FC868F6FC03876E29E4D87731B8E31, C774DA022879A69CBC2178CA1BB779438CD69D1582B4ECF22C90E4F0C4E9D9E4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:59:36.0366 0x01cc  Steam Client Service - ok
15:59:36.0382 0x01cc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:59:36.0382 0x01cc  stexstor - ok
15:59:36.0397 0x01cc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:59:36.0413 0x01cc  stisvc - ok
15:59:36.0413 0x01cc  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:59:36.0413 0x01cc  storflt - ok
15:59:36.0413 0x01cc  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:59:36.0429 0x01cc  StorSvc - ok
15:59:36.0429 0x01cc  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:59:36.0429 0x01cc  storvsc - ok
15:59:36.0429 0x01cc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:59:36.0444 0x01cc  swenum - ok
15:59:36.0444 0x01cc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:59:36.0475 0x01cc  swprv - ok
15:59:36.0507 0x01cc  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:59:36.0538 0x01cc  SysMain - ok
15:59:36.0538 0x01cc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:59:36.0553 0x01cc  TabletInputService - ok
15:59:36.0553 0x01cc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:59:36.0585 0x01cc  TapiSrv - ok
15:59:36.0616 0x01cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:59:36.0647 0x01cc  Tcpip - ok
15:59:36.0678 0x01cc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:59:36.0709 0x01cc  TCPIP6 - ok
15:59:36.0709 0x01cc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:59:36.0725 0x01cc  tcpipreg - ok
15:59:36.0725 0x01cc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:59:36.0725 0x01cc  TDPIPE - ok
15:59:36.0741 0x01cc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:59:36.0741 0x01cc  TDTCP - ok
15:59:36.0741 0x01cc  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:59:36.0756 0x01cc  tdx - ok
15:59:36.0850 0x01cc  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:59:36.0959 0x01cc  TeamViewer - ok
15:59:36.0975 0x01cc  [ F5520DBB47C60EE83024B38720ABDA24, B8E555D92440BF93E3B55A66E27CEF936477EF7528F870D3B78BD3B294A05CC0 ] teamviewervpn   C:\Windows\system32\DRIVERS\teamviewervpn.sys
15:59:36.0975 0x01cc  teamviewervpn - ok
15:59:36.0975 0x01cc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:59:36.0990 0x01cc  TermDD - ok
15:59:37.0006 0x01cc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:59:37.0021 0x01cc  TermService - ok
15:59:37.0021 0x01cc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:59:37.0021 0x01cc  Themes - ok
15:59:37.0037 0x01cc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:59:37.0053 0x01cc  THREADORDER - ok
15:59:37.0053 0x01cc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:59:37.0068 0x01cc  TrkWks - ok
15:59:37.0084 0x01cc  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
15:59:37.0084 0x01cc  truecrypt - ok
15:59:37.0100 0x01cc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:59:37.0115 0x01cc  TrustedInstaller - ok
15:59:37.0115 0x01cc  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:59:37.0115 0x01cc  tssecsrv - ok
15:59:37.0131 0x01cc  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:59:37.0131 0x01cc  TsUsbFlt - ok
15:59:37.0131 0x01cc  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:59:37.0146 0x01cc  TsUsbGD - ok
15:59:37.0146 0x01cc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:59:37.0162 0x01cc  tunnel - ok
15:59:37.0162 0x01cc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:59:37.0178 0x01cc  uagp35 - ok
15:59:37.0178 0x01cc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:59:37.0209 0x01cc  udfs - ok
15:59:37.0209 0x01cc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:59:37.0209 0x01cc  UI0Detect - ok
15:59:37.0224 0x01cc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:59:37.0224 0x01cc  uliagpkx - ok
15:59:37.0224 0x01cc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:59:37.0240 0x01cc  umbus - ok
15:59:37.0240 0x01cc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:59:37.0240 0x01cc  UmPass - ok
15:59:37.0256 0x01cc  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:59:37.0256 0x01cc  UmRdpService - ok
15:59:37.0271 0x01cc  [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
15:59:37.0271 0x01cc  UMVPFSrv - ok
15:59:37.0287 0x01cc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:59:37.0302 0x01cc  upnphost - ok
15:59:37.0318 0x01cc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:59:37.0318 0x01cc  usbaudio - ok
