Werbung bei jedem Klick/ immer neue Tabs

Winja · 08.09.2016, 20:05

Hallo,

ich habe seit zwei, drei Tagen das Problem, dass bei jeder Internetseite die sich öffnet, Werbung und sonstiges auch öffnet...

Ich habe schon viele Threads gelesen aber irgendwie war nie das Passende dabei...

Das Problem kommt sogar in Steam vor und ich bin mir nicht sicher ob da nicht noch mehr im Hintergrund passiert...

Habe einen Log von einer Überprüfung von Malwarebytes:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 08.09.2016
Suchlaufzeit: 19:09
Protokolldatei: Suchergebnisse Malwarebytes 2.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.08.07
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: stock

Suchlauftyp: Hyper-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267135
Abgelaufene Zeit: 6 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Deaktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)

(end)
-----------------------------------------------------------
Und außerdem von Spybot:

Search results from Spybot - Search & Destroy

08.09.2016 19:34:31
Scan took 00:29:25.
31 items found.

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)

CasaleMedia: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)

MediaPlex: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)

FastClick: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (Benutzer): stock) (Browser: Cookie, nothing done)

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $5C51E349] Client ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\MediaPlayer\Player\Settings\Client ID

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0: [SBI $31A61065] Internet history (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Common\Internet\UseRWHlinkNavigation

MS Office 12.0 (Access): [SBI $B63675A5] Recent Used DB #1 (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Access\Settings\MRU1

MS Office 12.0 (Access): [SBI $5FED5527] Recent Used DB Date #1 (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Access\Settings\MRUDate1

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (PowerPoint): [SBI $242E8728] Recent Slideshow List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\PowerPoint\File MRU

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Office\12.0\Word\File MRU

Windows.OpenWith: [SBI $59A5380C] Open with list - .ACF extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.ACF\OpenWithList

----------------------------------------------------------------------------------------------------

Mein Kaspersky habe ich auch schon drüberlaufen lassen, dass hat das hier gesagt...
Mmh hängt sich immer auf beim Log Erstellen...
Eine Datei, die ich rausriegen konnte: Trojan.Win32.SelfDel.dadk

Ich hoffe mal ihr könnt mir bitte helfen...
Wenn irgendwas fehlt, sagt es mir und ich mache das und schicke es euch!

Viele Grüße
Winja

M-K-D-B · 08.09.2016, 20:26

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Bitte beachte folgende Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Winja · 09.09.2016, 13:33

Hallo Matthias, danke für deine Hilfe...
Hier die Logdatei von FRST-Killer:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
durchgeführt von stock (Administrator) auf MARKSPC (09-09-2016 14:06:20)
Gestartet von C:\Users\stock\Downloads
Geladene Profile: stock &  (Verfügbare Profile: stock)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Malwarebytes) C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbam.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Valve Corporation) C:\Mark\Programme\Steam\Steam.exe
(Valve Corporation) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Microsoft® Windows® Operating System) C:\Windows\System32\Taskmgr.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-05-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
HKLM-x32\...\Run: [SDTray] => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Mark\Programme\Steam\steam.exe [2857248 2016-08-23] (Valve Corporation)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet 4620 series (NET)] => C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1523312 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe [6930544 2016-09-03] (Spotify Ltd)
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicyUsers\S-1-5-21-602346101-288533717-1331706006-1002\User: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [NameServer] 138.201.48.176,8.8.8.8
Tcpip\..\Interfaces\{dc3228ef-604e-40f1-8dab-f847f3d1ba0a}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://pesonal-spage.com/sall/
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-01-09] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\stock\AppData\Roaming\Mozilla\Firefox\Profiles\yb2u8nal.default
FF Plugin: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation)
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-05-24]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-01-09] (Kaspersky Lab ZAO)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corp.)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [370064 2015-09-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation)
R2 MBAMScheduler; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SDScannerService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [77728 2016-03-01] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-01-09] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [238000 2016-05-24] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [933808 2016-05-24] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [49240 2016-08-25] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-01-09] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87984 2016-05-24] (AO Kaspersky Lab)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-09] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-09 14:06 - 2016-09-09 14:07 - 00016318 _____ C:\Users\stock\Downloads\FRST.txt
2016-09-09 14:05 - 2016-09-09 14:06 - 00000000 ____D C:\FRST
2016-09-09 14:04 - 2016-09-09 14:04 - 02397696 _____ (Farbar) C:\Users\stock\Desktop\FRST64.exe
2016-09-08 20:20 - 2016-09-08 20:23 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster Piratenschiff
2016-09-08 19:35 - 2016-09-08 19:35 - 00000000 ____D C:\Users\stock\Desktop\Adware oder sowas
2016-09-07 19:34 - 2016-09-09 13:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 19:34 - 2016-09-07 19:34 - 00001241 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-09-07 19:34 - 2016-09-07 19:34 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-09-07 19:34 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-09-07 19:34 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-09-07 19:12 - 2016-09-07 19:12 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-07 19:12 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-09-07 19:09 - 2016-09-07 19:09 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2016-09-07 19:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-09-07 19:08 - 2016-09-07 19:08 - 00002384 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00002372 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-09-07 19:08 - 2016-09-07 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-09-07 19:08 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-09-07 18:24 - 2016-09-07 18:31 - 00000000 ____D C:\AdwCleaner
2016-09-05 18:20 - 2016-09-05 18:20 - 00000000 ____D C:\Users\stock\AppData\Roaming\SPI
2016-09-01 19:54 - 2013-12-10 08:27 - 00016344 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\IntelMEFWVer.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2016-09-01 19:53 - 2013-12-10 08:27 - 00100312 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverx64.sys
2016-09-01 19:04 - 2016-08-27 14:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 11:37 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 04130944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-09-01 19:04 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 03893376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-09-01 19:04 - 2016-08-27 06:58 - 00121368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-09-01 19:04 - 2016-08-27 06:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:43 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\encapi.dll
2016-09-01 19:04 - 2016-08-27 06:39 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:38 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-09-01 19:04 - 2016-08-27 06:37 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-09-01 19:04 - 2016-08-27 06:25 - 00804864 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-09-01 19:04 - 2016-08-20 08:26 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:13 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-09-01 19:04 - 2016-08-20 08:06 - 01046976 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-09-01 19:04 - 2016-08-20 08:06 - 00885832 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-09-01 19:04 - 2016-08-20 08:06 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-09-01 19:04 - 2016-08-20 08:05 - 01377008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 07814488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-09-01 19:04 - 2016-08-20 08:04 - 01349120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-09-01 19:04 - 2016-08-20 08:04 - 01163696 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-09-01 19:04 - 2016-08-20 08:03 - 02257248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-09-01 19:04 - 2016-08-20 08:03 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 01279328 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:52 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:52 - 00658776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-09-01 19:04 - 2016-08-20 07:52 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:51 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:50 - 01099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00987992 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00942424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-09-01 19:04 - 2016-08-20 07:50 - 00807776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00073568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2016-09-01 19:04 - 2016-08-20 07:50 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-09-01 19:04 - 2016-08-20 07:50 - 00020320 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdhvcom.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 22218808 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01453992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:47 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:46 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-09-01 19:04 - 2016-08-20 07:43 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:42 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-09-01 19:04 - 2016-08-20 07:34 - 01430200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-09-01 19:04 - 2016-08-20 07:34 - 00782176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-09-01 19:04 - 2016-08-20 07:34 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 05722312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-09-01 19:04 - 2016-08-20 07:33 - 00852824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-09-01 19:04 - 2016-08-20 07:32 - 00846552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 20965240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-09-01 19:04 - 2016-08-20 07:29 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-09-01 19:04 - 2016-08-20 07:25 - 01264912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 22571008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:22 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:21 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:21 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-09-01 19:04 - 2016-08-20 07:21 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:20 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-09-01 19:04 - 2016-08-20 07:20 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-09-01 19:04 - 2016-08-20 07:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:19 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-09-01 19:04 - 2016-08-20 07:19 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-09-01 19:04 - 2016-08-20 07:18 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-09-01 19:04 - 2016-08-20 07:18 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-09-01 19:04 - 2016-08-20 07:17 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-09-01 19:04 - 2016-08-20 07:17 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerSvc.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-09-01 19:04 - 2016-08-20 07:16 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:16 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-09-01 19:04 - 2016-08-20 07:15 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:15 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-09-01 19:04 - 2016-08-20 07:14 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_G18030.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-09-01 19:04 - 2016-08-20 07:14 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\C_IS2022.DLL
2016-09-01 19:04 - 2016-08-20 07:14 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\c_GSM7.DLL
2016-09-01 19:04 - 2016-08-20 07:13 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00568832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.UXRes.dll
2016-09-01 19:04 - 2016-08-20 07:13 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 01014784 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:12 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-09-01 19:04 - 2016-08-20 07:11 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-09-01 19:04 - 2016-08-20 07:11 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-09-01 19:04 - 2016-08-20 07:10 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 09128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:09 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 01906176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00204288 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 07:08 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-09-01 19:04 - 2016-08-20 07:08 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ClipboardServer.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll
2016-09-01 19:04 - 2016-08-20 07:07 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\smphost.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-09-01 19:04 - 2016-08-20 07:06 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-09-01 19:04 - 2016-08-20 07:06 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2016-09-01 19:04 - 2016-08-20 07:05 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 23682560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 03245056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-09-01 19:04 - 2016-08-20 07:04 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-09-01 19:04 - 2016-08-20 07:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 02846208 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 07:03 - 00944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-09-01 19:04 - 2016-08-20 07:02 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 04612096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 07:01 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 19423232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 08124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 01316352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-09-01 19:04 - 2016-08-20 07:00 - 00141824 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\SysWOW64\DscCoreConfProv.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 07624192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01106944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-09-01 19:04 - 2016-08-20 06:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smphost.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:58 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi_passthru.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02680832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 02264064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-09-01 19:04 - 2016-08-20 06:57 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02711040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 02143232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 01006080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\delegatorprovider.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 19418624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-09-01 19:04 - 2016-08-20 06:55 - 00726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 00806912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-09-01 19:04 - 2016-08-20 06:53 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:53 - 03299328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2016-09-01 19:04 - 2016-08-20 06:53 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-09-01 19:04 - 2016-08-20 06:52 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-09-01 19:04 - 2016-08-20 06:51 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-09-01 19:04 - 2016-08-20 06:50 - 01875456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-09-01 19:04 - 2016-08-20 06:49 - 02999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-09-01 19:04 - 2016-08-20 06:46 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-09-01 19:04 - 2016-08-19 03:33 - 00162850 _____ C:\WINDOWS\system32\C_932.NLS
2016-08-25 19:48 - 2016-08-25 19:17 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-25 19:45 - 2016-08-25 19:45 - 17187328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13867520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13433856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 13080576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12345344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 12174336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 09260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2016-08-25 19:45 - 2016-08-25 19:45 - 05622600 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 03116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02745224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02422784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAJApi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02251432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-25 19:45 - 2016-08-25 19:45 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01847048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01780736 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01694200 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01557296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01469120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01343928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01176664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01066096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 01052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00955008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00939872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00790760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00665768 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00595488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00587968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00529928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00509784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00435040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00381760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00361096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00321280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00313560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00168800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00151224 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncPolicy.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModelOOBE.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00050880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00044472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00041824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2016-08-25 19:45 - 2016-08-25 19:45 - 00036168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceassociation.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanhlp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.exe
2016-08-25 19:45 - 2016-08-25 19:45 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2016-08-25 19:45 - 2016-08-25 19:45 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00389000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2016-08-25 19:42 - 2016-08-25 19:42 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-08-25 19:40 - 2016-08-25 19:40 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-25 19:38 - 2016-08-25 19:38 - 00199008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files\MSBuild
2016-08-25 19:38 - 2016-08-25 19:38 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-25 19:38 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-25 19:38 - 2016-05-25 15:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 15:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-08-25 19:38 - 2016-05-25 12:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2016-08-25 19:38 - 2016-05-25 12:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2016-08-25 19:23 - 2016-08-25 19:23 - 00000000 ___RD C:\Users\stock\3D Objects
2016-08-25 19:20 - 2016-08-25 19:20 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-25 19:18 - 2016-08-25 19:18 - 00000000 ____D C:\ProgramData\USOShared
2016-08-25 19:17 - 2016-08-27 17:51 - 00000000 ____D C:\Users\stock\AppData\Local\ConnectedDevicesPlatform
2016-08-25 19:17 - 2016-08-25 19:17 - 00000656 __RSH C:\Users\stock\ntuser.pol
2016-08-25 19:17 - 2016-08-25 19:17 - 00000020 ___SH C:\Users\stock\ntuser.ini
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-08-25 19:17 - 2016-08-25 19:17 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2016-08-25 19:14 - 2016-08-25 19:16 - 00007623 _____ C:\WINDOWS\diagerr.xml
2016-08-25 19:10 - 2016-08-25 19:10 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-08-25 19:09 - 2016-09-08 21:53 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-25 19:09 - 2016-08-25 19:10 - 00002264 _____ C:\WINDOWS\System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC}
2016-08-25 19:02 - 2016-08-25 19:02 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default\AppData\Local\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Roaming\ATI
2016-08-25 19:02 - 2016-08-25 19:02 - 00000000 ____D C:\Users\Default User\AppData\Local\ATI
2016-08-25 18:58 - 2016-08-25 19:04 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2016-08-25 18:56 - 2016-09-09 13:55 - 00000000 ____D C:\Users\stock
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Vorlagen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Startmenü
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Netzwerkumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Lokale Einstellungen
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Eigene Dateien
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Druckumgebung
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Videos
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Musik
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Documents\Eigene Bilder
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Verlauf
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\AppData\Local\Anwendungsdaten
2016-08-25 18:56 - 2016-08-25 18:56 - 00000000 _SHDL C:\Users\stock\Anwendungsdaten
2016-08-25 18:53 - 2016-09-09 13:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-08-25 18:53 - 2016-09-01 19:54 - 00000000 ____D C:\Program Files\Intel
2016-08-25 18:53 - 2016-08-25 19:04 - 00000000 ____D C:\Program Files\Elantech
2016-08-25 18:53 - 2016-08-25 18:53 - 01618211 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2016-08-25 18:53 - 2016-08-25 18:53 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\WINDOWS\system32\DAX2
2016-08-25 18:53 - 2016-08-25 18:53 - 00000000 ____D C:\Program Files\Realtek
2016-08-25 18:52 - 2016-08-25 18:52 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-25 18:52 - 2016-07-16 13:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-25 18:51 - 2016-08-25 19:02 - 00000000 ____D C:\Program Files\AMD
2016-08-25 18:50 - 2016-09-08 21:53 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-25 18:50 - 2016-08-25 18:50 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-25 18:49 - 2016-09-01 19:59 - 00343744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-23 10:01 - 2016-08-23 10:01 - 00000000 ____D C:\Users\stock\Desktop\Planet Coaster MapBackup
2016-08-23 09:41 - 2016-08-23 09:42 - 00000096 _____ C:\Users\stock\Desktop\To-Do.txt
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Roaming\Greenshot
2016-08-12 18:45 - 2016-08-12 18:45 - 00000000 ____D C:\Users\stock\AppData\Local\Greenshot
2016-08-10 12:10 - 2016-08-10 12:10 - 00000000 ____D C:\Users\stock\AppData\Local\TurboDismount

