| |
| |||||||
Log-Analyse und Auswertung: WIN 7: Zip Datei von online24 Pay AG geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.12.2016, 21:02
| #1 |
 |  WIN 7: Zip Datei von online24 Pay AG geöffnet Hallo, habe dummerweise die Zip-Datei einer phishing mail der online24 Pay AG geöffnet.  Die Viren/Malware Programme Anitvirus, Trojanhunter und Malwarebytes haben keine Schädlinge auf meinem Betriebssystem WIN 7 erkannt. Könntet Ihr ein Blick auf die angehängten Log Files werfen, da ich mir nicht sicher bin ob sich ein Trojaner auf meinem Rechner eingenistet hat. Besten Dank im voraus. spuelmeister |
|
02.12.2016, 09:39
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | WIN 7: Zip Datei von online24 Pay AG geöffnet+++ WICHTIGER HINWEIS +++ Während der Analyse und Bereinigung nimmst du KEINERLEI Änderungen auf eigene Faust vor, d.h. du installierst oder deinstallierst keine Software ohne Absprache. Auch veränderst du keine Systemeinstellungen, solange wir deinen Fall bearbeiten. Änderungen, Installationen oder Deinstallationen machst du AUSSCHLIESSLICH nur auf Anweisung! Es wird erforderlich sein, deinen Virenscanner zu deaktivieren und in bestimmten Fällen auch zu deinstallieren, damit vernünftig bereinigt werden kann. Dein System ist daher erst wenn wir hier fertig sind wieder für den alltäglichen Gebrauch wie surfen oder mailen von mir freigegeben. Gelesen und verstanden?  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
02.12.2016, 12:54
| #3 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Logfiles Addition:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 30-11-2016
durchgeführt von spülmeisterw (01-12-2016 19:18:32)
Gestartet von C:\Users\spülmeisterw\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-22 09:36:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3282142634-361615843-1521448422-500 - Administrator - Disabled)
Gast (S-1-5-21-3282142634-361615843-1521448422-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3282142634-361615843-1521448422-1002 - Limited - Enabled)
schwester_s (S-1-5-21-3282142634-361615843-1521448422-1003 - Limited - Enabled) => C:\Users\schwester_s
spülmeisterw (S-1-5-21-3282142634-361615843-1521448422-1000 - Administrator - Enabled) => C:\Users\spülmeisterw
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.5. - ORWO_Net)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.23.58 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{e7f56494-d786-472e-aba2-1b93089e06cd}) (Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG) Hidden
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.13 - CSR Plc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version: - G DATA Software AG)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lernwerkstatt 9 (HKLM-x32\...\InstallShield_{4AA318E7-344F-4A0C-A63D-82A30B1A8F74}) (Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 9 (x32 Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Nero 2015 (HKLM-x32\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{57DE722C-BBE9-4BB8-AF66-1ED9A4BB2209}) (Version: 12.0.03100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero Prerequisite Installer 4.0 (HKLM-x32\...\{8441D319-8C7A-4398-B630-6BC3941A12C9}) (Version: 16.0.00600 - Nero AG)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}) (Version: 3.00.0006 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
OZ711 SCR Driver (x64) (HKLM-x32\...\InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}) (Version: 3.0.1.6D - O2Micro)
OZ711 SCR Driver (x64) (Version: 3.0.1.6D - O2Micro) Hidden
PDF to BMP JPG TIFF Converter 2.32 (HKLM-x32\...\PDF To BMP JPG TIFF Converter_is1) (Version: 2.32 - Blue Label Soft)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows-Treiberpaket - Google Corporation (androidusb) USB (04/20/2015 1.0.0018.00000) (HKLM\...\5BAEDAE1FDD50B7653C3BF0764CF27189A23603B) (Version: 04/20/2015 1.0.0018.00000 - Google Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (11/28/2013 2.0.0018.00000) (HKLM\...\724A5661585DAD3C707B84BACF43F64B5E070CE5) (Version: 11/28/2013 2.0.0018.00000 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (06/10/2014 2.11.10.0) (HKLM\...\19CBC797AE23190CD0F3C85E76495B645F0154C4) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.23 - NCH Software)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002E82D2-A8C8-4738-AB78-BCA603B55A3F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {00A64CE7-484D-4D56-B9EC-4CC44968AC3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {043FC396-42B0-463E-99A2-F88B2711EDF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {4894B77E-9A62-4D70-8DA8-37EE3C63865A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {51D7B727-4B84-496C-8414-75EE011A545E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {8667911B-9984-431A-8983-9E5F55F06E95} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D3717A0A-FAF1-44A0-8CB9-CBBAD5DBBED3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {ED0B5209-B636-4776-B5F1-FD3513B87D86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FF86116F-97D6-44A5-AFB1-3D8A4FE78DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00269824 _____ () C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
2015-03-22 14:45 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-22 14:45 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-22 14:45 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-22 14:45 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-22 14:45 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00398848 _____ () C:\Program Files (x86)\Syncios_01\DuiLib.dll
2015-12-25 20:20 - 2015-12-18 16:51 - 00073728 _____ () C:\Program Files (x86)\Syncios_01\generalFunc_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00176128 _____ () C:\Program Files (x86)\Syncios_01\driverMgr4Transfer_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00966144 _____ () C:\Program Files (x86)\Syncios_01\androidSyncCore_pdm.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\spülmeisterw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DC924973-1040-4AD9-85CA-2C39532FDE24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6785B36E-F829-413F-B721-BFD64F9800DC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{391B0ECC-CC46-44C9-95CE-74D6B3193CF8}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{145050AD-EF58-400D-95A0-14F95ADC6E28}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5282A05-1F8C-4042-B943-79925EF80511}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01859D47-7734-499D-8CE3-76F88F540719}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4E2640-9DA8-4216-AA96-D6FE14C27D31}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{992A8B55-E740-482A-A542-7CFF18064B81}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2072A6DE-F933-45F7-AA46-03C4A3335CA9}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7EAC02C4-C10F-4B3A-9A72-62584070D50B}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{335B119A-4ADE-40C8-9902-B664F930C5AB}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{8774F648-CF0A-4EBC-93C3-A9E9D226BE77}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{CDCA7323-C6E8-4F81-8F41-C0EF9431ED06}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7738B03B-7100-4068-9925-A3E93CCA9E97}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35C3F991-16DE-4477-A79E-E3026C5B114E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F6B2E0B9-AC5C-4F79-8D66-5CF0E8812053}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4113D355-2F77-4E61-803C-E7BCB4954C70}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E42778F-E203-4F61-BE67-D8EE289FA4FC}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{39C544D5-7637-4C23-B80B-A70DBB8C0722}] => C:\Program Files (x86)\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
01-12-2016 19:03:09 Prüfpunkt von HitmanPro
01-12-2016 19:03:32 Prüfpunkt von HitmanPro
01-12-2016 19:03:48 Prüfpunkt von HitmanPro
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/01/2016 07:09:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/01/2016 07:07:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.4.40.94, Zeitstempel: 0x53ad3eee
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2f948
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0x78
Startzeit der fehlerhaften Anwendung: 0x01d24bfdb73b6179
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: f585072c-b7f0-11e6-b3af-002326fc1638
Error: (12/01/2016 07:06:17 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = chip 1-click download service wurde entfernt.; Fehler = 0x80070005).
Error: (12/01/2016 07:06:15 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\msiexec.exe /V; Beschreibung = chip 1-click download service wurde entfernt.; Fehler = 0x80070005).
Error: (12/01/2016 07:04:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDUpdate.exe, Version: 2.4.40.94, Zeitstempel: 0x53ad3eee
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.23543, Zeitstempel: 0x57d2f948
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c54f
ID des fehlerhaften Prozesses: 0xb90
Startzeit der fehlerhaften Anwendung: 0x01d24bfd5ad5a052
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll
Berichtskennung: 99db52ba-b7f0-11e6-b3af-002326fc1638
Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000288,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000018FEAF0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x00000314,(null),0,REG_BINARY,000000000166E060.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {14153ffd-14e0-44ee-adaf-0c4b61a1d962}
Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000009a8,(null),0,REG_BINARY,000000000742E360.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Generatorname: MSSearch Service Writer
Generatorinstanz-ID: {e53773df-9c5e-473f-abb0-a442945dd2bc}
Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000008b4,(null),0,REG_BINARY,000000000710E210.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Generatorname: WMI Writer
Generatorinstanz-ID: {252678c9-c583-482f-bc5b-33bfc92c1eec}
Error: (12/01/2016 07:04:00 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001c4,(null),0,REG_BINARY,0000000002A2EED0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {fad7af87-7bce-4056-8dc8-59ee2fee0991}
Systemfehler:
=============
Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/01/2016 07:11:51 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/01/2016 07:06:19 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen:
Zugriff verweigert
Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/01/2016 04:35:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/01/2016 04:33:08 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 36%
Installierter physikalischer RAM: 7987.42 MB
Verfügbarer physikalischer RAM: 5044.03 MB
Summe virtueller Speicher: 15973.02 MB
Verfügbarer virtueller Speicher: 12911.95 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:119.61 GB) (Free:50.12 GB) NTFS
Drive d: () (Removable) (Total:1.84 GB) (Free:1.83 GB) FAT
Drive z: () (Fixed) (Total:342.37 GB) (Free:268.84 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EC431FA8)
Partition 1: (Active) - (Size=3.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=119.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342.4 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 1.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-11-2016
durchgeführt von spülmeisterw (Administrator) auf SKLAVE15 (01-12-2016 19:17:24)
Gestartet von C:\Users\spülmeisterw\Downloads
Geladene Profile: spülmeisterw (Verfügbare Profile: spülmeisterw & schwester_s)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535392 2009-10-12] (CSR, plc)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431456 2009-10-12] (CSR, plc)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [916072 2016-10-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [367424 2016-05-11] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{3056EF62-96A2-4CD4-A930-916C257CD488}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C3A5A36B-F94D-44A3-9F9F-EED4D05401A8}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FireFox:
========
FF DefaultProfile: k15ix6ww.default
FF ProfilePath: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default [2016-12-01]
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\k15ix6ww.default -> AVG Secure Search
FF Homepage: Mozilla\Firefox\Profiles\k15ix6ww.default -> hxxps://www.google.de/?gws_rd=ssl
FF Extension: (Avira Browser Safety) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\abs@avira.com.xpi [2016-11-24]
FF Extension: (Firefox Hotfix) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Avira SafeSearch) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\safesearch@avira.com.xpi [2016-06-06]
FF Extension: (Adblock Plus) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\searchplugins\avira-safesearch.xml [2015-03-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3282142634-361615843-1521448422-1000: @protectdisc.com/NPMPDRM -> C:\Users\spülmeisterw\AppData\Local\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089088 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [475232 2016-10-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1488240 2016-10-30] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349512 2016-11-15] (Avira Operations GmbH & Co. KG)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International) [Datei ist nicht signiert]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 androidusb; C:\Windows\System32\Drivers\smdadb.sys [39624 2015-04-24] (Google Inc)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [177432 2016-10-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [145536 2016-10-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [79696 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 BthAvrcp; C:\Windows\system32\drivers\BthAvrcp.sys [34656 2009-10-12] (CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [59152 2016-05-11] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [151936 2009-10-26] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-11-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-01 19:17 - 2016-12-01 19:18 - 00012917 _____ C:\Users\spülmeisterw\Downloads\FRST.txt
2016-12-01 19:16 - 2016-12-01 19:17 - 00000000 ____D C:\FRST
2016-12-01 19:16 - 2016-12-01 19:16 - 02411520 _____ (Farbar) C:\Users\spülmeisterw\Downloads\FRST64.exe
2016-12-01 19:06 - 2016-12-01 19:06 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 19:04 - 2016-12-01 19:04 - 00000000 ____D C:\Users\spülmeisterw\Desktop\Trojan Hunter
2016-12-01 19:03 - 2016-12-01 19:03 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-12-01 18:58 - 2016-12-01 19:04 - 00000000 ____D C:\Users\spülmeisterw\Desktop\HitmanPro.EU Cleaner
2016-12-01 18:51 - 2016-12-01 18:55 - 00000000 ____D C:\Users\spülmeisterw\Desktop\Log file Malwarebytes
2016-11-30 23:55 - 2016-12-01 18:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-30 21:17 - 2016-11-30 21:17 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-11-30 21:17 - 2016-11-30 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-11-30 21:17 - 2016-11-30 21:17 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-11-30 21:17 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-30 21:17 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-30 21:17 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-30 21:16 - 2016-12-01 19:05 - 00000000 ____D C:\Program Files (x86)\TrojanHunter
2016-11-30 21:15 - 2016-11-30 21:15 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Downloaded Installations
2016-11-30 18:25 - 2016-11-30 18:25 - 00217527 _____ C:\Users\spülmeisterw\Desktop\Online24 PayAG.pdf
2016-11-30 18:23 - 2016-11-30 18:23 - 00001912 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-11-30 18:23 - 2016-11-30 18:23 - 00000000 ____D C:\Program Files\HitmanPro
2016-11-30 18:22 - 2016-12-01 19:03 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-30 18:22 - 2016-11-30 18:23 - 11581544 _____ (SurfRight B.V.) C:\Users\spülmeisterw\Downloads\hitmanpro_x64.exe
2016-11-29 21:50 - 2016-11-29 21:50 - 00000000 ____D C:\Users\schwester_s\Documents\Nero
2016-11-27 18:02 - 2016-11-27 18:02 - 00000856 _____ C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
2016-11-25 14:30 - 2016-11-25 14:30 - 309541681 _____ C:\Users\spülmeisterw\Downloads\Beginner - Advanced Chemistry [Ganzes Album].mp4
2016-11-24 06:43 - 2016-12-01 19:10 - 00000000 ____D C:\Users\spülmeisterw\AppData\LocalLow\Mozilla
2016-11-23 17:40 - 2016-11-23 17:40 - 00001143 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-11-20 10:41 - 2016-12-01 16:33 - 00000000 ____D C:\Users\schwester_s\AppData\LocalLow\Mozilla
2016-11-19 21:54 - 2016-12-01 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 17:37 - 2016-11-18 17:37 - 00002151 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-18 17:37 - 2016-11-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-14 16:32 - 2016-11-14 16:32 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(2).pdf
2016-11-14 16:29 - 2016-11-14 16:30 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(1).pdf
2016-11-13 16:20 - 2016-11-13 16:20 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF.pdf
2016-11-05 23:33 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-05 23:33 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-05 23:33 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-05 23:33 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-05 23:33 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-05 23:33 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-05 23:33 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-05 23:33 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-05 23:33 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-05 23:33 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-05 23:33 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-05 23:33 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-05 23:33 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-05 23:33 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-05 23:33 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-05 23:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-05 23:33 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-05 23:33 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-05 23:32 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-05 23:32 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-05 23:32 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-05 23:32 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-05 23:32 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-05 23:32 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-05 23:32 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-05 23:32 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-05 23:32 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-05 23:32 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-05 23:32 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-05 23:32 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-05 23:32 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-05 23:32 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-05 23:32 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-05 23:32 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-05 23:32 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-05 23:32 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-05 23:32 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-05 23:32 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-05 23:32 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-05 23:32 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-05 23:32 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-05 23:32 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-05 23:32 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-05 23:32 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-05 23:32 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-05 23:32 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-05 23:32 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-05 23:32 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-05 23:32 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-05 23:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-05 23:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-05 23:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-05 23:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-05 23:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-05 23:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-05 20:32 - 2016-11-05 20:32 - 00160804 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_Rechnung.pdf
2016-11-05 20:31 - 2016-11-05 20:31 - 00445036 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_RT.pdf
2016-11-05 20:30 - 2016-11-05 20:30 - 00445041 _____ C:\Users\spülmeisterw\Desktop\A8B0E514.pdf
2016-11-04 21:32 - 2016-11-04 21:58 - 00018453 _____ C:\Users\spülmeisterw\Desktop\Vadder.odt
2016-11-01 18:59 - 2016-11-01 19:06 - 00000000 ____D C:\Users\schwester_s\Desktop\Freispiel_01.11.2016
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-01 19:10 - 2015-12-25 20:21 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\SynciOS Data Transfer
2016-12-01 19:10 - 2015-04-03 20:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-01 19:09 - 2015-03-22 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-01 19:09 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-01 18:54 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-01 18:54 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-01 18:48 - 2015-03-22 11:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-01 18:36 - 2015-04-03 20:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-01 16:33 - 2016-03-04 09:55 - 00000000 ____D C:\Users\schwester_s\AppData\Roaming\SynciOS Data Transfer
2016-11-28 20:51 - 2015-03-24 23:44 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Nero