15:59:37.0318 0x01cc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:59:37.0334 0x01cc  usbccgp - ok
15:59:37.0334 0x01cc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:59:37.0334 0x01cc  usbcir - ok
15:59:37.0349 0x01cc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:59:37.0349 0x01cc  usbehci - ok
15:59:37.0349 0x01cc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:59:37.0365 0x01cc  usbhub - ok
15:59:37.0365 0x01cc  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:59:37.0380 0x01cc  usbohci - ok
15:59:37.0380 0x01cc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:59:37.0380 0x01cc  usbprint - ok
15:59:37.0396 0x01cc  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:59:37.0396 0x01cc  usbscan - ok
15:59:37.0396 0x01cc  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:59:37.0412 0x01cc  USBSTOR - ok
15:59:37.0412 0x01cc  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:59:37.0412 0x01cc  usbuhci - ok
15:59:37.0412 0x01cc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
15:59:37.0427 0x01cc  usbvideo - ok
15:59:37.0427 0x01cc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:59:37.0443 0x01cc  UxSms - ok
15:59:37.0443 0x01cc  [ B759D828F2A0DA53CB3780388B5B289E, DF2228C5E8ECC1762892ED00AB60EEF68023BE02E04C2181CCD68AEA1884A052 ] VaultSvc        C:\Windows\system32\lsass.exe
15:59:37.0458 0x01cc  VaultSvc - ok
15:59:37.0458 0x01cc  VBAudioVACMME - ok
15:59:37.0458 0x01cc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:59:37.0458 0x01cc  vdrvroot - ok
15:59:37.0474 0x01cc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:59:37.0505 0x01cc  vds - ok
15:59:37.0505 0x01cc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:59:37.0505 0x01cc  vga - ok
15:59:37.0521 0x01cc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:59:37.0536 0x01cc  VgaSave - ok
15:59:37.0536 0x01cc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:59:37.0552 0x01cc  vhdmp - ok
15:59:37.0552 0x01cc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:59:37.0552 0x01cc  viaide - ok
15:59:37.0552 0x01cc  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:59:37.0568 0x01cc  vmbus - ok
15:59:37.0568 0x01cc  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:59:37.0568 0x01cc  VMBusHID - ok
15:59:37.0583 0x01cc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:59:37.0583 0x01cc  volmgr - ok
15:59:37.0583 0x01cc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:59:37.0599 0x01cc  volmgrx - ok
15:59:37.0599 0x01cc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:59:37.0614 0x01cc  volsnap - ok
15:59:37.0614 0x01cc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:59:37.0630 0x01cc  vsmraid - ok
15:59:37.0646 0x01cc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:59:37.0692 0x01cc  VSS - ok
15:59:37.0692 0x01cc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:59:37.0708 0x01cc  vwifibus - ok
15:59:37.0708 0x01cc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:59:37.0739 0x01cc  W32Time - ok
15:59:37.0739 0x01cc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:59:37.0739 0x01cc  WacomPen - ok
15:59:37.0755 0x01cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:59:37.0770 0x01cc  WANARP - ok
15:59:37.0770 0x01cc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:59:37.0786 0x01cc  Wanarpv6 - ok
15:59:37.0817 0x01cc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:59:37.0848 0x01cc  wbengine - ok
15:59:37.0848 0x01cc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:59:37.0864 0x01cc  WbioSrvc - ok
15:59:37.0864 0x01cc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:59:37.0880 0x01cc  wcncsvc - ok
15:59:37.0880 0x01cc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:59:37.0895 0x01cc  WcsPlugInService - ok
15:59:37.0895 0x01cc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:59:37.0895 0x01cc  Wd - ok
15:59:37.0911 0x01cc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:59:37.0926 0x01cc  Wdf01000 - ok
15:59:37.0926 0x01cc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:59:37.0942 0x01cc  WdiServiceHost - ok
15:59:37.0942 0x01cc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:59:37.0958 0x01cc  WdiSystemHost - ok
15:59:37.0958 0x01cc  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:59:37.0973 0x01cc  WebClient - ok
15:59:37.0973 0x01cc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:59:38.0004 0x01cc  Wecsvc - ok
15:59:38.0004 0x01cc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:59:38.0020 0x01cc  wercplsupport - ok
15:59:38.0020 0x01cc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:59:38.0051 0x01cc  WerSvc - ok
