| |
| |||||||
Log-Analyse und Auswertung: Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
06.12.2016, 00:27
| #1 |
 |  Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? ich bin etwas verzweifelt. Habe vor ein paar Tagen Win10 neu aufgesetzt. Mein Benutzerkonto wurde wie immer angelegt. Heute habe ich festgestellt, dass meine Windowsanmeldung unter einem mir unbekannten Namen und E-Mail Adresse erfolgt. Bei der Überprüfung der Benutzerkonten musste ich feststellen, das mein angelegtes Konto (mein Bild, meine Zuriffe auf Dateien usw.) anscheinend einen fremden Besitzer hat. "Leider" wird der PC von meiner Frau und Kind mitbenutzt. Ich kann daher nicht genau sagen wann es passiert ist. Ist bei mir jetzt ALLES gehackt ? Hier meine Logfiles: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016 durchgeführt von totti (Administrator) auf HOME-PC (05-12-2016 23:05:16) Gestartet von C:\Users\totti\Downloads Geladene Profile: totti (Verfügbare Profile: Thorsten & ttjh1 & totti) Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\snmp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBclk.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\ASUS\Front Base Driver\WBoxTT.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr64.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe () C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe (Microsoft Corporation) C:\Windows\System32\smartscreen.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe (Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (SAVITECH) C:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Sync\App\WDSyncService.exe (ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7466.41227.0_x64__8wekyb3d8bbwe\HxMail.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7466.41227.0_x64__8wekyb3d8bbwe\HxTsr.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe (Microsoft Corporation) C:\Windows\System32\browser_broker.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1735288 2016-09-30] (Logitech, Inc.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-11-27] (Realtek Semiconductor) HKLM\...\Run: [SVLoadSense] => c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe [1762000 2015-09-21] (SAVITECH) HKLM\...\Run: [SS2UILauncher] => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [557072 2016-08-12] () HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-23] (Intel Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2013-01-28] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [AO Link Server] => C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\ALRun.exe -start HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21384 2016-04-15] (Western Digital Technologies, Inc.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{278623a9-5409-4fd0-84f9-306d087989c8}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{33feedbb-de7b-4bc4-8b69-96b9e6bac0b6}: [DhcpNameServer] 172.20.10.1 Tcpip\..\Interfaces\{6abf8ccf-8799-4d9f-85cf-650277434338}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-11-27] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-11-27] (Oracle Corporation) FireFox: ======== FF DefaultProfile: t1674hax.default FF ProfilePath: C:\Users\totti\AppData\Roaming\Mozilla\Firefox\Profiles\t1674hax.default [2016-12-05] FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-11-27] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-11-27] (Oracle Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-27] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-27] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default [2016-12-05] CHR Extension: (Google Präsentationen) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-04] CHR Extension: (Google Docs) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-04] CHR Extension: (Google Drive) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-04] CHR Extension: (YouTube) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-04] CHR Extension: (Google Tabellen) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-04] CHR Extension: (Google Docs Offline) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-04] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-04] CHR Extension: (Google Mail) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-04] CHR Extension: (Chrome Media Router) - C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-04] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.) R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2016-11-27] () R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe [963544 2016-08-05] (ASUSTeK Computer Inc.) R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2016-11-27] () [Datei ist nicht signiert] R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe [419288 2016-05-27] (ASUSTeK Computer Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-23] (Intel Corporation) R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation) R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2016-11-28] (Microsoft Corporation) R2 SNMP; C:\WINDOWS\SysWOW64\snmp.exe [47104 2016-11-28] (Microsoft Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation) R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18232 2016-08-02] (Intel(R) Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AiChargerPlus; C:\Windows\SysWow64\drivers\AiChargerPlus.sys [14848 2013-01-28] (ASUSTek Computer Inc.) R3 AndroidAFD; C:\Windows\SysWow64\drivers\AndroidAFDx64.sys [22192 2015-10-19] (ASUSTek Computer Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2016-11-27] () S0 asstahci64; C:\WINDOWS\System32\drivers\asstahci64.sys [88936 2015-06-17] (Asmedia Technology) R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2016-11-27] () R3 ASUSfilter; C:\WINDOWS\System32\drivers\ASUSfilter.sys [48384 2013-03-28] (MCCI Corporation) R3 ASUSfilter; C:\Windows\SysWOW64\drivers\ASUSfilter.sys [46152 2016-11-27] (MCCI Corporation) S3 ASUSstpt; C:\WINDOWS\System32\drivers\ASUSstpt.sys [27392 2013-03-28] (MCCI Corporation) S3 ASUSumsc; C:\WINDOWS\System32\drivers\ASUSumsc.sys [151808 2013-03-28] (MCCI