2016-11-28 19:12 - 2011-04-12 08:43 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-11-28 19:12 - 2011-04-12 08:43 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-11-28 19:12 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-28 19:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-27 18:02 - 2016-05-22 18:00 - 01292796 _____ C:\Users\spülmeisterw\Desktop\Jakobs Bagger.xcf
2016-11-27 18:02 - 2016-03-06 22:22 - 00000000 ____D C:\Users\spülmeisterw\.gimp-2.8
2016-11-23 17:40 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-23 17:40 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-11-18 17:37 - 2015-04-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-08 18:48 - 2015-03-22 11:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 18:48 - 2015-03-22 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 18:48 - 2015-03-22 11:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 18:48 - 2015-03-22 11:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 18:48 - 2015-03-22 10:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 16:00 - 2015-03-24 22:05 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 19:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-06 10:30 - 2009-07-14 05:45 - 00351328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-05 18:07 - 2015-03-22 12:31 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-11-05 07:55 - 2016-02-23 18:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-01 19:03 - 2016-08-29 21:36 - 00056128 _____ C:\Users\schwester_s\Desktop\fertige aufgaben 1-3.odt
2016-11-01 18:40 - 2016-10-30 08:40 - 00028570 _____ C:\Users\schwester_s\Desktop\Freispiel.odt
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-18 06:03 - 2015-12-18 06:03 - 0124133 _____ () C:\Program Files (x86)\Acknowledgements.rtf
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018112 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022720 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0027840 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0026816 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0070848 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0023232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3370128 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_dsp.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2199696 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_manager.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0870544 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_musicid.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0325776 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_submit.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0569664 _____ (GEAR-Software) C:\Program Files (x86)\gwlangen.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 18175808 _____ (GEAR-Software) C:\Program Files (x86)\gwrks64.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3088696 _____ (Apple Inc.) C:\Program Files (x86)\iPodUpdaterExt.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2980152 _____ (Apple Inc.) C:\Program Files (x86)\iTunes.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0471864 _____ (Apple Inc.) C:\Program Files (x86)\iTunesAdmin.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 36243768 _____ (Apple Inc.) C:\Program Files (x86)\iTunesCore.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0212280 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0176440 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0162616 _____ (Apple Inc.) C:\Program Files (x86)\iTunesMiniPlayer.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0992960 _____ (Microsoft Corporation) C:\Program Files (x86)\ucrtbase.dll
2015-06-23 19:17 - 2016-01-31 16:59 - 0000040 _____ () C:\Users\spülmeisterw\AppData\Roaming\cdr.ini
2015-07-07 19:47 - 2015-08-13 21:03 - 0108299 _____ () C:\Users\spülmeisterw\AppData\Roaming\Zulu.dmp
2016-11-27 18:02 - 2016-11-27 18:02 - 0000856 _____ () C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\schwester_s\AppData\Local\Temp\avgnt.exe
C:\Users\schwester_s\AppData\Local\Temp\kernel32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-06 13:52
==================== Ende von FRST.txt ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.11.2016 Suchlaufzeit: 23:55 Protokolldatei: anti-malware-logfile.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.11.30.11 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: spülmeisterw Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 364066 Abgelaufene Zeit: 16 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
02.12.2016, 13:20
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnet Spybot deinstallieren, das Teil bringt nix. Bitte auch Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
02.12.2016, 20:46
| #5 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Abend, habe spybot und Avira deinstalliert. Warte auf neue Anweisungen. |
|
02.12.2016, 22:03
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnet 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ --> WIN 7: Zip Datei von online24 Pay AG geöffnet |
|
03.12.2016, 09:59
| #7 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Morgen, zuerst habe ich MBAR ausführen lassen und es wurde nichts gefunden. Bei der darauffolgende Ausführung von TDSS-Killer wurde während des Scanvorgangs ein blue screen angezeigt und ich musste den Rechner neustarten. Was soll ich nun tun? Anbei der Logfile von MBAR sowie der "unfertige" Logfile von TDSS. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.03.04
rootkit: v2016.11.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18499
spülmeisterw :: SKLAVE15 [administrator]
03.12.2016 08:41:04
mbar-log-2016-12-03 (08-41-04).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 363445
Time elapsed: 22 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 08:42:10.0024 0x0f58 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
08:42:13.0927 0x0f58 ============================================================
08:42:13.0927 0x0f58 Current date / time: 2016/12/03 08:42:13.0927
08:42:13.0927 0x0f58 SystemInfo:
08:42:13.0927 0x0f58
08:42:13.0927 0x0f58 OS Version: 6.1.7601 ServicePack: 1.0
08:42:13.0927 0x0f58 Product type: Workstation
08:42:13.0927 0x0f58 ComputerName: SKLAVE15
08:42:13.0928 0x0f58 UserName: spülmeisterw
08:42:13.0928 0x0f58 Windows directory: C:\Windows
08:42:13.0928 0x0f58 System windows directory: C:\Windows
08:42:13.0928 0x0f58 Running under WOW64
08:42:13.0928 0x0f58 Processor architecture: Intel x64
08:42:13.0928 0x0f58 Number of processors: 4
08:42:13.0928 0x0f58 Page size: 0x1000
08:42:13.0928 0x0f58 Boot type: Normal boot
08:42:13.0928 0x0f58 CodeIntegrityOptions = 0x00000001
08:42:13.0928 0x0f58 ============================================================
08:42:18.0810 0x0f58 KLMD registered as C:\Windows\system32\drivers\08958103.sys
08:42:18.0810 0x0f58 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
08:42:18.0983 0x0f58 System UUID: {C29C9170-82EF-887C-2D72-9D562C3FF378}
08:42:19.0640 0x0f58 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
08:42:19.0641 0x0f58 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:42:19.0745 0x0f58 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:42:19.0747 0x0f58 ============================================================
08:42:19.0747 0x0f58 \Device\Harddisk1\DR1:
08:42:19.0748 0x0f58 MBR partitions:
08:42:19.0748 0x0f58 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
08:42:19.0748 0x0f58 \Device\Harddisk0\DR0:
08:42:19.0748 0x0f58 MBR partitions:
08:42:19.0748 0x0f58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x790800, BlocksNum 0xEF36000
08:42:19.0748 0x0f58 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF6C7000, BlocksNum 0x2ACBE800
08:42:19.0748 0x0f58 \Device\Harddisk1\DR1:
08:42:19.0749 0x0f58 MBR partitions:
08:42:19.0749 0x0f58 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
08:42:19.0749 0x0f58 ============================================================
08:42:19.0763 0x0f58 C: <-> \Device\Harddisk0\DR0\Partition1
08:42:19.0765 0x0f58 Z: <-> \Device\Harddisk0\DR0\Partition2
08:42:19.0765 0x0f58 ============================================================
08:42:19.0765 0x0f58 Initialize success
08:42:19.0765 0x0f58 ============================================================
09:06:00.0202 0x0848 ============================================================
09:06:00.0202 0x0848 Scan started
09:06:00.0202 0x0848 Mode: Manual;
09:06:00.0202 0x0848 ============================================================
09:06:00.0202 0x0848 KSN ping started
09:06:11.0431 0x0848 KSN ping finished: true
09:06:12.0941 0x0848 ================ Scan system memory ========================
09:06:12.0941 0x0848 System memory - ok
09:06:12.0941 0x0848 ================ Scan services =============================
09:06:13.0051 0x0848 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:06:13.0061 0x0848 1394ohci - ok
09:06:13.0201 0x0848 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:06:13.0211 0x0848 ACPI - ok
09:06:13.0221 0x0848 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:06:13.0221 0x0848 AcpiPmi - ok
09:06:13.0251 0x0848 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:06:13.0251 0x0848 AdobeARMservice - ok
09:06:13.0331 0x0848 [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:06:13.0341 0x0848 AdobeFlashPlayerUpdateSvc - ok
09:06:13.0391 0x0848 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
09:06:13.0411 0x0848 adp94xx - ok
09:06:13.0431 0x0848 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
09:06:13.0441 0x0848 adpahci - ok
09:06:13.0451 0x0848 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
09:06:13.0461 0x0848 adpu320 - ok
09:06:13.0471 0x0848 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:06:13.0471 0x0848 AeLookupSvc - ok
09:06:13.0501 0x0848 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
09:06:13.0521 0x0848 AFD - ok
09:06:13.0571 0x0848 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
09:06:13.0611 0x0848 AgereSoftModem - ok
09:06:13.0621 0x0848 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:06:13.0621 0x0848 agp440 - ok
09:06:13.0621 0x0848 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:06:13.0621 0x0848 ALG - ok
09:06:13.0632 0x0848 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:06:13.0632 0x0848 aliide - ok
09:06:13.0632 0x0848 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:06:13.0632 0x0848 amdide - ok
09:06:13.0642 0x0848 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
09:06:13.0642 0x0848 AmdK8 - ok
09:06:13.0642 0x0848 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
09:06:13.0642 0x0848 AmdPPM - ok
09:06:13.0652 0x0848 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:06:13.0652 0x0848 amdsata - ok
09:06:13.0672 0x0848 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
09:06:13.0682 0x0848 amdsbs - ok
09:06:13.0682 0x0848 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:06:13.0682 0x0848 amdxata - ok
09:06:13.0702 0x0848 [ 7ECE1575A7258906C2DEF7E219002B50, D5E989138BE5F46130F9786D09DF874B34CA52FB5C8D2AF41175405DB28FE5E2 ] androidusb C:\Windows\system32\Drivers\smdadb.sys
09:06:13.0702 0x0848 androidusb - ok
09:06:13.0702 0x0848 [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID C:\Windows\system32\drivers\appid.sys
09:06:13.0702 0x0848 AppID - ok
09:06:13.0712 0x0848 [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:06:13.0712 0x0848 AppIDSvc - ok
09:06:13.0722 0x0848 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
09:06:13.0722 0x0848 Appinfo - ok
09:06:13.0742 0x0848 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:06:13.0742 0x0848 Apple Mobile Device Service - ok
09:06:13.0762 0x0848 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
09:06:13.0772 0x0848 AppMgmt - ok
09:06:13.0782 0x0848 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
09:06:13.0782 0x0848 arc - ok
09:06:13.0792 0x0848 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
09:06:13.0802 0x0848 arcsas - ok
09:06:13.0832 0x0848 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:06:13.0842 0x0848 aspnet_state - ok
09:06:13.0842 0x0848 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:06:13.0842 0x0848 AsyncMac - ok
09:06:13.0842 0x0848 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:06:13.0842 0x0848 atapi - ok
09:06:13.0922 0x0848 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
09:06:13.0992 0x0848 athr - ok
09:06:14.0022 0x0848 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:06:14.0042 0x0848 AudioEndpointBuilder - ok
09:06:14.0062 0x0848 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:06:14.0082 0x0848 AudioSrv - ok
09:06:14.0092 0x0848 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:06:14.0092 0x0848 AxInstSV - ok
09:06:14.0122 0x0848 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
09:06:14.0132 0x0848 b06bdrv - ok
09:06:14.0152 0x0848 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:06:14.0162 0x0848 b57nd60a - ok
09:06:14.0172 0x0848 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:06:14.0182 0x0848 BDESVC - ok
09:06:14.0182 0x0848 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:06:14.0182 0x0848 Beep - ok
09:06:14.0222 0x0848 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:06:14.0242 0x0848 BFE - ok
09:06:14.0272 0x0848 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
09:06:14.0332 0x0848 BITS - ok
09:06:14.0332 0x0848 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
09:06:14.0332 0x0848 blbdrive - ok
09:06:14.0362 0x0848 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:06:14.0372 0x0848 Bonjour Service - ok
09:06:14.0382 0x0848 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:06:14.0382 0x0848 bowser - ok
09:06:14.0382 0x0848 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
09:06:14.0392 0x0848 BrFiltLo - ok
09:06:14.0392 0x0848 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
09:06:14.0392 0x0848 BrFiltUp - ok
09:06:14.0402 0x0848 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:06:14.0412 0x0848 Browser - ok
09:06:14.0422 0x0848 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:06:14.0432 0x0848 Brserid - ok
09:06:14.0432 0x0848 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:06:14.0442 0x0848 BrSerWdm - ok
09:06:14.0442 0x0848 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:06:14.0442 0x0848 BrUsbMdm - ok
09:06:14.0442 0x0848 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:06:14.0442 0x0848 BrUsbSer - ok
09:06:14.0462 0x0848 [ 7649BE609E29B31188C3B04D2B95948F, 7377C3441B7EACE58C84ACFBC14AB77393544949045B8594B7813EDB6EA9C653 ] BthAvrcp C:\Windows\system32\drivers\BthAvrcp.sys
09:06:14.0462 0x0848 BthAvrcp - ok
09:06:14.0472 0x0848 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
09:06:14.0472 0x0848 BTHMODEM - ok
09:06:14.0482 0x0848 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:06:14.0482 0x0848 bthserv - ok
09:06:14.0492 0x0848 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:06:14.0492 0x0848 cdfs - ok
09:06:14.0502 0x0848 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:06:14.0512 0x0848 cdrom - ok
09:06:14.0512 0x0848 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:06:14.0522 0x0848 CertPropSvc - ok
09:06:14.0532 0x0848 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
09:06:14.0532 0x0848 circlass - ok
09:06:14.0552 0x0848 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
09:06:14.0562 0x0848 CLFS - ok
09:06:14.0582 0x0848 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:06:14.0582 0x0848 clr_optimization_v2.0.50727_32 - ok
09:06:14.0592 0x0848 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:06:14.0592 0x0848 clr_optimization_v2.0.50727_64 - ok
09:06:14.0622 0x0848 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:06:14.0632 0x0848 clr_optimization_v4.0.30319_32 - ok
09:06:14.0632 0x0848 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:06:14.0642 0x0848 clr_optimization_v4.0.30319_64 - ok
09:06:14.0642 0x0848 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
09:06:14.0652 0x0848 CmBatt - ok
09:06:14.0652 0x0848 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:06:14.0652 0x0848 cmdide - ok
09:06:14.0672 0x0848 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
09:06:14.0682 0x0848 CNG - ok
09:06:14.0702 0x0848 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
09:06:14.0702 0x0848 Compbatt - ok
09:06:14.0702 0x0848 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:06:14.0702 0x0848 CompositeBus - ok
09:06:14.0712 0x0848 COMSysApp - ok
09:06:14.0712 0x0848 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
09:06:14.0712 0x0848 crcdisk - ok
09:06:14.0722 0x0848 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:06:14.0732 0x0848 CryptSvc - ok
09:06:14.0752 0x0848 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
09:06:14.0762 0x0848 CSC - ok
09:06:14.0802 0x0848 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
09:06:14.0842 0x0848 CscService - ok
09:06:14.0872 0x0848 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:06:14.0882 0x0848 DcomLaunch - ok
09:06:14.0912 0x0848 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:06:14.0922 0x0848 defragsvc - ok
09:06:14.0932 0x0848 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:06:14.0932 0x0848 DfsC - ok
09:06:14.0952 0x0848 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
09:06:14.0962 0x0848 dg_ssudbus - ok
09:06:14.0972 0x0848 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:06:14.0982 0x0848 Dhcp - ok
09:06:15.0062 0x0848 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
09:06:15.0122 0x0848 DiagTrack - ok
09:06:15.0132 0x0848 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:06:15.0132 0x0848 discache - ok
09:06:15.0152 0x0848 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
09:06:15.0152 0x0848 Disk - ok
09:06:15.0162 0x0848 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
09:06:15.0162 0x0848 dmvsc - ok
09:06:15.0172 0x0848 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:06:15.0172 0x0848 Dnscache - ok
09:06:15.0192 0x0848 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:06:15.0192 0x0848 dot3svc - ok
09:06:15.0212 0x0848 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:06:15.0222 0x0848 DPS - ok
09:06:15.0232 0x0848 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:06:15.0232 0x0848 drmkaud - ok
09:06:15.0272 0x0848 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:06:15.0312 0x0848 DXGKrnl - ok
09:06:15.0332 0x0848 [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
09:06:15.0342 0x0848 e1kexpress - ok
09:06:15.0352 0x0848 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:06:15.0352 0x0848 EapHost - ok
09:06:15.0472 0x0848 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
09:06:15.0592 0x0848 ebdrv - ok
09:06:15.0612 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS C:\Windows\System32\lsass.exe
09:06:15.0612 0x0848 EFS - ok
09:06:15.0662 0x0848 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:06:15.0672 0x0848 ehRecvr - ok
09:06:15.0682 0x0848 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:06:15.0682 0x0848 ehSched - ok
09:06:15.0732 0x0848 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
09:06:15.0742 0x0848 elxstor - ok
09:06:15.0742 0x0848 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:06:15.0752 0x0848 ErrDev - ok
09:06:15.0762 0x0848 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:06:15.0782 0x0848 EventSystem - ok
09:06:15.0792 0x0848 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:06:15.0802 0x0848 exfat - ok
09:06:15.0812 0x0848 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:06:15.0812 0x0848 fastfat - ok
09:06:15.0852 0x0848 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:06:15.0862 0x0848 Fax - ok
09:06:15.0872 0x0848 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
09:06:15.0882 0x0848 fdc - ok
09:06:15.0882 0x0848 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:06:15.0882 0x0848 fdPHost - ok
09:06:15.0892 0x0848 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:06:15.0892 0x0848 FDResPub - ok
09:06:15.0892 0x0848 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:06:15.0902 0x0848 FileInfo - ok
09:06:15.0902 0x0848 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:06:15.0902 0x0848 Filetrace - ok
09:06:15.0912 0x0848 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
09:06:15.0912 0x0848 flpydisk - ok
09:06:15.0932 0x0848 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:06:15.0942 0x0848 FltMgr - ok
09:06:16.0002 0x0848 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
09:06:16.0032 0x0848 FontCache - ok
09:06:16.0072 0x0848 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:06:16.0072 0x0848 FontCache3.0.0.0 - ok
09:06:16.0072 0x0848 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:06:16.0072 0x0848 FsDepends - ok
09:06:16.0082 0x0848 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:06:16.0082 0x0848 Fs_Rec - ok
09:06:16.0112 0x0848 [ D104388C79C88E250027B3536A5CD2A9, F8511AEF1E994BD5E96A56F99F99FBE0801C92691E7FB23A2A7CF7E3A6BE32AB ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
09:06:16.0112 0x0848 FUJ02B1 - ok
09:06:16.0112 0x0848 [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
09:06:16.0112 0x0848 FUJ02E3 - ok
09:06:16.0142 0x0848 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:06:16.0142 0x0848 fvevol - ok
09:06:16.0152 0x0848 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
09:06:16.0152 0x0848 gagp30kx - ok
09:06:16.0152 0x0848 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:06:16.0152 0x0848 GEARAspiWDM - ok
09:06:16.0182 0x0848 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
09:06:16.0222 0x0848 gpsvc - ok
09:06:16.0232 0x0848 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:06:16.0232 0x0848 gupdate - ok
09:06:16.0252 0x0848 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:06:16.0252 0x0848 gupdatem - ok
09:06:16.0262 0x0848 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:06:16.0262 0x0848 hcw85cir - ok
09:06:16.0282 0x0848 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:06:16.0292 0x0848 HdAudAddService - ok
09:06:16.0302 0x0848 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:06:16.0302 0x0848 HDAudBus - ok
09:06:16.0302 0x0848 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