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-09-09 14:05 - 2016-01-09 15:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-09-09 13:54 - 2016-07-17 00:51 - 00517536 _____ C:\WINDOWS\system32\perfh007.dat
2016-09-09 13:54 - 2016-07-17 00:51 - 00094184 _____ C:\WINDOWS\system32\perfc007.dat
2016-09-09 13:54 - 2016-01-09 14:49 - 01505234 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-09-09 13:52 - 2016-01-09 14:52 - 00000000 __SHD C:\Users\stock\IntelGraphicsProfiles
2016-09-08 19:36 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-09-08 19:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-09-08 19:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-09-07 19:29 - 2016-01-09 16:24 - 00000000 ____D C:\Users\stock\AppData\Roaming\Skype
2016-09-07 18:25 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-05 19:06 - 2016-01-09 23:35 - 00000000 ____D C:\ProgramData\Package Cache
2016-09-05 18:40 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-09-05 18:22 - 2016-01-09 18:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Minecraft
2016-09-05 17:30 - 2016-07-01 13:43 - 00000000 ____D C:\Users\stock\AppData\Local\Spotify
2016-09-05 17:28 - 2016-07-01 13:41 - 00000000 ____D C:\Users\stock\AppData\Roaming\Spotify
2016-09-05 17:08 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-09-01 20:02 - 2016-01-09 14:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\et-EE
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\es-MX
2016-09-01 19:57 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-09-01 19:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\ProgramData\Intel
2016-09-01 19:54 - 2016-03-28 18:32 - 00000000 ____D C:\Program Files (x86)\Intel
2016-09-01 18:58 - 2016-07-16 13:42 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-09-01 18:57 - 2016-07-16 13:43 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:43 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-09-01 18:57 - 2016-07-16 13:43 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-09-01 18:57 - 2016-07-16 13:42 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-09-01 18:57 - 2016-07-16 13:42 - 00114192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00079544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-09-01 18:57 - 2016-07-16 13:42 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-08-30 20:06 - 2016-01-09 14:52 - 00000000 ____D C:\Users\stock\AppData\Local\Packages
2016-08-28 19:24 - 2016-01-09 18:08 - 00000000 ____D C:\Users\stock\AppData\Roaming\.minecraft
2016-08-27 17:52 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-26 07:43 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-26 07:43 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-25 19:48 - 2016-07-16 13:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-25 19:45 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-25 19:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-25 19:38 - 2016-07-16 13:43 - 00471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2016-08-25 19:38 - 2016-07-16 13:43 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2016-08-25 19:22 - 2015-06-11 20:35 - 00049240 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-08-25 19:21 - 2016-01-09 14:55 - 00002387 _____ C:\Users\stock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-25 19:21 - 2016-01-09 14:55 - 00000000 ___RD C:\Users\stock\OneDrive
2016-08-25 19:18 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-25 19:18 - 2016-01-09 14:53 - 00000000 ____D C:\Users\stock\AppData\Local\PackageStaging
2016-08-25 19:17 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows NT
2016-08-25 19:16 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-25 19:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Registration
2016-08-25 19:14 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2016-08-25 19:10 - 2016-01-09 14:21 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicyUsers
2016-08-25 19:09 - 2016-07-16 13:47 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-25 19:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-25 19:04 - 2016-07-16 08:04 - 00008192 _____ C:\WINDOWS\system32\config\ELAM
2016-08-25 19:04 - 2016-04-16 20:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-08-25 19:04 - 2016-03-28 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-25 19:04 - 2016-01-09 18:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-08-25 19:04 - 2016-01-09 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2016-08-25 19:04 - 2016-01-09 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2016-08-25 19:04 - 2016-01-09 14:21 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-25 19:02 - 2016-01-09 14:11 - 00000000 ____D C:\Users\Default.migrated
2016-08-25 19:00 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-25 19:00 - 2016-01-29 14:18 - 00000000 ____D C:\WINDOWS\SysWOW64\xlive
2016-08-25 19:00 - 2016-01-09 17:02 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-25 18:59 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-25 18:59 - 2016-01-25 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-08-25 18:59 - 2016-01-09 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-08-25 18:56 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-25 18:54 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-25 18:51 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-23 09:34 - 2016-01-25 21:08 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-08-23 09:34 - 2016-01-09 16:24 - 00000000 ____D C:\ProgramData\Skype
2016-08-15 13:23 - 2016-01-09 17:47 - 00000000 ____D C:\Users\stock\AppData\Roaming\vlc
2016-08-10 11:46 - 2016-01-09 17:02 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-18 17:53 - 2016-06-18 17:53 - 0007601 _____ () C:\Users\stock\AppData\Local\Resmon.ResmonCfg
2016-01-09 15:26 - 2016-01-09 15:26 - 0000057 _____ () C:\ProgramData\Ament.ini
2016-08-25 18:53 - 2016-08-25 18:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\stock\AppData\Local\Temp\adblocker4.exe
C:\Users\stock\AppData\Local\Temp\AutoRun.exe
C:\Users\stock\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\stock\AppData\Local\Temp\EAInstall.dll
C:\Users\stock\AppData\Local\Temp\eauninstall.exe
C:\Users\stock\AppData\Local\Temp\libeay32.dll
C:\Users\stock\AppData\Local\Temp\msvcr120.dll
C:\Users\stock\AppData\Local\Temp\MusicStudio.exe
C:\Users\stock\AppData\Local\Temp\sqlite3.dll
C:\Users\stock\AppData\Local\Temp\The Battle for Middle-earth II_uninst.exe
C:\Users\stock\AppData\Local\Temp\ysins.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-09-05 17:57

==================== Ende von FRST.txt ============================

Und die Addition:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 31-08-2016
durchgeführt von stock (09-09-2016 14:07:57)
Gestartet von C:\Users\stock\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-25 17:17:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-602346101-288533717-1331706006-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-602346101-288533717-1331706006-503 - Limited - Disabled)
Gast (S-1-5-21-602346101-288533717-1331706006-501 - Limited - Disabled)
stock (S-1-5-21-602346101-288533717-1331706006-1002 - Administrator - Enabled) => C:\Users\stock

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Ashampoo Cover Studio 1.01 (HKLM-x32\...\Ashampoo Cover Studio_is1) (Version: 1.0.1 - ashampoo GmbH & Co. KG)
Ashampoo Music Studio 5 v.5.0.7 (HKLM-x32\...\{91B33C97-5BBE-576E-893B-711D4D8298ED}_is1) (Version: 5.0.7 - Ashampoo GmbH & Co. KG)
Besiege (HKLM\...\Steam App 346010) (Version:  - Spiderling Studios)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Euro Truck Simulator 2 (HKLM\...\Steam App 227300) (Version:  - SCS Software)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version:  - Bugbear Entertainment)
Frontier Launchpad version 1.0.3 (HKLM-x32\...\{8916D4AB-BBCB-4FBC-A203-B4C3144CF89B}_is1) (Version: 1.0.3 - Frontier Developments plc)
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{B16F9E6E-1388-472C-98C3-F32D397EF85D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.23.1766 - Intel Corporation)
Java 8 Update 101 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KeePass Password Safe 1.30 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.30 - Dominik Reichl)
LEGO® Der Herr der Ringe™ (HKLM-x32\...\{C6F20FA7-342A-47A9-A3C8-EB36CABE6419}) (Version: 1.0.0.0 - Warner Bros. Interactive Entertainment)
LEGO® STAR WARS™: The Force Awakens (HKLM\...\Steam App 438640) (Version:  - Traveller's Tales)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Parkitect (HKLM\...\Steam App 453090) (Version:  - Texel Raptor)
Planet Coaster Alpha (HKLM\...\Steam App 518340) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7808 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
RollerCoaster Tycoon 3: Platinum! (HKLM-x32\...\Steam App 2700) (Version:  - Frontier)
RollerCoaster Tycoon World (HKLM\...\Steam App 282560) (Version:  - Nvizzio Creations)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spotify (HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.36.124.g1cba1920 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version:  - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
Turbo Dismount (HKLM\...\Steam App 263760) (Version:  - Secret Exit Ltd.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Who's Your Daddy (HKLM\...\Steam App 427730) (Version:  - Evil Tortilla Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-602346101-288533717-1331706006-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {426EA321-796E-4710-AF0C-BAABF540CA54} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-10] (Microsoft Corporation)
Task: {91A85246-2555-457C-AF00-59E693280084} - System32\Tasks\{C70BA00D-C100-4D41-94D6-FDDE3DFCEAEC} => launchwinapp.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.16.0.105&amp;LastError=404
Task: {A078B1E2-C61C-4567-8C6F-50DBD4F270A9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {E63B7A3A-2D1D-4D41-8C4E-4EEBC5F1890C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 19:21 - 2016-08-25 19:21 - 00959168 _____ () C:\Users\stock\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2015-09-30 21:39 - 2015-09-30 21:39 - 00415128 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 09761280 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-07-16 13:43 - 2016-09-01 18:57 - 01033728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-09-01 19:04 - 2016-08-20 06:54 - 02438144 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-01 19:04 - 2016-08-20 06:56 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-01-09 14:21 - 2016-01-09 14:19 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\stock\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{4d0e7f78-e0a0-4636-af55-9903d7b648da}.jpg
DNS Servers: 138.201.48.176 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "HP Officejet 4620 series (NET)"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-602346101-288533717-1331706006-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26E1D222-FF96-425A-8E3E-4B792788946E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{5857033A-88E2-48D2-A5F3-751C4E4B1A1B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Planet Coaster Alpha\PlanetCoaster.exe
FirewallRules: [{124A3183-5373-4FDC-B946-9022697EE095}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{7CB20BF4-CB64-464F-B415-658C77209CFA}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Whos Your Daddy\WhosYourDaddy.exe
FirewallRules: [{E32A3583-D079-45CF-A180-F9F5ABA71CA8}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{EB7AB245-D869-4FCB-9F4C-D72DBE2B4C6B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\TurboDismount\TurboDismount.exe
FirewallRules: [{A9FB80ED-3746-4C81-BA1A-F834A0E8875C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{50D0F11C-9011-481E-B94E-C2810A4FA7B4}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E1D760B3-2946-4EB5-8824-E3B4B0922BEC}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{C8B13388-078C-4205-BB18-56386B4EA57E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\LEGO STAR WARS The Force Awakens\LEGOSWTFA.exe
FirewallRules: [{900D399C-7B4E-4C18-8406-45E5AC66C30A}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{8BCF9091-996B-4B42-94C4-062BC4259837}] => (Allow) C:\Program Files (x86)\Electronic Arts\Die Schlacht um Mittelerde II\game.dat
FirewallRules: [{C376C7D5-734B-4715-ADE5-668EF001D04A}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{E91968F1-BB4A-4B79-864B-02882B43AB1F}] => (Allow) C:\Mark\Programme\Die Schlacht um Mittelerde 2\game.dat
FirewallRules: [{D4AE444C-0EC0-4963-891C-599612C3B82E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{58F2DB48-2A20-4653-8818-3DDDD44AB5BB}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Parkitect\Parkitect.exe
FirewallRules: [{184B9B41-6481-4939-AB3F-620D737819AB}] => (Allow) C:\Mark\Programme\Mozilla Firefox\firefox.exe
FirewallRules: [{7F22833E-C70D-4993-AA95-95D5F3CC9D07}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{EDE7DE8C-0760-4FD6-BE1C-9616BD52D023}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{E0544AFC-F753-4BF9-888E-FF567BBB4342}] => (Allow) C:\Mark\Programme\Microsoft Office 2007\Office12\outlook.exe
FirewallRules: [{FBECCB82-34BB-48AA-A084-3EB9D0FC06F6}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{DDECFE45-6864-4F7C-A0E2-C05F820710BF}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\RollerCoaster Tycoon World\RollerCoaster Tycoon World.exe
FirewallRules: [{11017D06-9BFD-49E2-A6A4-971A9D665728}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{FFDDE0D2-B7E4-4201-A0F1-3BCA8A0CE834}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9B404727-7A5C-488D-B684-1E867A809C0D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{0CEC5434-02D8-4B52-AA09-42D887C46891}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\FlatOut Ultimate Carnage\launcher.exe
FirewallRules: [{9AC100BD-A373-48AE-9F5F-F382CF44D4D9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BE3FC896-4AE7-46FC-B5A6-660A5928BB8B}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{0A7F7B5B-577D-40A1-8331-62BFF43A447D}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Rollercoaster Tycoon 3 Gold\RCT3plus.exe
FirewallRules: [{4CC810DD-7F8C-4E73-9E0E-71B202639E4F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6A6F2824-E299-4B99-9F45-EFCD38F30D47}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{6BE0D75F-45DB-4A68-A29F-B33A7AFB7EED}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{FB070DED-DF22-4BD2-9092-D1572374BA39}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4B42BB83-62C9-4A06-AE63-937A53E5B19F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{026A885A-1142-49ED-9B73-BD035930D4A9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{1768DC1B-0D41-43B3-B231-5A4B07DCCA2C}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{4419FD9E-6044-4B51-BB8E-23BCEA3FD2F2}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Stronghold\Stronghold.exe
FirewallRules: [{F8E95C5E-2695-46E9-9B75-021689406D72}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{FEDE4AED-4383-4EF7-A0FB-64EF5BF896F9}] => (Allow) C:\Mark\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{5D47808F-075C-4137-9DE3-B4379B47630C}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{ECBF68FB-77AF-46BA-9DD9-846F8E6E6F7B}] => (Allow) C:\Mark\Programme\Steam\Steam.exe
FirewallRules: [{7434FFA2-1C6F-4927-816D-E9FBCAF1E478}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E513770F-049F-41F6-A1E8-4D98900E5BE4}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CBEC0D68-8748-45B9-8F49-7C5786746AA9}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\Bin\DeviceSetup.exe
FirewallRules: [{AB9E073E-CA44-4861-894E-2DCA0C27A884}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\SendAFax.exe
FirewallRules: [{353584F4-FE38-441C-AE1F-F526A4EFAF8F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\DigitalWizards.exe
FirewallRules: [{01480B04-5C67-4124-A4FA-178C3CD2F30F}] => (Allow) C:\Program Files\HP\HP Officejet 4620 series\bin\FaxApplications.exe
FirewallRules: [{8A06A2E9-B165-40E9-8523-7F1526A46935}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{49B9260C-14B3-4011-92C8-EE678E6ED502}] => (Allow) C:\Program Files (x86)\Electronic Arts\Aufstieg des Hexenkönigs\game.dat
FirewallRules: [{217FD394-A7CA-4E74-AA1C-299F67DB13F9}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D3152B8F-D6DD-471D-AF8A-558FA3E3A4CC}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{4D084C9D-B17E-484E-95AD-215396A0EEB7}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{22E8F859-1F7E-4CF3-9444-D8A2CE59622E}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{57ADE48C-A8A4-4C08-922A-7FE3D8AB2184}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{9EFB8671-7E14-491F-A8A5-2D2B9A3C115F}] => (Allow) C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

27-08-2016 18:01:05 Windows Update
01-09-2016 19:17:11 Windows Modules Installer
05-09-2016 17:06:58 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/09/2016 02:08:52 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\GTAIV.exe".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/09/2016 02:08:44 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Mark\Programme\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\gta4Browser.exe".
Die abhängige Assemblierung "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (09/09/2016 01:51:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0x01d20a908c59ee52
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: b65565cf-c5ad-419a-bc94-7221e9a3a8c8
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/08/2016 09:02:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avpui.exe, Version 16.0.0.625 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 23f0

Startzeit: 01d20a031e3623f8

Beendigungszeit: 0

Anwendungspfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe

Berichts-ID: a9bac75a-75f6-11e6-b081-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/08/2016 08:59:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm avpui.exe, Version 16.0.0.625 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1240

Startzeit: 01d209f7a40e0bd1

Beendigungszeit: 48549

Anwendungspfad: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe

Berichts-ID: 36cd6fa5-75f6-11e6-b081-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/08/2016 06:10:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: MARKSPC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023673. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/08/2016 04:52:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: WpcMon.exe, Version: 10.0.14393.0, Zeitstempel: 0x578998a9
Name des fehlerhaften Moduls: ucrtbase.dll, Version: 10.0.14393.0, Zeitstempel: 0x578997b5
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000000000006ea1e
ID des fehlerhaften Prozesses: 0x2794
Startzeit der fehlerhaften Anwendung: 0x01d209e08df8f8c3
Pfad der fehlerhaften Anwendung: C:\WINDOWS\system32\WpcMon.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\ucrtbase.dll
Berichtskennung: b1d2edaa-cc9e-43cd-8ee2-adc13573d770
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/07/2016 07:45:34 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\mark\programme\spybot - search & destroy 2\spybot - search & destroy 2\updates\extracts\SDWSCSvc.exe".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.

Error: (09/07/2016 07:45:31 PM) (Source: SideBySide) (EventID: 79) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\mark\programme\spybot - search & destroy 2\spybot - search & destroy 2\SDWSCSvc.exe".
Die Einstellung "hxxp://schemas.microsoft.com/SMI/2005/WindowsSettings^antispywareProductDisplayName" ist nicht registriert.

Error: (09/07/2016 07:02:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.26.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f1c

Startzeit: 01d209280c1bd3b4

Beendigungszeit: 42

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: cef5cce2-751c-11e6-b080-201a0647e01d

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:


Systemfehler:
=============
Error: (09/09/2016 01:51:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 09:53:28 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎08.‎09.‎2016 um 21:36:32 unerwartet heruntergefahren.

Error: (09/08/2016 09:52:57 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212254874609120

Error: (09/08/2016 07:37:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/08/2016 04:52:02 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 06:32:48 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (09/07/2016 06:31:41 PM) (Source: DCOM) (EventID: 10010) (User: MARKSPC)
Description: Der Server "microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (09/07/2016 06:31:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8072.27 MB
Verfügbarer physikalischer RAM: 4739.84 MB
Summe virtueller Speicher: 9352.27 MB
Verfügbarer virtueller Speicher: 5945.63 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:907.73 GB) (Free:750.19 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9128D2BB)

Partition: GPT.