Corporation) S3 ASUSxpsp; C:\WINDOWS\System32\drivers\ASUSxpsp.sys [28416 2013-03-28] (MCCI Corporation) S3 DSI_SiUSBXp_3_1; C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys [16384 2007-09-06] (Silicon Laboratories) S3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-04-17] (Disc Soft Ltd) S3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47672 2016-04-17] (Disc Soft Ltd) R3 e1dexpress; C:\WINDOWS\system32\DRIVERS\e1d65x64.sys [530416 2015-06-18] (Intel Corporation) S2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [29264 2016-06-09] (Intel Corporation) R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2016-07-12] (ASUSTeK Computer Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-12-05] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] () R1 SvThLSNS; c:\Program Files (x86)\SAVITECH\SVLoadSense\x64\SvThLSNS.sys [15184 2015-09-21] (Windows (R) Win 7 DDK provider) S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation) R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation) R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation) S3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation) S3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-09-21] (Intel Corporation) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-12-05 23:05 - 2016-12-05 23:05 - 00016899 _____ C:\Users\totti\Downloads\FRST.txt 2016-12-05 23:04 - 2016-12-05 23:05 - 02419712 _____ (Farbar) C:\Users\totti\Downloads\FRST64.exe 2016-12-05 22:59 - 2016-12-05 22:59 - 00000000 ___HD C:\OneDriveTemp 2016-12-05 22:30 - 2016-12-05 22:30 - 00101330 _____ C:\Users\Thorsten\Desktop\FRST.txt 2016-12-05 22:30 - 2016-12-05 22:30 - 00033068 _____ C:\Users\Thorsten\Desktop\Addition.txt 2016-12-05 22:29 - 2016-12-05 23:05 - 00000000 ____D C:\FRST 2016-12-05 22:29 - 2016-12-05 22:30 - 00101327 _____ C:\Users\Thorsten\Downloads\FRST.txt 2016-12-05 22:29 - 2016-12-05 22:30 - 00033065 _____ C:\Users\Thorsten\Downloads\Addition.txt 2016-12-05 22:28 - 2016-12-05 22:29 - 02419712 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe 2016-12-05 20:19 - 2016-12-05 20:19 - 00000000 ____D C:\Program Files (x86)\ESET 2016-12-05 20:18 - 2016-12-05 20:18 - 00001741 _____ C:\22222222222222.txt 2016-12-05 20:17 - 2016-12-05 20:17 - 00002309 _____ C:\1111111111111111.txt 2016-12-05 19:02 - 2016-12-05 20:19 - 02870984 _____ (ESET) C:\Users\totti\Downloads\esetsmartinstaller_deu.exe 2016-12-05 18:58 - 2016-12-05 22:59 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-12-05 18:58 - 2016-12-05 18:58 - 00001171 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-12-05 18:58 - 2016-12-05 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-12-05 18:58 - 2016-12-05 18:58 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-12-05 18:58 - 2016-12-05 18:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-12-05 18:58 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-12-05 18:58 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-12-05 18:58 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-12-05 18:57 - 2016-12-05 18:57 - 22851472 _____ (Malwarebytes ) C:\Users\totti\Downloads\mbam-setup-2.2.1.1043.exe 2016-12-05 18:45 - 2016-12-05 18:45 - 00000000 ____D C:\Users\totti\AppData\Roaming\Macromedia 2016-12-05 18:38 - 2016-12-05 20:15 - 00000000 ____D C:\Users\totti\AppData\LocalLow\Mozilla 2016-12-05 18:38 - 2016-12-05 18:44 - 00000000 ____D C:\Users\totti\AppData\Local\Mozilla 2016-12-05 18:38 - 2016-12-05 18:38 - 00000000 ____D C:\Users\totti\AppData\Roaming\Mozilla 2016-12-04 23:49 - 2016-12-04 23:49 - 00000000 ____D C:\Users\totti\AppData\Local\PeerDistRepub 2016-12-04 23:07 - 2016-12-04 23:07 - 00030100 _____ C:\Users\totti\Downloads\entschuld13.pdf 2016-12-04 22:39 - 2016-12-04 22:39 - 00001359 _____ C:\Users\Public\Desktop\EaseUS Todo PCTrans.lnk 2016-12-04 22:39 - 2016-12-04 22:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo PCTrans 2016-12-04 22:39 - 2016-12-04 22:39 - 00000000 ____D C:\Program Files (x86)\EaseUS 2016-12-04 22:38 - 2016-12-05 18:44 - 00000000 ____D C:\Users\totti\AppData\Local\MicrosoftEdge 2016-12-04 22:38 - 2016-12-04 22:39 - 05335456 _____ (EaseUS ) C:\Users\totti\Downloads\pctrans.exe 2016-12-04 22:21 - 2016-12-04 21:37 - 02359296 ____H C:\Users\totti\NTUSER (2).DAT 2016-12-04 22:21 - 2016-12-04 21:37 - 02359296 ____H C:\Users\Thorsten\NTUSER - Kopie.DAT 2016-12-04 19:28 - 2016-12-04 19:28 - 00000000 ____D C:\Users\totti\AppData\Roaming\Intel Corporation 2016-12-04 19:27 - 2016-12-05 22:59 - 00000000 ___RD C:\Users\totti\OneDrive 2016-12-04 19:27 - 2016-12-04 19:28 - 00002383 _____ C:\Users\totti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Roaming\Skype 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Roaming\Logishrd 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Roaming\Apple Computer 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Local\Western_Digital_Technolog 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Local\SS22.2.28 2016-12-04 19:27 - 2016-12-04 19:27 - 00000000 ____D C:\Users\totti\AppData\Local\Comms 2016-12-04 19:26 - 2016-12-05 03:33 - 00000000 ____D C:\Users\totti 2016-12-04 19:26 - 2016-12-04 20:28 - 00000000 ____D C:\Users\totti\AppData\Local\Packages 2016-12-04 19:26 - 2016-12-04 19:41 - 00000000 ____D C:\Users\totti\AppData\Local\Google 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Vorlagen 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Startmenü 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Netzwerkumgebung 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Lokale Einstellungen 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Eigene Dateien 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Druckumgebung 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Documents\Eigene Videos 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Documents\Eigene Musik 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Documents\Eigene Bilder 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\AppData\Local\Verlauf 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\AppData\Local\Anwendungsdaten 