09:06:16.0312 0x0848 HECIx64 - ok
09:06:16.0312 0x0848 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
09:06:16.0312 0x0848 HidBatt - ok
09:06:16.0322 0x0848 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
09:06:16.0322 0x0848 HidBth - ok
09:06:16.0322 0x0848 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
09:06:16.0322 0x0848 HidIr - ok
09:06:16.0332 0x0848 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
09:06:16.0332 0x0848 hidserv - ok
09:06:16.0332 0x0848 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
09:06:16.0342 0x0848 HidUsb - ok
09:06:16.0342 0x0848 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:06:16.0342 0x0848 hkmsvc - ok
09:06:16.0362 0x0848 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:06:16.0362 0x0848 HomeGroupListener - ok
09:06:16.0372 0x0848 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:06:16.0382 0x0848 HomeGroupProvider - ok
09:06:16.0382 0x0848 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:06:16.0392 0x0848 HpSAMD - ok
09:06:16.0432 0x0848 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:06:16.0462 0x0848 HTTP - ok
09:06:16.0472 0x0848 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:06:16.0472 0x0848 hwpolicy - ok
09:06:16.0482 0x0848 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:06:16.0482 0x0848 i8042prt - ok
09:06:16.0502 0x0848 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:06:16.0512 0x0848 iaStorV - ok
09:06:16.0572 0x0848 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:06:16.0602 0x0848 idsvc - ok
09:06:16.0612 0x0848 IEEtwCollectorService - ok
09:06:17.0032 0x0848 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
09:06:17.0472 0x0848 igfx - ok
09:06:17.0492 0x0848 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
09:06:17.0492 0x0848 iirsp - ok
09:06:17.0552 0x0848 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:06:17.0572 0x0848 IKEEXT - ok
09:06:17.0592 0x0848 [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd C:\Windows\system32\drivers\Impcd.sys
09:06:17.0592 0x0848 Impcd - ok
09:06:17.0682 0x0848 [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:06:17.0762 0x0848 IntcAzAudAddService - ok
09:06:17.0782 0x0848 [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
09:06:17.0792 0x0848 IntcDAud - ok
09:06:17.0792 0x0848 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:06:17.0802 0x0848 intelide - ok
09:06:17.0802 0x0848 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
09:06:17.0802 0x0848 intelppm - ok
09:06:17.0812 0x0848 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:06:17.0812 0x0848 IPBusEnum - ok
09:06:17.0822 0x0848 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:06:17.0822 0x0848 IpFilterDriver - ok
09:06:17.0852 0x0848 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:06:17.0872 0x0848 iphlpsvc - ok
09:06:17.0872 0x0848 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:06:17.0872 0x0848 IPMIDRV - ok
09:06:17.0882 0x0848 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:06:17.0882 0x0848 IPNAT - ok
09:06:17.0942 0x0848 [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:06:17.0952 0x0848 iPod Service - ok
09:06:17.0972 0x0848 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:06:17.0972 0x0848 IRENUM - ok
09:06:17.0972 0x0848 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:06:17.0972 0x0848 isapnp - ok
09:06:18.0002 0x0848 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:06:18.0002 0x0848 iScsiPrt - ok
09:06:18.0012 0x0848 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:06:18.0012 0x0848 kbdclass - ok
09:06:18.0012 0x0848 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
09:06:18.0012 0x0848 kbdhid - ok
09:06:18.0022 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso C:\Windows\system32\lsass.exe
09:06:18.0022 0x0848 KeyIso - ok
09:06:18.0022 0x0848 [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:06:18.0032 0x0848 KSecDD - ok
09:06:18.0032 0x0848 [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:06:18.0042 0x0848 KSecPkg - ok
09:06:18.0042 0x0848 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:06:18.0042 0x0848 ksthunk - ok
09:06:18.0062 0x0848 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:06:18.0072 0x0848 KtmRm - ok
09:06:18.0112 0x0848 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:06:18.0112 0x0848 LanmanServer - ok
09:06:18.0122 0x0848 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:06:18.0122 0x0848 LanmanWorkstation - ok
09:06:18.0132 0x0848 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:06:18.0132 0x0848 lltdio - ok
09:06:18.0152 0x0848 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:06:18.0162 0x0848 lltdsvc - ok
09:06:18.0182 0x0848 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:06:18.0182 0x0848 lmhosts - ok
09:06:18.0212 0x0848 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:06:18.0212 0x0848 LMS - ok
09:06:18.0232 0x0848 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
09:06:18.0232 0x0848 LSI_FC - ok
09:06:18.0242 0x0848 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
09:06:18.0242 0x0848 LSI_SAS - ok
09:06:18.0252 0x0848 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
09:06:18.0252 0x0848 LSI_SAS2 - ok
09:06:18.0262 0x0848 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
09:06:18.0262 0x0848 LSI_SCSI - ok
09:06:18.0272 0x0848 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:06:18.0272 0x0848 luafv - ok
09:06:18.0282 0x0848 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:06:18.0282 0x0848 Mcx2Svc - ok
09:06:18.0282 0x0848 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
09:06:18.0282 0x0848 megasas - ok
09:06:18.0302 0x0848 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
09:06:18.0312 0x0848 MegaSR - ok
09:06:18.0322 0x0848 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:06:18.0332 0x0848 MMCSS - ok
09:06:18.0332 0x0848 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:06:18.0332 0x0848 Modem - ok
09:06:18.0342 0x0848 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:06:18.0342 0x0848 monitor - ok
09:06:18.0342 0x0848 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:06:18.0342 0x0848 mouclass - ok
09:06:18.0352 0x0848 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
09:06:18.0352 0x0848 mouhid - ok
09:06:18.0362 0x0848 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:06:18.0362 0x0848 mountmgr - ok
09:06:18.0392 0x0848 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:06:18.0402 0x0848 MozillaMaintenance - ok
09:06:18.0412 0x0848 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:06:18.0412 0x0848 mpio - ok
09:06:18.0422 0x0848 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:06:18.0422 0x0848 mpsdrv - ok
09:06:18.0462 0x0848 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:06:18.0492 0x0848 MpsSvc - ok
09:06:18.0502 0x0848 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:06:18.0502 0x0848 MRxDAV - ok
09:06:18.0512 0x0848 [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:06:18.0512 0x0848 mrxsmb - ok
09:06:18.0532 0x0848 [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:06:18.0542 0x0848 mrxsmb10 - ok
09:06:18.0542 0x0848 [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:06:18.0552 0x0848 mrxsmb20 - ok
09:06:18.0552 0x0848 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:06:18.0552 0x0848 msahci - ok
09:06:18.0562 0x0848 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:06:18.0572 0x0848 msdsm - ok
09:06:18.0582 0x0848 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:06:18.0582 0x0848 MSDTC - ok
09:06:18.0582 0x0848 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:06:18.0592 0x0848 Msfs - ok
09:06:18.0602 0x0848 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:06:18.0602 0x0848 mshidkmdf - ok
09:06:18.0602 0x0848 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:06:18.0602 0x0848 msisadrv - ok
09:06:18.0612 0x0848 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:06:18.0622 0x0848 MSiSCSI - ok
09:06:18.0622 0x0848 msiserver - ok
09:06:18.0632 0x0848 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:06:18.0632 0x0848 MSKSSRV - ok
09:06:18.0642 0x0848 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:06:18.0642 0x0848 MSPCLOCK - ok
09:06:18.0642 0x0848 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:06:18.0642 0x0848 MSPQM - ok
09:06:18.0663 0x0848 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:06:18.0673 0x0848 MsRPC - ok
09:06:18.0683 0x0848 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:06:18.0683 0x0848 mssmbios - ok
09:06:18.0683 0x0848 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:06:18.0683 0x0848 MSTEE - ok
09:06:18.0683 0x0848 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
09:06:18.0683 0x0848 MTConfig - ok
09:06:18.0693 0x0848 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:06:18.0693 0x0848 Mup - ok
09:06:18.0713 0x0848 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:06:18.0733 0x0848 napagent - ok
09:06:18.0743 0x0848 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:06:18.0753 0x0848 NativeWifiP - ok
09:06:18.0803 0x0848 [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
09:06:18.0823 0x0848 NAUpdate - ok
09:06:18.0863 0x0848 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
09:06:18.0883 0x0848 NDIS - ok
09:06:18.0893 0x0848 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:06:18.0893 0x0848 NdisCap - ok
09:06:18.0953 0x0848 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:06:18.0963 0x0848 NdisTapi - ok
09:06:18.0963 0x0848 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:06:18.0963 0x0848 Ndisuio - ok
09:06:18.0973 0x0848 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:06:18.0983 0x0848 NdisWan - ok
09:06:18.0983 0x0848 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:06:18.0983 0x0848 NDProxy - ok
09:06:19.0013 0x0848 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
09:06:19.0023 0x0848 Netaapl - ok
09:06:19.0023 0x0848 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:06:19.0023 0x0848 NetBIOS - ok
09:06:19.0053 0x0848 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:06:19.0063 0x0848 NetBT - ok
09:06:19.0063 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon C:\Windows\system32\lsass.exe
09:06:19.0063 0x0848 Netlogon - ok
09:06:19.0083 0x0848 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:06:19.0093 0x0848 Netman - ok
09:06:19.0123 0x0848 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0123 0x0848 NetMsmqActivator - ok
09:06:19.0133 0x0848 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0133 0x0848 NetPipeActivator - ok
09:06:19.0163 0x0848 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:06:19.0173 0x0848 netprofm - ok
09:06:19.0183 0x0848 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0183 0x0848 NetTcpActivator - ok
09:06:19.0183 0x0848 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:06:19.0193 0x0848 NetTcpPortSharing - ok
09:06:19.0193 0x0848 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
09:06:19.0193 0x0848 nfrd960 - ok
09:06:19.0213 0x0848 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:06:19.0223 0x0848 NlaSvc - ok
09:06:19.0223 0x0848 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:06:19.0223 0x0848 Npfs - ok
09:06:19.0233 0x0848 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:06:19.0233 0x0848 nsi - ok
09:06:19.0233 0x0848 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:06:19.0233 0x0848 nsiproxy - ok
09:06:19.0293 0x0848 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:06:19.0363 0x0848 Ntfs - ok
09:06:19.0373 0x0848 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:06:19.0373 0x0848 Null - ok
09:06:19.0383 0x0848 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:06:19.0383 0x0848 nvraid - ok
09:06:19.0393 0x0848 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:06:19.0393 0x0848 nvstor - ok
09:06:19.0403 0x0848 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:06:19.0403 0x0848 nv_agp - ok
09:06:19.0453 0x0848 [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2Flash C:\Windows\SysWOW64\o2flash.exe
09:06:19.0463 0x0848 O2Flash - ok
09:06:19.0463 0x0848 [ AECFF27D5C70F295B09B85EFE3292ED1, 10EE366E4551EE0994B309AC30F5F619B6A4A0A9C8B55943D9FB5FA79A187568 ] O2MDRDR C:\Windows\system32\DRIVERS\o2mdx64.sys
09:06:19.0463 0x0848 O2MDRDR - ok
09:06:19.0483 0x0848 [ 3B179A7EFF9EDCC045F5570510C812F6, A4E939E38C27BD4C54A62618688360C06F9E853C43EC5EC038686F5FA31DC9EC ] O2SCBUS C:\Windows\system32\DRIVERS\ozscrx64.sys
09:06:19.0483 0x0848 O2SCBUS - ok
09:06:19.0483 0x0848 [ DF014C48015B637790BE3EDDD1384728, 3414A45709F33684945D61191E65163766A18B37CBC9D12CC56968A2A5F06467 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sdx64.sys
09:06:19.0493 0x0848 O2SDRDR - ok
09:06:19.0493 0x0848 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:06:19.0493 0x0848 ohci1394 - ok
09:06:19.0523 0x0848 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:06:19.0533 0x0848 p2pimsvc - ok
09:06:19.0553 0x0848 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:06:19.0563 0x0848 p2psvc - ok
09:06:19.0563 0x0848 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:06:19.0573 0x0848 Parport - ok
09:06:19.0573 0x0848 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:06:19.0583 0x0848 partmgr - ok
09:06:19.0593 0x0848 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
09:06:19.0593 0x0848 PcaSvc - ok
09:06:19.0603 0x0848 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:06:19.0613 0x0848 pci - ok
09:06:19.0613 0x0848 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:06:19.0613 0x0848 pciide - ok
09:06:19.0623 0x0848 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:06:19.0633 0x0848 pcmcia - ok
09:06:19.0633 0x0848 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:06:19.0643 0x0848 pcw - ok
09:06:19.0673 0x0848 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:06:19.0693 0x0848 PEAUTH - ok
09:06:19.0753 0x0848 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:06:19.0813 0x0848 PeerDistSvc - ok
09:06:19.0813 0x0848 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:06:19.0823 0x0848 PerfHost - ok
09:06:19.0873 0x0848 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:06:19.0953 0x0848 pla - ok
09:06:20.0043 0x0848 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:06:20.0083 0x0848 PlugPlay - ok
09:06:20.0083 0x0848 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:06:20.0083 0x0848 PNRPAutoReg - ok
09:06:20.0103 0x0848 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:06:20.0113 0x0848 PNRPsvc - ok
09:06:20.0153 0x0848 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:06:20.0183 0x0848 PolicyAgent - ok
09:06:20.0213 0x0848 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:06:20.0223 0x0848 Power - ok
09:06:20.0243 0x0848 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:06:20.0243 0x0848 PptpMiniport - ok
09:06:20.0253 0x0848 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
09:06:20.0253 0x0848 Processor - ok
09:06:20.0263 0x0848 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
09:06:20.0273 0x0848 ProfSvc - ok
09:06:20.0273 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:06:20.0283 0x0848 ProtectedStorage - ok
09:06:20.0283 0x0848 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:06:20.0293 0x0848 Psched - ok
09:06:20.0303 0x0848 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
09:06:20.0303 0x0848 pwdrvio - ok
09:06:20.0323 0x0848 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
09:06:20.0333 0x0848 pwdspio - ok
09:06:20.0393 0x0848 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
09:06:20.0443 0x0848 ql2300 - ok
09:06:20.0453 0x0848 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
09:06:20.0463 0x0848 ql40xx - ok
09:06:20.0473 0x0848 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:06:20.0483 0x0848 QWAVE - ok
09:06:20.0483 0x0848 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:06:20.0483 0x0848 QWAVEdrv - ok
09:06:20.0493 0x0848 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:06:20.0493 0x0848 RasAcd - ok
09:06:20.0493 0x0848 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:06:20.0493 0x0848 RasAgileVpn - ok
09:06:20.0503 0x0848 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:06:20.0503 0x0848 RasAuto - ok
09:06:20.0513 0x0848 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:06:20.0523 0x0848 Rasl2tp - ok
09:06:20.0533 0x0848 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:06:20.0543 0x0848 RasMan - ok
09:06:20.0553 0x0848 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:06:20.0553 0x0848 RasPppoe - ok
09:06:20.0563 0x0848 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:06:20.0573 0x0848 RasSstp - ok
09:06:20.0583 0x0848 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:06:20.0593 0x0848 rdbss - ok
09:06:20.0593 0x0848 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
09:06:20.0593 0x0848 rdpbus - ok
09:06:20.0603 0x0848 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:06:20.0603 0x0848 RDPCDD - ok
09:06:20.0613 0x0848 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:06:20.0613 0x0848 RDPDR - ok
09:06:20.0623 0x0848 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:06:20.0623 0x0848 RDPENCDD - ok
09:06:20.0633 0x0848 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:06:20.0633 0x0848 RDPREFMP - ok
09:06:20.0643 0x0848 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:06:20.0653 0x0848 RDPWD - ok
09:06:20.0663 0x0848 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:06:20.0663 0x0848 rdyboost - ok
09:06:20.0673 0x0848 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:06:20.0673 0x0848 RemoteAccess - ok
09:06:20.0683 0x0848 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:06:20.0693 0x0848 RemoteRegistry - ok
09:06:20.0703 0x0848 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:06:20.0703 0x0848 RpcEptMapper - ok
09:06:20.0703 0x0848 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:06:20.0703 0x0848 RpcLocator - ok
09:06:20.0733 0x0848 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
09:06:20.0743 0x0848 RpcSs - ok
09:06:20.0753 0x0848 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:06:20.0753 0x0848 rspndr - ok
09:06:20.0753 0x0848 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:06:20.0753 0x0848 s3cap - ok
09:06:20.0763 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs C:\Windows\system32\lsass.exe
09:06:20.0763 0x0848 SamSs - ok
09:06:20.0763 0x0848 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:06:20.0773 0x0848 sbp2port - ok
09:06:20.0783 0x0848 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:06:20.0783 0x0848 SCardSvr - ok
09:06:20.0793 0x0848 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:06:20.0793 0x0848 scfilter - ok
09:06:20.0833 0x0848 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
09:06:20.0873 0x0848 Schedule - ok
09:06:20.0883 0x0848 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:06:20.0883 0x0848 SCPolicySvc - ok
09:06:20.0893 0x0848 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
09:06:20.0893 0x0848 sdbus - ok
09:06:20.0913 0x0848 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:06:20.0923 0x0848 SDRSVC - ok
09:06:20.0933 0x0848 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:06:20.0933 0x0848 secdrv - ok
09:06:20.0933 0x0848 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
09:06:20.0933 0x0848 seclogon - ok
09:06:20.0953 0x0848 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
09:06:20.0953 0x0848 SENS - ok
09:06:20.0963 0x0848 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:06:20.0963 0x0848 SensrSvc - ok
09:06:20.0963 0x0848 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
09:06:20.0963 0x0848 Serenum - ok
09:06:20.0973 0x0848 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
09:06:20.0973 0x0848 Serial - ok
09:06:20.0973 0x0848 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
09:06:20.0973 0x0848 sermouse - ok
09:06:20.0983 0x0848 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:06:20.0993 0x0848 SessionEnv - ok
09:06:20.0993 0x0848 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:06:20.0993 0x0848 sffdisk - ok
09:06:21.0003 0x0848 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:06:21.0003 0x0848 sffp_mmc - ok
09:06:21.0013 0x0848 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:06:21.0013 0x0848 sffp_sd - ok
09:06:21.0013 0x0848 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
09:06:21.0013 0x0848 sfloppy - ok
09:06:21.0043 0x0848 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:06:21.0053 0x0848 SharedAccess - ok
09:06:21.0083 0x0848 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:06:21.0093 0x0848 ShellHWDetection - ok
09:06:21.0103 0x0848 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
09:06:21.0103 0x0848 SiSRaid2 - ok
09:06:21.0103 0x0848 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
09:06:21.0113 0x0848 SiSRaid4 - ok
09:06:21.0113 0x0848 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:06:21.0113 0x0848 Smb - ok
09:06:21.0123 0x0848 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:06:21.0123 0x0848 SNMPTRAP - ok
09:06:21.0123 0x0848 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:06:21.0133 0x0848 spldr - ok
09:06:21.0153 0x0848 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:06:21.0173 0x0848 Spooler - ok
09:06:21.0313 0x0848 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:06:21.0443 0x0848 sppsvc - ok
09:06:21.0453 0x0848 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:06:21.0463 0x0848 sppuinotify - ok
09:06:21.0489 0x0848 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:06:21.0507 0x0848 srv - ok
09:06:21.0529 0x0848 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:06:21.0542 0x0848 srv2 - ok
09:06:21.0553 0x0848 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:06:21.0559 0x0848 srvnet - ok
09:06:21.0572 0x0848 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:06:21.0581 0x0848 SSDPSRV - ok
09:06:21.0595 0x0848 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:06:21.0600 0x0848 SstpSvc - ok
09:06:21.0612 0x0848 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
09:06:21.0619 0x0848 ssudmdm - ok