==================== Ende von Addition.txt ============================

Winja · 09.09.2016, 13:38

Kaspersky TEIL1:

Code:

ATTFilter

14:13:10.0749 0x08d4  TDSS rootkit removing tool 3.1.0.11 Aug  5 2016 12:13:31
14:13:10.0749 0x08d4  UEFI system
14:13:13.0312 0x08d4  ============================================================
14:13:13.0312 0x08d4  Current date / time: 2016/09/09 14:13:13.0312
14:13:13.0312 0x08d4  SystemInfo:
14:13:13.0312 0x08d4  
14:13:13.0312 0x08d4  OS Version: 10.0.14393 ServicePack: 0.0
14:13:13.0312 0x08d4  Product type: Workstation
14:13:13.0312 0x08d4  ComputerName: MARKSPC
14:13:13.0312 0x08d4  UserName: stock
14:13:13.0312 0x08d4  Windows directory: C:\WINDOWS
14:13:13.0312 0x08d4  System windows directory: C:\WINDOWS
14:13:13.0312 0x08d4  Running under WOW64
14:13:13.0312 0x08d4  Processor architecture: Intel x64
14:13:13.0312 0x08d4  Number of processors: 4
14:13:13.0312 0x08d4  Page size: 0x1000
14:13:13.0312 0x08d4  Boot type: Normal boot
14:13:13.0312 0x08d4  CodeIntegrityOptions = 0x00000001
14:13:13.0312 0x08d4  ============================================================
14:13:13.0312 0x08d4  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.103, osProperties = 0x19
14:13:13.0671 0x08d4  System UUID: {04D2B240-15B6-8500-46FB-4CFF741C9411}
14:13:14.0499 0x08d4  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:13:14.0515 0x08d4  ============================================================
14:13:14.0515 0x08d4  \Device\Harddisk0\DR0:
14:13:14.0546 0x08d4  GPT partitions:
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F23B358F-0339-4785-8744-C3CAFBE0295B}, Name: , StartLBA 0x800, BlocksNum 0xC8000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5926DE6E-E71A-4766-9E4D-D5868BCE1C9E}, Name: EFI , StartLBA 0xC8800, BlocksNum 0x96000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6E80BC50-2159-4F07-86CC-CEB6DAFA993C}, Name: Micr, StartLBA 0x15E800, BlocksNum 0x40000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3B99A2AB-4704-4E31-ACFC-C514833D1EBF}, Name: , StartLBA 0x19E800, BlocksNum 0x71776000
14:13:14.0562 0x08d4  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5124F157-E73D-4C8F-8BBB-2F7702490BF6}, Name: , StartLBA 0x71914800, BlocksNum 0x2DF2000
14:13:14.0562 0x08d4  MBR partitions:
14:13:14.0562 0x08d4  ============================================================
14:13:14.0640 0x08d4  C: <-> \Device\Harddisk0\DR0\Partition4
14:13:14.0640 0x08d4  ============================================================
14:13:14.0640 0x08d4  Initialize success
14:13:14.0640 0x08d4  ============================================================
14:13:18.0906 0x1128  ============================================================
14:13:18.0906 0x1128  Scan started
14:13:18.0906 0x1128  Mode: Manual; SigCheck; TDLFS; 
14:13:18.0906 0x1128  ============================================================
14:13:18.0906 0x1128  KSN ping started
14:13:19.0031 0x1128  KSN ping finished: true
14:13:21.0921 0x1128  ================ Scan system memory ========================
14:13:21.0921 0x1128  System memory - ok
14:13:21.0921 0x1128  ================ Scan services =============================
14:13:22.0702 0x1128  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:13:22.0781 0x1128  1394ohci - ok
14:13:22.0812 0x1128  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:13:22.0827 0x1128  3ware - ok
14:13:22.0937 0x1128  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:13:22.0984 0x1128  ACPI - ok
14:13:22.0999 0x1128  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
14:13:23.0015 0x1128  AcpiDev - ok
14:13:23.0031 0x1128  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:13:23.0046 0x1128  acpiex - ok
14:13:23.0078 0x1128  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:13:23.0078 0x1128  acpipagr - ok
14:13:23.0109 0x1128  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:13:23.0124 0x1128  AcpiPmi - ok
14:13:23.0156 0x1128  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:13:23.0156 0x1128  acpitime - ok
14:13:23.0218 0x1128  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:13:23.0265 0x1128  ADP80XX - ok
14:13:23.0296 0x1128  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:13:23.0327 0x1128  AFD - ok
14:13:23.0343 0x1128  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:13:23.0374 0x1128  ahcache - ok
14:13:23.0390 0x1128  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:13:23.0406 0x1128  AJRouter - ok
14:13:23.0437 0x1128  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
14:13:23.0452 0x1128  ALG - ok
14:13:23.0499 0x1128  [ CA5D49FE7992628A02BB110248E1DDFE, AFB28A1F465A0C470C0EDF8708AADD3ABCD23AC9987C9E8B4C0015FD827EB576 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:13:23.0531 0x1128  AMD External Events Utility - ok
14:13:23.0593 0x1128  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:13:23.0624 0x1128  AmdK8 - ok
14:13:23.0640 0x1128  amdkmdag - ok
14:13:23.0765 0x1128  [ 3A261C58BC747EBED2CB58069B497F69, E13C0F6340E398BB5BF519B750A5A9019BC589F1A5CE7C77D3DCF038A79EE903 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:13:23.0859 0x1128  amdkmdap - ok
14:13:23.0890 0x1128  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
14:13:23.0906 0x1128  amdkmpfd - ok
14:13:23.0937 0x1128  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:13:23.0968 0x1128  AmdPPM - ok
14:13:23.0984 0x1128  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:13:23.0984 0x1128  amdsata - ok
14:13:24.0015 0x1128  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:13:24.0031 0x1128  amdsbs - ok
14:13:24.0046 0x1128  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:13:24.0062 0x1128  amdxata - ok
14:13:24.0124 0x1128  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:13:24.0140 0x1128  AppID - ok
14:13:24.0203 0x1128  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:13:24.0218 0x1128  AppIDSvc - ok
14:13:24.0249 0x1128  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:13:24.0265 0x1128  Appinfo - ok
14:13:24.0343 0x1128  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
14:13:24.0374 0x1128  applockerfltr - ok
14:13:24.0484 0x1128  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:13:24.0546 0x1128  AppReadiness - ok
14:13:24.0781 0x1128  [ 1212D65C0B8757ACF1201785B3BD4CDC, 7FDB781ED2DEB296371E7ACFC2A34DDB5A7742A2883C486E465C1D4617D9EC80 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:13:24.0859 0x1128  AppXSvc - ok
14:13:24.0890 0x1128  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:13:24.0906 0x1128  arcsas - ok
14:13:24.0937 0x1128  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:13:24.0952 0x1128  AsyncMac - ok
14:13:24.0968 0x1128  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:13:24.0984 0x1128  atapi - ok
14:13:25.0187 0x1128  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
14:13:25.0343 0x1128  athr - ok
14:13:25.0390 0x1128  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:13:25.0421 0x1128  AudioEndpointBuilder - ok
14:13:25.0468 0x1128  [ FDD11F6C771FC6FD5EAE7D2D7502D39A, 4E75EA7BB36D2FACF71DEDFC604E1A618978273448D16FCAFE98D244642E9EAD ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:13:25.0515 0x1128  Audiosrv - ok
14:13:25.0687 0x1128  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
14:13:25.0718 0x1128  AVP16.0.0 - ok
14:13:25.0749 0x1128  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:13:25.0781 0x1128  AxInstSV - ok
14:13:25.0859 0x1128  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:13:25.0874 0x1128  b06bdrv - ok
14:13:25.0921 0x1128  [ C0D49B86B9A3C081FD96E5EDEB7373FA, F9C70993A0F92CD5A798DE3C6150845C1965A1AF43C59001285F3BBEC0681A6F ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
14:13:25.0937 0x1128  b57xdbd - ok
14:13:25.0968 0x1128  [ B2B4C0169F3D2BB1106B61C04EE6145B, FD58739228479F525AB748C293C6112A94792584773C6A17E1D1478611B606C0 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
14:13:25.0968 0x1128  b57xdmp - ok
14:13:26.0015 0x1128  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:13:26.0031 0x1128  BasicDisplay - ok
14:13:26.0062 0x1128  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:13:26.0078 0x1128  BasicRender - ok
14:13:26.0109 0x1128  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
14:13:26.0124 0x1128  bcmfn - ok
14:13:26.0171 0x1128  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:13:26.0203 0x1128  bcmfn2 - ok
14:13:26.0265 0x1128  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:13:26.0312 0x1128  BDESVC - ok
14:13:26.0343 0x1128  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:13:26.0359 0x1128  Beep - ok
14:13:26.0406 0x1128  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
14:13:26.0453 0x1128  BFE - ok
14:13:26.0562 0x1128  [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS            C:\WINDOWS\System32\qmgr.dll
14:13:26.0640 0x1128  BITS - ok
14:13:26.0656 0x1128  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:13:26.0718 0x1128  bowser - ok
14:13:26.0796 0x1128  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:13:26.0843 0x1128  BrokerInfrastructure - ok
14:13:26.0874 0x1128  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
14:13:26.0906 0x1128  Browser - ok
14:13:26.0953 0x1128  [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:13:26.0968 0x1128  bScsiMSa - ok
14:13:27.0031 0x1128  [ 53EA7FADB45D4A212CE6E22E053111AB, F8EF4C90261E67433BC3E3330CF1745D2E13C667E5F71C48C785E673E8031DED ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:13:27.0046 0x1128  bScsiSDa - ok
14:13:27.0109 0x1128  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
14:13:27.0124 0x1128  BTATH_BUS - ok
14:13:27.0234 0x1128  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:13:27.0281 0x1128  BtFilter - ok
14:13:27.0328 0x1128  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:13:27.0328 0x1128  BthAvrcpTg - ok
14:13:27.0374 0x1128  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:13:27.0390 0x1128  BthHFEnum - ok
14:13:27.0406 0x1128  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:13:27.0421 0x1128  bthhfhid - ok
14:13:27.0453 0x1128  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:13:27.0484 0x1128  BthHFSrv - ok
14:13:27.0515 0x1128  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:13:27.0531 0x1128  BTHMODEM - ok
14:13:27.0718 0x1128  [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
14:13:27.0796 0x1128  BTHPORT - ok
14:13:27.0874 0x1128  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:13:27.0921 0x1128  bthserv - ok
14:13:27.0968 0x1128  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
14:13:27.0984 0x1128  BTHUSB - ok
14:13:28.0031 0x1128  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:13:28.0062 0x1128  buttonconverter - ok
14:13:28.0093 0x1128  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:13:28.0109 0x1128  CapImg - ok
14:13:28.0140 0x1128  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:13:28.0156 0x1128  cdfs - ok
14:13:28.0265 0x1128  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:13:28.0296 0x1128  CDPSvc - ok
14:13:28.0390 0x1128  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
14:13:28.0421 0x1128  CDPUserSvc - ok
14:13:28.0484 0x1128  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:13:28.0499 0x1128  cdrom - ok
14:13:28.0578 0x1128  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:13:28.0593 0x1128  CertPropSvc - ok
14:13:28.0656 0x1128  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
14:13:28.0718 0x1128  cht4iscsi - ok
14:13:28.0968 0x1128  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
14:13:29.0062 0x1128  cht4vbd - ok
14:13:29.0140 0x1128  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:13:29.0171 0x1128  circlass - ok
14:13:29.0203 0x1128  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:13:29.0234 0x1128  CLFS - ok
14:13:29.0328 0x1128  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:13:29.0390 0x1128  ClipSVC - ok
14:13:29.0437 0x1128  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
14:13:29.0468 0x1128  clreg - ok
14:13:29.0484 0x1128  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:13:29.0499 0x1128  CmBatt - ok
14:13:29.0609 0x1128  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
14:13:29.0656 0x1128  cm_km - ok
14:13:29.0749 0x1128  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:13:29.0796 0x1128  CNG - ok
14:13:29.0828 0x1128  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:13:29.0843 0x1128  cnghwassist - ok
14:13:30.0140 0x1128  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
14:13:30.0171 0x1128  CompositeBus - ok
14:13:30.0171 0x1128  COMSysApp - ok
14:13:30.0203 0x1128  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:13:30.0218 0x1128  condrv - ok
14:13:30.0281 0x1128  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:13:30.0312 0x1128  CoreMessagingRegistrar - ok
14:13:30.0921 0x1128  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:13:30.0937 0x1128  cphs - ok
14:13:30.0984 0x1128  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:13:31.0031 0x1128  CryptSvc - ok
14:13:31.0046 0x1128  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:13:31.0062 0x1128  dam - ok
14:13:31.0140 0x1128  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:13:31.0187 0x1128  DcomLaunch - ok
14:13:31.0249 0x1128  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:13:31.0296 0x1128  DcpSvc - ok
14:13:31.0359 0x1128  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:13:31.0406 0x1128  defragsvc - ok
14:13:31.0484 0x1128  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:13:31.0562 0x1128  DeviceAssociationService - ok
14:13:31.0624 0x1128  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:13:31.0656 0x1128  DeviceInstall - ok
14:13:31.0687 0x1128  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:13:31.0718 0x1128  DevQueryBroker - ok
14:13:31.0781 0x1128  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:13:31.0828 0x1128  Dfsc - ok
14:13:31.0890 0x1128  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:13:31.0921 0x1128  Dhcp - ok
14:13:31.0999 0x1128  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:13:32.0031 0x1128  diagnosticshub.standardcollector.service - ok
14:13:32.0296 0x1128  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:13:32.0406 0x1128  DiagTrack - ok
14:13:32.0421 0x1128  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:13:32.0437 0x1128  disk - ok
14:13:32.0499 0x1128  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:13:32.0546 0x1128  DmEnrollmentSvc - ok
14:13:32.0593 0x1128  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:13:32.0640 0x1128  dmvsc - ok
14:13:32.0718 0x1128  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:13:32.0765 0x1128  dmwappushservice - ok
14:13:32.0874 0x1128  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:13:32.0906 0x1128  Dnscache - ok
14:13:32.0999 0x1128  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:13:33.0109 0x1128  dot3svc - ok
14:13:33.0140 0x1128  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
14:13:33.0218 0x1128  DPS - ok
14:13:33.0249 0x1128  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
14:13:33.0265 0x1128  drmkaud - ok
14:13:33.0328 0x1128  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:13:33.0359 0x1128  DsmSvc - ok
14:13:33.0390 0x1128  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:13:33.0421 0x1128  DsSvc - ok
14:13:33.0749 0x1128  [ A39F5D1A0BB032DDDBAD3A0C050B1049, BDA669BCF60EFB17A539CE8474613B0AC69E9976F6C3080ED325B9EA4D8C0AF5 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:13:33.0812 0x1128  DXGKrnl - ok