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 _SHDL C:\Users\totti\Anwendungsdaten 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 ____D C:\Users\totti\AppData\Roaming\Adobe 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 ____D C:\Users\totti\AppData\Local\VirtualStore 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 ____D C:\Users\totti\AppData\Local\TileDataLayer 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 ____D C:\Users\totti\AppData\Local\Publishers 2016-12-04 19:26 - 2016-12-04 19:26 - 00000000 ____D C:\Users\totti\AppData\Local\ConnectedDevicesPlatform 2016-12-04 19:26 - 2016-11-27 00:07 - 00000020 ___SH C:\Users\totti\ntuser.ini 2016-12-04 01:23 - 2016-12-04 01:23 - 00000000 ____D C:\Program Files (x86)\Hercules 2016-12-04 01:22 - 2016-12-04 01:23 - 31550240 _____ (Hercules) C:\Users\Thorsten\Downloads\HWNU-300_V3.7.exe 2016-12-04 00:30 - 2016-12-04 00:30 - 04640844 _____ C:\Users\Thorsten\Downloads\WLR-5100v1001-firmware-v30.zip 2016-12-04 00:30 - 2016-12-04 00:30 - 02952963 _____ C:\Users\Thorsten\Downloads\WLR-5100v1001-Full-Manual.pdf 2016-12-04 00:27 - 2016-12-04 00:27 - 02952963 _____ C:\Users\Thorsten\Downloads\manual (2).pdf 2016-12-03 18:32 - 2016-12-03 18:32 - 00000000 ____D C:\Users\Thorsten\AppData\Local\TeamViewer 2016-12-02 23:38 - 2016-12-04 19:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-12-02 23:38 - 2016-12-03 18:38 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\TeamViewer 2016-12-02 23:38 - 2016-12-02 23:38 - 00001112 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk 2016-12-02 23:38 - 2016-12-02 23:38 - 00001100 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk 2016-12-02 23:35 - 2015-06-22 12:20 - 00000000 ____D C:\Users\Thorsten\Downloads\DIR-825_fw_revb_210b01_ALL_multi_20150609 2016-12-02 23:34 - 2016-12-02 23:37 - 12877352 _____ (TeamViewer GmbH) C:\Users\Thorsten\Downloads\TeamViewer_Setup_de-agkp.exe 2016-12-02 23:26 - 2016-12-02 23:26 - 05286401 _____ C:\Users\Thorsten\Downloads\DIR-825_fw_revb_210b01_ALL_multi_20150609.zip 2016-12-02 23:23 - 2016-12-02 23:23 - 00029312 _____ C:\Users\Thorsten\Downloads\config.bin 2016-12-02 21:07 - 2016-12-02 21:08 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ElevatedDiagnostics 2016-12-02 19:13 - 2016-12-02 19:13 - 00720417 _____ C:\Users\Thorsten\Downloads\Anleitung_WLAN-Router_als_Accesspoint_mit_Hitron_oder_CiscoEPC3208_Kabelmodem.pdf 2016-12-02 02:36 - 2016-12-02 02:36 - 1214701263 _____ C:\WINDOWS\MEMORY.DMP 2016-12-02 02:36 - 2016-12-02 02:36 - 00586244 _____ C:\WINDOWS\Minidump\120216-8265-01.dmp 2016-12-02 02:36 - 2016-12-02 02:36 - 00000000 ____D C:\WINDOWS\Minidump 2016-12-02 01:51 - 2016-12-02 01:51 - 00000000 ____D C:\Users\ttjh1\AppData\Local\PeerDistRepub 2016-12-01 21:31 - 2016-12-01 21:31 - 00166225 _____ C:\Users\Thorsten\Downloads\AVM-Merry-Christmas_2016.zip 2016-12-01 02:33 - 2016-12-01 02:33 - 04851072 _____ C:\Users\Thorsten\Downloads\cfosspeed-v1020.exe 2016-11-30 12:10 - 2016-11-30 12:10 - 00000000 ____D C:\ProgramData\Trymedia 2016-11-30 12:10 - 2016-11-30 12:10 - 00000000 ____D C:\ProgramData\GoBit Games 2016-11-30 10:12 - 2016-11-30 10:12 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Macromedia 2016-11-30 10:12 - 2016-11-30 10:12 - 00000000 ____D C:\Users\ttjh1\AppData\Local\Comms 2016-11-30 10:11 - 2016-11-30 10:11 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Intel Corporation 2016-11-30 10:10 - 2016-12-01 19:13 - 00000000 ____D C:\Users\ttjh1\AppData\Local\ConnectedDevicesPlatform 2016-11-30 10:10 - 2016-11-30 16:32 - 00000000 ____D C:\Users\ttjh1\AppData\Local\Google 2016-11-30 10:10 - 2016-11-30 11:11 - 00000000 ____D C:\Users\ttjh1\AppData\Local\Packages 2016-11-30 10:10 - 2016-11-30 10:11 - 00002383 _____ C:\Users\ttjh1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-11-30 10:10 - 2016-11-30 10:10 - 00000020 ___SH C:\Users\ttjh1\ntuser.ini 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Skype 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Logishrd 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Apple Computer 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Roaming\Adobe 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\Western_Digital_Technolog 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\VirtualStore 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\TileDataLayer 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\SS22.2.28 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\Publishers 2016-11-30 10:10 - 2016-11-30 10:10 - 00000000 ____D C:\Users\ttjh1\AppData\Local\MicrosoftEdge 2016-11-30 03:08 - 2016-11-30 03:28 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Apple Computer 2016-11-30 03:08 - 2016-11-30 03:08 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-11-30 03:08 - 2016-11-30 03:08 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apple Computer 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apple 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\ProgramData\Apple Computer 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files\iTunes 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files\iPod 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files\Common Files\Apple 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files\Bonjour 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files (x86)\Bonjour 2016-11-30 03:08 - 2016-11-30 03:08 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2016-11-30 03:04 - 2016-11-30 03:07 - 177311560 _____ (Apple Inc.) C:\Users\Thorsten\Downloads\iTunes6464Setup.exe 2016-11-30 00:21 - 2016-11-30 00:21 - 00004566 _____ C:\Users\Thorsten\Downloads\oscam_2016-11-30_0021_oscam.log.tgz 2016-11-29 21:28 - 2016-11-29 21:28 - 00000582 _____ C:\Users\Thorsten\Downloads\Enable_Num_Lock_on_Sign-in_screen.reg 2016-11-29 02:32 - 2016-11-29 02:32 - 00003344 _____ C:\WINDOWS\System32\Tasks\SamsungMagician 2016-11-29 02:32 - 2016-11-29 02:32 - 00001298 _____ C:\Users\Public\Desktop\Samsung Magician.lnk 2016-11-29 02:32 - 2016-11-29 02:32 - 