15:59:38.0051 0x01cc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:59:38.0067 0x01cc  WfpLwf - ok
15:59:38.0067 0x01cc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:59:38.0067 0x01cc  WIMMount - ok
15:59:38.0082 0x01cc  WinDefend - ok
15:59:38.0082 0x01cc  WinHttpAutoProxySvc - ok
15:59:38.0082 0x01cc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:59:38.0114 0x01cc  Winmgmt - ok
15:59:38.0114 0x01cc  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Users\no-w10\AppData\Local\Microsoft\Windows Sidebar\Gadgets\IntelCoreSeries25.gadget\WinRing0x64.sys
15:59:38.0114 0x01cc  WinRing0_1_2_0 - ok
15:59:38.0145 0x01cc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:59:38.0176 0x01cc  WinRM - ok
15:59:38.0192 0x01cc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:59:38.0192 0x01cc  WinUsb - ok
15:59:38.0207 0x01cc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:59:38.0238 0x01cc  Wlansvc - ok
15:59:38.0238 0x01cc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:59:38.0238 0x01cc  WmiAcpi - ok
15:59:38.0254 0x01cc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:59:38.0254 0x01cc  wmiApSrv - ok
15:59:38.0254 0x01cc  WMPNetworkSvc - ok
15:59:38.0270 0x01cc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:59:38.0270 0x01cc  WPCSvc - ok
15:59:38.0270 0x01cc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:59:38.0285 0x01cc  WPDBusEnum - ok
15:59:38.0285 0x01cc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:59:38.0301 0x01cc  ws2ifsl - ok
15:59:38.0316 0x01cc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:59:38.0316 0x01cc  wscsvc - ok
15:59:38.0316 0x01cc  WSearch - ok
15:59:38.0363 0x01cc  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:59:38.0410 0x01cc  wuauserv - ok
15:59:38.0410 0x01cc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:59:38.0426 0x01cc  WudfPf - ok
15:59:38.0426 0x01cc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:59:38.0441 0x01cc  WUDFRd - ok
15:59:38.0441 0x01cc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:59:38.0441 0x01cc  wudfsvc - ok
15:59:38.0457 0x01cc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:59:38.0457 0x01cc  WwanSvc - ok
15:59:38.0457 0x01cc  ================ Scan global ===============================
15:59:38.0472 0x01cc  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:59:38.0472 0x01cc  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:59:38.0472 0x01cc  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
15:59:38.0488 0x01cc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:59:38.0488 0x01cc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:59:38.0488 0x01cc  [ Global ] - ok
15:59:38.0488 0x01cc  ================ Scan MBR ==================================
15:59:38.0504 0x01cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:59:38.0566 0x01cc  \Device\Harddisk0\DR0 - ok
15:59:38.0566 0x01cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:59:38.0660 0x01cc  \Device\Harddisk1\DR1 - ok
15:59:38.0660 0x01cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
15:59:38.0691 0x01cc  \Device\Harddisk2\DR2 - ok
15:59:38.0691 0x01cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
15:59:38.0706 0x01cc  \Device\Harddisk3\DR3 - ok
15:59:38.0706 0x01cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
15:59:38.0722 0x01cc  \Device\Harddisk4\DR4 - ok
15:59:38.0722 0x01cc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
15:59:38.0738 0x01cc  \Device\Harddisk5\DR5 - ok
15:59:38.0738 0x01cc  ================ Scan VBR ==================================
15:59:38.0753 0x01cc  [ 76B565FAA2F338A90009F27083489E61 ] \Device\Harddisk0\DR0\Partition1
15:59:38.0753 0x01cc  \Device\Harddisk0\DR0\Partition1 - ok
15:59:38.0753 0x01cc  [ 7ADB333D71E26AF19E5662B4C209884D ] \Device\Harddisk0\DR0\Partition2
15:59:38.0753 0x01cc  \Device\Harddisk0\DR0\Partition2 - ok
15:59:38.0753 0x01cc  [ 8F7244AA972B8DCA158617F3B3DD08B0 ] \Device\Harddisk1\DR1\Partition1
15:59:38.0816 0x01cc  \Device\Harddisk1\DR1\Partition1 - ok
15:59:38.0816 0x01cc  [ CB81541E4DF00E030A3CF8FA31BFA801 ] \Device\Harddisk2\DR2\Partition1
15:59:38.0816 0x01cc  \Device\Harddisk2\DR2\Partition1 - ok
15:59:38.0816 0x01cc  [ 2FB512A73B39AE4213E9291D034206FE ] \Device\Harddisk2\DR2\Partition2
15:59:38.0816 0x01cc  \Device\Harddisk2\DR2\Partition2 - ok
15:59:38.0816 0x01cc  [ 2663AF93FF485AAC33CC8C20F3326981 ] \Device\Harddisk3\DR3\Partition1
15:59:38.0816 0x01cc  \Device\Harddisk3\DR3\Partition1 - ok