14:13:33.0859 0x1128  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:13:33.0874 0x1128  EapHost - ok
14:13:34.0265 0x1128  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:13:34.0437 0x1128  ebdrv - ok
14:13:34.0453 0x1128  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
14:13:34.0468 0x1128  EFS - ok
14:13:34.0531 0x1128  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:13:34.0562 0x1128  EhStorClass - ok
14:13:34.0609 0x1128  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:13:34.0624 0x1128  EhStorTcgDrv - ok
14:13:34.0671 0x1128  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:13:34.0718 0x1128  embeddedmode - ok
14:13:34.0765 0x1128  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:13:34.0796 0x1128  EntAppSvc - ok
14:13:34.0843 0x1128  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:13:34.0874 0x1128  ErrDev - ok
14:13:34.0953 0x1128  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
14:13:34.0984 0x1128  ETD - ok
14:13:35.0062 0x1128  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
14:13:35.0093 0x1128  ETDService - ok
14:13:35.0203 0x1128  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
14:13:35.0249 0x1128  EventSystem - ok
14:13:35.0296 0x1128  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:13:35.0328 0x1128  exfat - ok
14:13:35.0421 0x1128  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:13:35.0453 0x1128  fastfat - ok
14:13:35.0562 0x1128  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:13:35.0687 0x1128  Fax - ok
14:13:35.0703 0x1128  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:13:35.0718 0x1128  fdc - ok
14:13:35.0812 0x1128  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:13:36.0000 0x1128  fdPHost - ok
14:13:36.0078 0x1128  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:13:36.0093 0x1128  FDResPub - ok
14:13:36.0125 0x1128  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:13:36.0171 0x1128  fhsvc - ok
14:13:36.0218 0x1128  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:13:36.0250 0x1128  FileCrypt - ok
14:13:36.0265 0x1128  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:13:36.0281 0x1128  FileInfo - ok
14:13:36.0359 0x1128  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:13:36.0421 0x1128  Filetrace - ok
14:13:36.0453 0x1128  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:13:36.0484 0x1128  flpydisk - ok
14:13:36.0500 0x1128  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:13:36.0531 0x1128  FltMgr - ok
14:13:36.0718 0x1128  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:13:36.0781 0x1128  FontCache - ok
14:13:36.0890 0x1128  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:13:36.0906 0x1128  FontCache3.0.0.0 - ok
14:13:37.0000 0x1128  [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
14:13:37.0046 0x1128  FrameServer - ok
14:13:37.0062 0x1128  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:13:37.0078 0x1128  FsDepends - ok
14:13:37.0093 0x1128  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:13:37.0109 0x1128  Fs_Rec - ok
14:13:37.0140 0x1128  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:13:37.0171 0x1128  fvevol - ok
14:13:37.0234 0x1128  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:13:37.0265 0x1128  gencounter - ok
14:13:37.0296 0x1128  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:13:37.0359 0x1128  genericusbfn - ok
14:13:37.0406 0x1128  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:13:37.0421 0x1128  GPIOClx0101 - ok
14:13:37.0562 0x1128  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:13:37.0640 0x1128  gpsvc - ok
14:13:37.0656 0x1128  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:13:37.0671 0x1128  GpuEnergyDrv - ok
14:13:37.0703 0x1128  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:13:37.0734 0x1128  HDAudBus - ok
14:13:37.0796 0x1128  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:13:37.0812 0x1128  HidBatt - ok
14:13:37.0812 0x1128  Scan was interrupted by user!
14:13:37.0812 0x1128  Waiting for KSN requests completion. In queue: 114
14:13:38.0828 0x1128  Waiting for KSN requests completion. In queue: 114
14:13:39.0906 0x1128  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
14:13:40.0000 0x1128  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x62100 ( disabled : updated )
14:13:40.0015 0x1128  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
14:13:50.0156 0x1128  ============================================================
14:13:50.0172 0x1128  Scan finished
14:13:50.0172 0x1128  ============================================================
14:13:50.0187 0x2a0c  Detected object count: 0
14:13:50.0187 0x2a0c  Actual detected object count: 0
14:13:59.0859 0x2434  ============================================================
14:13:59.0859 0x2434  Scan started
14:13:59.0859 0x2434  Mode: Manual; SigCheck; TDLFS; 
14:13:59.0859 0x2434  ============================================================
14:13:59.0859 0x2434  KSN ping started
14:14:19.0906 0x2434  KSN ping finished: true
14:14:22.0453 0x2434  ================ Scan system memory ========================
14:14:22.0453 0x2434  System memory - ok
14:14:22.0469 0x2434  ================ Scan services =============================
14:14:23.0375 0x2434  [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
14:14:23.0406 0x2434  1394ohci - ok
14:14:23.0453 0x2434  [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
14:14:23.0453 0x2434  3ware - ok
14:14:23.0578 0x2434  [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
14:14:23.0625 0x2434  ACPI - ok
14:14:23.0672 0x2434  [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev         C:\WINDOWS\System32\drivers\AcpiDev.sys
14:14:23.0688 0x2434  AcpiDev - ok
14:14:23.0719 0x2434  [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
14:14:23.0750 0x2434  acpiex - ok
14:14:23.0766 0x2434  [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
14:14:23.0781 0x2434  acpipagr - ok
14:14:23.0860 0x2434  [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
14:14:23.0891 0x2434  AcpiPmi - ok
14:14:23.0906 0x2434  [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
14:14:23.0938 0x2434  acpitime - ok
14:14:24.0110 0x2434  [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
14:14:24.0141 0x2434  ADP80XX - ok
14:14:24.0203 0x2434  [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD             C:\WINDOWS\system32\drivers\afd.sys
14:14:24.0219 0x2434  AFD - ok
14:14:24.0281 0x2434  [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
14:14:24.0313 0x2434  ahcache - ok
14:14:24.0375 0x2434  [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter        C:\WINDOWS\System32\AJRouter.dll
14:14:24.0406 0x2434  AJRouter - ok
14:14:24.0438 0x2434  [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG             C:\WINDOWS\System32\alg.exe
14:14:24.0453 0x2434  ALG - ok
14:14:24.0485 0x2434  [ CA5D49FE7992628A02BB110248E1DDFE, AFB28A1F465A0C470C0EDF8708AADD3ABCD23AC9987C9E8B4C0015FD827EB576 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
14:14:24.0500 0x2434  AMD External Events Utility - ok
14:14:24.0610 0x2434  [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
14:14:24.0641 0x2434  AmdK8 - ok
14:14:24.0688 0x2434  amdkmdag - ok
14:14:24.0797 0x2434  [ 3A261C58BC747EBED2CB58069B497F69, E13C0F6340E398BB5BF519B750A5A9019BC589F1A5CE7C77D3DCF038A79EE903 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
14:14:24.0828 0x2434  amdkmdap - ok
14:14:24.0891 0x2434  [ 8A375CB3B6D1A56A2AEEE72A5F1D0926, 03D6EA77B141675B719E66DA09D1DACC7137B19F9918C303DD6870B3F36ADEBB ] amdkmpfd        C:\WINDOWS\system32\drivers\amdkmpfd.sys
14:14:24.0906 0x2434  amdkmpfd - ok
14:14:24.0969 0x2434  [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
14:14:25.0000 0x2434  AmdPPM - ok
14:14:25.0047 0x2434  [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
14:14:25.0047 0x2434  amdsata - ok
14:14:25.0141 0x2434  [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
14:14:25.0172 0x2434  amdsbs - ok
14:14:25.0203 0x2434  [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
14:14:25.0219 0x2434  amdxata - ok
14:14:25.0281 0x2434  [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID           C:\WINDOWS\system32\drivers\appid.sys
14:14:25.0313 0x2434  AppID - ok
14:14:25.0391 0x2434  [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
14:14:25.0422 0x2434  AppIDSvc - ok
14:14:25.0469 0x2434  [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
14:14:25.0500 0x2434  Appinfo - ok
14:14:25.0578 0x2434  [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr   C:\WINDOWS\system32\drivers\applockerfltr.sys
14:14:25.0610 0x2434  applockerfltr - ok
14:14:25.0703 0x2434  [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
14:14:25.0813 0x2434  AppReadiness - ok
14:14:26.0078 0x2434  [ 1212D65C0B8757ACF1201785B3BD4CDC, 7FDB781ED2DEB296371E7ACFC2A34DDB5A7742A2883C486E465C1D4617D9EC80 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
14:14:26.0156 0x2434  AppXSvc - ok
14:14:26.0188 0x2434  [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
14:14:26.0188 0x2434  arcsas - ok
14:14:26.0219 0x2434  [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac        C:\WINDOWS\System32\drivers\asyncmac.sys
14:14:26.0219 0x2434  AsyncMac - ok
14:14:26.0281 0x2434  [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
14:14:26.0297 0x2434  atapi - ok
14:14:26.0672 0x2434  [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr            C:\WINDOWS\System32\drivers\athw8x.sys
14:14:26.0813 0x2434  athr - ok
14:14:26.0875 0x2434  [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
14:14:26.0922 0x2434  AudioEndpointBuilder - ok
14:14:27.0141 0x2434  [ FDD11F6C771FC6FD5EAE7D2D7502D39A, 4E75EA7BB36D2FACF71DEDFC604E1A618978273448D16FCAFE98D244642E9EAD ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
14:14:27.0203 0x2434  Audiosrv - ok
14:14:27.0391 0x2434  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
14:14:27.0406 0x2434  AVP16.0.0 - ok
14:14:27.0438 0x2434  [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
14:14:27.0453 0x2434  AxInstSV - ok
14:14:27.0563 0x2434  [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
14:14:27.0594 0x2434  b06bdrv - ok
14:14:27.0625 0x2434  [ C0D49B86B9A3C081FD96E5EDEB7373FA, F9C70993A0F92CD5A798DE3C6150845C1965A1AF43C59001285F3BBEC0681A6F ] b57xdbd         C:\WINDOWS\System32\drivers\b57xdbd.sys
14:14:27.0641 0x2434  b57xdbd - ok
14:14:27.0656 0x2434  [ B2B4C0169F3D2BB1106B61C04EE6145B, FD58739228479F525AB748C293C6112A94792584773C6A17E1D1478611B606C0 ] b57xdmp         C:\WINDOWS\System32\drivers\b57xdmp.sys
14:14:27.0672 0x2434  b57xdmp - ok
14:14:27.0703 0x2434  [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
14:14:27.0735 0x2434  BasicDisplay - ok
14:14:27.0891 0x2434  [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
14:14:27.0906 0x2434  BasicRender - ok
14:14:27.0953 0x2434  [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn           C:\WINDOWS\System32\drivers\bcmfn.sys
14:14:27.0969 0x2434  bcmfn - ok
14:14:27.0985 0x2434  [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
14:14:28.0016 0x2434  bcmfn2 - ok
14:14:28.0047 0x2434  [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
14:14:28.0094 0x2434  BDESVC - ok
14:14:28.0125 0x2434  [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:14:28.0141 0x2434  Beep - ok
14:14:28.0297 0x2434  [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE             C:\WINDOWS\System32\bfe.dll
14:14:28.0360 0x2434  BFE - ok
14:14:28.0500 0x2434  [ BC27BF1FCD63540A194E549FB80C9C8D, E0D698201AC00BA8A8D8E2B19FAAB6DD0488E837EDB011943ACAD5E72EF281DA ] BITS            C:\WINDOWS\System32\qmgr.dll
14:14:28.0594 0x2434  BITS - ok
14:14:28.0625 0x2434  [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
14:14:28.0656 0x2434  bowser - ok
14:14:28.0735 0x2434  [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
14:14:28.0797 0x2434  BrokerInfrastructure - ok
14:14:28.0875 0x2434  [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser         C:\WINDOWS\System32\browser.dll
14:14:28.0922 0x2434  Browser - ok
14:14:28.0953 0x2434  [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa        C:\WINDOWS\System32\drivers\bScsiMSa.sys
14:14:28.0985 0x2434  bScsiMSa - ok
14:14:29.0031 0x2434  [ 53EA7FADB45D4A212CE6E22E053111AB, F8EF4C90261E67433BC3E3330CF1745D2E13C667E5F71C48C785E673E8031DED ] bScsiSDa        C:\WINDOWS\System32\drivers\bScsiSDa.sys
14:14:29.0047 0x2434  bScsiSDa - ok
14:14:29.0110 0x2434  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
14:14:29.0141 0x2434  BTATH_BUS - ok
14:14:29.0203 0x2434  [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
14:14:29.0266 0x2434  BtFilter - ok
14:14:29.0328 0x2434  [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
14:14:29.0360 0x2434  BthAvrcpTg - ok
14:14:29.0391 0x2434  [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
14:14:29.0406 0x2434  BthHFEnum - ok
14:14:29.0438 0x2434  [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
14:14:29.0453 0x2434  bthhfhid - ok
14:14:29.0500 0x2434  [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
14:14:29.0516 0x2434  BthHFSrv - ok
14:14:29.0563 0x2434  [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
14:14:29.0578 0x2434  BTHMODEM - ok
14:14:29.0688 0x2434  [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT         C:\WINDOWS\System32\drivers\BTHport.sys
14:14:29.0797 0x2434  BTHPORT - ok
14:14:29.0860 0x2434  [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv         C:\WINDOWS\system32\bthserv.dll
14:14:29.0891 0x2434  bthserv - ok
14:14:29.0953 0x2434  [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB          C:\WINDOWS\System32\drivers\BTHUSB.sys
14:14:29.0985 0x2434  BTHUSB - ok
14:14:30.0016 0x2434  [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
14:14:30.0031 0x2434  buttonconverter - ok
14:14:30.0063 0x2434  [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg          C:\WINDOWS\System32\drivers\capimg.sys
14:14:30.0078 0x2434  CapImg - ok
14:14:30.0110 0x2434  [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
14:14:30.0141 0x2434  cdfs - ok
14:14:30.0188 0x2434  [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc          C:\WINDOWS\System32\CDPSvc.dll
14:14:30.0203 0x2434  CDPSvc - ok
14:14:30.0235 0x2434  [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc      C:\WINDOWS\System32\CDPUserSvc.dll
14:14:30.0266 0x2434  CDPUserSvc - ok
14:14:30.0297 0x2434  [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
14:14:30.0297 0x2434  cdrom - ok
14:14:30.0344 0x2434  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
14:14:30.0360 0x2434  CertPropSvc - ok
14:14:30.0453 0x2434  [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi       C:\WINDOWS\system32\drivers\cht4sx64.sys
14:14:30.0485 0x2434  cht4iscsi - ok
14:14:30.0641 0x2434  [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd         C:\WINDOWS\System32\drivers\cht4vx64.sys
14:14:30.0688 0x2434  cht4vbd - ok
14:14:30.0766 0x2434  [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
14:14:30.0797 0x2434  circlass - ok
14:14:30.0844 0x2434  [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
14:14:30.0860 0x2434  CLFS - ok
14:14:30.0938 0x2434  [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC         C:\WINDOWS\System32\ClipSVC.dll
14:14:30.0969 0x2434  ClipSVC - ok
14:14:31.0016 0x2434  [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg           C:\WINDOWS\System32\drivers\registry.sys
14:14:31.0047 0x2434  clreg - ok
14:14:31.0110 0x2434  [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