00000000 ____D C:\ProgramData\Samsung 2016-11-29 02:32 - 2016-11-29 02:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician 2016-11-29 02:32 - 2016-11-29 02:32 - 00000000 ____D C:\Program Files (x86)\Samsung 2016-11-29 02:31 - 2016-05-13 08:52 - 19226728 _____ (Samsung Electronics ) C:\Users\Thorsten\Downloads\Samsung_Magician_Setup_v497.exe 2016-11-29 02:30 - 2016-11-29 02:31 - 18946704 _____ C:\Users\Thorsten\Downloads\Samsung_Magician_Setup_v497.zip 2016-11-29 01:41 - 2016-11-29 01:41 - 00629880 _____ C:\Users\Thorsten\Downloads\oscam-emu-mips-freetz11281-fritz73xxOS62-webif-libusb_st 2016-11-29 01:36 - 2016-11-29 01:36 - 00213602 _____ C:\Users\Thorsten\Downloads\list_smargo-1 (3).20-emu11232-mips-freetz-linux-uclibc-libusb 2016-11-29 00:13 - 2016-11-29 00:13 - 04083028 _____ C:\Users\Thorsten\Downloads\WDAccess_1.4.5949.29996.zip 2016-11-29 00:13 - 2016-11-29 00:13 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Western_Digital_Technolog 2016-11-29 00:11 - 2016-11-29 00:11 - 08497626 _____ C:\Users\Thorsten\Downloads\WDSync_1.3.5949.26210.zip 2016-11-28 23:48 - 2016-11-28 23:48 - 00000000 ____D C:\Users\Thorsten\Downloads\DIP5_10360 2016-11-28 23:43 - 2016-11-28 23:43 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-11-28 23:43 - 2016-11-28 23:28 - 00404752 _____ (Intel Corporation) C:\WINDOWS\system32\PROUnstl.exe 2016-11-28 23:43 - 2016-11-28 23:28 - 00001904 ____N C:\WINDOWS\system32\SetupBD.din 2016-11-28 23:40 - 2016-11-28 23:40 - 00000000 ____D C:\Users\Thorsten\Downloads\ROGConnectPlus_Win7-81-10_V10030 2016-11-28 23:40 - 2015-06-05 09:37 - 00192512 _____ (ASUSTeK Computer Inc.) C:\WINDOWS\SysWOW64\Drivers\UpdateHelper.dll 2016-11-28 23:39 - 2016-11-28 23:39 - 00001769 _____ C:\WINDOWS\Language_trs.ini 2016-11-28 23:39 - 2016-11-28 23:37 - 00011832 _____ C:\WINDOWS\SysWOW64\Drivers\AsInsHelp64.sys 2016-11-28 23:39 - 2016-11-28 23:37 - 00010216 _____ C:\WINDOWS\SysWOW64\Drivers\AsInsHelp32.sys 2016-11-28 23:37 - 2016-11-28 23:37 - 00000000 ____D C:\Users\Thorsten\Downloads\FRONTBASE-10117 2016-11-28 23:28 - 2016-11-28 23:28 - 00316736 _____ (Intel Corporation) C:\WINDOWS\system32\PRONtObj.dll 2016-11-28 23:28 - 2016-11-28 23:28 - 00155192 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iANSW60e.sys 2016-11-28 23:27 - 2016-11-28 23:27 - 00000000 ____D C:\Users\Thorsten\Downloads\Intel_Gigabit_Ethernet_Win7-81_V20230010_Win10_V20240010 2016-11-28 23:24 - 2016-11-28 23:43 - 00000000 ____D C:\Program Files\Intel 2016-11-28 23:24 - 2016-11-28 23:24 - 02037236 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI 2016-11-28 23:24 - 2016-11-28 23:24 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2016-11-28 23:24 - 2016-11-28 23:24 - 00000000 ____D C:\Users\Thorsten\Intel 2016-11-28 23:24 - 2016-11-28 23:24 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Intel Corporation 2016-11-28 23:23 - 2016-11-28 23:23 - 00002056 _____ C:\Users\Public\Desktop\ASUS Boot Setting.lnk 2016-11-28 23:23 - 2016-11-28 23:23 - 00000000 ____D C:\Users\Thorsten\Downloads\ASUS_BootSetting_Win7-81-10_VER10022 2016-11-27 16:52 - 2016-11-27 17:02 - 00243656 _____ C:\Users\Thorsten\Downloads\Firefox Setup Stub 50.0 (2).exe 2016-11-27 16:15 - 2016-12-04 16:38 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{4564E7FE-E9AE-4766-8A69-A4964C928904} 2016-11-27 16:15 - 2016-11-27 16:15 - 02722395 _____ C:\Users\Thorsten\Downloads\jperf-2.0.2.zip 2016-11-27 16:15 - 2016-11-27 16:15 - 00000000 ____D C:\Users\Thorsten\Desktop\jperf-2.0.2 2016-11-27 16:12 - 2016-11-27 16:12 - 00606026 _____ C:\Users\Thorsten\Downloads\iperf-master.zip 2016-11-27 16:12 - 2016-11-27 16:12 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Sun 2016-11-27 16:11 - 2016-11-27 16:15 - 00000000 ____D C:\ProgramData\Oracle 2016-11-27 16:11 - 2016-11-27 16:11 - 00737344 _____ (Oracle Corporation) C:\Users\Thorsten\Downloads\JavaSetup8u111.exe 2016-11-27 16:11 - 2016-11-27 16:11 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-11-27 16:11 - 2016-11-27 16:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-11-27 16:11 - 2016-11-27 16:11 - 00000000 ____D C:\Program Files (x86)\Java 2016-11-27 16:09 - 2016-12-05 21:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-11-27 16:09 - 2016-12-05 21:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-11-27 16:09 - 2016-11-27 16:16 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Mozilla 2016-11-27 16:09 - 2016-11-27 16:10 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Mozilla 2016-11-27 16:09 - 2016-11-27 16:09 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-11-27 16:09 - 2016-11-27 16:09 - 00001216 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-11-27 16:08 - 2016-11-27 16:09 - 00243656 _____ C:\Users\Thorsten\Downloads\Firefox Setup Stub 50.0 (1).exe 2016-11-27 16:05 - 2016-11-27 16:05 - 00248583 _____ C:\Users\Thorsten\Downloads\iperf-2.0.5.tar.gz 2016-11-27 15:42 - 2016-11-29 00:00 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Wireshark 2016-11-27 15:22 - 2016-11-27 15:35 - 49242104 _____ (Wireshark development team) C:\Users\Thorsten\Downloads\Wireshark-win64-2.2.2.exe 2016-11-27 15:16 - 2016-11-27 15:16 - 02970395 _____ C:\Users\Thorsten\Downloads\cacti-0.8.8h.zip 2016-11-27 14:29 - 2016-11-27 14:29 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps 2016-11-27 14:13 - 2016-11-27 14:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2016-11-27 04:53 - 2016-11-27 04:53 - 00000000 ____D C:\Users\Thorsten\Downloads\Asmedia_USB3_V116351 2016-11-27 04:52 - 2016-11-27 14:14 - 00002685 _____ C:\Users\Public\Desktop\ASUS(R) Intel(R) Extreme Tuning Utility.lnk 2016-11-27 04:52 - 2016-11-27 14:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS(R) Intel(R) Extreme Tuning Utility 2016-11-27 04:52 - 2016-11-27 14:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Intel 2016-11-27 04:52 - 2016-11-27 04:54 - 00000000 ____D C:\Users\Thorsten\AppData\Local\SS22.2.28 2016-11-27 04:52 - 2016-11-27 04:52 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services 2016-11-27 04:52 - 2016-11-27 04:52 