09:06:21.0638 0x0848 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
09:06:21.0640 0x0848 stexstor - ok
09:06:21.0679 0x0848 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:06:21.0702 0x0848 stisvc - ok
09:06:21.0731 0x0848 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:06:21.0733 0x0848 storflt - ok
09:06:21.0740 0x0848 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
09:06:21.0743 0x0848 StorSvc - ok
09:06:21.0749 0x0848 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:06:21.0751 0x0848 storvsc - ok
09:06:21.0755 0x0848 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:06:21.0756 0x0848 swenum - ok
09:06:21.0782 0x0848 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:06:21.0802 0x0848 swprv - ok
09:06:21.0884 0x0848 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
09:06:21.0945 0x0848 SysMain - ok
09:06:21.0957 0x0848 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:06:21.0963 0x0848 TabletInputService - ok
09:06:22.0038 0x0848 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:06:22.0094 0x0848 TapiSrv - ok
09:06:22.0101 0x0848 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:06:22.0106 0x0848 TBS - ok
09:06:22.0234 0x0848 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:06:22.0329 0x0848 Tcpip - ok
09:06:22.0407 0x0848 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:06:22.0465 0x0848 TCPIP6 - ok
09:06:22.0477 0x0848 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:06:22.0479 0x0848 tcpipreg - ok
09:06:22.0537 0x0848 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:06:22.0538 0x0848 TDPIPE - ok
09:06:22.0543 0x0848 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:06:22.0545 0x0848 TDTCP - ok
09:06:22.0555 0x0848 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:06:22.0559 0x0848 tdx - ok
09:06:22.0567 0x0848 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:06:22.0570 0x0848 TermDD - ok
09:06:22.0621 0x0848 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
09:06:22.0646 0x0848 TermService - ok
09:06:22.0653 0x0848 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:06:22.0658 0x0848 Themes - ok
09:06:22.0673 0x0848 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:06:22.0677 0x0848 THREADORDER - ok
09:06:22.0684 0x0848 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
09:06:22.0688 0x0848 TPM - ok
09:06:22.0724 0x0848 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:06:22.0730 0x0848 TrkWks - ok
09:06:22.0746 0x0848 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:06:22.0751 0x0848 TrustedInstaller - ok
09:06:22.0768 0x0848 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:06:22.0770 0x0848 tssecsrv - ok
09:06:22.0776 0x0848 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:06:22.0779 0x0848 TsUsbFlt - ok
09:06:22.0784 0x0848 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
09:06:22.0786 0x0848 TsUsbGD - ok
09:06:22.0796 0x0848 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:06:22.0801 0x0848 tunnel - ok
09:06:22.0807 0x0848 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
09:06:22.0809 0x0848 uagp35 - ok
09:06:22.0835 0x0848 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:06:22.0848 0x0848 udfs - ok
09:06:22.0858 0x0848 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:06:22.0862 0x0848 UI0Detect - ok
09:06:22.0870 0x0848 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:06:22.0873 0x0848 uliagpkx - ok
09:06:22.0880 0x0848 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:06:22.0882 0x0848 umbus - ok
09:06:22.0885 0x0848 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
09:06:22.0886 0x0848 UmPass - ok
09:06:22.0896 0x0848 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
09:06:22.0903 0x0848 UmRdpService - ok
09:06:23.0034 0x0848 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:06:23.0116 0x0848 UNS - ok
09:06:23.0144 0x0848 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:06:23.0158 0x0848 upnphost - ok
09:06:23.0167 0x0848 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
09:06:23.0170 0x0848 USBAAPL64 - ok
09:06:23.0180 0x0848 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:06:23.0184 0x0848 usbccgp - ok
09:06:23.0194 0x0848 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:06:23.0199 0x0848 usbcir - ok
09:06:23.0205 0x0848 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:06:23.0208 0x0848 usbehci - ok
09:06:23.0231 0x0848 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:06:23.0246 0x0848 usbhub - ok
09:06:23.0252 0x0848 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
09:06:23.0253 0x0848 usbohci - ok
09:06:23.0257 0x0848 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
09:06:23.0259 0x0848 usbprint - ok
09:06:23.0273 0x0848 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:06:23.0276 0x0848 USBSTOR - ok
09:06:23.0280 0x0848 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:06:23.0282 0x0848 usbuhci - ok
09:06:23.0286 0x0848 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:06:23.0289 0x0848 UxSms - ok
09:06:23.0293 0x0848 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc C:\Windows\system32\lsass.exe
09:06:23.0295 0x0848 VaultSvc - ok
09:06:23.0300 0x0848 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:06:23.0302 0x0848 vdrvroot - ok
09:06:23.0333 0x0848 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:06:23.0367 0x0848 vds - ok
09:06:23.0382 0x0848 [ 85256DA6FDBD6B16C526C858F2DA8BF0, A275B61917EAE7C5410078EFDC31371DBAED8EC11F3C7BD18568FEE9A78E2F77 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
09:06:23.0386 0x0848 VFPRadioSupportService - ok
09:06:23.0390 0x0848 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:06:23.0391 0x0848 vga - ok
09:06:23.0396 0x0848 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:06:23.0397 0x0848 VgaSave - ok
09:06:23.0410 0x0848 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:06:23.0418 0x0848 vhdmp - ok
09:06:23.0422 0x0848 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:06:23.0424 0x0848 viaide - ok
09:06:23.0435 0x0848 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:06:23.0441 0x0848 vmbus - ok
09:06:23.0446 0x0848 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:06:23.0447 0x0848 VMBusHID - ok
09:06:23.0454 0x0848 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:06:23.0457 0x0848 volmgr - ok
09:06:23.0478 0x0848 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:06:23.0490 0x0848 volmgrx - ok
09:06:23.0510 0x0848 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:06:23.0520 0x0848 volsnap - ok
09:06:23.0531 0x0848 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
09:06:23.0537 0x0848 vsmraid - ok
09:06:23.0615 0x0848 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:06:23.0722 0x0848 VSS - ok
09:06:23.0730 0x0848 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
09:06:23.0731 0x0848 vwifibus - ok
09:06:23.0766 0x0848 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
09:06:23.0768 0x0848 vwififlt - ok
09:06:23.0783 0x0848 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
09:06:23.0784 0x0848 vwifimp - ok
09:06:23.0811 0x0848 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:06:23.0825 0x0848 W32Time - ok
09:06:23.0830 0x0848 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
09:06:23.0831 0x0848 WacomPen - ok
09:06:23.0838 0x0848 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:06:23.0841 0x0848 WANARP - ok
09:06:23.0845 0x0848 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:06:23.0848 0x0848 Wanarpv6 - ok
09:06:23.0923 0x0848 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:06:23.0987 0x0848 wbengine - ok
09:06:24.0053 0x0848 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:06:24.0060 0x0848 WbioSrvc - ok
09:06:24.0085 0x0848 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:06:24.0119 0x0848 wcncsvc - ok
09:06:24.0124 0x0848 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:06:24.0128 0x0848 WcsPlugInService - ok
09:06:24.0133 0x0848 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
09:06:24.0135 0x0848 Wd - ok
09:06:24.0175 0x0848 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:06:24.0209 0x0848 Wdf01000 - ok
09:06:24.0217 0x0848 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:06:24.0221 0x0848 WdiServiceHost - ok
09:06:24.0228 0x0848 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:06:24.0232 0x0848 WdiSystemHost - ok
09:06:24.0257 0x0848 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
09:06:24.0265 0x0848 WebClient - ok
09:06:24.0290 0x0848 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:06:24.0301 0x0848 Wecsvc - ok
09:06:24.0308 0x0848 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:06:24.0314 0x0848 wercplsupport - ok
09:06:24.0321 0x0848 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:06:24.0327 0x0848 WerSvc - ok
09:06:24.0331 0x0848 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:06:24.0332 0x0848 WfpLwf - ok
09:06:24.0336 0x0848 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:06:24.0338 0x0848 WIMMount - ok
09:06:24.0341 0x0848 WinDefend - ok
09:06:24.0345 0x0848 WinHttpAutoProxySvc - ok
09:06:24.0366 0x0848 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:06:24.0376 0x0848 Winmgmt - ok
09:06:24.0451 0x0848 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
09:06:24.0557 0x0848 WinRM - ok
09:06:24.0591 0x0848 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:06:24.0594 0x0848 WinUsb - ok
09:06:24.0639 0x0848 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:06:24.0690 0x0848 Wlansvc - ok
09:06:24.0700 0x0848 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:06:24.0701 0x0848 WmiAcpi - ok
09:06:24.0716 0x0848 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:06:24.0724 0x0848 wmiApSrv - ok
09:06:24.0733 0x0848 WMPNetworkSvc - ok
09:06:24.0737 0x0848 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:06:24.0740 0x0848 WPCSvc - ok
09:06:24.0749 0x0848 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:06:24.0755 0x0848 WPDBusEnum - ok
09:06:24.0760 0x0848 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:06:24.0761 0x0848 ws2ifsl - ok
09:06:24.0770 0x0848 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
09:06:24.0775 0x0848 wscsvc - ok
09:06:24.0777 0x0848 WSearch - ok
09:06:24.0879 0x0848 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
09:06:24.0996 0x0848 wuauserv - ok
09:06:25.0005 0x0848 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:06:25.0008 0x0848 WudfPf - ok
09:06:25.0030 0x0848 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:06:25.0052 0x0848 WUDFRd - ok
09:06:25.0072 0x0848 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:06:25.0091 0x0848 wudfsvc - ok
09:06:25.0117 0x0848 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:06:25.0127 0x0848 WwanSvc - ok
09:06:25.0142 0x0848 ================ Scan global ===============================
09:06:25.0146 0x0848 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:06:25.0158 0x0848 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
09:06:25.0171 0x0848 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
09:06:25.0180 0x0848 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:06:25.0196 0x0848 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:06:25.0208 0x0848 [ Global ] - ok
09:06:25.0209 0x0848 ================ Scan MBR ==================================
|
|
03.12.2016, 17:53
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnetZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2016, 20:27
| #9 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Sorry, anbei der Logfile von TDSS richtig eingestellt: Code:
ATTFilter 20:24:04.0582 0x0300 TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
20:24:08.0202 0x0300 ============================================================
20:24:08.0202 0x0300 Current date / time: 2016/12/03 20:24:08.0202
20:24:08.0202 0x0300 SystemInfo:
20:24:08.0202 0x0300
20:24:08.0202 0x0300 OS Version: 6.1.7601 ServicePack: 1.0
20:24:08.0202 0x0300 Product type: Workstation
20:24:08.0202 0x0300 ComputerName: SKLAVE15
20:24:08.0202 0x0300 UserName: spülmeisterw
20:24:08.0202 0x0300 Windows directory: C:\Windows
20:24:08.0202 0x0300 System windows directory: C:\Windows
20:24:08.0202 0x0300 Running under WOW64
20:24:08.0202 0x0300 Processor architecture: Intel x64
20:24:08.0202 0x0300 Number of processors: 4
20:24:08.0202 0x0300 Page size: 0x1000
20:24:08.0202 0x0300 Boot type: Normal boot
20:24:08.0202 0x0300 CodeIntegrityOptions = 0x00000001
20:24:08.0202 0x0300 ============================================================
20:24:14.0068 0x0300 KLMD registered as C:\Windows\system32\drivers\87839443.sys
20:24:14.0068 0x0300 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23564, osProperties = 0x1
20:24:14.0240 0x0300 System UUID: {C29C9170-82EF-887C-2D72-9D562C3FF378}
20:24:14.0817 0x0300 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000048
20:24:14.0817 0x0300 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:24:14.0926 0x0300 Drive \Device\Harddisk1\DR1 - Size: 0x75E00000 ( 1.84 Gb ), SectorSize: 0x200, Cylinders: 0xF0, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:24:14.0926 0x0300 ============================================================
20:24:14.0926 0x0300 \Device\Harddisk1\DR1:
20:24:14.0926 0x0300 MBR partitions:
20:24:14.0926 0x0300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
20:24:14.0926 0x0300 \Device\Harddisk0\DR0:
20:24:14.0926 0x0300 MBR partitions:
20:24:14.0926 0x0300 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x790800, BlocksNum 0xEF36000
20:24:14.0926 0x0300 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xF6C7000, BlocksNum 0x2ACBE800
20:24:14.0926 0x0300 \Device\Harddisk1\DR1:
20:24:14.0926 0x0300 MBR partitions:
20:24:14.0926 0x0300 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x87, BlocksNum 0x3AE039
20:24:14.0926 0x0300 ============================================================
20:24:14.0926 0x0300 C: <-> \Device\Harddisk0\DR0\Partition1
20:24:14.0926 0x0300 Z: <-> \Device\Harddisk0\DR0\Partition2
20:24:14.0926 0x0300 ============================================================
20:24:14.0926 0x0300 Initialize success
20:24:14.0926 0x0300 ============================================================
20:24:23.0958 0x0b30 ============================================================
20:24:23.0958 0x0b30 Scan started
20:24:23.0958 0x0b30 Mode: Manual; SigCheck; TDLFS;
20:24:23.0958 0x0b30 ============================================================
20:24:23.0958 0x0b30 KSN ping started
20:24:26.0252 0x0b30 KSN ping finished: true
20:24:27.0906 0x0b30 ================ Scan system memory ========================
20:24:27.0906 0x0b30 System memory - ok
20:24:27.0906 0x0b30 ================ Scan services =============================
20:24:28.0062 0x0b30 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:24:28.0125 0x0b30 1394ohci - ok
20:24:28.0156 0x0b30 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:24:28.0171 0x0b30 ACPI - ok
20:24:28.0187 0x0b30 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:24:28.0218 0x0b30 AcpiPmi - ok
20:24:28.0249 0x0b30 [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:24:28.0265 0x0b30 AdobeARMservice - ok
20:24:28.0452 0x0b30 [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:24:28.0483 0x0b30 AdobeFlashPlayerUpdateSvc - ok
20:24:28.0515 0x0b30 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:24:28.0546 0x0b30 adp94xx - ok
20:24:28.0577 0x0b30 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:24:28.0593 0x0b30 adpahci - ok
20:24:28.0608 0x0b30 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:24:28.0624 0x0b30 adpu320 - ok
20:24:28.0624 0x0b30 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:24:28.0639 0x0b30 AeLookupSvc - ok
20:24:28.0702 0x0b30 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
20:24:28.0733 0x0b30 AFD - ok
20:24:28.0795 0x0b30 [ 98022774D9930ECBB292E70DB7601DF6, BE64A40B9BE997D73C0FC14D97E204C9D886EDA07EC4C9391A70CE477084E5F1 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
20:24:28.0858 0x0b30 AgereSoftModem - ok
20:24:28.0858 0x0b30 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:24:28.0873 0x0b30 agp440 - ok
20:24:28.0873 0x0b30 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:24:28.0905 0x0b30 ALG - ok
20:24:28.0936 0x0b30 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:24:28.0951 0x0b30 aliide - ok
20:24:28.0951 0x0b30 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:24:28.0967 0x0b30 amdide - ok
20:24:28.0983 0x0b30 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:24:28.0998 0x0b30 AmdK8 - ok
20:24:28.0998 0x0b30 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:24:29.0014 0x0b30 AmdPPM - ok
20:24:29.0029 0x0b30 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:24:29.0045 0x0b30 amdsata - ok
20:24:29.0092 0x0b30 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:24:29.0107 0x0b30 amdsbs - ok
20:24:29.0107 0x0b30 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:24:29.0123 0x0b30 amdxata - ok
20:24:29.0154 0x0b30 [ 7ECE1575A7258906C2DEF7E219002B50, D5E989138BE5F46130F9786D09DF874B34CA52FB5C8D2AF41175405DB28FE5E2 ] androidusb C:\Windows\system32\Drivers\smdadb.sys
20:24:29.0185 0x0b30 androidusb - ok
20:24:29.0201 0x0b30 [ 8B73FEE96B60EE597CBCAA735A842A36, AB3FC01FEC62AC115EC766770D8694DEDA2FF2286E0199DC238ABF2493EC1A22 ] AppID C:\Windows\system32\drivers\appid.sys
20:24:29.0217 0x0b30 AppID - ok
20:24:29.0232 0x0b30 [ F5800413C0DF45C2CA15FD3ACBB1365F, 741E09EED0FF0152B59704729BD700E7D7A671C88F0708884AAB7A56ECCBD8AB ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:24:29.0248 0x0b30 AppIDSvc - ok
20:24:29.0248 0x0b30 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
20:24:29.0279 0x0b30 Appinfo - ok
20:24:29.0310 0x0b30 [ 885888F8AAD89108A5EE2D0174690220, 9B148C117EBE400F40BF7F32B66B20AA4628BA9E233D707DFA2EB4A8A65E7C52 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:24:29.0310 0x0b30 Apple Mobile Device Service - ok
20:24:29.0341 0x0b30 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
20:24:29.0388 0x0b30 AppMgmt - ok
20:24:29.0404 0x0b30 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:24:29.0419 0x0b30 arc - ok
20:24:29.0419 0x0b30 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:24:29.0435 0x0b30 arcsas - ok
20:24:29.0466 0x0b30 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:24:29.0482 0x0b30 aspnet_state - ok
20:24:29.0482 0x0b30 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:24:29.0591 0x0b30 AsyncMac - ok
20:24:29.0607 0x0b30 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:24:29.0607 0x0b30 atapi - ok
20:24:29.0669 0x0b30 [ 0ACC06FCF46F64ED4F11E57EE461C1F4, F2AB7198C7F7D36AB1D6D03C1FEFD929ED402002AC835B909FC14938BC0EE24B ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:24:29.0778 0x0b30 athr - ok
20:24:29.0809 0x0b30 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:24:29.0856 0x0b30 AudioEndpointBuilder - ok
20:24:29.0887 0x0b30 [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:24:29.0903 0x0b30 AudioSrv - ok
20:24:29.0919 0x0b30 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:24:30.0012 0x0b30 AxInstSV - ok
20:24:30.0059 0x0b30 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:24:30.0075 0x0b30 b06bdrv - ok
20:24:30.0106 0x0b30 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:24:30.0153 0x0b30 b57nd60a - ok
20:24:30.0168 0x0b30 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:24:30.0184 0x0b30 BDESVC - ok
20:24:30.0184 0x0b30 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:24:30.0246 0x0b30 Beep - ok
20:24:30.0324 0x0b30 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:24:30.0355 0x0b30 BFE - ok
20:24:30.0402 0x0b30 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:24:30.0683 0x0b30 BITS - ok
20:24:30.0699 0x0b30 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:24:30.0714 0x0b30 blbdrive - ok
20:24:30.0730 0x0b30 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:24:30.0761 0x0b30 Bonjour Service - ok
20:24:30.0777 0x0b30 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:24:30.0792 0x0b30 bowser - ok
20:24:30.0792 0x0b30 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:24:30.0808 0x0b30 BrFiltLo - ok
20:24:30.0823 0x0b30 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:24:30.0839 0x0b30 BrFiltUp - ok
20:24:30.0855 0x0b30 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:24:30.0870 0x0b30 Browser - ok
20:24:30.0886 0x0b30 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:24:30.0901 0x0b30 Brserid - ok
20:24:30.0917 0x0b30 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:24:30.0933 0x0b30 BrSerWdm - ok
20:24:30.0933 0x0b30 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:24:30.0948 0x0b30 BrUsbMdm - ok
20:24:30.0964 0x0b30 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:24:30.0979 0x0b30 BrUsbSer - ok
20:24:30.0979 0x0b30 [ 7649BE609E29B31188C3B04D2B95948F, 7377C3441B7EACE58C84ACFBC14AB77393544949045B8594B7813EDB6EA9C653 ] BthAvrcp C:\Windows\system32\drivers\BthAvrcp.sys
20:24:30.0995 0x0b30 BthAvrcp - ok
20:24:30.0995 0x0b30 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
20:24:31.0026 0x0b30 BTHMODEM - ok
20:24:31.0042 0x0b30 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:24:31.0073 0x0b30 bthserv - ok
20:24:31.0089 0x0b30 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:24:31.0135 0x0b30 cdfs - ok
20:24:31.0151 0x0b30 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:24:31.0167 0x0b30 cdrom - ok
20:24:31.0182 0x0b30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:24:31.0213 0x0b30 CertPropSvc - ok
20:24:31.0213 0x0b30 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:24:31.0245 0x0b30 circlass - ok
20:24:31.0276 0x0b30 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:24:31.0291 0x0b30 CLFS - ok
20:24:31.0307 0x0b30 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:24:31.0323 0x0b30 clr_optimization_v2.0.50727_32 - ok
20:24:31.0338 0x0b30 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:24:31.0354 0x0b30 clr_optimization_v2.0.50727_64 - ok
20:24:31.0385 0x0b30 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:24:31.0432 0x0b30 clr_optimization_v4.0.30319_32 - ok