14:14:31.0156 0x2434  CmBatt - ok
14:14:31.0235 0x2434  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km           C:\WINDOWS\system32\DRIVERS\cm_km.sys
14:14:31.0266 0x2434  cm_km - ok
14:14:31.0360 0x2434  [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
14:14:31.0391 0x2434  CNG - ok
14:14:31.0438 0x2434  [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
14:14:31.0438 0x2434  cnghwassist - ok
14:14:31.0813 0x2434  [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus    C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
14:14:31.0844 0x2434  CompositeBus - ok
14:14:31.0860 0x2434  COMSysApp - ok
14:14:31.0907 0x2434  [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
14:14:31.0938 0x2434  condrv - ok
14:14:32.0032 0x2434  [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
14:14:32.0063 0x2434  CoreMessagingRegistrar - ok
14:14:32.0438 0x2434  [ 700A193A1555B083E3A08F5D3A844925, 974F7F0C78289EFE821407E418EB65A022D6445DED8EA112B9866784AF0221EE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
14:14:32.0469 0x2434  cphs - ok
14:14:32.0516 0x2434  [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
14:14:32.0531 0x2434  CryptSvc - ok
14:14:32.0547 0x2434  [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam             C:\WINDOWS\system32\drivers\dam.sys
14:14:32.0563 0x2434  dam - ok
14:14:32.0625 0x2434  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:14:32.0672 0x2434  DcomLaunch - ok
14:14:32.0719 0x2434  [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc          C:\WINDOWS\system32\dcpsvc.dll
14:14:32.0735 0x2434  DcpSvc - ok
14:14:32.0844 0x2434  [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
14:14:32.0891 0x2434  defragsvc - ok
14:14:32.0985 0x2434  [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
14:14:33.0063 0x2434  DeviceAssociationService - ok
14:14:33.0094 0x2434  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
14:14:33.0125 0x2434  DeviceInstall - ok
14:14:33.0172 0x2434  [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker  C:\WINDOWS\system32\DevQueryBroker.dll
14:14:33.0203 0x2434  DevQueryBroker - ok
14:14:33.0235 0x2434  [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
14:14:33.0250 0x2434  Dfsc - ok
14:14:33.0328 0x2434  [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
14:14:33.0438 0x2434  Dhcp - ok
14:14:33.0516 0x2434  [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
14:14:33.0547 0x2434  diagnosticshub.standardcollector.service - ok
14:14:33.0735 0x2434  [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
14:14:33.0844 0x2434  DiagTrack - ok
14:14:33.0875 0x2434  [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk            C:\WINDOWS\system32\drivers\disk.sys
14:14:33.0891 0x2434  disk - ok
14:14:33.0922 0x2434  [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
14:14:33.0953 0x2434  DmEnrollmentSvc - ok
14:14:33.0985 0x2434  [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
14:14:34.0016 0x2434  dmvsc - ok
14:14:34.0047 0x2434  [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
14:14:34.0063 0x2434  dmwappushservice - ok
14:14:34.0188 0x2434  [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:14:34.0219 0x2434  Dnscache - ok
14:14:34.0313 0x2434  [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:14:34.0344 0x2434  dot3svc - ok
14:14:34.0391 0x2434  [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS             C:\WINDOWS\system32\dps.dll
14:14:34.0422 0x2434  DPS - ok
14:14:34.0453 0x2434  [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud         C:\WINDOWS\system32\DRIVERS\drmkaud.sys
14:14:34.0469 0x2434  drmkaud - ok
14:14:34.0516 0x2434  [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
14:14:34.0547 0x2434  DsmSvc - ok
14:14:34.0578 0x2434  [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc           C:\WINDOWS\System32\DsSvc.dll
14:14:34.0594 0x2434  DsSvc - ok
14:14:34.0688 0x2434  [ A39F5D1A0BB032DDDBAD3A0C050B1049, BDA669BCF60EFB17A539CE8474613B0AC69E9976F6C3080ED325B9EA4D8C0AF5 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
14:14:34.0828 0x2434  DXGKrnl - ok
14:14:34.0875 0x2434  [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:14:34.0891 0x2434  EapHost - ok
14:14:35.0219 0x2434  [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
14:14:35.0375 0x2434  ebdrv - ok
14:14:35.0407 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS             C:\WINDOWS\System32\lsass.exe
14:14:35.0422 0x2434  EFS - ok
14:14:35.0453 0x2434  [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
14:14:35.0469 0x2434  EhStorClass - ok
14:14:35.0500 0x2434  [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
14:14:35.0532 0x2434  EhStorTcgDrv - ok
14:14:35.0563 0x2434  [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode    C:\WINDOWS\System32\embeddedmodesvc.dll
14:14:35.0594 0x2434  embeddedmode - ok
14:14:35.0703 0x2434  [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc       C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
14:14:35.0750 0x2434  EntAppSvc - ok
14:14:35.0782 0x2434  [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
14:14:35.0813 0x2434  ErrDev - ok
14:14:35.0860 0x2434  [ 6BD85B39B7B23F03B24CF641ED29147B, 850F21750BB39E5239B1584E1117844CAAAF6A5C58E79366552309F917675CE5 ] ETD             C:\WINDOWS\system32\DRIVERS\ETD.sys
14:14:35.0891 0x2434  ETD - ok
14:14:36.0016 0x2434  [ 8916EACF1256E1C5A3AF81FD39C747E7, FF28FB95E9F9287C1005CF0D9EB84F7CA3D137689862860C9848398504E1EFFF ] ETDService      C:\Program Files\Elantech\ETDService.exe
14:14:36.0047 0x2434  ETDService - ok
14:14:36.0188 0x2434  [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem     C:\WINDOWS\system32\es.dll
14:14:36.0235 0x2434  EventSystem - ok
14:14:36.0297 0x2434  [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
14:14:36.0344 0x2434  exfat - ok
14:14:36.0391 0x2434  [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
14:14:36.0407 0x2434  fastfat - ok
14:14:36.0469 0x2434  [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:14:36.0516 0x2434  Fax - ok
14:14:36.0563 0x2434  [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
14:14:36.0563 0x2434  fdc - ok
14:14:36.0625 0x2434  [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
14:14:36.0672 0x2434  fdPHost - ok
14:14:36.0688 0x2434  [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
14:14:36.0719 0x2434  FDResPub - ok
14:14:36.0750 0x2434  [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
14:14:36.0766 0x2434  fhsvc - ok
14:14:36.0797 0x2434  [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt       C:\WINDOWS\system32\drivers\filecrypt.sys
14:14:36.0813 0x2434  FileCrypt - ok
14:14:36.0844 0x2434  [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
14:14:36.0844 0x2434  FileInfo - ok
14:14:36.0907 0x2434  [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
14:14:36.0938 0x2434  Filetrace - ok
14:14:36.0969 0x2434  [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
14:14:36.0985 0x2434  flpydisk - ok
14:14:37.0016 0x2434  [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:14:37.0032 0x2434  FltMgr - ok
14:14:37.0297 0x2434  [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache       C:\WINDOWS\system32\FntCache.dll
14:14:37.0422 0x2434  FontCache - ok
14:14:37.0547 0x2434  [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:14:37.0578 0x2434  FontCache3.0.0.0 - ok
14:14:37.0657 0x2434  [ AF0811F38B56B57B3FF53F14E04AA1B0, 45DC6775762E4E9216DAF3914A3C99C536BFF96E1CF8577FC4B5758248D1D043 ] FrameServer     C:\WINDOWS\system32\FrameServer.dll
14:14:37.0735 0x2434  FrameServer - ok
14:14:37.0766 0x2434  [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
14:14:37.0782 0x2434  FsDepends - ok
14:14:37.0797 0x2434  [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:14:37.0813 0x2434  Fs_Rec - ok
14:14:37.0860 0x2434  [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
14:14:37.0891 0x2434  fvevol - ok
14:14:37.0953 0x2434  [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
14:14:37.0985 0x2434  gencounter - ok
14:14:38.0016 0x2434  [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn    C:\WINDOWS\System32\drivers\genericusbfn.sys
14:14:38.0047 0x2434  genericusbfn - ok
14:14:38.0078 0x2434  [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
14:14:38.0094 0x2434  GPIOClx0101 - ok
14:14:38.0203 0x2434  [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
14:14:38.0313 0x2434  gpsvc - ok
14:14:38.0328 0x2434  [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv    C:\WINDOWS\system32\drivers\gpuenergydrv.sys
14:14:38.0344 0x2434  GpuEnergyDrv - ok
14:14:38.0375 0x2434  [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
14:14:38.0485 0x2434  HDAudBus - ok
14:14:38.0532 0x2434  [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
14:14:38.0547 0x2434  HidBatt - ok
14:14:38.0578 0x2434  [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
14:14:38.0610 0x2434  HidBth - ok
14:14:38.0641 0x2434  [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
14:14:38.0672 0x2434  hidi2c - ok
14:14:38.0703 0x2434  [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt    C:\WINDOWS\System32\drivers\hidinterrupt.sys
14:14:38.0735 0x2434  hidinterrupt - ok
14:14:38.0766 0x2434  [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
14:14:38.0797 0x2434  HidIr - ok
14:14:38.0844 0x2434  [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv         C:\WINDOWS\system32\hidserv.dll
14:14:38.0844 0x2434  hidserv - ok
14:14:38.0875 0x2434  [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
14:14:38.0891 0x2434  HidUsb - ok
14:14:38.0938 0x2434  [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
14:14:38.0953 0x2434  HomeGroupListener - ok
14:14:39.0047 0x2434  [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
14:14:39.0110 0x2434  HomeGroupProvider - ok
14:14:39.0157 0x2434  [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
14:14:39.0188 0x2434  HpSAMD - ok
14:14:39.0266 0x2434  [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
14:14:39.0344 0x2434  HTTP - ok
14:14:39.0407 0x2434  [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost          C:\WINDOWS\System32\hvhostsvc.dll
14:14:39.0438 0x2434  HvHost - ok
14:14:39.0516 0x2434  [ 9B6C35343348CC1B5E9D81F0702A3271, DB25C9FA14A197568B1023A40A83348CE14C9C118854B83372C6D2AE3C323156 ] hvservice       C:\WINDOWS\system32\drivers\hvservice.sys
14:14:39.0547 0x2434  hvservice - ok
14:14:39.0594 0x2434  [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
14:14:39.0610 0x2434  hwpolicy - ok
14:14:39.0688 0x2434  [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
14:14:39.0719 0x2434  hyperkbd - ok
14:14:39.0782 0x2434  [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
14:14:39.0813 0x2434  i8042prt - ok
14:14:39.0844 0x2434  [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio          C:\WINDOWS\System32\drivers\iagpio.sys
14:14:39.0875 0x2434  iagpio - ok
14:14:39.0891 0x2434  [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c           C:\WINDOWS\System32\drivers\iai2c.sys
14:14:39.0922 0x2434  iai2c - ok
14:14:39.0954 0x2434  [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2  C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
14:14:39.0969 0x2434  iaLPSS2i_GPIO2 - ok
14:14:40.0032 0x2434  [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C    C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
14:14:40.0063 0x2434  iaLPSS2i_I2C - ok
14:14:40.0110 0x2434  [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
14:14:40.0125 0x2434  iaLPSSi_GPIO - ok
14:14:40.0141 0x2434  [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
14:14:40.0172 0x2434  iaLPSSi_I2C - ok
14:14:40.0344 0x2434  [ D502656B5AD89DA2FA32A8C971963D65, 7CCC4458B36FC8E7CF2271668D90787E1D5240C81881F8C47F04945530F162CB ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
14:14:40.0391 0x2434  iaStorA - ok
14:14:40.0438 0x2434  [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
14:14:40.0485 0x2434  iaStorAV - ok
14:14:40.0578 0x2434  [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
14:14:40.0625 0x2434  iaStorV - ok
14:14:40.0672 0x2434  [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus           C:\WINDOWS\System32\drivers\ibbus.sys
14:14:40.0688 0x2434  ibbus - ok
14:14:40.0828 0x2434  [ D8808F658B310B89EEA036FA618A3BD4, FD43C69FC6110614ED5542210F7BC3326A09B73C67144B84194591247844A021 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
14:14:40.0860 0x2434  ICCS - ok
14:14:41.0000 0x2434  [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT          C:\WINDOWS\System32\drivers\ICCWDT.sys
14:14:41.0032 0x2434  ICCWDT - ok
14:14:41.0079 0x2434  [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc          C:\WINDOWS\System32\tetheringservice.dll
14:14:41.0094 0x2434  icssvc - ok
14:14:41.0610 0x2434  [ 548712979B0BA12ECE2D8549797593D4, 6809412A76DE30C914A65BB8546E436AD540E00610D5D13FDE486C4446E95C24 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
14:14:41.0891 0x2434  igfx - ok
14:14:41.0938 0x2434  [ BA1BA1C9E40BCEB88678747C1E7C256F, C85CC690D353FCEBFD243304C25EEAA2BC13DB1E2A4C8C65371F455511540959 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
14:14:41.0953 0x2434  igfxCUIService2.0.0.0 - ok
14:14:42.0000 0x2434  [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
14:14:42.0047 0x2434  IKEEXT - ok
14:14:42.0079 0x2434  [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd     C:\WINDOWS\System32\drivers\IndirectKmd.sys
14:14:42.0094 0x2434  IndirectKmd - ok
14:14:42.0516 0x2434  [ AE9504C852D3A9C7A12D0E46E29C2639, 251BF92A1F9FC0371D2FB5EBB5AE0D243C27E917DF81299810B6BFD589091725 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
14:14:42.0703 0x2434  IntcAzAudAddService - ok
14:14:42.0797 0x2434  [ 75F82406DF455D812101146EE4EB6FCD, 771D24DFF69097C1181C46D635A6CF2FDBE3EBC81BA2C156F571875C23F11676 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
14:14:42.0829 0x2434  IntcDAud - ok
14:14:42.0954 0x2434  [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
14:14:43.0000 0x2434  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
14:14:44.0079 0x2434  Detect skipped due to KSN trusted
14:14:44.0079 0x2434  Intel(R) Capability Licensing Service Interface - ok
14:14:44.0172 0x2434  [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
14:14:44.0204 0x2434  Intel(R) Capability Licensing Service TCP IP Interface - ok
14:14:44.0219 0x2434  [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
14:14:44.0250 0x2434  intelide - ok
14:14:44.0266 0x2434  [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
14:14:44.0282 0x2434  intelpep - ok
14:14:44.0297 0x2434  [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
14:14:44.0329 0x2434  intelppm - ok
14:14:44.0360 0x2434  [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate          C:\WINDOWS\system32\drivers\iorate.sys
14:14:44.0391 0x2434  iorate - ok
14:14:44.0422 0x2434  [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:14:44.0454 0x2434  IpFilterDriver - ok
14:14:44.0625 0x2434  [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
14:14:44.0657 0x2434  iphlpsvc - ok
14:14:44.0688 0x2434  [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
14:14:44.0719 0x2434  IPMIDRV - ok
14:14:44.0797 0x2434  [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
14:14:44.0844 0x2434  IPNAT - ok
14:14:44.0860 0x2434  [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda            C:\WINDOWS\system32\drivers\irda.sys
14:14:44.0875 0x2434  irda - ok
14:14:44.0938 0x2434  [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys

Winja · 09.09.2016, 13:39

Teil 2:

Code:

ATTFilter

Teil 2:

	Code: 

 ATTFilter

  
	14:14:44.0985 0x2434  IRENUM - ok
14:14:45.0032 0x2434  [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon           C:\WINDOWS\System32\irmon.dll
14:14:45.0047 0x2434  irmon - ok
14:14:45.0079 0x2434  [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
14:14:45.0094 0x2434  isapnp - ok
14:14:45.0157 0x2434  [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
14:14:45.0204 0x2434  iScsiPrt - ok
14:14:45.0313 0x2434  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
14:14:45.0329 0x2434  jhi_service - ok
14:14:45.0438 0x2434  [ 8438B8A45E16258064C19FBEC4EE069F, 9128F825403B26A39BC769A53555DF1FD2B82882AF1384135D0329FCF2BBAC6D ] k57nd60a        C:\WINDOWS\System32\drivers\k57nd60a.sys
14:14:45.0469 0x2434  k57nd60a - ok
14:14:45.0500 0x2434  [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
14:14:45.0500 0x2434  kbdclass - ok
14:14:45.0532 0x2434  [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
14:14:45.0563 0x2434  kbdhid - ok
14:14:45.0594 0x2434  [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic           C:\WINDOWS\System32\drivers\kdnic.sys
14:14:45.0594 0x2434  kdnic - ok
14:14:45.0610 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso          C:\WINDOWS\system32\lsass.exe
14:14:45.0625 0x2434  KeyIso - ok
14:14:45.0750 0x2434  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1             C:\WINDOWS\system32\DRIVERS\kl1.sys
14:14:45.0813 0x2434  kl1 - ok
14:14:45.0844 0x2434  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
14:14:45.0860 0x2434  klbackupdisk - ok
14:14:45.0922 0x2434  [ 2B4BC41223326FF440E2DB32B9239138, E95D5BB3388D6B219A4C175D5DA77CEB620A27A13F5AA4E7E2C05694B6E26947 ] klbackupflt     C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
14:14:45.0954 0x2434  klbackupflt - ok
14:14:45.0985 0x2434  [ 80D7529E1CF09261FADF55E69EFDA90B, 2FE5EC38866E12D78AE3F4AD8CF647BDED616E8A36D9D737F9B6564DDA4685E7 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
14:14:46.0000 0x2434  kldisk - ok
14:14:46.0047 0x2434  [ E2097C8F18F1E8E3B7D09F12B51843A3, 0506A99BD0962AAE64692BD7F080DB080F8B678DC59685CF22830A47B486430C ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
14:14:46.0079 0x2434  klelam - ok
14:14:46.0172 0x2434  [ BACE50477C184A3AA0755702C23B8B27, 5708A1B7C22702AD2E5DD4491A911A51D2FB768E46857639C0C5D8736E487D0F ] klflt           C:\WINDOWS\system32\DRIVERS\klflt.sys
14:14:46.0188 0x2434  klflt - ok
14:14:46.0297 0x2434  [ BE1DF4E950FF00A19BB72FA29CAEE32E, 24D8111B8782B4FB8612AB9DCE6A3A5EA63CE4B75DC717D0ECC5C6BCBCCF01AA ] klhk            C:\WINDOWS\system32\DRIVERS\klhk.sys
14:14:46.0329 0x2434  klhk - ok
14:14:46.0485 0x2434  [ B72D1864B3EC6E429DB127A642CFB8BB, 43954F7E04158D79D44D0D6866838043A2B49B49EBF15A57DB120DB7AC3C19CE ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
14:14:46.0547 0x2434  KLIF - ok
14:14:46.0641 0x2434  [ 161573B8BE82D24ED8B5B8EBA01245EA, 3CC124C717C2484A4DE0D415A2564D62D1A4B6E9DED65136B094304FCDE74CE0 ] KLIM6           C:\WINDOWS\system32\DRIVERS\klim6.sys
14:14:46.0672 0x2434  KLIM6 - ok
14:14:46.0735 0x2434  [ DAE5768E6FD34A36E3B9D1AF1FCA682B, 24DA0B71E3B4AC0FABEE0BF687DF8D35283DBF808CA3AB6F86E72B37471F6B33 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
14:14:46.0735 0x2434  klkbdflt - ok
14:14:46.0766 0x2434  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
14:14:46.0766 0x2434  klmouflt - ok
14:14:46.0813 0x2434  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
14:14:46.0813 0x2434  klpd - ok
14:14:46.0844 0x2434  [ 8334692AFEB3289984B40898B6B30C06, 6A337CC33B0EFC3B61BFCABFDFE305BE1D334620FB4D87DDEDBC8214966D6DDE ] klwfp           C:\WINDOWS\system32\DRIVERS\klwfp.sys
14:14:46.0860 0x2434  klwfp - ok
14:14:46.0922 0x2434  [ 91234D71CEED29F2DBA16942CABDCA4F, 5D71BAC86C33BC77EEBF1ECB8F372DFE631991E4C5F36EAF0C8C957150BD6D52 ] Klwtp           C:\WINDOWS\system32\DRIVERS\klwtp.sys
14:14:46.0954 0x2434  Klwtp - ok
14:14:47.0016 0x2434  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps           C:\WINDOWS\system32\DRIVERS\kneps.sys
14:14:47.0032 0x2434  kneps - ok
14:14:47.0063 0x2434  [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
14:14:47.0079 0x2434  KSecDD - ok
14:14:47.0110 0x2434  [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
14:14:47.0125 0x2434  KSecPkg - ok
14:14:47.0125 0x2434  [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
14:14:47.0157 0x2434  ksthunk - ok
14:14:47.0188 0x2434  [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
14:14:47.0219 0x2434  KtmRm - ok
14:14:47.0266 0x2434  [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
14:14:47.0282 0x2434  LanmanServer - ok
14:14:47.0329 0x2434  [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
14:14:47.0375 0x2434  LanmanWorkstation - ok
14:14:47.0407 0x2434  [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc           C:\WINDOWS\System32\lfsvc.dll
14:14:47.0422 0x2434  lfsvc - ok
14:14:47.0469 0x2434  [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager  C:\WINDOWS\system32\LicenseManagerSvc.dll
14:14:47.0500 0x2434  LicenseManager - ok
14:14:47.0516 0x2434  [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio          C:\WINDOWS\system32\drivers\lltdio.sys
14:14:47.0547 0x2434  lltdio - ok
14:14:47.0610 0x2434  [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
14:14:47.0688 0x2434  lltdsvc - ok
14:14:47.0719 0x2434  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
14:14:47.0735 0x2434  LMDriver - ok
14:14:47.0766 0x2434  [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
14:14:47.0782 0x2434  lmhosts - ok
14:14:47.0891 0x2434  [ 8939CBB2526CB87C476DB9ABBF243AE0, 6D566EDD2DE07A7F7B27A41BBFD05360BF2FBDD5D265D8061E15785A3EBC0C4E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:14:47.0907 0x2434  LMS - ok
14:14:47.0922 0x2434  [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
14:14:47.0938 0x2434  LSI_SAS - ok
14:14:47.0969 0x2434  [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i       C:\WINDOWS\system32\drivers\lsi_sas2i.sys
14:14:47.0985 0x2434  LSI_SAS2i - ok
14:14:48.0032 0x2434  [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i       C:\WINDOWS\system32\drivers\lsi_sas3i.sys
14:14:48.0047 0x2434  LSI_SAS3i - ok
14:14:48.0079 0x2434  [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
14:14:48.0079 0x2434  LSI_SSS - ok
14:14:48.0125 0x2434  [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM             C:\WINDOWS\System32\lsm.dll
14:14:48.0172 0x2434  LSM - ok
14:14:48.0204 0x2434  [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
14:14:48.0219 0x2434  luafv - ok
14:14:48.0250 0x2434  [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker      C:\WINDOWS\System32\moshost.dll
14:14:48.0282 0x2434  MapsBroker - ok
14:14:48.0329 0x2434  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:14:48.0344 0x2434  MBAMProtector - ok
14:14:48.0579 0x2434  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamscheduler.exe
14:14:48.0672 0x2434  MBAMScheduler - ok
14:14:48.0766 0x2434  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Mark\Programme\ Malwarebytes Anti-Malware \ Malwarebytes Anti-Malware \mbamservice.exe
14:14:48.0797 0x2434  MBAMService - ok
14:14:48.0875 0x2434  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
14:14:48.0891 0x2434  MBAMSwissArmy - ok
14:14:48.0907 0x2434  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
14:14:48.0907 0x2434  MBAMWebAccessControl - ok
14:14:48.0938 0x2434  [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
14:14:48.0938 0x2434  megasas - ok
14:14:48.0985 0x2434  [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
14:14:49.0016 0x2434  megasr - ok
14:14:49.0079 0x2434  [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
14:14:49.0094 0x2434  MEIx64 - ok
14:14:49.0125 0x2434  [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
14:14:49.0157 0x2434  MessagingService - ok
14:14:49.0297 0x2434  [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus        C:\WINDOWS\System32\drivers\mlx4_bus.sys
14:14:49.0360 0x2434  mlx4_bus - ok
14:14:49.0422 0x2434  [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS           C:\WINDOWS\system32\drivers\mmcss.sys
14:14:49.0438 0x2434  MMCSS - ok
14:14:49.0454 0x2434  [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem           C:\WINDOWS\system32\drivers\modem.sys
14:14:49.0469 0x2434  Modem - ok
14:14:49.0500 0x2434  [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
14:14:49.0516 0x2434  monitor - ok
14:14:49.0532 0x2434  [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
14:14:49.0563 0x2434  mouclass - ok
14:14:49.0579 0x2434  [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
14:14:49.0625 0x2434  mouhid - ok
14:14:49.0657 0x2434  [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
14:14:49.0657 0x2434  mountmgr - ok
14:14:49.0672 0x2434  [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
14:14:49.0688 0x2434  mpsdrv - ok
14:14:49.0797 0x2434  [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
14:14:49.0891 0x2434  MpsSvc - ok
14:14:49.0954 0x2434  [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
14:14:50.0000 0x2434  MRxDAV - ok
14:14:50.0079 0x2434  [ 4D5F17C23D25B5BDF7EB35A54F483C9B, 1A0AFB4151F8D5CB164A53A7851C618F3E4C1A4FF411BC8B0B6402124C311E03 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:14:50.0157 0x2434  mrxsmb - ok
14:14:50.0188 0x2434  [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
14:14:50.0219 0x2434  mrxsmb10 - ok
14:14:50.0266 0x2434  [ FC501F50E6214AF38D4B22220537187A, DACF1A76F98DDCB7F385BBDE2B522A23C32C9838B9CA5CECC9550BD9443DAEED ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
14:14:50.0297 0x2434  mrxsmb20 - ok
14:14:50.0376 0x2434  [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge        C:\WINDOWS\system32\drivers\bridge.sys
14:14:50.0407 0x2434  MsBridge - ok
14:14:50.0485 0x2434  [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
14:14:50.0547 0x2434  MSDTC - ok
14:14:50.0579 0x2434  [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:14:50.0610 0x2434  Msfs - ok
14:14:50.0641 0x2434  [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
14:14:50.0657 0x2434  msgpiowin32 - ok
14:14:50.0672 0x2434  [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
14:14:50.0688 0x2434  mshidkmdf - ok
14:14:50.0719 0x2434  [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
14:14:50.0766 0x2434  mshidumdf - ok
14:14:50.0782 0x2434  [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
14:14:50.0782 0x2434  msisadrv - ok
14:14:50.0829 0x2434  [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
14:14:50.0844 0x2434  MSiSCSI - ok
14:14:50.0844 0x2434  msiserver - ok
14:14:50.0876 0x2434  [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV         C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
14:14:50.0891 0x2434  MSKSSRV - ok
14:14:50.0907 0x2434  [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp          C:\WINDOWS\system32\drivers\mslldp.sys
14:14:50.0922 0x2434  MsLldp - ok
14:14:50.0969 0x2434  [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK        C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
14:14:50.0985 0x2434  MSPCLOCK - ok
14:14:51.0000 0x2434  [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM           C:\WINDOWS\system32\DRIVERS\MSPQM.sys
14:14:51.0032 0x2434  MSPQM - ok
14:14:51.0094 0x2434  [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
14:14:51.0110 0x2434  MsRPC - ok
14:14:51.0157 0x2434  [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
14:14:51.0188 0x2434  mssmbios - ok
14:14:51.0235 0x2434  [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE           C:\WINDOWS\system32\DRIVERS\MSTEE.sys
14:14:51.0250 0x2434  MSTEE - ok
14:14:51.0282 0x2434  [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
14:14:51.0297 0x2434  MTConfig - ok
14:14:51.0313 0x2434  [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
14:14:51.0344 0x2434  Mup - ok
14:14:51.0391 0x2434  [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
14:14:51.0407 0x2434  mvumis - ok
14:14:51.0547 0x2434  [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
14:14:51.0594 0x2434  NativeWifiP - ok
14:14:51.0641 0x2434  [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
14:14:51.0672 0x2434  NcaSvc - ok
14:14:51.0719 0x2434  [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
14:14:51.0735 0x2434  NcbService - ok
14:14:51.0766 0x2434  [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
14:14:51.0844 0x2434  NcdAutoSetup - ok
14:14:51.0891 0x2434  [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr          C:\WINDOWS\System32\drivers\ndfltr.sys
14:14:51.0938 0x2434  ndfltr - ok
14:14:52.0094 0x2434  [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
14:14:52.0157 0x2434  NDIS - ok
14:14:52.0204 0x2434  [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap         C:\WINDOWS\system32\drivers\ndiscap.sys
14:14:52.0219 0x2434  NdisCap - ok
14:14:52.0235 0x2434  [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform  C:\WINDOWS\system32\drivers\NdisImPlatform.sys
14:14:52.0266 0x2434  NdisImPlatform - ok
14:14:52.0282 0x2434  [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:14:52.0297 0x2434  NdisTapi - ok
14:14:52.0376 0x2434  [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio         C:\WINDOWS\system32\drivers\ndisuio.sys
14:14:52.0422 0x2434  Ndisuio - ok
14:14:52.0438 0x2434  [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
14:14:52.0454 0x2434  NdisVirtualBus - ok
14:14:52.0501 0x2434  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan         C:\WINDOWS\System32\drivers\ndiswan.sys
14:14:52.0516 0x2434  NdisWan - ok
14:14:52.0563 0x2434  [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:14:52.0610 0x2434  ndiswanlegacy - ok
14:14:52.0641 0x2434  [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy         C:\WINDOWS\system32\DRIVERS\NDProxy.sys
14:14:52.0688 0x2434  ndproxy - ok
14:14:52.0735 0x2434  [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
14:14:52.0766 0x2434  Ndu - ok
14:14:52.0829 0x2434  [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx    C:\WINDOWS\system32\drivers\NetAdapterCx.sys
14:14:52.0875 0x2434  NetAdapterCx - ok
14:14:52.0938 0x2434  [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS         C:\WINDOWS\system32\drivers\netbios.sys
14:14:52.0969 0x2434  NetBIOS - ok
14:14:53.0032 0x2434  [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:14:53.0063 0x2434  NetBT - ok
14:14:53.0079 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:14:53.0094 0x2434  Netlogon - ok
14:14:53.0157 0x2434  [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman          C:\WINDOWS\System32\netman.dll
14:14:53.0188 0x2434  Netman - ok
14:14:53.0251 0x2434  [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
14:14:53.0313 0x2434  netprofm - ok
14:14:53.0360 0x2434  [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc     C:\WINDOWS\System32\NetSetupSvc.dll
14:14:53.0391 0x2434  NetSetupSvc - ok
14:14:53.0563 0x2434  [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:14:53.0641 0x2434  NetTcpPortSharing - ok
14:14:53.0735 0x2434  [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc      C:\WINDOWS\System32\NgcCtnrSvc.dll
14:14:53.0766 0x2434  NgcCtnrSvc - ok
14:14:53.0813 0x2434  [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc          C:\WINDOWS\system32\ngcsvc.dll
14:14:53.0860 0x2434  NgcSvc - ok
14:14:53.0954 0x2434  [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
14:14:54.0001 0x2434  NlaSvc - ok
14:14:54.0032 0x2434  [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:14:54.0063 0x2434  Npfs - ok
14:14:54.0079 0x2434  [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
14:14:54.0094 0x2434  npsvctrig - ok
14:14:54.0126 0x2434  [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi             C:\WINDOWS\system32\nsisvc.dll
14:14:54.0141 0x2434  nsi - ok
14:14:54.0157 0x2434  [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
14:14:54.0172 0x2434  nsiproxy - ok
14:14:54.0407 0x2434  [ BE43EC0D5AD467CFC5C9770F2F8EBCC2, 6D22EB974709D3115FD4347FB835454FA41FE6DBF99A79779CF14FB49A5BDD8F ] NTFS            C:\WINDOWS\system32\drivers\NTFS.sys
14:14:54.0469 0x2434  NTFS - ok
14:14:54.0501 0x2434  [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:14:54.0516 0x2434  Null - ok
14:14:54.0547 0x2434  [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
14:14:54.0579 0x2434  nvraid - ok
14:14:54.0594 0x2434  [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
14:14:54.0610 0x2434  nvstor - ok
14:14:54.0704 0x2434  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:14:54.0735 0x2434  odserv - ok
14:14:54.0829 0x2434  [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc      C:\WINDOWS\System32\APHostService.dll
14:14:54.0860 0x2434  OneSyncSvc - ok
14:14:54.0954 0x2434  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:14:54.0985 0x2434  ose - ok
14:14:55.0079 0x2434  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
14:14:55.0141 0x2434  p2pimsvc - ok
14:14:55.0188 0x2434  [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
14:14:55.0251 0x2434  p2psvc - ok
14:14:55.0266 0x2434  [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
14:14:55.0297 0x2434  Parport - ok
14:14:55.0344 0x2434  [ 64E0AA114871B2A37908E44A18F35A73, 2FB434EE48894C9B538349918B9B96FE9C6A76ADAC325EB9DA6E84D0B104D457 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
14:14:55.0360 0x2434  partmgr - ok
14:14:55.0438 0x2434  [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
14:14:55.0469 0x2434  PcaSvc - ok
14:14:55.0501 0x2434  [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci             C:\WINDOWS\system32\drivers\pci.sys
14:14:55.0516 0x2434  pci - ok
14:14:55.0547 0x2434  [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
14:14:55.0547 0x2434  pciide - ok
14:14:55.0594 0x2434  [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
14:14:55.0610 0x2434  pcmcia - ok
14:14:55.0641 0x2434  [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
14:14:55.0672 0x2434  pcw - ok
14:14:55.0704 0x2434  [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
14:14:55.0735 0x2434  pdc - ok
14:14:55.0797 0x2434  [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
14:14:55.0829 0x2434  PEAUTH - ok
14:14:55.0876 0x2434  [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i       C:\WINDOWS\system32\drivers\percsas2i.sys
14:14:55.0891 0x2434  percsas2i - ok
14:14:55.0938 0x2434  [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i       C:\WINDOWS\system32\drivers\percsas3i.sys
14:14:55.0954 0x2434  percsas3i - ok
14:14:56.0297 0x2434  [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
14:14:56.0329 0x2434  PerfHost - ok
14:14:56.0391 0x2434  [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc        C:\WINDOWS\System32\PhoneService.dll
14:14:56.0438 0x2434  PhoneSvc - ok
14:14:56.0454 0x2434  [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
14:14:56.0469 0x2434  PimIndexMaintenanceSvc - ok
14:14:56.0594 0x2434  [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla             C:\WINDOWS\system32\pla.dll
14:14:56.0704 0x2434  pla - ok
14:14:56.0735 0x2434  [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
14:14:56.0766 0x2434  PlugPlay - ok
14:14:56.0813 0x2434  [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
14:14:56.0844 0x2434  PNRPAutoReg - ok
14:14:56.0922 0x2434  [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
14:14:56.0954 0x2434  PNRPsvc - ok
14:14:57.0001 0x2434  [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
14:14:57.0016 0x2434  PolicyAgent - ok
14:14:57.0047 0x2434  [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power           C:\WINDOWS\system32\umpo.dll
14:14:57.0063 0x2434  Power - ok
14:14:57.0094 0x2434  [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport    C:\WINDOWS\System32\drivers\raspptp.sys
14:14:57.0126 0x2434  PptpMiniport - ok
14:14:57.0454 0x2434  [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
14:14:57.0735 0x2434  PrintNotify - ok
14:14:57.0766 0x2434  [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor       C:\WINDOWS\System32\drivers\processr.sys
14:14:57.0782 0x2434  Processor - ok
14:14:57.0844 0x2434  [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
14:14:57.0876 0x2434  ProfSvc - ok
14:14:57.0907 0x2434  [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched          C:\WINDOWS\system32\drivers\pacer.sys
14:14:57.0907 0x2434  Psched - ok
14:14:57.0985 0x2434  [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:14:58.0016 0x2434  QWAVE - ok
14:14:58.0063 0x2434  [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
14:14:58.0110 0x2434  QWAVEdrv - ok
14:14:58.0157 0x2434  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
14:14:58.0157 0x2434  RadioShim - ok
14:14:58.0188 0x2434  [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:14:58.0204 0x2434  RasAcd - ok
14:14:58.0266 0x2434  [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn     C:\WINDOWS\System32\drivers\AgileVpn.sys
14:14:58.0313 0x2434  RasAgileVpn - ok
14:14:58.0360 0x2434  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:14:58.0391 0x2434  RasAuto - ok
14:14:58.0438 0x2434  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys
14:14:58.0469 0x2434  Rasl2tp - ok
14:14:58.0594 0x2434  [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:14:58.0657 0x2434  RasMan - ok
14:14:58.0688 0x2434  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:14:58.0704 0x2434  RasPppoe - ok
14:14:58.0719 0x2434  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys
14:14:58.0735 0x2434  RasSstp - ok
14:14:58.0797 0x2434  [ 392CD98739F4A8F188A3CB34F6AB193E, C36D1CD8EEB57DB37A0A079DFC87120F948A8E3EE09973CCF5D613566B17EA10 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:14:58.0844 0x2434  rdbss - ok
14:14:58.0860 0x2434  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
14:14:58.0860 0x2434  rdpbus - ok
14:14:58.0922 0x2434  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
14:14:58.0938 0x2434  RDPDR - ok
14:14:58.0969 0x2434  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
14:14:58.0985 0x2434  RdpVideoMiniport - ok