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition 2016-11-27 04:52 - 2016-11-27 04:52 - 00000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services 2016-11-27 04:52 - 2016-11-27 04:52 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2016-11-27 04:52 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll 2016-11-27 04:52 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll 2016-11-27 04:52 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll 2016-11-27 04:52 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll 2016-11-27 04:50 - 2016-11-29 00:13 - 00000000 ____D C:\ProgramData\Package Cache 2016-11-27 04:50 - 2016-11-27 04:50 - 00003214 _____ C:\WINDOWS\System32\Tasks\SS2UILauncherRun 2016-11-27 04:50 - 2016-11-27 04:50 - 00003202 _____ C:\WINDOWS\System32\Tasks\SS2Svc64Run 2016-11-27 04:50 - 2016-11-27 04:50 - 00003194 _____ C:\WINDOWS\System32\Tasks\SS2Svc32Run 2016-11-27 04:50 - 2016-11-27 04:50 - 00001338 _____ C:\Users\Public\Desktop\Sonic Studio.lnk 2016-11-27 04:50 - 2016-11-27 04:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sonic Suite 2 2016-11-27 04:50 - 2016-11-27 04:50 - 00000000 ____D C:\Program Files\ASUSTeKcomputer.Inc 2016-11-27 04:50 - 2016-11-27 04:50 - 00000000 ____D C:\Program Files (x86)\SAVITECH 2016-11-27 04:50 - 2016-11-27 04:42 - 72520720 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat 2016-11-27 04:50 - 2016-11-27 04:42 - 06879938 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT 2016-11-27 04:50 - 2016-11-27 04:42 - 05593624 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 03283248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 03203592 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 02895104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl 2016-11-27 04:50 - 2016-11-27 04:42 - 02073096 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 01360528 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 01003864 _____ (Nahimic Inc) C:\WINDOWS\system32\NahimicAPONSControl.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 00689888 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 00192992 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 00118600 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll 2016-11-27 04:50 - 2016-11-27 04:42 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll 2016-11-27 04:50 - 2016-11-27 04:41 - 00003008 ____N C:\WINDOWS\system32\Drivers\DTSU2P.DAT 2016-11-27 04:48 - 2016-11-27 04:48 - 00000000 ____D C:\Program Files\Realtek 2016-11-27 04:47 - 2016-11-27 04:41 - 02838232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll 2016-11-27 04:46 - 2016-11-27 04:46 - 00000000 _____ C:\WINDOWS\SysWOW64\Drivers\1043_ASUSTeK_MAXIMUS VIII RANGER.alu 2016-11-27 04:42 - 2016-11-27 04:50 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-11-27 04:42 - 2016-11-27 04:42 - 00000000 ____D C:\Program Files (x86)\Realtek 2016-11-27 04:41 - 2016-12-05 22:59 - 01048576 _____ C:\WINDOWS\PE_Rom.dll 2016-11-27 04:41 - 2016-11-27 04:41 - 00000000 ____D C:\Users\Thorsten\Downloads\V7904_20160815_WHQL_DTS_StudioSound_SonicSuite_2228 2016-11-27 04:41 - 2016-07-12 19:04 - 00024824 ____N (ASUSTeK Computer Inc.) C:\WINDOWS\system32\Drivers\IOMap64.sys 2016-11-27 04:17 - 2016-11-28 23:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2016-11-27 04:17 - 2016-11-27 04:17 - 00000000 ____D C:\Program Files\ASUS 2016-11-27 04:17 - 2016-11-27 04:17 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3 2016-11-27 04:17 - 2016-11-27 04:15 - 00046152 _____ (MCCI Corporation) C:\WINDOWS\SysWOW64\Drivers\ASUSFILTER.sys 2016-11-27 04:17 - 2016-11-27 04:15 - 00014464 _____ C:\WINDOWS\SysWOW64\Drivers\AsUpIO.sys 2016-11-27 04:16 - 2016-12-04 01:23 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-11-27 04:16 - 2016-11-28 23:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS 2016-11-27 04:16 - 2016-11-28 23:24 - 00000000 ____D C:\ProgramData\Intel 2016-11-27 04:16 - 2016-11-27 04:52 - 00000000 ____D C:\Program Files (x86)\Intel 2016-11-27 04:16 - 2015-10-19 17:22 - 00022192 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\Drivers\AndroidAFDx64.sys 2016-11-27 04:16 - 2013-01-28 15:58 - 00014848 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\Drivers\AiChargerPlus.sys 2016-11-27 04:15 - 2016-11-28 23:40 - 00000000 ____D C:\Program Files (x86)\ASUS 2016-11-27 04:15 - 2016-11-27 04:15 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll 2016-11-27 04:15 - 2016-11-27 04:15 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys 2016-11-27 04:15 - 2016-11-27 04:15 - 00000000 ____D C:\Users\Thorsten\Downloads\AISuite3_Win7-81-10_MaxVIII_Series_V10130 2016-11-27 04:14 - 2016-11-28 23:50 - 00000000 ____D C:\ProgramData\ASUS 2016-11-27 04:13 - 2016-11-27 04:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2016-11-27 04:13 - 2016-11-27 04:13 - 00000000 ____D C:\Program Files\7-Zip 2016-11-27 04:11 - 2016-11-27 04:14 - 122808649 _____ C:\Users\Thorsten\Downloads\DIP5_10360.zip 2016-11-27 04:11 - 2016-11-27 04:12 - 37822895 _____ C:\Users\Thorsten\Downloads\ASUS_XTU_V612208.zip 2016-11-27 04:06 - 2016-11-27 04:06 - 00001806 _____ C:\Users\Public\Desktop\HDClone.lnk 2016-11-27 04:06 - 2016-11-27 04:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDClone 6 Free Edition 2016-11-27 04:05 - 2016-11-27 04:06 - 00000000 ____D C:\Program Files (x86)\HDClone 6 Free Edition 2016-11-27 02:54 - 2016-11-27 02:54 - 201326592 _____ C:\Users\Thorsten\Downloads\clonezilla-live-2.5.0-5-amd64.iso 2016-11-27 02:33 - 2016-11-27 02:33 - 00000000 ____D C:\Program Files\Common Files\Logishrd 2016-11-27 02:19 - 2016-11-27 02:19 - 141011376 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-11-27 02:19 - 2016-11-27 02:19 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-11-27 02:19 - 2016-11-27 02:09 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe 2016-11-27 02:16 - 2016-11-27 02:20 - 71601392 _____ C:\Users\Thorsten\Downloads\mc_windows_setup (1).exe 2016-11-27 01:13 - 2016-11-30 03:08 - 00000000 ____D C:\ProgramData\Apple 2016-11-27 01:13 - 2016-11-29 