20:24:31.0447 0x0b30 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:24:31.0479 0x0b30 clr_optimization_v4.0.30319_64 - ok
20:24:31.0479 0x0b30 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:24:31.0494 0x0b30 CmBatt - ok
20:24:31.0510 0x0b30 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:24:31.0510 0x0b30 cmdide - ok
20:24:31.0588 0x0b30 [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG C:\Windows\system32\Drivers\cng.sys
20:24:31.0635 0x0b30 CNG - ok
20:24:31.0635 0x0b30 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:24:31.0650 0x0b30 Compbatt - ok
20:24:31.0650 0x0b30 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:24:31.0666 0x0b30 CompositeBus - ok
20:24:31.0666 0x0b30 COMSysApp - ok
20:24:31.0681 0x0b30 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:24:31.0697 0x0b30 crcdisk - ok
20:24:31.0713 0x0b30 [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:24:31.0744 0x0b30 CryptSvc - ok
20:24:31.0822 0x0b30 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
20:24:31.0853 0x0b30 CSC - ok
20:24:31.0962 0x0b30 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
20:24:32.0025 0x0b30 CscService - ok
20:24:32.0071 0x0b30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:24:32.0118 0x0b30 DcomLaunch - ok
20:24:32.0181 0x0b30 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:24:32.0260 0x0b30 defragsvc - ok
20:24:32.0275 0x0b30 [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:24:32.0291 0x0b30 DfsC - ok
20:24:32.0306 0x0b30 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:24:32.0322 0x0b30 dg_ssudbus - ok
20:24:32.0338 0x0b30 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:24:32.0353 0x0b30 Dhcp - ok
20:24:32.0431 0x0b30 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
20:24:32.0478 0x0b30 DiagTrack - ok
20:24:32.0494 0x0b30 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:24:32.0525 0x0b30 discache - ok
20:24:32.0540 0x0b30 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:24:32.0540 0x0b30 Disk - ok
20:24:32.0556 0x0b30 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
20:24:32.0556 0x0b30 dmvsc - ok
20:24:32.0572 0x0b30 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:24:32.0587 0x0b30 Dnscache - ok
20:24:32.0603 0x0b30 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:24:32.0650 0x0b30 dot3svc - ok
20:24:32.0665 0x0b30 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:24:32.0696 0x0b30 DPS - ok
20:24:32.0712 0x0b30 [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:24:32.0728 0x0b30 drmkaud - ok
20:24:32.0774 0x0b30 [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:24:32.0821 0x0b30 DXGKrnl - ok
20:24:32.0837 0x0b30 [ 52A482DC61F24B498C8268866B90BB44, C3D01124E4544B54474BCEF4971D1AEE64F6AEA4BE65B9C4916047FB1F948D2F ] e1kexpress C:\Windows\system32\DRIVERS\e1k62x64.sys
20:24:32.0852 0x0b30 e1kexpress - ok
20:24:32.0868 0x0b30 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:24:32.0915 0x0b30 EapHost - ok
20:24:33.0040 0x0b30 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:24:33.0180 0x0b30 ebdrv - ok
20:24:33.0180 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] EFS C:\Windows\System32\lsass.exe
20:24:33.0196 0x0b30 EFS - ok
20:24:33.0242 0x0b30 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:24:33.0274 0x0b30 ehRecvr - ok
20:24:33.0289 0x0b30 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:24:33.0305 0x0b30 ehSched - ok
20:24:33.0398 0x0b30 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:24:33.0430 0x0b30 elxstor - ok
20:24:33.0430 0x0b30 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:24:33.0445 0x0b30 ErrDev - ok
20:24:33.0476 0x0b30 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:24:33.0554 0x0b30 EventSystem - ok
20:24:33.0570 0x0b30 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:24:33.0617 0x0b30 exfat - ok
20:24:33.0617 0x0b30 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:24:33.0664 0x0b30 fastfat - ok
20:24:33.0804 0x0b30 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:24:33.0835 0x0b30 Fax - ok
20:24:33.0835 0x0b30 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:24:33.0851 0x0b30 fdc - ok
20:24:33.0866 0x0b30 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:24:33.0913 0x0b30 fdPHost - ok
20:24:33.0929 0x0b30 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:24:33.0960 0x0b30 FDResPub - ok
20:24:33.0976 0x0b30 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:24:33.0991 0x0b30 FileInfo - ok
20:24:33.0991 0x0b30 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:24:34.0038 0x0b30 Filetrace - ok
20:24:34.0038 0x0b30 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:24:34.0054 0x0b30 flpydisk - ok
20:24:34.0069 0x0b30 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:24:34.0085 0x0b30 FltMgr - ok
20:24:34.0147 0x0b30 [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache C:\Windows\system32\FntCache.dll
20:24:34.0194 0x0b30 FontCache - ok
20:24:34.0210 0x0b30 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:24:34.0225 0x0b30 FontCache3.0.0.0 - ok
20:24:34.0225 0x0b30 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:24:34.0241 0x0b30 FsDepends - ok
20:24:34.0256 0x0b30 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:24:34.0256 0x0b30 Fs_Rec - ok
20:24:34.0272 0x0b30 [ D104388C79C88E250027B3536A5CD2A9, F8511AEF1E994BD5E96A56F99F99FBE0801C92691E7FB23A2A7CF7E3A6BE32AB ] FUJ02B1 C:\Windows\system32\DRIVERS\FUJ02B1.sys
20:24:34.0288 0x0b30 FUJ02B1 - ok
20:24:34.0303 0x0b30 [ 7135030CBF87D724B6037BB023923730, 1F6D9A7D7033226507DEDD53CB686C0F3CDC15FD7E77DBC5263256E8EB541E4E ] FUJ02E3 C:\Windows\system32\drivers\FUJ02E3.sys
20:24:34.0303 0x0b30 FUJ02E3 - ok
20:24:34.0319 0x0b30 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:24:34.0334 0x0b30 fvevol - ok
20:24:34.0350 0x0b30 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:24:34.0366 0x0b30 gagp30kx - ok
20:24:34.0366 0x0b30 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:24:34.0381 0x0b30 GEARAspiWDM - ok
20:24:34.0412 0x0b30 [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
20:24:34.0444 0x0b30 gpsvc - ok
20:24:34.0475 0x0b30 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:34.0490 0x0b30 gupdate - ok
20:24:34.0506 0x0b30 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:24:34.0506 0x0b30 gupdatem - ok
20:24:34.0522 0x0b30 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:24:34.0537 0x0b30 hcw85cir - ok
20:24:34.0553 0x0b30 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:24:34.0584 0x0b30 HdAudAddService - ok
20:24:34.0584 0x0b30 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:24:34.0600 0x0b30 HDAudBus - ok
20:24:34.0615 0x0b30 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\drivers\HECIx64.sys
20:24:34.0615 0x0b30 HECIx64 - ok
20:24:34.0631 0x0b30 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:24:34.0646 0x0b30 HidBatt - ok
20:24:34.0646 0x0b30 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:24:34.0678 0x0b30 HidBth - ok
20:24:34.0693 0x0b30 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:24:34.0709 0x0b30 HidIr - ok
20:24:34.0724 0x0b30 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:24:34.0756 0x0b30 hidserv - ok
20:24:34.0756 0x0b30 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:24:34.0771 0x0b30 HidUsb - ok
20:24:34.0787 0x0b30 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:24:34.0834 0x0b30 hkmsvc - ok
20:24:34.0849 0x0b30 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:24:34.0865 0x0b30 HomeGroupListener - ok
20:24:34.0880 0x0b30 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:24:34.0896 0x0b30 HomeGroupProvider - ok
20:24:34.0896 0x0b30 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:24:34.0912 0x0b30 HpSAMD - ok
20:24:34.0958 0x0b30 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:24:34.0990 0x0b30 HTTP - ok
20:24:34.0990 0x0b30 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:24:35.0005 0x0b30 hwpolicy - ok
20:24:35.0021 0x0b30 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:24:35.0036 0x0b30 i8042prt - ok
20:24:35.0099 0x0b30 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:24:35.0130 0x0b30 iaStorV - ok
20:24:35.0224 0x0b30 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:24:35.0270 0x0b30 idsvc - ok
20:24:35.0270 0x0b30 IEEtwCollectorService - ok
20:24:36.0082 0x0b30 [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:24:36.0643 0x0b30 igfx - ok
20:24:36.0659 0x0b30 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:24:36.0674 0x0b30 iirsp - ok
20:24:36.0721 0x0b30 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:24:36.0752 0x0b30 IKEEXT - ok
20:24:36.0768 0x0b30 [ 36FDF367A1DABFF903E2214023D71368, 60468692C1D048428AF25ED87DE23DAE756C7BA2B6CF6AF5EFD2E53C80F5FC68 ] Impcd C:\Windows\system32\drivers\Impcd.sys
20:24:36.0784 0x0b30 Impcd - detected UnsignedFile.Multi.Generic ( 1 )
20:24:37.0002 0x0b30 Detect skipped due to KSN trusted
20:24:37.0002 0x0b30 Impcd - ok
20:24:37.0158 0x0b30 [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:24:37.0220 0x0b30 IntcAzAudAddService - ok
20:24:37.0236 0x0b30 [ D248AAE81C156C0D47A77CD61BC24CD4, 0601FD06C85C5ADA8EE32A195FC4FB53F76E7E46E5504DE925E4292AF1D5C4B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:24:37.0236 0x0b30 IntcDAud - detected UnsignedFile.Multi.Generic ( 1 )
20:24:37.0470 0x0b30 Detect skipped due to KSN trusted
20:24:37.0470 0x0b30 IntcDAud - ok
20:24:37.0470 0x0b30 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:24:37.0501 0x0b30 intelide - ok
20:24:37.0501 0x0b30 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:24:37.0532 0x0b30 intelppm - ok
20:24:37.0532 0x0b30 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:24:37.0579 0x0b30 IPBusEnum - ok
20:24:37.0595 0x0b30 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:24:37.0626 0x0b30 IpFilterDriver - ok
20:24:37.0657 0x0b30 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:24:37.0688 0x0b30 iphlpsvc - ok
20:24:37.0704 0x0b30 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:24:37.0720 0x0b30 IPMIDRV - ok
20:24:37.0735 0x0b30 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:24:37.0782 0x0b30 IPNAT - ok
20:24:37.0813 0x0b30 [ 16A6D49E7698FC6F1730D3FF9F5561A8, 860D2601BA3A71C81A6B21F4D92A5E9C47772C9DE0F047D49000FA4A484D7932 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:24:37.0860 0x0b30 iPod Service - ok
20:24:37.0860 0x0b30 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:24:37.0876 0x0b30 IRENUM - ok
20:24:37.0891 0x0b30 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:24:37.0907 0x0b30 isapnp - ok
20:24:37.0922 0x0b30 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:24:37.0938 0x0b30 iScsiPrt - ok
20:24:37.0954 0x0b30 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:24:37.0969 0x0b30 kbdclass - ok
20:24:37.0969 0x0b30 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:24:38.0000 0x0b30 kbdhid - ok
20:24:38.0000 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] KeyIso C:\Windows\system32\lsass.exe
20:24:38.0016 0x0b30 KeyIso - ok
20:24:38.0032 0x0b30 [ CF11CC2B73D5155533C67354F9188E09, D59C30B9651F8E0952DFF34A010BC60A1D27AE10F5705C54424BF6BB7ADF9F62 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:24:38.0047 0x0b30 KSecDD - ok
20:24:38.0063 0x0b30 [ 2E56D51B184EFB8E353B7AF446299DC8, CE7AAFF89F3A0BFE191DE90430A04C7FB899F5CF3B704AA5A96F47D5F37192B2 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:24:38.0078 0x0b30 KSecPkg - ok
20:24:38.0078 0x0b30 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:24:38.0125 0x0b30 ksthunk - ok
20:24:38.0141 0x0b30 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:24:38.0188 0x0b30 KtmRm - ok
20:24:38.0219 0x0b30 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:24:38.0297 0x0b30 LanmanServer - ok
20:24:38.0297 0x0b30 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:24:38.0359 0x0b30 LanmanWorkstation - ok
20:24:38.0359 0x0b30 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:24:38.0406 0x0b30 lltdio - ok
20:24:38.0437 0x0b30 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:24:38.0484 0x0b30 lltdsvc - ok
20:24:38.0484 0x0b30 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:24:38.0546 0x0b30 lmhosts - ok
20:24:38.0562 0x0b30 [ A1C148801B4AF64847AEB9F3AD9594EF, FF6ED89EA47DF74C33CD8BFAC48FAED1B979348ABA6B6D94EE07CBD21810F37B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:24:38.0578 0x0b30 LMS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:38.0796 0x0b30 Detect skipped due to KSN trusted
20:24:38.0796 0x0b30 LMS - ok
20:24:38.0796 0x0b30 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:24:38.0812 0x0b30 LSI_FC - ok
20:24:38.0827 0x0b30 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:24:38.0827 0x0b30 LSI_SAS - ok
20:24:38.0843 0x0b30 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:24:38.0858 0x0b30 LSI_SAS2 - ok
20:24:38.0874 0x0b30 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:24:38.0874 0x0b30 LSI_SCSI - ok
20:24:38.0890 0x0b30 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:24:38.0936 0x0b30 luafv - ok
20:24:38.0936 0x0b30 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:24:38.0952 0x0b30 Mcx2Svc - ok
20:24:38.0968 0x0b30 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:24:38.0968 0x0b30 megasas - ok
20:24:39.0014 0x0b30 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:24:39.0030 0x0b30 MegaSR - ok
20:24:39.0046 0x0b30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:24:39.0077 0x0b30 MMCSS - ok
20:24:39.0092 0x0b30 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:24:39.0124 0x0b30 Modem - ok
20:24:39.0139 0x0b30 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:24:39.0155 0x0b30 monitor - ok
20:24:39.0155 0x0b30 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:24:39.0170 0x0b30 mouclass - ok
20:24:39.0170 0x0b30 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\drivers\mouhid.sys
20:24:39.0186 0x0b30 mouhid - ok
20:24:39.0202 0x0b30 [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:24:39.0202 0x0b30 mountmgr - ok
20:24:39.0217 0x0b30 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:24:39.0233 0x0b30 MozillaMaintenance - ok
20:24:39.0248 0x0b30 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:24:39.0264 0x0b30 mpio - ok
20:24:39.0264 0x0b30 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:24:39.0311 0x0b30 mpsdrv - ok
20:24:39.0342 0x0b30 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:24:39.0404 0x0b30 MpsSvc - ok
20:24:39.0420 0x0b30 [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:24:39.0436 0x0b30 MRxDAV - ok
20:24:39.0451 0x0b30 [ FCA01B0C70DAE9BE557577E719469D17, F9868B7B50EF6323BF6690F087A83928A1E82B96A19B27F344E10BF11E520C32 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:24:39.0467 0x0b30 mrxsmb - ok
20:24:39.0482 0x0b30 [ 386BE96797C5B480AD31E8B50CEE337C, 88E826F42BEB38CAA7C84AE6ED4D8EBC4D382A8A37CF9F7B8517B297F168F1B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:24:39.0514 0x0b30 mrxsmb10 - ok
20:24:39.0529 0x0b30 [ 841474CF2EB14F826038FBCC7D85B857, 4B1BC8AFDA54D1F16AC2AAB7EDDAE07FBF1E3B65D1658F8901A3E3175AF72800 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:24:39.0545 0x0b30 mrxsmb20 - ok
20:24:39.0560 0x0b30 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:24:39.0560 0x0b30 msahci - ok
20:24:39.0576 0x0b30 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:24:39.0592 0x0b30 msdsm - ok
20:24:39.0607 0x0b30 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:24:39.0623 0x0b30 MSDTC - ok
20:24:39.0638 0x0b30 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:24:39.0701 0x0b30 Msfs - ok
20:24:39.0701 0x0b30 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:24:39.0748 0x0b30 mshidkmdf - ok
20:24:39.0748 0x0b30 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:24:39.0763 0x0b30 msisadrv - ok
20:24:39.0763 0x0b30 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:24:39.0826 0x0b30 MSiSCSI - ok
20:24:39.0826 0x0b30 msiserver - ok
20:24:39.0826 0x0b30 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:24:39.0888 0x0b30 MSKSSRV - ok
20:24:39.0888 0x0b30 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:24:39.0935 0x0b30 MSPCLOCK - ok
20:24:39.0966 0x0b30 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:24:40.0013 0x0b30 MSPQM - ok
20:24:40.0060 0x0b30 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:24:40.0075 0x0b30 MsRPC - ok
20:24:40.0091 0x0b30 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:24:40.0091 0x0b30 mssmbios - ok
20:24:40.0106 0x0b30 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:24:40.0138 0x0b30 MSTEE - ok
20:24:40.0153 0x0b30 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:24:40.0184 0x0b30 MTConfig - ok
20:24:40.0184 0x0b30 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:24:40.0200 0x0b30 Mup - ok
20:24:40.0231 0x0b30 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:24:40.0294 0x0b30 napagent - ok
20:24:40.0309 0x0b30 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:24:40.0340 0x0b30 NativeWifiP - ok
20:24:40.0372 0x0b30 [ 003DDE9E91D324DDD86F11BF580FD627, 733674D5A6246BA2B4DE420AD89FE171ACCEA9EB5FC20F13F688A3910C1AA74C ] NAUpdate C:\Program Files (x86)\Nero\Update\NASvc.exe
20:24:40.0418 0x0b30 NAUpdate - ok
20:24:40.0465 0x0b30 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:24:40.0496 0x0b30 NDIS - ok
20:24:40.0512 0x0b30 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:24:40.0559 0x0b30 NdisCap - ok
20:24:40.0574 0x0b30 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:24:40.0621 0x0b30 NdisTapi - ok
20:24:40.0621 0x0b30 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:24:40.0684 0x0b30 Ndisuio - ok
20:24:40.0699 0x0b30 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:24:40.0746 0x0b30 NdisWan - ok
20:24:40.0746 0x0b30 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:24:40.0793 0x0b30 NDProxy - ok
20:24:40.0840 0x0b30 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
20:24:40.0840 0x0b30 Netaapl - ok
20:24:40.0855 0x0b30 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:24:40.0902 0x0b30 NetBIOS - ok
20:24:40.0918 0x0b30 [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:24:40.0933 0x0b30 NetBT - ok
20:24:40.0933 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] Netlogon C:\Windows\system32\lsass.exe
20:24:40.0949 0x0b30 Netlogon - ok
20:24:40.0964 0x0b30 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:24:41.0011 0x0b30 Netman - ok
20:24:41.0027 0x0b30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0042 0x0b30 NetMsmqActivator - ok
20:24:41.0058 0x0b30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0074 0x0b30 NetPipeActivator - ok
20:24:41.0089 0x0b30 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:24:41.0152 0x0b30 netprofm - ok
20:24:41.0167 0x0b30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0183 0x0b30 NetTcpActivator - ok
20:24:41.0183 0x0b30 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:24:41.0214 0x0b30 NetTcpPortSharing - ok
20:24:41.0214 0x0b30 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:24:41.0230 0x0b30 nfrd960 - ok
20:24:41.0245 0x0b30 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:24:41.0261 0x0b30 NlaSvc - ok
20:24:41.0276 0x0b30 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:24:41.0308 0x0b30 Npfs - ok
20:24:41.0323 0x0b30 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:24:41.0354 0x0b30 nsi - ok
20:24:41.0370 0x0b30 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:24:41.0401 0x0b30 nsiproxy - ok
20:24:41.0479 0x0b30 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:24:41.0542 0x0b30 Ntfs - ok
20:24:41.0557 0x0b30 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:24:41.0604 0x0b30 Null - ok
20:24:41.0620 0x0b30 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:24:41.0635 0x0b30 nvraid - ok
20:24:41.0651 0x0b30 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:24:41.0666 0x0b30 nvstor - ok
20:24:41.0666 0x0b30 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:24:41.0682 0x0b30 nv_agp - ok
20:24:41.0744 0x0b30 [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2Flash C:\Windows\SysWOW64\o2flash.exe
20:24:41.0760 0x0b30 O2Flash - detected UnsignedFile.Multi.Generic ( 1 )
20:24:42.0010 0x0b30 Detect skipped due to KSN trusted
20:24:42.0010 0x0b30 O2Flash - ok
20:24:42.0025 0x0b30 [ AECFF27D5C70F295B09B85EFE3292ED1, 10EE366E4551EE0994B309AC30F5F619B6A4A0A9C8B55943D9FB5FA79A187568 ] O2MDRDR C:\Windows\system32\DRIVERS\o2mdx64.sys
20:24:42.0041 0x0b30 O2MDRDR - ok
20:24:42.0056 0x0b30 [ 3B179A7EFF9EDCC045F5570510C812F6, A4E939E38C27BD4C54A62618688360C06F9E853C43EC5EC038686F5FA31DC9EC ] O2SCBUS C:\Windows\system32\DRIVERS\ozscrx64.sys
20:24:42.0072 0x0b30 O2SCBUS - ok
20:24:42.0072 0x0b30 [ DF014C48015B637790BE3EDDD1384728, 3414A45709F33684945D61191E65163766A18B37CBC9D12CC56968A2A5F06467 ] O2SDRDR C:\Windows\system32\DRIVERS\o2sdx64.sys
20:24:42.0088 0x0b30 O2SDRDR - ok
20:24:42.0088 0x0b30 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:24:42.0103 0x0b30 ohci1394 - ok
20:24:42.0181 0x0b30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:24:42.0212 0x0b30 p2pimsvc - ok
20:24:42.0228 0x0b30 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:24:42.0244 0x0b30 p2psvc - ok
20:24:42.0259 0x0b30 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:24:42.0275 0x0b30 Parport - ok
20:24:42.0290 0x0b30 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:24:42.0290 0x0b30 partmgr - ok
20:24:42.0306 0x0b30 [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
20:24:42.0337 0x0b30 PcaSvc - ok
20:24:42.0353 0x0b30 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:24:42.0353 0x0b30 pci - ok
20:24:42.0368 0x0b30 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:24:42.0384 0x0b30 pciide - ok
20:24:42.0400 0x0b30 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:24:42.0415 0x0b30 pcmcia - ok
20:24:42.0415 0x0b30 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:24:42.0431 0x0b30 pcw - ok
20:24:42.0524 0x0b30 [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:24:42.0556 0x0b30 PEAUTH - ok
20:24:42.0665 0x0b30 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:24:42.0712 0x0b30 PeerDistSvc - ok