15:59:38.0816 0x01cc  [ B5191060E99187863A6A5E9C588D8C42 ] \Device\Harddisk4\DR4\Partition1
15:59:38.0816 0x01cc  \Device\Harddisk4\DR4\Partition1 - ok
15:59:38.0816 0x01cc  [ 0BBE645F85BE2943FE75D8D6AF0FC355 ] \Device\Harddisk5\DR5\Partition1
15:59:38.0816 0x01cc  \Device\Harddisk5\DR5\Partition1 - ok
15:59:38.0816 0x01cc  ================ Scan generic autorun ======================
15:59:38.0847 0x01cc  [ DD7B4F9E6B71A599FEF4BD9DA0AE57C2, 6B22356F74F7ED069A3FC39C62326AA98A70D0E860A2EB29A6C46F4077FB567A ] c:\Program Files\Microsoft Security Client\msseces.exe
15:59:38.0878 0x01cc  MSC - ok
15:59:39.0112 0x01cc  [ 1BDEB33CEAA541F6FCB19D9C342FBF86, F7DF33410511011317915F2EC3E571D249F1C92D5E35485313BF4DE9999D534C ] C:\Program Files\Logitech Gaming Software\LCore.exe
15:59:39.0330 0x01cc  Launch LCore - ok
15:59:39.0346 0x01cc  [ A8012BE61DC9CEFA5C41C2DA995812BD, 63D64926B700AD5378C7A719CD71906382EAAA1BE3CB2EE22D9A63D13E12C272 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
15:59:39.0346 0x01cc  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
15:59:41.0702 0x01cc  Detect skipped due to KSN trusted
15:59:41.0702 0x01cc  IAStorIcon - ok
15:59:41.0811 0x01cc  [ 0DA8E43DE369CF826FFE78517BD66D51, C9DD0654BD2C55CCCEDBC61DCD128C413ECC988AA1B9D758E2FA12304F50145E ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
15:59:41.0936 0x01cc  StartCN - ok
15:59:41.0951 0x01cc  [ EB6836C7A03C605AA98DEED98F0E69D0, 7319011F4A059FDEA71A428FE005BFF3B563A1C9C02D1B5965E1BAED161320D5 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:59:41.0951 0x01cc  USB3MON - ok
15:59:41.0951 0x01cc  [ BF2873110DD859BCF9E7116010594868, 0B01579A64D9E1CE8931112E3ABA1A52BDB68B5DC87CBCB1962CF21C62BFE39C ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
15:59:41.0967 0x01cc  IMSS - ok
15:59:42.0014 0x01cc  [ 4AB04471663CCB3A7D76BD4C06C9EC73, FB3F2DFECFE5AA64D4BF089C6285F53C88DC621D3F5308237427B2DBF90566FE ] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
15:59:42.0060 0x01cc  KeePass 2 PreLoad - ok
15:59:42.0138 0x01cc  [ E204E5D1B31F4870FABF2DF05A46B796, 07EDCE62DDB99D9110C864530823ADAACF7703A3F081F17BF5924258807DF181 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:59:42.0232 0x01cc  LogMeIn Hamachi Ui - ok
15:59:42.0232 0x01cc  [ 31427E1F610AED666C29046A17264C23, E8848F8D32379486DFA5A42B020F2A2FB1D2DD450FBD5EAF16142743A008F480 ] C:\Program Files (x86)\Gigabyte\AppCenter\PreRun.exe
15:59:42.0232 0x01cc  PreRun - detected UnsignedFile.Multi.Generic ( 1 )
15:59:44.0619 0x01cc  Detect skipped due to KSN trusted
15:59:44.0619 0x01cc  PreRun - ok
15:59:44.0619 0x01cc  [ 635829503355A2F0AA6E2B0105E825EC, 298AEAA6891E4F0F27ABEECBFFA19F8383A25D2E117CDDE199BDE43C8DA74496 ] C:\Program Files (x86)\Gigabyte\SIV\sivro.exe
15:59:44.0619 0x01cc  SIV - ok
15:59:44.0634 0x01cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:59:44.0666 0x01cc  Sidebar - ok
15:59:44.0666 0x01cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:59:44.0666 0x01cc  mctadmin - ok
15:59:44.0697 0x01cc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:59:44.0712 0x01cc  Sidebar - ok
15:59:44.0712 0x01cc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:59:44.0728 0x01cc  mctadmin - ok
15:59:44.0744 0x01cc  [ FA8F08013422A4EB68072668B3A73293, 7F4E7AC770928E9D313B7E91DB4B904A98F3D8BBAC3E0B88FBCA9EF15DD6ED71 ] C:\Program Files\TrueCrypt\TrueCrypt.exe
15:59:44.0775 0x01cc  TrueCrypt - ok
15:59:44.0806 0x01cc  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
15:59:44.0822 0x01cc  Sidebar - ok
15:59:44.0884 0x01cc  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
15:59:44.0931 0x01cc  DAEMON Tools Lite - ok
15:59:45.0071 0x01cc  [ 62DC10C285644EF73684070F4915B3AB, 5868C8F6886C02CDD0F4270120A8631905FE6D7DB421C025272CC9A771D9D77C ] C:\Program Files (x86)\ScreenshotCaptor\ScreenshotCaptor.exe
15:59:45.0212 0x01cc  Screenshot Captor - ok
15:59:45.0212 0x01cc  Waiting for KSN requests completion. In queue: 257
15:59:46.0226 0x01cc  Waiting for KSN requests completion. In queue: 257
15:59:47.0240 0x01cc  Waiting for KSN requests completion. In queue: 257
15:59:48.0254 0x01cc  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.9.218.0 ), 0x61000 ( enabled : updated )
15:59:48.0254 0x01cc  Win FW state via NFP2: enabled ( trusted )
15:59:50.0703 0x01cc  ============================================================
15:59:50.0703 0x01cc  Scan finished
15:59:50.0703 0x01cc  ============================================================
15:59:50.0703 0x0758  Detected object count: 0
15:59:50.0703 0x0758  Actual detected object count: 0