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital 2016-11-27 01:13 - 2016-11-29 00:11 - 00000000 ____D C:\ProgramData\Western Digital 2016-11-27 01:13 - 2016-11-29 00:11 - 00000000 ____D C:\Program Files (x86)\Western Digital 2016-11-27 01:13 - 2016-11-27 01:13 - 00001226 _____ C:\Users\Public\Desktop\WD My Cloud.lnk 2016-11-27 01:13 - 2016-11-27 01:13 - 00000000 ____D C:\Users\Thorsten\Downloads\WD_Quick_View_Setup_for_Windows 2016-11-27 01:13 - 2016-11-27 01:13 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Macromedia 2016-11-27 01:13 - 2016-11-27 01:13 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\com.wd.WDMyCloud 2016-11-27 01:12 - 2016-11-27 01:13 - 63849440 _____ C:\Users\Thorsten\Downloads\WDMyCloud_win.exe 2016-11-27 01:12 - 2016-11-27 01:13 - 04341113 _____ C:\Users\Thorsten\Downloads\WD_Quick_View_Setup_for_Windows.zip 2016-11-27 01:09 - 2016-11-27 01:13 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Western Digital 2016-11-27 01:08 - 2016-11-27 02:23 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-11-27 01:08 - 2016-11-27 02:23 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-11-27 01:08 - 2016-11-27 01:17 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Google 2016-11-27 01:08 - 2016-11-27 01:09 - 71601392 _____ C:\Users\Thorsten\Downloads\mc_windows_setup.exe 2016-11-27 01:08 - 2016-11-27 01:08 - 01065376 _____ (Google Inc.) C:\Users\Thorsten\Downloads\ChromeSetup.exe 2016-11-27 01:08 - 2016-11-27 01:08 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-11-27 01:08 - 2016-11-27 01:08 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-11-27 01:08 - 2016-11-27 01:08 - 00002336 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-11-27 01:08 - 2016-11-27 01:08 - 00002324 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-11-27 01:08 - 2016-11-27 01:08 - 00000000 ____D C:\Program Files (x86)\Google 2016-11-27 00:43 - 2016-11-27 02:33 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Logitech 2016-11-27 00:43 - 2016-11-27 00:43 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Logitech 2016-11-27 00:43 - 2016-11-27 00:43 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Deployment 2016-11-27 00:14 - 2016-11-27 00:59 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MicrosoftEdge 2016-11-27 00:11 - 2016-11-27 02:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2016-11-27 00:11 - 2016-11-27 02:34 - 00000000 ____D C:\ProgramData\Logishrd 2016-11-27 00:11 - 2016-11-27 02:33 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Logishrd 2016-11-27 00:11 - 2016-11-27 02:33 - 00000000 ____D C:\Program Files\Logitech 2016-11-27 00:11 - 2016-11-27 00:11 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PeerDistRepub 2016-11-27 00:10 - 2016-11-27 00:10 - 00003338 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task 2016-11-27 00:09 - 2016-11-27 00:10 - 00002392 _____ C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-11-27 00:09 - 2016-11-27 00:09 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Skype 2016-11-27 00:09 - 2016-11-27 00:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Comms 2016-11-27 00:09 - 2016-11-27 00:09 - 00000000 ____D C:\ProgramData\Microsoft OneDrive 2016-11-27 00:08 - 2016-11-27 00:08 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Publishers 2016-11-27 00:07 - 2016-12-02 02:58 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Packages 2016-11-27 00:07 - 2016-11-27 02:30 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ConnectedDevicesPlatform 2016-11-27 00:07 - 2016-11-27 00:43 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apps\2.0 2016-11-27 00:07 - 2016-11-27 00:07 - 00000020 ___SH C:\Users\Thorsten\ntuser.ini 2016-11-27 00:07 - 2016-11-27 00:07 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Adobe 2016-11-27 00:07 - 2016-11-27 00:07 - 00000000 ____D C:\Users\Thorsten\AppData\Local\VirtualStore 2016-11-27 00:07 - 2016-11-27 00:07 - 00000000 ____D C:\Users\Thorsten\AppData\Local\TileDataLayer 2016-11-26 23:55 - 2016-12-05 22:39 - 02390820 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Vorlagen 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Startmenü 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Eigene Dateien 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Druckumgebung 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\Default User 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Users\All Users 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\ProgramData\Vorlagen 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\ProgramData\Startmenü 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\ProgramData\Dokumente 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten 2016-11-26 23:54 - 2016-11-26 23:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien 2016-11-26 23:53 - 2016-11-26 23:53 - 00017426 _____ C:\Users\Thorsten\Desktop\Entfernte Apps.html 2016-11-26 23:53 - 2016-11-26 23:53 - 00016796 _____ C:\Users\ttjh1\Desktop\Entfernte Apps.html 2016-11-26 23:53 - 2016-07-16 12:41 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll 2016-11-26 23:50 - 2016-12-04 22:21 - 00000000 ____D C:\Users\Thorsten 2016-11-26 23:50 - 2016-12-02 23:35 - 00000000 ____D C:\Users\ttjh1 2016-11-26 23:50 - 2016-11-27 04:50 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Vorlagen 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Startmenü 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Netzwerkumgebung 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Lokale Einstellungen 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Eigene Dateien 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Druckumgebung 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\AppData\Local\Verlauf 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\AppData\Local\Anwendungsdaten 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\ttjh1\Anwendungsdaten 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Vorlagen 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Startmenü 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Netzwerkumgebung 