20:24:42.0727 0x0b30 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:24:42.0743 0x0b30 PerfHost - ok
20:24:42.0868 0x0b30 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:24:42.0946 0x0b30 pla - ok
20:24:42.0977 0x0b30 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:24:43.0008 0x0b30 PlugPlay - ok
20:24:43.0008 0x0b30 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:24:43.0039 0x0b30 PNRPAutoReg - ok
20:24:43.0055 0x0b30 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:24:43.0070 0x0b30 PNRPsvc - ok
20:24:43.0133 0x0b30 [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:24:43.0164 0x0b30 PolicyAgent - ok
20:24:43.0180 0x0b30 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:24:43.0226 0x0b30 Power - ok
20:24:43.0242 0x0b30 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:24:43.0289 0x0b30 PptpMiniport - ok
20:24:43.0289 0x0b30 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:24:43.0304 0x0b30 Processor - ok
20:24:43.0320 0x0b30 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:24:43.0336 0x0b30 ProfSvc - ok
20:24:43.0336 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:24:43.0351 0x0b30 ProtectedStorage - ok
20:24:43.0351 0x0b30 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:24:43.0398 0x0b30 Psched - ok
20:24:43.0414 0x0b30 [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio C:\Windows\system32\pwdrvio.sys
20:24:43.0429 0x0b30 pwdrvio - ok
20:24:43.0429 0x0b30 [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio C:\Windows\system32\pwdspio.sys
20:24:43.0445 0x0b30 pwdspio - ok
20:24:43.0507 0x0b30 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:24:43.0616 0x0b30 ql2300 - ok
20:24:43.0616 0x0b30 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:24:43.0632 0x0b30 ql40xx - ok
20:24:43.0648 0x0b30 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:24:43.0679 0x0b30 QWAVE - ok
20:24:43.0694 0x0b30 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:24:43.0710 0x0b30 QWAVEdrv - ok
20:24:43.0710 0x0b30 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:24:43.0757 0x0b30 RasAcd - ok
20:24:43.0772 0x0b30 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:24:43.0804 0x0b30 RasAgileVpn - ok
20:24:43.0804 0x0b30 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:24:43.0850 0x0b30 RasAuto - ok
20:24:43.0866 0x0b30 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:24:43.0897 0x0b30 Rasl2tp - ok
20:24:43.0913 0x0b30 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:24:43.0975 0x0b30 RasMan - ok
20:24:43.0975 0x0b30 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:24:44.0022 0x0b30 RasPppoe - ok
20:24:44.0022 0x0b30 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:24:44.0069 0x0b30 RasSstp - ok
20:24:44.0100 0x0b30 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:24:44.0162 0x0b30 rdbss - ok
20:24:44.0162 0x0b30 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:24:44.0209 0x0b30 rdpbus - ok
20:24:44.0209 0x0b30 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:24:44.0256 0x0b30 RDPCDD - ok
20:24:44.0256 0x0b30 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:24:44.0287 0x0b30 RDPDR - ok
20:24:44.0287 0x0b30 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:24:44.0334 0x0b30 RDPENCDD - ok
20:24:44.0334 0x0b30 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:24:44.0381 0x0b30 RDPREFMP - ok
20:24:44.0396 0x0b30 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:24:44.0428 0x0b30 RDPWD - ok
20:24:44.0443 0x0b30 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:24:44.0459 0x0b30 rdyboost - ok
20:24:44.0459 0x0b30 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:24:44.0506 0x0b30 RemoteAccess - ok
20:24:44.0521 0x0b30 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:24:44.0568 0x0b30 RemoteRegistry - ok
20:24:44.0568 0x0b30 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:24:44.0615 0x0b30 RpcEptMapper - ok
20:24:44.0630 0x0b30 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:24:44.0646 0x0b30 RpcLocator - ok
20:24:44.0677 0x0b30 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:24:44.0740 0x0b30 RpcSs - ok
20:24:44.0740 0x0b30 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:24:44.0786 0x0b30 rspndr - ok
20:24:44.0786 0x0b30 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:24:44.0802 0x0b30 s3cap - ok
20:24:44.0802 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] SamSs C:\Windows\system32\lsass.exe
20:24:44.0818 0x0b30 SamSs - ok
20:24:44.0818 0x0b30 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:24:44.0833 0x0b30 sbp2port - ok
20:24:44.0849 0x0b30 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:24:44.0896 0x0b30 SCardSvr - ok
20:24:44.0896 0x0b30 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:24:44.0942 0x0b30 scfilter - ok
20:24:45.0052 0x0b30 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
20:24:45.0130 0x0b30 Schedule - ok
20:24:45.0145 0x0b30 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:24:45.0176 0x0b30 SCPolicySvc - ok
20:24:45.0192 0x0b30 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:24:45.0208 0x0b30 sdbus - ok
20:24:45.0223 0x0b30 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:24:45.0254 0x0b30 SDRSVC - ok
20:24:45.0254 0x0b30 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:24:45.0270 0x0b30 secdrv - ok
20:24:45.0286 0x0b30 [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
20:24:45.0301 0x0b30 seclogon - ok
20:24:45.0301 0x0b30 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:24:45.0332 0x0b30 SENS - ok
20:24:45.0348 0x0b30 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:24:45.0364 0x0b30 SensrSvc - ok
20:24:45.0379 0x0b30 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:24:45.0395 0x0b30 Serenum - ok
20:24:45.0410 0x0b30 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
20:24:45.0426 0x0b30 Serial - ok
20:24:45.0426 0x0b30 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:24:45.0457 0x0b30 sermouse - ok
20:24:45.0457 0x0b30 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:24:45.0504 0x0b30 SessionEnv - ok
20:24:45.0520 0x0b30 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:24:45.0535 0x0b30 sffdisk - ok
20:24:45.0535 0x0b30 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:24:45.0551 0x0b30 sffp_mmc - ok
20:24:45.0566 0x0b30 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:24:45.0582 0x0b30 sffp_sd - ok
20:24:45.0582 0x0b30 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:24:45.0598 0x0b30 sfloppy - ok
20:24:45.0629 0x0b30 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:24:45.0676 0x0b30 SharedAccess - ok
20:24:45.0707 0x0b30 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:24:45.0769 0x0b30 ShellHWDetection - ok
20:24:45.0769 0x0b30 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:24:45.0785 0x0b30 SiSRaid2 - ok
20:24:45.0785 0x0b30 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:24:45.0800 0x0b30 SiSRaid4 - ok
20:24:45.0800 0x0b30 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:24:45.0847 0x0b30 Smb - ok
20:24:45.0847 0x0b30 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:24:45.0863 0x0b30 SNMPTRAP - ok
20:24:45.0863 0x0b30 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:24:45.0878 0x0b30 spldr - ok
20:24:45.0910 0x0b30 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:24:45.0925 0x0b30 Spooler - ok
20:24:46.0128 0x0b30 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:24:46.0253 0x0b30 sppsvc - ok
20:24:46.0268 0x0b30 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:24:46.0300 0x0b30 sppuinotify - ok
20:24:46.0331 0x0b30 [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:24:46.0362 0x0b30 srv - ok
20:24:46.0378 0x0b30 [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:24:46.0409 0x0b30 srv2 - ok
20:24:46.0424 0x0b30 [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:24:46.0440 0x0b30 srvnet - ok
20:24:46.0440 0x0b30 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:24:46.0487 0x0b30 SSDPSRV - ok
20:24:46.0502 0x0b30 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:24:46.0549 0x0b30 SstpSvc - ok
20:24:46.0565 0x0b30 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:24:46.0580 0x0b30 ssudmdm - ok
20:24:46.0596 0x0b30 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:24:46.0596 0x0b30 stexstor - ok
20:24:46.0627 0x0b30 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:24:46.0658 0x0b30 stisvc - ok
20:24:46.0658 0x0b30 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:24:46.0674 0x0b30 storflt - ok
20:24:46.0674 0x0b30 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
20:24:46.0690 0x0b30 StorSvc - ok
20:24:46.0690 0x0b30 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:24:46.0705 0x0b30 storvsc - ok
20:24:46.0705 0x0b30 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:24:46.0721 0x0b30 swenum - ok
20:24:46.0752 0x0b30 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:24:46.0799 0x0b30 swprv - ok
20:24:46.0955 0x0b30 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
20:24:47.0048 0x0b30 SysMain - ok
20:24:47.0064 0x0b30 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:24:47.0080 0x0b30 TabletInputService - ok
20:24:47.0126 0x0b30 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:24:47.0220 0x0b30 TapiSrv - ok
20:24:47.0220 0x0b30 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:24:47.0251 0x0b30 TBS - ok
20:24:47.0345 0x0b30 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:24:47.0438 0x0b30 Tcpip - ok
20:24:47.0579 0x0b30 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:24:47.0657 0x0b30 TCPIP6 - ok
20:24:47.0657 0x0b30 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:24:47.0672 0x0b30 tcpipreg - ok
20:24:47.0688 0x0b30 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:24:47.0688 0x0b30 TDPIPE - ok
20:24:47.0704 0x0b30 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:24:47.0719 0x0b30 TDTCP - ok
20:24:47.0719 0x0b30 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:24:47.0750 0x0b30 tdx - ok
20:24:47.0750 0x0b30 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:24:47.0766 0x0b30 TermDD - ok
20:24:47.0828 0x0b30 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:24:47.0860 0x0b30 TermService - ok
20:24:47.0875 0x0b30 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:24:47.0891 0x0b30 Themes - ok
20:24:47.0891 0x0b30 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:24:47.0938 0x0b30 THREADORDER - ok
20:24:47.0938 0x0b30 [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM C:\Windows\system32\drivers\tpm.sys
20:24:47.0953 0x0b30 TPM - ok
20:24:47.0969 0x0b30 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:24:48.0000 0x0b30 TrkWks - ok
20:24:48.0016 0x0b30 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:24:48.0062 0x0b30 TrustedInstaller - ok
20:24:48.0078 0x0b30 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:24:48.0078 0x0b30 tssecsrv - ok
20:24:48.0094 0x0b30 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:24:48.0109 0x0b30 TsUsbFlt - ok
20:24:48.0109 0x0b30 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:24:48.0125 0x0b30 TsUsbGD - ok
20:24:48.0140 0x0b30 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:24:48.0187 0x0b30 tunnel - ok
20:24:48.0187 0x0b30 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:24:48.0203 0x0b30 uagp35 - ok
20:24:48.0250 0x0b30 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:24:48.0312 0x0b30 udfs - ok
20:24:48.0312 0x0b30 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:24:48.0359 0x0b30 UI0Detect - ok
20:24:48.0359 0x0b30 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:24:48.0374 0x0b30 uliagpkx - ok
20:24:48.0374 0x0b30 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:24:48.0390 0x0b30 umbus - ok
20:24:48.0406 0x0b30 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:24:48.0406 0x0b30 UmPass - ok
20:24:48.0421 0x0b30 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
20:24:48.0437 0x0b30 UmRdpService - ok
20:24:48.0530 0x0b30 [ 41118D920B2B268C0ADC36421248CDCF, 4F99C4913DCFE02B0783FD97F02558E4DD4D7C98553D95A8E26FAAA0C0D67616 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:24:48.0624 0x0b30 UNS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:48.0874 0x0b30 Detect skipped due to KSN trusted
20:24:48.0874 0x0b30 UNS - ok
20:24:48.0889 0x0b30 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:24:48.0952 0x0b30 upnphost - ok
20:24:48.0967 0x0b30 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:24:48.0983 0x0b30 USBAAPL64 - ok
20:24:48.0983 0x0b30 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:24:48.0998 0x0b30 usbccgp - ok
20:24:49.0014 0x0b30 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:24:49.0030 0x0b30 usbcir - ok
20:24:49.0030 0x0b30 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:24:49.0045 0x0b30 usbehci - ok
20:24:49.0076 0x0b30 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:24:49.0092 0x0b30 usbhub - ok
20:24:49.0092 0x0b30 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:24:49.0108 0x0b30 usbohci - ok
20:24:49.0108 0x0b30 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:24:49.0139 0x0b30 usbprint - ok
20:24:49.0139 0x0b30 [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:24:49.0154 0x0b30 USBSTOR - ok
20:24:49.0170 0x0b30 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:24:49.0170 0x0b30 usbuhci - ok
20:24:49.0186 0x0b30 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:24:49.0217 0x0b30 UxSms - ok
20:24:49.0217 0x0b30 [ 0EE3B249D8079D72D4C84B108E99A16F, 453A792CDF2133949EA2E1FFC2373C3CC16895FCAED82A0A403E432ED161DAB9 ] VaultSvc C:\Windows\system32\lsass.exe
20:24:49.0232 0x0b30 VaultSvc - ok
20:24:49.0248 0x0b30 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:24:49.0248 0x0b30 vdrvroot - ok
20:24:49.0279 0x0b30 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:24:49.0357 0x0b30 vds - ok
20:24:49.0373 0x0b30 [ 85256DA6FDBD6B16C526C858F2DA8BF0, A275B61917EAE7C5410078EFDC31371DBAED8EC11F3C7BD18568FEE9A78E2F77 ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
20:24:49.0388 0x0b30 VFPRadioSupportService - ok
20:24:49.0388 0x0b30 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:24:49.0404 0x0b30 vga - ok
20:24:49.0420 0x0b30 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:24:49.0466 0x0b30 VgaSave - ok
20:24:49.0466 0x0b30 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:24:49.0498 0x0b30 vhdmp - ok
20:24:49.0513 0x0b30 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:24:49.0529 0x0b30 viaide - ok
20:24:49.0529 0x0b30 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:24:49.0544 0x0b30 vmbus - ok
20:24:49.0576 0x0b30 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:24:49.0591 0x0b30 VMBusHID - ok
20:24:49.0591 0x0b30 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:24:49.0607 0x0b30 volmgr - ok
20:24:49.0638 0x0b30 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:24:49.0654 0x0b30 volmgrx - ok
20:24:49.0669 0x0b30 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:24:49.0700 0x0b30 volsnap - ok
20:24:49.0700 0x0b30 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:24:49.0716 0x0b30 vsmraid - ok
20:24:49.0841 0x0b30 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:24:49.0934 0x0b30 VSS - ok
20:24:49.0950 0x0b30 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:24:49.0966 0x0b30 vwifibus - ok
20:24:49.0966 0x0b30 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:24:49.0997 0x0b30 vwififlt - ok
20:24:49.0997 0x0b30 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:24:50.0013 0x0b30 vwifimp - ok
20:24:50.0044 0x0b30 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:24:50.0106 0x0b30 W32Time - ok
20:24:50.0122 0x0b30 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:24:50.0137 0x0b30 WacomPen - ok
20:24:50.0153 0x0b30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:24:50.0200 0x0b30 WANARP - ok
20:24:50.0200 0x0b30 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:24:50.0247 0x0b30 Wanarpv6 - ok
20:24:50.0356 0x0b30 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:24:50.0418 0x0b30 wbengine - ok
20:24:50.0449 0x0b30 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:24:50.0465 0x0b30 WbioSrvc - ok
20:24:50.0543 0x0b30 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:24:50.0590 0x0b30 wcncsvc - ok
20:24:50.0590 0x0b30 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:24:50.0605 0x0b30 WcsPlugInService - ok
20:24:50.0621 0x0b30 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:24:50.0637 0x0b30 Wd - ok
20:24:50.0683 0x0b30 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:24:50.0746 0x0b30 Wdf01000 - ok
20:24:50.0746 0x0b30 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:24:50.0761 0x0b30 WdiServiceHost - ok
20:24:50.0761 0x0b30 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:24:50.0777 0x0b30 WdiSystemHost - ok
20:24:50.0824 0x0b30 [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
20:24:50.0839 0x0b30 WebClient - ok
20:24:50.0855 0x0b30 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:24:50.0902 0x0b30 Wecsvc - ok
20:24:50.0917 0x0b30 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:24:50.0949 0x0b30 wercplsupport - ok
20:24:50.0964 0x0b30 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:24:51.0011 0x0b30 WerSvc - ok
20:24:51.0011 0x0b30 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:24:51.0058 0x0b30 WfpLwf - ok
20:24:51.0058 0x0b30 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:24:51.0073 0x0b30 WIMMount - ok
20:24:51.0073 0x0b30 WinDefend - ok
20:24:51.0073 0x0b30 WinHttpAutoProxySvc - ok
20:24:51.0089 0x0b30 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:24:51.0167 0x0b30 Winmgmt - ok
20:24:51.0354 0x0b30 [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
20:24:51.0448 0x0b30 WinRM - ok
20:24:51.0463 0x0b30 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:24:51.0479 0x0b30 WinUsb - ok
20:24:51.0526 0x0b30 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:24:51.0573 0x0b30 Wlansvc - ok
20:24:51.0588 0x0b30 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:24:51.0604 0x0b30 WmiAcpi - ok
20:24:51.0619 0x0b30 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:24:51.0635 0x0b30 wmiApSrv - ok
20:24:51.0635 0x0b30 WMPNetworkSvc - ok
20:24:51.0651 0x0b30 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:24:51.0666 0x0b30 WPCSvc - ok
20:24:51.0682 0x0b30 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:24:51.0697 0x0b30 WPDBusEnum - ok
20:24:51.0697 0x0b30 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:24:51.0744 0x0b30 ws2ifsl - ok
20:24:51.0744 0x0b30 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:24:51.0775 0x0b30 wscsvc - ok
20:24:51.0775 0x0b30 WSearch - ok
20:24:51.0916 0x0b30 [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv C:\Windows\system32\wuaueng.dll
20:24:52.0072 0x0b30 wuauserv - ok
20:24:52.0087 0x0b30 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:24:52.0103 0x0b30 WudfPf - ok
20:24:52.0103 0x0b30 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:24:52.0119 0x0b30 WUDFRd - ok
20:24:52.0134 0x0b30 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:24:52.0150 0x0b30 wudfsvc - ok
20:24:52.0165 0x0b30 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:24:52.0181 0x0b30 WwanSvc - ok
20:24:52.0197 0x0b30 ================ Scan global ===============================
20:24:52.0212 0x0b30 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
20:24:52.0228 0x0b30 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
20:24:52.0243 0x0b30 [ 20EBCFD94E5F9C801354062991E7257B, 9CD497241559A5D6A8C2C77F1109B6D512BFFA8CC154480A3CDC36B7BB68BFAB ] C:\Windows\system32\winsrv.dll
20:24:52.0259 0x0b30 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:24:52.0275 0x0b30 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:24:52.0275 0x0b30 [ Global ] - ok
20:24:52.0275 0x0b30 ================ Scan MBR ==================================
20:24:52.0290 0x0b30 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:24:52.0477 0x0b30 \Device\Harddisk1\DR1 - ok
20:24:52.0477 0x0b30 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:24:52.0758 0x0b30 \Device\Harddisk0\DR0 - ok
20:24:52.0774 0x0b30 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
20:24:52.0945 0x0b30 \Device\Harddisk1\DR1 - ok
20:24:52.0945 0x0b30 ================ Scan VBR ==================================
20:24:52.0961 0x0b30 [ 0C8FDEDF99108652A16AE68D29080DBD ] \Device\Harddisk1\DR1\Partition1
20:24:52.0961 0x0b30 \Device\Harddisk1\DR1\Partition1 - ok
20:24:52.0961 0x0b30 [ 548F7F6F11B5FAE985716C0F23631C41 ] \Device\Harddisk0\DR0\Partition1
20:24:52.0961 0x0b30 \Device\Harddisk0\DR0\Partition1 - ok
20:24:52.0977 0x0b30 [ 1EE2D46B6786FA04DBADB40A803C4BBF ] \Device\Harddisk0\DR0\Partition2
20:24:52.0977 0x0b30 \Device\Harddisk0\DR0\Partition2 - ok
20:24:52.0977 0x0b30 [ 0C8FDEDF99108652A16AE68D29080DBD ] \Device\Harddisk1\DR1\Partition1
20:24:52.0977 0x0b30 \Device\Harddisk1\DR1\Partition1 - ok
20:24:52.0977 0x0b30 ================ Scan generic autorun ======================
20:24:53.0008 0x0b30 [ 7503751126EE9F04996CE4AF38376018, 59BFC1602CDCCE522EEE55698C9F42BCD5326DCD772A6E17667FBAA44CDA7783 ] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
20:24:53.0039 0x0b30 ConMgr - ok
20:24:53.0101 0x0b30 [ 7072C9F5FF9AD41B8C50FF78F3AE5C0E, B1C37466451DA7E87A92265193D217920442D11BD6F6CFF7F5564E33DE98E9F8 ] C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe
20:24:53.0133 0x0b30 CSRSkype - ok
20:24:53.0569 0x0b30 [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
20:24:53.0866 0x0b30 RtHDVCpl - ok
20:24:53.0897 0x0b30 [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe
20:24:53.0897 0x0b30 IgfxTray - ok
20:24:53.0913 0x0b30 [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe
20:24:53.0944 0x0b30 HotKeysCmds - ok
20:24:53.0959 0x0b30 [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe
20:24:53.0975 0x0b30 Persistence - ok
20:24:53.0991 0x0b30 [ 9C3F26DCA9142F16ED3D7EE8AB4E417D, 867AD96CB5738266E5BC93E424EA1673881C5F5FBF19C7B699F800C7206CA929 ] C:\Program Files (x86)\iTunesHelper.exe
20:24:54.0006 0x0b30 iTunesHelper - ok