14:14:59.0001 0x2434  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
14:14:59.0016 0x2434  rdyboost - ok
14:14:59.0172 0x2434  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys
14:14:59.0204 0x2434  ReFSv1 - ok
14:14:59.0251 0x2434  [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:14:59.0329 0x2434  RemoteAccess - ok
14:14:59.0454 0x2434  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:14:59.0501 0x2434  RemoteRegistry - ok
14:14:59.0579 0x2434  [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll
14:14:59.0626 0x2434  RetailDemo - ok
14:14:59.0673 0x2434  [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc           C:\WINDOWS\System32\RMapi.dll
14:14:59.0751 0x2434  RmSvc - ok
14:14:59.0782 0x2434  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
14:14:59.0797 0x2434  RpcEptMapper - ok
14:14:59.0829 0x2434  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:14:59.0829 0x2434  RpcLocator - ok
14:14:59.0922 0x2434  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:14:59.0969 0x2434  RpcSs - ok
14:15:00.0001 0x2434  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys
14:15:00.0032 0x2434  rspndr - ok
14:15:00.0110 0x2434  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
14:15:00.0110 0x2434  s3cap - ok
14:15:00.0141 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:15:00.0141 0x2434  SamSs - ok
14:15:00.0188 0x2434  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
14:15:00.0219 0x2434  sbp2port - ok
14:15:00.0282 0x2434  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
14:15:00.0329 0x2434  SCardSvr - ok
14:15:00.0329 0x2434  [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
14:15:00.0360 0x2434  ScDeviceEnum - ok
14:15:00.0376 0x2434  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
14:15:00.0391 0x2434  scfilter - ok
14:15:00.0485 0x2434  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:15:00.0547 0x2434  Schedule - ok
14:15:00.0594 0x2434  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys
14:15:00.0610 0x2434  scmbus - ok
14:15:00.0641 0x2434  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys
14:15:00.0657 0x2434  scmdisk0101 - ok
14:15:00.0719 0x2434  [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
14:15:00.0766 0x2434  SCPolicySvc - ok
14:15:00.0813 0x2434  [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
14:15:00.0844 0x2434  sdbus - ok
14:15:00.0876 0x2434  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
14:15:00.0922 0x2434  SDRSVC - ok
14:15:01.0251 0x2434  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDFSSvc.exe
14:15:01.0282 0x2434  SDScannerService - ok
14:15:01.0329 0x2434  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
14:15:01.0344 0x2434  sdstor - ok
14:15:01.0532 0x2434  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Mark\Programme\Spybot - Search & Destroy 2\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:15:01.0579 0x2434  SDUpdateService - ok
14:15:01.0626 0x2434  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
14:15:01.0641 0x2434  seclogon - ok
14:15:01.0657 0x2434  [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS            C:\WINDOWS\System32\sens.dll
14:15:01.0688 0x2434  SENS - ok
14:15:01.0891 0x2434  [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
14:15:02.0001 0x2434  SensorDataService - ok
14:15:02.0063 0x2434  [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService   C:\WINDOWS\system32\SensorService.dll
14:15:02.0094 0x2434  SensorService - ok
14:15:02.0157 0x2434  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
14:15:02.0204 0x2434  SensrSvc - ok
14:15:02.0219 0x2434  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
14:15:02.0235 0x2434  SerCx - ok
14:15:02.0282 0x2434  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
14:15:02.0329 0x2434  SerCx2 - ok
14:15:02.0360 0x2434  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
14:15:02.0376 0x2434  Serenum - ok
14:15:02.0407 0x2434  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
14:15:02.0407 0x2434  Serial - ok
14:15:02.0422 0x2434  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
14:15:02.0485 0x2434  sermouse - ok
14:15:02.0563 0x2434  [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
14:15:02.0579 0x2434  SessionEnv - ok
14:15:02.0657 0x2434  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
14:15:02.0688 0x2434  sfloppy - ok
14:15:02.0844 0x2434  [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:15:02.0907 0x2434  SharedAccess - ok
14:15:03.0079 0x2434  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:15:03.0126 0x2434  ShellHWDetection - ok
14:15:03.0251 0x2434  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
14:15:03.0298 0x2434  shpamsvc - ok
14:15:03.0329 0x2434  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
14:15:03.0360 0x2434  SiSRaid2 - ok
14:15:03.0376 0x2434  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
14:15:03.0391 0x2434  SiSRaid4 - ok
14:15:03.0516 0x2434  [ 6749AD471D1D44CBD1F30257C861F77B, D5A554F35E380948F13BFE0673B49F8FD8AE5A438BF3645857522E2560A58685 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:15:03.0548 0x2434  SkypeUpdate - ok
14:15:03.0594 0x2434  [ 3EB12F95C259907F976B9FFCD26FA047, 1ADC40D8911F7C3C7376882DC0B5526F1C16089E13883734498D36C9CE4D8E76 ] smphost         C:\WINDOWS\System32\smphost.dll
14:15:03.0610 0x2434  smphost - ok
14:15:03.0735 0x2434  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll
14:15:03.0798 0x2434  SmsRouter - ok
14:15:03.0829 0x2434  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
14:15:03.0844 0x2434  SNMPTRAP - ok
14:15:04.0001 0x2434  [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
14:15:04.0063 0x2434  spaceport - ok
14:15:04.0094 0x2434  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
14:15:04.0126 0x2434  SpbCx - ok
14:15:04.0219 0x2434  [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
14:15:04.0251 0x2434  Spooler - ok
14:15:04.0782 0x2434  [ DB386D52ABDCF0577B6921D02EEDC8B3, 523247781F230B7273248C2AB8262E63BBE55EFD2DE0DF9A40F5FA0DA7DD2AE6 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
14:15:05.0173 0x2434  sppsvc - ok
14:15:05.0219 0x2434  [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:15:05.0282 0x2434  srv - ok
14:15:05.0360 0x2434  [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
14:15:05.0407 0x2434  srv2 - ok
14:15:05.0423 0x2434  [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
14:15:05.0438 0x2434  srvnet - ok
14:15:05.0501 0x2434  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:15:05.0548 0x2434  SSDPSRV - ok
14:15:05.0579 0x2434  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
14:15:05.0610 0x2434  SstpSvc - ok
14:15:05.0923 0x2434  [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
14:15:06.0141 0x2434  StateRepository - ok
14:15:06.0407 0x2434  [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
14:15:06.0532 0x2434  Steam Client Service - ok
14:15:06.0563 0x2434  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
14:15:06.0579 0x2434  stexstor - ok
14:15:06.0610 0x2434  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
14:15:06.0626 0x2434  StillCam - ok
14:15:06.0766 0x2434  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
14:15:06.0829 0x2434  stisvc - ok
14:15:06.0876 0x2434  [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
14:15:06.0891 0x2434  storahci - ok
14:15:06.0923 0x2434  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
14:15:06.0938 0x2434  storflt - ok
14:15:06.0985 0x2434  [ B739FF1C1FAF9D0ADFBFB0FD59A5AB37, F128D872283AD1F91B56667DB885E7404D76B1CC72D6D71382C5DFA19AE433ED ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
14:15:07.0001 0x2434  stornvme - ok
14:15:07.0048 0x2434  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys
14:15:07.0063 0x2434  storqosflt - ok
14:15:07.0219 0x2434  [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc         C:\WINDOWS\system32\storsvc.dll
14:15:07.0266 0x2434  StorSvc - ok
14:15:07.0298 0x2434  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys
14:15:07.0298 0x2434  storufs - ok
14:15:07.0344 0x2434  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
14:15:07.0344 0x2434  storvsc - ok
14:15:07.0423 0x2434  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll
14:15:07.0485 0x2434  svsvc - ok
14:15:07.0532 0x2434  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
14:15:07.0548 0x2434  swenum - ok
14:15:07.0579 0x2434  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll
14:15:07.0626 0x2434  swprv - ok
14:15:07.0688 0x2434  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys
14:15:07.0735 0x2434  Synth3dVsc - ok
14:15:07.0891 0x2434  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll
14:15:08.0032 0x2434  SysMain - ok
14:15:08.0110 0x2434  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
14:15:08.0235 0x2434  SystemEventsBroker - ok
14:15:08.0313 0x2434  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
14:15:08.0360 0x2434  TabletInputService - ok
14:15:08.0423 0x2434  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:15:08.0454 0x2434  TapiSrv - ok
14:15:08.0751 0x2434  [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
14:15:08.0891 0x2434  Tcpip - ok
14:15:09.0094 0x2434  [ E93C3AB8B29AB4905541B5AB87963906, A9352792815C543E7129D16CCCDB7A6F9FB63C0C95A4BB22FA5709E886FFD6D4 ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys
14:15:09.0204 0x2434  Tcpip6 - ok
14:15:09.0251 0x2434  [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
14:15:09.0282 0x2434  tcpipreg - ok
14:15:09.0329 0x2434  [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
14:15:09.0344 0x2434  tdx - ok
14:15:09.0360 0x2434  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
14:15:09.0376 0x2434  terminpt - ok
14:15:09.0548 0x2434  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll
14:15:09.0610 0x2434  TermService - ok
14:15:09.0673 0x2434  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll
14:15:09.0704 0x2434  Themes - ok
14:15:09.0813 0x2434  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
14:15:09.0844 0x2434  TieringEngineService - ok
14:15:09.0907 0x2434  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
14:15:09.0938 0x2434  tiledatamodelsvc - ok
14:15:10.0001 0x2434  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll
14:15:10.0063 0x2434  TimeBrokerSvc - ok
14:15:10.0095 0x2434  [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys
14:15:10.0126 0x2434  TPM - ok
14:15:10.0204 0x2434  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
14:15:10.0235 0x2434  TrkWks - ok
14:15:10.0282 0x2434  [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
14:15:10.0329 0x2434  TrustedInstaller - ok
14:15:10.0376 0x2434  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys
14:15:10.0407 0x2434  tsusbflt - ok
14:15:10.0423 0x2434  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
14:15:10.0438 0x2434  TsUsbGD - ok
14:15:10.0454 0x2434  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys
14:15:10.0469 0x2434  tunnel - ok
14:15:10.0548 0x2434  [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll
14:15:10.0579 0x2434  tzautoupdate - ok
14:15:10.0798 0x2434  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
14:15:10.0844 0x2434  UASPStor - ok
14:15:10.0923 0x2434  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys
14:15:10.0969 0x2434  UcmCx0101 - ok
14:15:10.0985 0x2434  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
14:15:11.0016 0x2434  UcmTcpciCx0101 - ok
14:15:11.0016 0x2434  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys
14:15:11.0032 0x2434  UcmUcsi - ok
14:15:11.0095 0x2434  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys
14:15:11.0126 0x2434  Ucx01000 - ok
14:15:11.0173 0x2434  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys
14:15:11.0204 0x2434  UdeCx - ok
14:15:11.0235 0x2434  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
14:15:11.0266 0x2434  udfs - ok
14:15:11.0313 0x2434  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
14:15:11.0360 0x2434  UEFI - ok
14:15:11.0438 0x2434  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys
14:15:11.0469 0x2434  Ufx01000 - ok
14:15:11.0563 0x2434  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys
14:15:11.0610 0x2434  UfxChipidea - ok
14:15:11.0641 0x2434  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys
14:15:11.0673 0x2434  ufxsynopsys - ok
14:15:11.0766 0x2434  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
14:15:11.0798 0x2434  UI0Detect - ok
14:15:11.0813 0x2434  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
14:15:11.0829 0x2434  umbus - ok
14:15:11.0923 0x2434  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
14:15:12.0001 0x2434  UmPass - ok
14:15:12.0094 0x2434  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
14:15:12.0220 0x2434  UmRdpService - ok
14:15:12.0423 0x2434  [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll
14:15:12.0548 0x2434  UnistoreSvc - ok
14:15:12.0641 0x2434  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:15:12.0673 0x2434  upnphost - ok
14:15:12.0704 0x2434  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys
14:15:12.0735 0x2434  UrsChipidea - ok
14:15:12.0766 0x2434  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys
14:15:12.0782 0x2434  UrsCx01000 - ok
14:15:12.0845 0x2434  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys
14:15:12.0891 0x2434  UrsSynopsys - ok
14:15:12.0907 0x2434  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
14:15:12.0923 0x2434  usbccgp - ok
14:15:12.0938 0x2434  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
14:15:12.0954 0x2434  usbcir - ok
14:15:12.0970 0x2434  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
14:15:12.0985 0x2434  usbehci - ok
14:15:13.0063 0x2434  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
14:15:13.0110 0x2434  usbhub - ok
14:15:13.0188 0x2434  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
14:15:13.0282 0x2434  USBHUB3 - ok
14:15:13.0298 0x2434  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
14:15:13.0313 0x2434  usbohci - ok
14:15:13.0329 0x2434  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
14:15:13.0345 0x2434  usbprint - ok
14:15:13.0391 0x2434  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys
14:15:13.0407 0x2434  usbser - ok
14:15:13.0438 0x2434  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
14:15:13.0454 0x2434  USBSTOR - ok
14:15:13.0470 0x2434  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
14:15:13.0516 0x2434  usbuhci - ok
14:15:13.0563 0x2434  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
14:15:13.0610 0x2434  usbvideo - ok
14:15:13.0688 0x2434  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
14:15:13.0720 0x2434  USBXHCI - ok
14:15:13.0923 0x2434  [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll
14:15:14.0032 0x2434  UserDataSvc - ok
14:15:14.0204 0x2434  [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager     C:\WINDOWS\System32\usermgr.dll
14:15:14.0251 0x2434  UserManager - ok
14:15:14.0391 0x2434  [ 0F3C4209200F3DAD2015DA3044FA8DC3, 84DC9CB21ECD79C3BFDBBDF66173F4E2D7E6CB118E0EEA4516A6661636D4CE8F ] UsoSvc          C:\WINDOWS\system32\usocore.dll
14:15:14.0423 0x2434  UsoSvc - ok
14:15:14.0470 0x2434  [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
14:15:14.0501 0x2434  VaultSvc - ok
14:15:14.0516 0x2434  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
14:15:14.0516 0x2434  vdrvroot - ok
14:15:14.0673 0x2434  [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds             C:\WINDOWS\System32\vds.exe
14:15:14.0829 0x2434  vds - ok
14:15:14.0891 0x2434  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
14:15:14.0923 0x2434  VerifierExt - ok
14:15:15.0016 0x2434  [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
14:15:15.0063 0x2434  vhdmp - ok
14:15:15.0095 0x2434  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys
14:15:15.0110 0x2434  vhf - ok
14:15:15.0141 0x2434  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
14:15:15.0157 0x2434  vmbus - ok
14:15:15.0188 0x2434  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
14:15:15.0204 0x2434  VMBusHID - ok
14:15:15.0220 0x2434  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll
14:15:23.0282 0x2434  WpnService - ok
14:15:23.0313 0x2434  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll
14:15:23.0329 0x2434  WpnUserService - ok
14:15:23.0407 0x2434  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
14:15:23.0438 0x2434  ws2ifsl - ok
14:15:23.0485 0x2434  [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
14:15:23.0517 0x2434  wscsvc - ok
14:15:23.0517 0x2434  WSearch - ok
14:15:23.0829 0x2434  [ A93273F9EA274B87E76C9FE9A98E169D, E5961AC5DB93B365D04AD6C54CFD54F58CB9851398312CC63D937282265F81A7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
14:15:23.0907 0x2434  wuauserv - ok
14:15:23.0970 0x2434  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
14:15:24.0017 0x2434  WudfPf - ok
14:15:24.0095 0x2434  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\system32\drivers\WudfRd.sys
14:15:24.0142 0x2434  WUDFRd - ok
14:15:24.0204 0x2434  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
14:15:24.0251 0x2434  wudfsvc - ok
14:15:24.0517 0x2434  [ FD25CA03DE4372B6D3B7584248240D40, 91743D71A25FA0EB10C1C3DA71C534DDF2C4224BB96F081159465EED11B1C468 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
14:15:24.0642 0x2434  WwanSvc - ok
14:15:24.0782 0x2434  [ 89841EAF6C36E0B708BEAC939837AB27, 5B2A521E9C1051DA9D472CE9969E97C4F61A3D315B1C0ABDE01E43D033033268 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll
14:15:24.0860 0x2434  XblAuthManager - ok
14:15:25.0048 0x2434  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll
14:15:25.0157 0x2434  XblGameSave - ok
14:15:25.0251 0x2434  [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys
14:15:25.0282 0x2434  xboxgip - ok
14:15:25.0454 0x2434  [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll
14:15:25.0579 0x2434  XboxNetApiSvc - ok
14:15:25.0610 0x2434  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys
14:15:25.0626 0x2434  xinputhid - ok
14:15:25.0626 0x2434  ================ Scan global ===============================
14:15:25.0751 0x2434  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
14:15:25.0813 0x2434  [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\WINDOWS\system32\winsrv.dll
14:15:25.0970 0x2434  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
14:15:26.0188 0x2434  [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
14:15:26.0204 0x2434  [ Global ] - ok
14:15:26.0204 0x2434  ================ Scan MBR ==================================
14:15:26.0235 0x2434  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
14:15:27.0860 0x2434  \Device\Harddisk0\DR0 - ok
14:15:27.0860 0x2434  ================ Scan VBR ==================================
14:15:27.0876 0x2434  [ 27EE700167C42A6BB6679E80B8322BCD ] \Device\Harddisk0\DR0\Partition1
14:15:27.0938 0x2434  \Device\Harddisk0\DR0\Partition1 - ok
14:15:27.0970 0x2434  [ 6C1D38D3E40EC5BEACB07C1C09BCB2FC ] \Device\Harddisk0\DR0\Partition2
14:15:27.0970 0x2434  \Device\Harddisk0\DR0\Partition2 - ok
14:15:28.0001 0x2434  [ 6DBEA23E444B72C8001697E8C89D0D02 ] \Device\Harddisk0\DR0\Partition3
14:15:28.0001 0x2434  \Device\Harddisk0\DR0\Partition3 - ok
14:15:28.0017 0x2434  [ 3531BCB19CA07DCA39EAAE02752B5BA6 ] \Device\Harddisk0\DR0\Partition4
14:15:28.0064 0x2434  \Device\Harddisk0\DR0\Partition4 - ok
14:15:28.0095 0x2434  [ F84AE34F7C26B071E02EBCD58BD89ED3 ] \Device\Harddisk0\DR0\Partition5
14:15:28.0142 0x2434  \Device\Harddisk0\DR0\Partition5 - ok
14:15:28.0142 0x2434  ================ Scan generic autorun ======================
14:15:28.0157 0x2434  ETDCtrl - ok
14:15:29.0235 0x2434  [ 5B46668BF599A03EF524BE934AE6E3E9, 720D495FA163BA15BD24F58A29D98991EC7278C9A6B8D001EDF9B21588FA812F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:15:29.0798 0x2434  RTHDVCPL - ok
14:15:29.0860 0x2434  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
14:15:29.0860 0x2434  HP Software Update - ok
14:15:31.0329 0x2434  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:15:31.0673 0x2434  OneDriveSetup - ok
14:15:32.0579 0x2434  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
14:15:32.0751 0x2434  OneDriveSetup - ok
14:15:32.0970 0x2434  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\stock\AppData\Local\Microsoft\OneDrive\OneDrive.exe
14:15:33.0001 0x2434  OneDrive - ok
14:15:33.0360 0x2434  [ ADF6C78FC95716CA45A68FD3DA1C1A78, 8250D47AC8C25A3A2DB8AB2148350F7086141F91DB317D0431DA545430B843F5 ] C:\Mark\Programme\Steam\steam.exe
14:15:33.0439 0x2434  Steam - ok
14:15:33.0735 0x2434  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe
14:15:33.0876 0x2434  HP Officejet 4620 series (NET) - ok
14:15:33.0923 0x2434  Skype - ok
14:15:34.0282 0x2434  [ 52EC51A901AA9F1F68C9278D1EE3CCA2, 50FF4192FB33DF1BCEA08A7BB4D606123CC7E0C89A181C2BC11F2A41FF92C2E1 ] C:\Users\stock\AppData\Roaming\Spotify\SpotifyWebHelper.exe
14:15:34.0439 0x2434  Spotify Web Helper - ok
14:15:35.0048 0x2434  [ C5D947DFEF05F5826863E401EE8743B0, B7C54DF6DB0707C6C5F126FE95E3B04F1B07EC2E12307AE89EB4144898FEEDA6 ] C:\Users\stock\AppData\Roaming\Spotify\Spotify.exe
14:15:35.0423 0x2434  Spotify - ok
14:15:35.0610 0x2434  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
14:15:35.0751 0x2434  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
14:15:36.0845 0x2434  Detect skipped due to KSN trusted
14:15:36.0845 0x2434  SpybotPostWindows10UpgradeReInstall - ok
14:15:36.0845 0x2434  Waiting for KSN requests completion. In queue: 9
14:15:37.0861 0x2434  Waiting for KSN requests completion. In queue: 9
14:15:38.0876 0x2434  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
14:15:38.0876 0x2434  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x62100 ( disabled : updated )
14:15:38.0892 0x2434  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
14:15:48.0986 0x2434  ============================================================
14:15:48.0986 0x2434  Scan finished
14:15:48.0986 0x2434  ============================================================
14:15:49.0001 0x12b4  Detected object count: 0
14:15:49.0001 0x12b4  Actual detected object count: 0
         