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Lokale Einstellungen 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Eigene Dateien 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Druckumgebung 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Documents\Eigene Videos 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Documents\Eigene Musik 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Documents\Eigene Bilder 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\AppData\Local\Verlauf 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\AppData\Local\Anwendungsdaten 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 _SHDL C:\Users\Thorsten\Anwendungsdaten 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 ____D C:\ProgramData\USOShared 2016-11-26 23:50 - 2016-11-26 23:50 - 00000000 ____D C:\ProgramData\NVIDIA 2016-11-26 23:49 - 2016-12-05 22:59 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-11-26 23:49 - 2016-12-05 22:35 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-11-26 23:49 - 2016-12-05 19:07 - 00198392 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-11-26 23:49 - 2016-11-26 23:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2016-11-26 23:49 - 2016-11-26 23:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2016-11-26 23:49 - 2016-11-26 23:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation 2016-11-26 23:49 - 2015-11-05 16:08 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll 2016-11-26 23:49 - 2015-11-05 16:08 - 02983216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll 2016-11-26 23:49 - 2015-11-05 16:08 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll 2016-11-26 23:49 - 2015-11-05 16:08 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe 2016-11-26 23:49 - 2015-11-05 16:08 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll 2016-11-26 23:49 - 2015-11-05 16:08 - 00062584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll 2016-11-26 23:49 - 2015-10-28 14:49 - 06027430 _____ C:\WINDOWS\system32\nvcoproc.bin 2016-11-26 23:48 - 2016-11-27 00:23 - 00000000 ____D C:\Windows.old 2016-11-26 23:48 - 2016-11-26 23:54 - 00000000 ___DC C:\WINDOWS\Panther 2016-11-26 23:48 - 2016-11-26 23:49 - 00000000 ____D C:\WINDOWS\ServiceProfiles 2016-11-26 23:48 - 2016-11-26 23:48 - 00008192 _____ C:\WINDOWS\system32\config\userdiff 2016-11-26 23:48 - 2016-11-26 23:48 - 00000000 ____D C:\WINDOWS\InfusedApps 2016-11-26 23:47 - 2016-12-05 22:39 - 01092770 _____ C:\WINDOWS\system32\perfh007.dat 2016-11-26 23:47 - 2016-12-05 22:39 - 00247148 _____ C:\WINDOWS\system32\perfc007.dat 2016-11-26 23:47 - 2016-11-26 23:47 - 00305594 _____ C:\WINDOWS\system32\perfi007.dat 2016-11-26 23:47 - 2016-11-26 23:47 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\de 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\0409 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\winrm 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\WCN 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\slmgr 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\de 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\0409 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\Setup 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\OCR 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\DigitalLocker 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files\Reference Assemblies 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files\MSBuild 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies 2016-11-26 23:47 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files (x86)\MSBuild 2016-11-26 23:46 - 2016-10-29 00:56 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-11-26 23:46 - 2016-10-29 00:56 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-11-26 23:45 - 2016-12-05 21:16 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2016-11-26 23:45 - 2016-12-05 20:30 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-11-26 23:45 - 2016-12-04 00:40 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-11-26 23:45 - 2016-12-03 20:00 - 00000000 ___HD C:\Program Files\WindowsApps 2016-11-26 23:45 - 2016-11-30 00:16 - 00000000 ____D C:\WINDOWS\rescache 2016-11-26 23:45 - 2016-11-29 00:13 - 00000000 ____D C:\WINDOWS\Registration 2016-11-26 23:45 - 2016-11-27 04:55 - 00000000 ____D C:\WINDOWS\appcompat 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___SD C:\WINDOWS\system32\dsc 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ___RD C:\Program Files\Windows Defender 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\setup 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\Provisioning 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\PolicyDefinitions 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-11-26 23:45 - 2016-11-27 02:23 - 00000000 ____D C:\Program Files (x86)\Windows Defender 2016-11-26 23:45 - 2016-11-27 02:22 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml 2016-11-26 23:45 - 2016-11-26 23:54 - 00000000 ____D C:\Program Files\Windows NT 2016-11-26 23:45 - 2016-11-26 23:53 - 00000000 __RHD C:\Users\Public\Libraries 2016-11-26 23:45 - 2016-11-26 23:53 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase 2016-11-26 23:45 - 2016-11-26 23:53 - 00000000 ____D C:\WINDOWS\system32\spool 2016-11-26 23:45 - 2016-11-26 23:53 - 00000000 ____D C:\WINDOWS\system32\FxsTmp 2016-11-26 23:45 - 2016-11-26 23:52 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-11-26 23:45 - 2016-11-26 23:50 - 00000000 ___RD C:\WINDOWS\PrintDialog 2016-11-26 23:45 - 2016-11-26 23:50 - 00000000 ___RD C:\WINDOWS\MiracastView 2016-11-26 23:45 - 2016-11-26 23:50 - 00000000 ____D C:\WINDOWS\CSC 2016-11-26 23:45 - 2016-11-26 23:49 - 00000000 ____D C:\WINDOWS\Help 2016-11-26 23:45 - 2016-11-26 23:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\SystemApps 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\MUI 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\system32\Com 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\IME 