20:24:54.0006 0x0b30 [ 95323F2CFBB9ACFDC31224090AA6ED3E, B29B7F274E8A89E99C01345D5447F09FE5D901D922FC444784B0044FAB8648D7 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
20:24:54.0022 0x0b30 IMSS - detected UnsignedFile.Multi.Generic ( 1 )
20:24:54.0240 0x0b30 Detect skipped due to KSN trusted
20:24:54.0240 0x0b30 IMSS - ok
20:24:54.0240 0x0b30 [ 30DBD9CB0156FBC5EE9D76E32FCE769D, 861C38DB1F685DDA8F8CC28B0C97F147B2C89599147857A441122DCDC5104AE6 ] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
20:24:54.0240 0x0b30 IndicatorUtility - ok
20:24:54.0256 0x0b30 [ 06E19A109543DDF347762108F08FCFA6, BFAC3DB4276E803C12311585AB01C3792E52EAC3FBA60A24CBDD738D97C3D59A ] C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
20:24:54.0271 0x0b30 Syncios device service - detected UnsignedFile.Multi.Generic ( 1 )
20:24:54.0505 0x0b30 Detect skipped due to KSN trusted
20:24:54.0505 0x0b30 Syncios device service - ok
20:24:54.0521 0x0b30 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
20:24:54.0552 0x0b30 PDFPrint - ok
20:24:54.0568 0x0b30 [ 941FFFA97FB402AE896AB77CA6A6C69B, 1424B7B7E9BC3486FF2AB9BD166E5FB5D1F718654122543E478738C5E32EDC5F ] C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe
20:24:54.0599 0x0b30 FUJ02B1_Apps - ok
20:24:54.0724 0x0b30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:54.0786 0x0b30 Sidebar - ok
20:24:54.0802 0x0b30 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:54.0817 0x0b30 mctadmin - ok
20:24:54.0849 0x0b30 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:24:54.0895 0x0b30 Sidebar - ok
20:24:54.0895 0x0b30 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:24:54.0911 0x0b30 mctadmin - ok
20:24:55.0005 0x0b30 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
20:24:55.0036 0x0b30 SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
20:24:55.0270 0x0b30 Detect skipped due to KSN trusted
20:24:55.0270 0x0b30 SpybotPostWindows10UpgradeReInstall - ok
20:24:55.0270 0x0b30 Waiting for KSN requests completion. In queue: 90
20:24:56.0299 0x0b30 Win FW state via NFP2: enabled ( trusted )
20:24:56.0471 0x0b30 ============================================================
20:24:56.0471 0x0b30 Scan finished
20:24:56.0471 0x0b30 ============================================================
20:24:56.0471 0x0a28 Detected object count: 0
20:24:56.0471 0x0a28 Actual detected object count: 0
20:25:22.0024 0x0828 Deinitialize success
|
|
03.12.2016, 20:52
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnet Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
03.12.2016, 22:10
| #11 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Abend, anbei die entsprechenden Logfiles: Code:
ATTFilter # AdwCleaner v6.040 - Bericht erstellt am 03/12/2016 um 21:57:38
# Aktualisiert am 02/12/2016 von Malwarebytes
# Datenbank : 2016-12-03.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : spülmeisterw - SKLAVE15
# Gestartet von : C:\Users\spülmeisterw\Downloads\adwcleaner_6.040.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\Users\spülmeisterw\AppData\Roaming\RHEng
[-] Ordner gelöscht: C:\Users\schwester_s\AppData\LocalLow\avg web tuneup
[-] Ordner gelöscht: C:\ProgramData\AVG Security Toolbar
[#] Ordner mit Neustart gelöscht: C:\ProgramData\Application Data\AVG Security Toolbar
[-] Ordner gelöscht: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\avg web tuneup
***** [ Dateien ] *****
[-] Datei gelöscht: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\searchplugins\avira-safesearch.xml
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
***** [ Browser ] *****
[-] Firefox Einstellungen bereinigt: "browser.search.selectedEngine" - "AVG Secure Search"
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [1680 Bytes] - [03/12/2016 21:57:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [1944 Bytes] - [03/12/2016 21:56:59]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1826 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x64
Ran by splmeisterw (Administrator) on 03.12.2016 at 22:04:09,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 29
Successfully deleted: C:\Users\splmeisterw\AppData\Local\crashrpt (Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Roaming\getrighttogo (Folder)
Successfully deleted: C:\Windows\wininit.ini (File)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E86HW14 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LG71UCB (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XCLPIWY (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\509NYRUF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY1YFZ2H (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I7MFVZW3 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXSHDUX4 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PS0QJ9D9 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\splmeisterw\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAOJNG4R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0E86HW14 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3LG71UCB (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3XCLPIWY (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\509NYRUF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BY1YFZ2H (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I7MFVZW3 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LXSHDUX4 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PS0QJ9D9 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UAOJNG4R (Temporary Internet Files Folder)
Deleted the following from C:\Users\splmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\prefs.js
user_pref(avira.safe_search.installed, [\safesearch\]);
user_pref(avira.safe_search.search_was_active, false);
user_pref(browser.uiCustomization.state, {\placements\:{\PanelUI-contents\:[\edit-controls\,\zoom-controls\,\privatebrowsing-button\,\save-page-button\,\abp-to
user_pref(browser.urlbar.suggest.searches, true);
user_pref(extensions.safesearch.MP_DISTINCT_ID, \14c4dc1f7361fc-0b24d801eb3efd-45574136-0-14c4dc1f73715f\);
user_pref(extensions.safesearch.SAUTH_expires_at, 1430162320);
user_pref(extensions.safesearch.SAUTH_rndsnr, \875adb3046a4279b85aacbff2386ac2889c1bfd0\);
user_pref(extensions.safesearch.SAUTH_userid, 5957301478);
user_pref(extensions.safesearch.SAUTH_utoken, \d6728e302915aff8102d1b8d5e02ffc3056b0d5a\);
user_pref(extensions.safesearch.install, 1427233699647);
user_pref(extensions.safesearch.search_offer_disabled, true);
user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\spülmeisterw\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\k15ix6ww
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2016 at 22:05:26,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
05.12.2016, 09:34
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnet Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.12.2016, 18:31
| #13 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Abend, ganz frische FRST Logfiles.. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-12-2016
durchgeführt von spülmeisterw (Administrator) auf SKLAVE15 (05-12-2016 18:27:16)
Gestartet von C:\Users\spülmeisterw\Downloads
Geladene Profile: spülmeisterw (Verfügbare Profile: spülmeisterw & schwester_s)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\Windows\SysWOW64\o2flash.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(CSR, plc) C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
(FUJITSU LIMITED) C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
() C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ConMgr] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\ConMgr.exe [535392 2009-10-12] (CSR, plc)
HKLM\...\Run: [CSRSkype] => C:\Program Files\CSR\Bluetooth Feature Pack 5.0\CSRSkype.exe [431456 2009-10-12] (CSR, plc)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [104960 2009-11-01] ()
HKLM-x32\...\Run: [IndicatorUtility] => C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe [47976 2009-10-09] (FUJITSU LIMITED)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [FUJ02B1_Apps] => C:\Program Files (x86)\Fujitsu\FUJ02B1\CheckBatteryPack.exe [367424 2016-05-11] (FUJITSU LIMITED)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{3056EF62-96A2-4CD4-A930-916C257CD488}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{C3A5A36B-F94D-44A3-9F9F-EED4D05401A8}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FireFox:
========
FF DefaultProfile: k15ix6ww.default
FF ProfilePath: C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default [2016-12-05]
FF Homepage: Mozilla\Firefox\Profiles\k15ix6ww.default -> hxxps://www.google.de/?gws_rd=ssl
FF Extension: (Avira Browser Safety) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\abs@avira.com.xpi [2016-11-24]
FF Extension: (Firefox Hotfix) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01]
FF Extension: (Avira SafeSearch) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\safesearch@avira.com.xpi [2016-06-06]
FF Extension: (Adblock Plus) - C:\Users\spülmeisterw\AppData\Roaming\Mozilla\Firefox\Profiles\k15ix6ww.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-02-11] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3282142634-361615843-1521448422-1000: @protectdisc.com/NPMPDRM -> C:\Users\spülmeisterw\AppData\Local\mpDRM\Binaries\NPMPDRM.dll [2011-10-11] ( )
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 LMS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [262144 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 O2Flash; C:\Windows\SysWOW64\o2flash.exe [65536 2007-02-12] (O2Micro International) [Datei ist nicht signiert]
R2 UNS; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2314240 2009-11-01] (Intel Corporation) [Datei ist nicht signiert]
R2 VFPRadioSupportService; C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [145792 2009-10-12] (CSR, plc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 androidusb; C:\Windows\System32\Drivers\smdadb.sys [39624 2015-04-24] (Google Inc)
S3 BthAvrcp; C:\Windows\system32\drivers\BthAvrcp.sys [34656 2009-10-12] (CSR, plc)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 FUJ02B1; C:\Windows\System32\DRIVERS\FUJ02B1.sys [59152 2016-05-11] (FUJITSU LIMITED)
R3 FUJ02E3; C:\Windows\system32\drivers\FUJ02E3.sys [7296 2006-11-01] (FUJITSU LIMITED)
S3 Impcd; C:\Windows\system32\drivers\Impcd.sys [151936 2009-10-26] (Intel Corporation) [Datei ist nicht signiert]
S3 IntcDAud; C:\Windows\System32\DRIVERS\IntcDAud.sys [244736 2009-11-27] (Intel(R) Corporation) [Datei ist nicht signiert]
R3 O2MDRDR; C:\Windows\System32\DRIVERS\o2mdx64.sys [58400 2009-05-13] (O2Micro )
R3 O2SCBUS; C:\Windows\System32\DRIVERS\ozscrx64.sys [107808 2009-05-15] (O2Micro)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-05 18:26 - 2016-12-05 18:26 - 00000000 ____D C:\Users\spülmeisterw\Downloads\FRST-OlderVersion
2016-12-03 22:03 - 2016-12-03 22:03 - 01631928 _____ (Malwarebytes) C:\Users\spülmeisterw\Downloads\JRT.exe
2016-12-03 21:52 - 2016-12-03 21:52 - 03968464 _____ C:\Users\spülmeisterw\Downloads\adwcleaner_6.040.exe
2016-12-03 21:45 - 2016-12-03 21:57 - 00000000 ____D C:\AdwCleaner
2016-12-03 20:24 - 2016-12-03 20:25 - 00205510 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.24.04_log.txt
2016-12-03 20:03 - 2016-12-03 20:20 - 00404748 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.03.13_log.txt
2016-12-03 20:00 - 2016-12-03 20:00 - 00000492 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_20.00.36_log.txt
2016-12-03 09:41 - 2016-12-03 09:41 - 00766776 _____ C:\Windows\Minidump\120316-16146-01.dmp
2016-12-03 09:41 - 2016-12-03 09:41 - 00000000 ____D C:\Windows\Minidump
2016-12-03 09:40 - 2016-12-03 09:40 - 604159073 _____ C:\Windows\MEMORY.DMP
2016-12-03 08:42 - 2016-12-03 09:06 - 00192588 _____ C:\TDSSKiller.3.1.0.12_03.12.2016_08.42.10_log.txt
2016-12-03 08:42 - 2016-12-03 08:42 - 04747704 _____ (AO Kaspersky Lab) C:\Users\spülmeisterw\Downloads\tdsskiller.exe
2016-12-03 08:40 - 2016-12-03 09:05 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-12-03 08:38 - 2016-12-03 08:38 - 16563352 _____ (Malwarebytes Corp.) C:\Users\spülmeisterw\Downloads\mbar-1.09.3.1001.exe
2016-12-01 19:18 - 2016-12-01 19:18 - 00027723 _____ C:\Users\spülmeisterw\Downloads\Addition.txt
2016-12-01 19:17 - 2016-12-05 18:27 - 00009729 _____ C:\Users\spülmeisterw\Downloads\FRST.txt
2016-12-01 19:16 - 2016-12-05 18:27 - 00000000 ____D C:\FRST
2016-12-01 19:16 - 2016-12-05 18:26 - 02419200 _____ (Farbar) C:\Users\spülmeisterw\Downloads\FRST64.exe
2016-12-01 19:06 - 2016-12-01 19:06 - 00000000 ____D C:\Windows\system32\appmgmt
2016-12-01 19:03 - 2016-12-01 19:03 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2016-11-30 21:15 - 2016-11-30 21:15 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Downloaded Installations
2016-11-30 18:22 - 2016-12-01 19:03 - 00000000 ____D C:\ProgramData\HitmanPro
2016-11-30 18:22 - 2016-11-30 18:23 - 11581544 _____ (SurfRight B.V.) C:\Users\spülmeisterw\Downloads\hitmanpro_x64.exe
2016-11-29 21:50 - 2016-11-29 21:50 - 00000000 ____D C:\Users\schwester_s\Documents\Nero
2016-11-27 18:02 - 2016-11-27 18:02 - 00000856 _____ C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
2016-11-25 14:30 - 2016-11-25 14:30 - 309541681 _____ C:\Users\spülmeisterw\Downloads\Beginner - Advanced Chemistry [Ganzes Album].mp4
2016-11-24 06:43 - 2016-12-05 18:24 - 00000000 ____D C:\Users\spülmeisterw\AppData\LocalLow\Mozilla
2016-11-20 10:41 - 2016-12-02 20:35 - 00000000 ____D C:\Users\schwester_s\AppData\LocalLow\Mozilla
2016-11-19 21:54 - 2016-12-01 19:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-18 17:37 - 2016-11-18 17:37 - 00002151 _____ C:\Users\Public\Desktop\Google Earth.lnk
2016-11-18 17:37 - 2016-11-18 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-14 16:32 - 2016-11-14 16:32 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(2).pdf
2016-11-14 16:29 - 2016-11-14 16:30 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF(1).pdf
2016-11-13 16:20 - 2016-11-13 16:20 - 00035553 _____ C:\Users\schwester_s\Downloads\+ GitLieder_Weihnachtsba ckereiPDF.pdf
2016-11-05 23:33 - 2016-09-30 16:37 - 05548264 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-05 23:33 - 2016-09-30 08:55 - 25765376 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-05 23:33 - 2016-09-30 07:25 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-05 23:33 - 2016-09-30 07:09 - 06048256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:47 - 20306944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-05 23:33 - 2016-09-30 06:42 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-05 23:33 - 2016-09-30 06:38 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-05 23:33 - 2016-09-30 06:21 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-05 23:33 - 2016-09-30 06:17 - 02920960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-05 23:33 - 2016-09-30 06:12 - 04608512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-05 23:33 - 2016-09-30 06:05 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-05 23:33 - 2016-09-30 06:03 - 13653504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-05 23:33 - 2016-09-30 05:46 - 02444288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-05 23:33 - 2016-09-30 05:43 - 01312768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-05 23:33 - 2016-09-12 22:08 - 01465344 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-05 23:33 - 2016-09-12 19:43 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-11-05 23:33 - 2016-09-10 17:19 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-05 23:33 - 2016-08-12 18:02 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:47 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-05 23:33 - 2016-08-12 17:26 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 02023424 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2016-11-05 23:33 - 2016-08-06 16:31 - 00310784 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-11-05 23:33 - 2016-08-06 16:15 - 01178112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01573888 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01483264 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2016-11-05 23:33 - 2016-06-14 18:16 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-11-05 23:33 - 2016-06-14 18:11 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2016-11-05 23:33 - 2016-06-14 16:21 - 03209216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 01176064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2016-11-05 23:33 - 2016-06-14 16:21 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2016-11-05 23:32 - 2016-09-30 21:13 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 20:28 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-05 23:32 - 2016-09-30 16:20 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-05 23:32 - 2016-09-30 16:20 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-05 23:32 - 2016-09-30 07:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 07:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-05 23:32 - 2016-09-30 07:26 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-05 23:32 - 2016-09-30 07:25 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 07:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 07:18 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 07:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-05 23:32 - 2016-09-30 07:14 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-05 23:32 - 2016-09-30 07:13 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 07:13 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-05 23:32 - 2016-09-30 07:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-05 23:32 - 2016-09-30 07:12 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 07:05 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-05 23:32 - 2016-09-30 07:02 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-05 23:32 - 2016-09-30 06:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:51 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:50 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:47 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:46 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-05 23:32 - 2016-09-30 06:42 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-05 23:32 - 2016-09-30 06:42 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-05 23:32 - 2016-09-30 06:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-05 23:32 - 2016-09-30 06:36 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-05 23:32 - 2016-09-30 06:33 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-05 23:32 - 2016-09-30 06:33 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-05 23:32 - 2016-09-30 06:32 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-05 23:32 - 2016-09-30 06:31 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:31 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 06:24 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-05 23:32 - 2016-09-30 06:19 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-05 23:32 - 2016-09-30 06:17 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-05 23:32 - 2016-09-30 06:15 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-05 23:32 - 2016-09-30 06:14 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-05 23:32 - 2016-09-30 06:13 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-05 23:32 - 2016-09-30 06:07 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-05 23:32 - 2016-09-30 06:05 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-05 23:32 - 2016-09-30 06:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-05 23:32 - 2016-09-30 05:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-05 23:32 - 2016-09-30 05:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:30 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-05 23:32 - 2016-09-15 16:15 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-05 23:32 - 2016-09-12 22:13 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-05 23:32 - 2016-09-12 22:13 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-05 23:32 - 2016-09-12 22:08 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-05 23:32 - 2016-09-12 22:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adsmsext.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-05 23:32 - 2016-09-12 21:49 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-05 23:32 - 2016-09-12 21:39 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:37 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-05 23:32 - 2016-09-12 21:32 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-05 23:32 - 2016-09-12 21:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-05 23:32 - 2016-09-12 21:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-05 23:32 - 2016-09-12 21:25 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-05 23:32 - 2016-09-12 20:08 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2016-11-05 23:32 - 2016-09-12 19:43 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-11-05 23:32 - 2016-09-10 16:53 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-05 23:32 - 2016-09-09 19:29 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-05 23:32 - 2016-09-09 19:26 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-05 23:32 - 2016-09-09 19:23 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:20 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 19:01 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-05 23:32 - 2016-09-09 19:00 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:51 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-05 23:32 - 2016-09-09 18:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-05 23:32 - 2016-09-09 18:51 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-05 23:32 - 2016-09-09 18:48 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-05 23:32 - 2016-09-09 18:47 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-05 23:32 - 2016-09-09 18:43 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-05 23:32 - 2016-09-09 18:38 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-05 23:32 - 2016-09-09 18:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-05 23:32 - 2016-09-09 18:37 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-05 23:32 - 2016-09-09 18:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2016-11-05 23:32 - 2016-09-08 21:34 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2016-11-05 23:32 - 2016-09-08 15:55 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-11-05 23:32 - 2016-09-08 15:55 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-11-05 23:32 - 2016-08-12 18:02 - 12574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 18:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 18:02 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-11-05 23:32 - 2016-08-12 17:47 - 12574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-11-05 23:32 - 2016-08-12 17:31 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-11-05 23:32 - 2016-08-12 17:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:31 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\wsmplpxy.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00249344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00146944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-11-05 23:32 - 2016-08-06 16:15 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmRes.dll