 vmgid           C:\WINDOWS\System32\drivers\vmgid.sys
14:15:15.0235 0x2434  vmgid - ok
14:15:15.0298 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
14:15:15.0329 0x2434  vmicguestinterface - ok
14:15:15.0376 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll
14:15:15.0391 0x2434  vmicheartbeat - ok
14:15:15.0407 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
14:15:15.0423 0x2434  vmickvpexchange - ok
14:15:15.0485 0x2434  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll
14:15:15.0516 0x2434  vmicrdv - ok
14:15:15.0532 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll
14:15:15.0563 0x2434  vmicshutdown - ok
14:15:15.0579 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll
14:15:15.0595 0x2434  vmictimesync - ok
14:15:15.0626 0x2434  [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll
14:15:15.0641 0x2434  vmicvmsession - ok
14:15:15.0688 0x2434  [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll
14:15:15.0720 0x2434  vmicvss - ok
14:15:15.0751 0x2434  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
14:15:15.0891 0x2434  volmgr - ok
14:15:15.0954 0x2434  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
14:15:15.0985 0x2434  volmgrx - ok
14:15:16.0048 0x2434  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
14:15:16.0079 0x2434  volsnap - ok
14:15:16.0141 0x2434  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys
14:15:16.0188 0x2434  volume - ok
14:15:16.0266 0x2434  [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
14:15:16.0298 0x2434  vpci - ok
14:15:16.0329 0x2434  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
14:15:16.0360 0x2434  vsmraid - ok
14:15:16.0485 0x2434  [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS             C:\WINDOWS\system32\vssvc.exe
14:15:16.0610 0x2434  VSS - ok
14:15:16.0829 0x2434  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64     C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
14:15:16.0860 0x2434  vssbrigde64 - ok
14:15:16.0891 0x2434  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
14:15:16.0907 0x2434  VSTXRAID - ok
14:15:16.0923 0x2434  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
14:15:16.0954 0x2434  vwifibus - ok
14:15:16.0985 0x2434  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys
14:15:17.0016 0x2434  vwififlt - ok
14:15:17.0048 0x2434  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys
14:15:17.0063 0x2434  vwifimp - ok
14:15:17.0126 0x2434  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll
14:15:17.0188 0x2434  W32Time - ok
14:15:17.0204 0x2434  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
14:15:17.0220 0x2434  WacomPen - ok
14:15:17.0329 0x2434  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll
14:15:17.0485 0x2434  WalletService - ok
14:15:17.0532 0x2434  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:15:17.0595 0x2434  wanarp - ok
14:15:17.0595 0x2434  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:15:17.0626 0x2434  wanarpv6 - ok
14:15:17.0845 0x2434  [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine        C:\WINDOWS\system32\wbengine.exe
14:15:17.0970 0x2434  wbengine - ok
14:15:18.0079 0x2434  [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
14:15:18.0173 0x2434  WbioSrvc - ok
14:15:18.0188 0x2434  [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys
14:15:18.0204 0x2434  wcifs - ok
14:15:18.0266 0x2434  [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
14:15:18.0298 0x2434  Wcmsvc - ok
14:15:18.0376 0x2434  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
14:15:18.0407 0x2434  wcncsvc - ok
14:15:18.0438 0x2434  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys
14:15:18.0470 0x2434  wcnfs - ok
14:15:18.0501 0x2434  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
14:15:18.0501 0x2434  WdBoot - ok
14:15:18.0579 0x2434  [ A556768CC1FA4F36022BEE2F0EDE2566, 3A4BC9DE614F43CD94FA354A565C66B2E1E36C0608D84C6288010B97B9D811AA ] WDC_SAM         C:\WINDOWS\System32\drivers\wdcsam64.sys
14:15:18.0641 0x2434  WDC_SAM - ok
14:15:18.0735 0x2434  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
14:15:18.0766 0x2434  Wdf01000 - ok
14:15:18.0845 0x2434  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
14:15:18.0891 0x2434  WdFilter - ok
14:15:18.0923 0x2434  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
14:15:18.0938 0x2434  WdiServiceHost - ok
14:15:18.0938 0x2434  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
14:15:18.0954 0x2434  WdiSystemHost - ok
14:15:19.0063 0x2434  [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
14:15:19.0188 0x2434  wdiwifi - ok
14:15:19.0235 0x2434  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
14:15:19.0266 0x2434  WdNisDrv - ok
14:15:19.0313 0x2434  WdNisSvc - ok
14:15:19.0391 0x2434  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:15:19.0438 0x2434  WebClient - ok
14:15:19.0485 0x2434  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
14:15:19.0532 0x2434  Wecsvc - ok
14:15:19.0548 0x2434  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
14:15:19.0563 0x2434  WEPHOSTSVC - ok
14:15:19.0626 0x2434  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
14:15:19.0673 0x2434  wercplsupport - ok
14:15:19.0735 0x2434  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
14:15:19.0782 0x2434  WerSvc - ok
14:15:19.0829 0x2434  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys
14:15:19.0845 0x2434  WFPLWFS - ok
14:15:19.0907 0x2434  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
14:15:19.0954 0x2434  WiaRpc - ok
14:15:20.0016 0x2434  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
14:15:20.0032 0x2434  WIMMount - ok
14:15:20.0032 0x2434  WinDefend - ok
14:15:20.0063 0x2434  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
14:15:20.0079 0x2434  WindowsTrustedRT - ok
14:15:20.0126 0x2434  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
14:15:20.0126 0x2434  WindowsTrustedRTProxy - ok
14:15:20.0266 0x2434  [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
14:15:20.0313 0x2434  WinHttpAutoProxySvc - ok
14:15:20.0376 0x2434  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys
14:15:20.0407 0x2434  WinMad - ok
14:15:20.0563 0x2434  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:15:20.0595 0x2434  Winmgmt - ok
14:15:20.0891 0x2434  [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
14:15:21.0126 0x2434  WinRM - ok
14:15:21.0220 0x2434  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS
14:15:21.0282 0x2434  WINUSB - ok
14:15:21.0313 0x2434  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys
14:15:21.0345 0x2434  WinVerbs - ok
14:15:21.0407 0x2434  [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc           C:\WINDOWS\system32\flightsettings.dll
14:15:21.0517 0x2434  wisvc - ok
14:15:21.0813 0x2434  [ 0ECFEB0CABA7FEE6E14FAD5D6BF4777E, 7C8F69E1B04B5F7853D18216C91233B7DD53760281B295DA7D23024C0D4B378A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
14:15:21.0938 0x2434  WlanSvc - ok
14:15:22.0220 0x2434  [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
14:15:22.0360 0x2434  wlidsvc - ok
14:15:22.0376 0x2434  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
14:15:22.0391 0x2434  WmiAcpi - ok
14:15:22.0454 0x2434  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
14:15:22.0517 0x2434  wmiApSrv - ok
14:15:22.0548 0x2434  WMPNetworkSvc - ok
14:15:22.0595 0x2434  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
14:15:22.0610 0x2434  Wof - ok
14:15:22.0876 0x2434  [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
14:15:23.0032 0x2434  workfolderssvc - ok
14:15:23.0079 0x2434  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
14:15:23.0095 0x2434  WPDBusEnum - ok
14:15:23.0157 0x2434  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
14:15:23.0204 0x2434  WpdUpFltr - ok
14:15:23.0251 0x2434  [ 60E2EB3E7B7F15C25E02462159F90707,

M-K-D-B · 09.09.2016, 20:48

Servus,

in welchem Browser tritt das von dir beschriebene Problem auf?

Du hast bereits selber AdwCleaner und MBAM ausgeführt. Poste bitte die dazugehörigen Logdateien.

Winja · 10.09.2016, 13:19

Hallo,

hier die Logfile von MBAM:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 08.09.2016
Suchlaufzeit: 19:09
Protokolldatei: Malwarebytes Test1.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.09.08.07
Rootkit-Datenbank: v2016.08.15.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: stock

Suchlauftyp: Hyper-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 267135
Abgelaufene Zeit: 6 Min., 35 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Deaktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

ADWCleaner:

Code:

ATTFilter

# AdwCleaner v6.010 - Bericht erstellt am 10/09/2016 um 14:08:41
# Aktualisiert am 12/08/2016 von ToolsLib
# Datenbank : 2016-09-10.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : stock - MARKSPC
# Gestartet von : C:\Users\stock\Desktop\adwcleaner_6.010.exe
# Modus: Suchlauf
# Unterstützung : https://toolslib.net/forum



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2524 Bytes] - [07/09/2016 18:25:46]
C:\AdwCleaner\AdwCleaner[C2].txt - [1223 Bytes] - [07/09/2016 18:31:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [2572 Bytes] - [07/09/2016 18:25:07]
C:\AdwCleaner\AdwCleaner[S1].txt - [1486 Bytes] - [07/09/2016 18:31:33]
C:\AdwCleaner\AdwCleaner[S2].txt - [1464 Bytes] - [10/09/2016 14:08:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1537 Bytes] ##########

Ich nutze im Moment nur Edge und dort tritt es auf...
Außerdem im eingebauten Browser von Steam...

Habe jetzt herausgefunden, dass die Seiten oft über die URL. onclicksads.net verlinkt werden...Nicht immer ,aber schon zur Hälfte...

Manche Seiten blockiert Malwarebytes auch direkt und schickt ne Warnung...

Wegen dieser Regel mit dem Installieren/Deinstallieren:
Musste gestern meine Treiber updaten und habe da auch neue AMD Programme installieren müssen

09.09.2016, 20:48	#6
M-K-D-B /// TB-Ausbilder	Werbung bei jedem Klick/ immer neue Tabs Servus, in welchem Browser tritt das von dir beschriebene Problem auf? Du hast bereits selber AdwCleaner und MBAM ausgeführt. Poste bitte die dazugehörigen Logdateien.

Werbung bei jedem Klick/ immer neue Tabs

Plagegeister aller Art und deren Bekämpfung: Werbung bei jedem Klick/ immer neue Tabs