svchost.exe(netscvs) benutzt übrigens dauerhaft einen kompletten Kern

M-K-D-B · 20.06.2016, 06:11

Servus,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

saikorust · 20.06.2016, 16:01

Hallo,
MBAR hat nichts gefunden

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.06.20.04
  rootkit: v2016.05.27.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18314
no-w10 :: NO-W10-PC [administrator]

20.06.2016 16:34:26
mbar-log-2016-06-20 (16-34-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 315877
Time elapsed: 5 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Hätte noch ein Bild im Angebot welche Dienste bei dem svchost laufen https://abload.de/img/screenshot-20.06.2016jgjvj.png

Ich hab im Rechner noch ne SSD mit Windows, das mir soweit sauber erscheint, wie hoch schätzt Du die Wahrscheinlichkeit dass sich da auch was eingenistet hat?
Das Problemwindows ist erst 3-4 Monate alt, mir fiele es nicht sonderlich schwer das direkt wieder einzustampfen. Kann ich Bilder, Dokumente, Spielstände getrost backuppen und weiterbenutzen?
Ich würde jedoch gerne mit dem Säuberungsprozess fortfahren für die Lernerfahrung und damit ich meine Einstellungen in Ruhe sichern kann.

yahoo search update popup, komische .exe crashes

Plagegeister aller Art und deren Bekämpfung: yahoo search update popup, komische .exe crashes