2016-11-05 23:32 - 2016-08-06 16:01 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 16:01 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00012288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmprovhost.exe
2016-11-05 23:32 - 2016-08-06 15:53 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsmplpxy.dll
2016-11-05 23:32 - 2016-06-14 18:21 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-11-05 23:32 - 2016-06-14 18:16 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00440320 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2016-11-05 23:32 - 2016-06-14 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2016-11-05 23:32 - 2016-06-14 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2016-11-05 23:32 - 2016-06-14 16:15 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:15 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2016-11-05 23:32 - 2016-06-14 16:05 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2016-11-05 23:32 - 2016-06-14 16:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2016-11-05 20:32 - 2016-11-05 20:32 - 00160804 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_Rechnung.pdf
2016-11-05 20:31 - 2016-11-05 20:31 - 00445036 _____ C:\Users\spülmeisterw\Desktop\DB-Fahrkarte_RT.pdf
2016-11-05 20:30 - 2016-11-05 20:30 - 00445041 _____ C:\Users\spülmeisterw\Desktop\A8B0E514.pdf
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-05 18:24 - 2015-12-25 20:21 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\SynciOS Data Transfer
2016-12-05 18:24 - 2015-04-03 20:16 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-12-05 18:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-04 12:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-12-04 12:59 - 2009-07-14 05:45 - 00021680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-12-03 22:48 - 2015-03-22 11:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-12-03 22:36 - 2015-04-03 20:16 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-12-03 14:02 - 2011-04-12 08:43 - 00699682 _____ C:\Windows\system32\perfh007.dat
2016-12-03 14:02 - 2011-04-12 08:43 - 00149790 _____ C:\Windows\system32\perfc007.dat
2016-12-03 14:02 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-12-03 14:02 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-12-02 20:41 - 2015-03-24 22:45 - 00000000 ____D C:\Program Files (x86)\Avira
2016-12-02 20:41 - 2015-03-22 14:45 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-12-02 20:40 - 2015-03-22 14:45 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-12-02 20:38 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-02 20:38 - 2015-03-24 22:45 - 00000000 ____D C:\ProgramData\Avira
2016-12-02 20:37 - 2015-03-24 22:48 - 00000000 ____D C:\Users\spülmeisterw\AppData\Roaming\Avira
2016-12-02 11:01 - 2016-03-04 09:55 - 00000000 ____D C:\Users\schwester_s\AppData\Roaming\SynciOS Data Transfer
2016-12-01 20:34 - 2015-03-24 23:44 - 00000000 ____D C:\Users\spülmeisterw\AppData\Local\Nero
2016-12-01 19:09 - 2015-03-22 10:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-27 18:02 - 2016-05-22 18:00 - 01292796 _____ C:\Users\spülmeisterw\Desktop\Jakobs Bagger.xcf
2016-11-27 18:02 - 2016-03-06 22:22 - 00000000 ____D C:\Users\spülmeisterw\.gimp-2.8
2016-11-18 17:37 - 2015-04-03 20:16 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-08 18:48 - 2015-03-22 11:06 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-08 18:48 - 2015-03-22 11:06 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-08 18:48 - 2015-03-22 11:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-08 18:48 - 2015-03-22 11:06 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-08 18:48 - 2015-03-22 10:41 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-08 16:00 - 2015-03-24 22:05 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-07 19:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-06 10:30 - 2009-07-14 05:45 - 00351328 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2016-11-06 10:28 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\Dism
2016-11-05 18:07 - 2015-03-22 12:31 - 00000000 ____D C:\Program Files (x86)\Winamp
2016-11-05 07:55 - 2016-02-23 18:53 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-18 06:03 - 2015-12-18 06:03 - 0124133 _____ () C:\Program Files (x86)\Acknowledgements.rtf
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-console-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-datetime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-debug-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-errorhandling-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022208 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-file-l2-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-handle-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-interlocked-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-libraryloader-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-localization-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-memory-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-namedpipe-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processenvironment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-processthreads-l1-1-1.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018112 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-profile-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-synch-l1-2-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-sysinfo-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-timezone-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0018624 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-core-util-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-conio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0022720 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-convert-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-environment-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0020672 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-heap-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-locale-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0027840 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-math-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0026816 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0070848 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-private-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019648 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-process-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0023232 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0024768 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-string-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0021184 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-time-l1-1-0.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0019136 _____ (Microsoft Corporation) C:\Program Files (x86)\api-ms-win-crt-utility-l1-1-0.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3370128 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_dsp.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2199696 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_manager.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0870544 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_musicid.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0325776 _____ (Gracenote, Inc.) C:\Program Files (x86)\gnsdk_submit.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0569664 _____ (GEAR-Software) C:\Program Files (x86)\gwlangen.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 18175808 _____ (GEAR-Software) C:\Program Files (x86)\gwrks64.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 3088696 _____ (Apple Inc.) C:\Program Files (x86)\iPodUpdaterExt.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 2980152 _____ (Apple Inc.) C:\Program Files (x86)\iTunes.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0471864 _____ (Apple Inc.) C:\Program Files (x86)\iTunesAdmin.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 36243768 _____ (Apple Inc.) C:\Program Files (x86)\iTunesCore.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0212280 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.dll
2016-09-09 14:00 - 2016-09-09 14:00 - 0176440 _____ (Apple Inc.) C:\Program Files (x86)\iTunesHelper.exe
2016-09-09 14:00 - 2016-09-09 14:00 - 0162616 _____ (Apple Inc.) C:\Program Files (x86)\iTunesMiniPlayer.dll
2016-08-16 11:57 - 2016-08-16 11:57 - 0992960 _____ (Microsoft Corporation) C:\Program Files (x86)\ucrtbase.dll
2015-06-23 19:17 - 2016-01-31 16:59 - 0000040 _____ () C:\Users\spülmeisterw\AppData\Roaming\cdr.ini
2015-07-07 19:47 - 2015-08-13 21:03 - 0108299 _____ () C:\Users\spülmeisterw\AppData\Roaming\Zulu.dmp
2016-11-27 18:02 - 2016-11-27 18:02 - 0000856 _____ () C:\Users\spülmeisterw\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\schwester_s\AppData\Local\Temp\avgnt.exe
C:\Users\schwester_s\AppData\Local\Temp\kernel32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\avgnt.exe
C:\Users\spülmeisterw\AppData\Local\Temp\HitmanPro.exe
C:\Users\spülmeisterw\AppData\Local\Temp\libeay32.dll
C:\Users\spülmeisterw\AppData\Local\Temp\msvcr120.dll
C:\Users\spülmeisterw\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-11-06 13:52
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-12-2016
durchgeführt von spülmeisterw (05-12-2016 18:28:04)
Gestartet von C:\Users\spülmeisterw\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-22 09:36:47)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3282142634-361615843-1521448422-500 - Administrator - Disabled)
Gast (S-1-5-21-3282142634-361615843-1521448422-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3282142634-361615843-1521448422-1002 - Limited - Enabled)
schwester_s (S-1-5-21-3282142634-361615843-1521448422-1003 - Limited - Enabled) => C:\Users\schwester_s
spülmeisterw (S-1-5-21-3282142634-361615843-1521448422-1000 - Administrator - Enabled) => C:\Users\spülmeisterw
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
ALDI Bestellsoftware (HKLM-x32\...\ALDI Bestellsoftware) (Version: 5.0.5. - ORWO_Net)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Bluetooth Feature Pack 5.0 (HKLM\...\{B2F4C332-2359-4ADE-AF0C-C631768BBB89}) (Version: 5.0.13 - CSR Plc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Fujitsu Hotkey Utility (HKLM-x32\...\InstallShield_{BA0CC975-682B-4678-A35C-05E607F36387}) (Version: 3.60.1.0 - FUJITSU LIMITED)
Fujitsu Hotkey Utility (x32 Version: 3.60.1.0 - FUJITSU LIMITED) Hidden
G DATA Logox4 Speechengine (HKLM-x32\...\lgx4.lgx.server) (Version: - G DATA Software AG)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 14.5 - Intel)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lernwerkstatt 9 (HKLM-x32\...\InstallShield_{4AA318E7-344F-4A0C-A63D-82A30B1A8F74}) (Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH)
Lernwerkstatt 9 (x32 Version: 9.00.0000 - Medienwerkstatt Mühlacker Verlagsgesellschaft mbH) Hidden
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
Nero 2015 (HKLM-x32\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero CoverDesigner (HKLM-x32\...\{57DE722C-BBE9-4BB8-AF66-1ED9A4BB2209}) (Version: 12.0.03100 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2000 - Nero AG)
Nero Prerequisite Installer 4.0 (HKLM-x32\...\{8441D319-8C7A-4398-B630-6BC3941A12C9}) (Version: 16.0.00600 - Nero AG)
O2Micro Flash Memory Card Windows Driver (HKLM-x32\...\InstallShield_{4B1CF482-AD0E-48F3-8032-BCF5F071C123}) (Version: 3.00.0006 - O2Micro International LTD.)
O2Micro Flash Memory Card Windows Driver (Version: 3.00.0006 - O2Micro International LTD.) Hidden
OZ711 SCR Driver (x64) (HKLM-x32\...\InstallShield_{2DD893C5-ABC1-4E27-B6D4-279E01AEB4E2}) (Version: 3.0.1.6D - O2Micro)
OZ711 SCR Driver (x64) (Version: 3.0.1.6D - O2Micro) Hidden
PDF to BMP JPG TIFF Converter 2.32 (HKLM-x32\...\PDF To BMP JPG TIFF Converter_is1) (Version: 2.32 - Blue Label Soft)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows-Treiberpaket - Google Corporation (androidusb) USB (04/20/2015 1.0.0018.00000) (HKLM\...\5BAEDAE1FDD50B7653C3BF0764CF27189A23603B) (Version: 04/20/2015 1.0.0018.00000 - Google Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass (11/28/2013 2.0.0018.00000) (HKLM\...\724A5661585DAD3C707B84BACF43F64B5E070CE5) (Version: 11/28/2013 2.0.0018.00000 - Google, Inc.)
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (dg_ssudbus) USB (06/10/2014 2.11.10.0) (HKLM\...\7C7D77F30DA293C8D56A9D5FB8C3E70F4E17DA7F) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Windows-Treiberpaket - SAMSUNG Electronics Co., Ltd. (WinUSB) AndroidUsbDeviceClass (06/10/2014 2.11.10.0) (HKLM\...\19CBC797AE23190CD0F3C85E76495B645F0154C4) (Version: 06/10/2014 2.11.10.0 - SAMSUNG Electronics Co., Ltd. )
Zulu DJ-Software (HKLM-x32\...\Zulu) (Version: 3.23 - NCH Software)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {002E82D2-A8C8-4738-AB78-BCA603B55A3F} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-06-04] (Nero AG)
Task: {00A64CE7-484D-4D56-B9EC-4CC44968AC3B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {043FC396-42B0-463E-99A2-F88B2711EDF6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-08] (Adobe Systems Incorporated)
Task: {D3717A0A-FAF1-44A0-8CB9-CBBAD5DBBED3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
Task: {ED0B5209-B636-4776-B5F1-FD3513B87D86} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {FF86116F-97D6-44A5-AFB1-3D8A4FE78DF9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-03] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 21:12 - 2012-01-10 21:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00269824 _____ () C:\Program Files (x86)\Syncios_01\SynciosDeviceService.exe
2015-12-25 20:20 - 2015-12-21 11:16 - 00398848 _____ () C:\Program Files (x86)\Syncios_01\DuiLib.dll
2015-12-25 20:20 - 2015-12-18 16:51 - 00073728 _____ () C:\Program Files (x86)\Syncios_01\generalFunc_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00176128 _____ () C:\Program Files (x86)\Syncios_01\driverMgr4Transfer_pdt.dll
2015-12-25 20:20 - 2015-12-21 11:16 - 00966144 _____ () C:\Program Files (x86)\Syncios_01\androidSyncCore_pdm.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3282142634-361615843-1521448422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\spülmeisterw\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{DC924973-1040-4AD9-85CA-2C39532FDE24}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6785B36E-F829-413F-B721-BFD64F9800DC}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{391B0ECC-CC46-44C9-95CE-74D6B3193CF8}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{145050AD-EF58-400D-95A0-14F95ADC6E28}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A5282A05-1F8C-4042-B943-79925EF80511}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01859D47-7734-499D-8CE3-76F88F540719}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4C4E2640-9DA8-4216-AA96-D6FE14C27D31}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{992A8B55-E740-482A-A542-7CFF18064B81}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{2072A6DE-F933-45F7-AA46-03C4A3335CA9}] => C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{7EAC02C4-C10F-4B3A-9A72-62584070D50B}] => C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{335B119A-4ADE-40C8-9902-B664F930C5AB}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{8774F648-CF0A-4EBC-93C3-A9E9D226BE77}] => C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{CDCA7323-C6E8-4F81-8F41-C0EF9431ED06}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7738B03B-7100-4068-9925-A3E93CCA9E97}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35C3F991-16DE-4477-A79E-E3026C5B114E}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F6B2E0B9-AC5C-4F79-8D66-5CF0E8812053}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4113D355-2F77-4E61-803C-E7BCB4954C70}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0E42778F-E203-4F61-BE67-D8EE289FA4FC}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{39C544D5-7637-4C23-B80B-A70DBB8C0722}] => C:\Program Files (x86)\iTunes.exe
==================== Wiederherstellungspunkte =========================
01-12-2016 19:03:09 Prüfpunkt von HitmanPro
01-12-2016 19:03:32 Prüfpunkt von HitmanPro
01-12-2016 19:03:48 Prüfpunkt von HitmanPro
03-12-2016 22:04:11 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/05/2016 06:26:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/04/2016 12:54:56 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 10:00:52 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 09:51:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 08:23:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 07:59:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 09:42:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/03/2016 08:35:19 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/02/2016 08:43:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (12/02/2016 11:02:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Systemfehler:
=============
Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/05/2016 06:26:37 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/04/2016 12:55:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
Error: (12/03/2016 10:01:12 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: Ein neuer Medienserver konnte nicht initialisiert werden, da im Windows-Medienlieferungsmodul ein Fehler "0x800700b7" aufgetreten ist. Starten Sie den Computer und den "WMPNetworkSvc"-Dienst neu. Wenn das Problem weiterhin besteht, installieren Sie Windows Media Player möglichst erneut.
Error: (12/03/2016 10:01:12 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: Ein Medienlieferungsmodul mit der ID "0" konnte wegen Fehler "0x800700b7" beim Hinzufügen der URL "hxxp://+:10243/WMPNSSv4/2811996591/!S!" nicht initialisiert werden. Starten Sie den Computer und den WMPNetworkSvc-Dienst erneut. Wenn das Problem weiterhin besteht, installieren Sie nach Möglichkeit Windows Media Player erneut.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 520 @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 7987.42 MB
Verfügbarer physikalischer RAM: 5312.94 MB
Summe virtueller Speicher: 15973.02 MB
Verfügbarer virtueller Speicher: 13362.12 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:119.61 GB) (Free:50.24 GB) NTFS
Drive d: () (Removable) (Total:1.84 GB) (Free:1.83 GB) FAT
Drive z: () (Fixed) (Total:342.37 GB) (Free:268.77 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: EC431FA8)
Partition 1: (Active) - (Size=3.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=119.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=342.4 GB) - (Type=OF Extended)
========================================================
Disk: 1 (Size: 1.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
05.12.2016, 23:01
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | WIN 7: Zip Datei von online24 Pay AG geöffnet Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.12.2016, 01:12
| #15 |
| | WIN 7: Zip Datei von online24 Pay AG geöffnet Anbei, die geforderten Logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.12.2016 Suchlaufzeit: 23:31 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.12.05.14 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: spülmeisterw Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 363338 Abgelaufene Zeit: 9 Min., 29 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# end=init
# utc_time=2016-12-05 10:48:08
# local_time=2016-12-05 11:48:08 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 31635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# end=updated
# utc_time=2016-12-05 10:52:10
# local_time=2016-12-05 11:52:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=095bc089e63edc4190569e9d220838c9
# engine=31635
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-06 12:01:48
# local_time=2016-12-06 01:01:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 53489603 232612358 0 0
# scanned=365310
# found=2
# cleaned=0
# scan_time=4177
sh=44F8738C805596610698F38415A5647CF5722881 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\spülmeisterw\AppData\Local\Mozilla\Firefox\Profiles\k15ix6ww.default\cache2\entries\7BF28B74AA85C6F27A03119C67FCBD1C3E3137B2"
sh=90F41A0FC24DF472704C2943372759B35AC4F833 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\spülmeisterw\AppData\Local\Mozilla\Firefox\Profiles\k15ix6ww.default\cache2\entries\A3F16C8AFEDC4B394F817B28FC926EF41EE76187"
Code:
ATTFilter Results of screen317's Security Check version 1.009
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 23.0.0.207
Mozilla Firefox (50.0.2)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
| Themen zu WIN 7: Zip Datei von online24 Pay AG geöffnet |
| betriebssystem, blick, datei, files, hunter, log, log files, mail, malwarebytes, nicht sicher, online, phishing, phishing mail, programme, rechner, schädlinge, troja, trojaner, trojanhunter, virus, werfen, win, win 7, zip datei, zip-datei |
Linear-Darstellung