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files\Common Files\System 2016-11-26 23:45 - 2016-11-26 23:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 __SHD C:\WINDOWS\BitLockerDiscoveryVolumeContents 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 __SHD C:\Program Files\Windows Sidebar 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 __RSD C:\WINDOWS\Media 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___SD C:\WINDOWS\system32\Nui 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___SD C:\WINDOWS\system32\Configuration 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Web 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Vss 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\tracing 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\TAPI 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\ras 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\IME 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SystemResources 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\WinMetadata 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\winevt 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\ras 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\ProximityToast 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\PointOfService 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\MsDtc 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\Macromed 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\Ipmi 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\InputMethod 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\inetsrv 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\IME 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\icsxml 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\ias 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\downlevel 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\DDFs 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\config\Journal 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\Bthprops 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\AppLocker 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\System 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SKB 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\security 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\schemas 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\SchCache 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Resources 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\RemotePackages 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\PLA 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Performance 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\ModemLogs 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\L2Schemas 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\InputMethod 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Globalization 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\GameBarPresenceWriter 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Cursors 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\Branding 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\addins 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\ProgramData\USOPrivate 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\ProgramData\Comms 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files\Common Files\Services 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files (x86)\Windows NT 2016-11-26 23:45 - 2016-11-26 23:45 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-11-26 23:45 - 2016-11-26 23:44 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll 2016-11-26 23:45 - 2016-11-26 23:44 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat 2016-11-26 23:45 - 2016-11-26 23:44 - 00215943 _____ C:\WINDOWS\system32\dssec.dat 2016-11-26 23:45 - 2016-11-26 23:44 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll 2016-11-26 23:45 - 2016-11-26 23:44 - 00027136 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll 2016-11-26 23:45 - 2016-11-26 23:44 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services 2016-11-26 23:45 - 2016-11-26 23:44 - 00004096 _____ C:\WINDOWS\system32\config\VSMIDK 2016-11-26 23:45 - 2016-11-26 23:44 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam 2016-11-26 23:45 - 2016-11-26 23:44 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol 2016-11-26 23:45 - 2016-11-26 23:44 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json 2016-11-26 23:45 - 2016-11-26 23:44 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT 2016-11-26 23:45 - 2016-11-26 23:44 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT 2016-11-26 23:45 - 2016-11-26 23:44 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks 2016-11-26 23:45 - 2016-11-26 23:44 - 00000219 _____ C:\WINDOWS\system.ini 2016-11-26 23:45 - 2016-11-26 23:44 - 00000092 _____ C:\WINDOWS\win.ini 2016-11-26 23:44 - 2016-11-30 03:08 - 00000000 ____D C:\WINDOWS\INF 2016-11-26 23:42 - 2016-12-05 22:34 - 01835008 _____ C:\WINDOWS\system32\config\BBI 2016-11-26 23:42 - 2016-11-28 23:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-11-26 23:42 - 2016-11-26 23:49 - 00032768 _____ C:\WINDOWS\system32\config\ELAM 2016-11-26 23:42 - 2016-11-26 23:47 - 00000000 ____D C:\WINDOWS\servicing 2016-11-26 23:42 - 2016-11-26 23:45 - 00000000 ____D C:\WINDOWS\system32\SMI 2016-11-26 20:17 - 2016-11-26 20:17 - 00376528 _____ (Microsoft Corporation) C:\Users\Thorsten\Downloads\Nicht bestätigt 574898.crdownload 2016-11-26 04:07 - 2016-11-26 04:07 - 00000000 ____D C:\Users\Thorsten\Desktop\slenf2aw.fmg 2016-11-26 01:48 - 2016-11-26 01:48 - 25401064 _____ (Logitech Inc.) C:\Users\Thorsten\Downloads\Options_6.30.80 (1).exe 2016-11-26 01:31 - 2016-11-26 01:31 - 04147600 _____ ($Co_Name Inc.) C:\Users\Thorsten\Downloads\unifying250.exe 2016-11-25 18:57 - 2016-11-25 18:57 - 25401064 _____ (Logitech Inc.) C:\Users\Thorsten\Downloads\Options_6.30.80.exe 2016-11-20 20:10 - 2016-12-01 23:14 - 00000000 ____D C:\Users\Thorsten\AppData\LocalLow\Mozilla 2016-11-20 20:09 - 2016-11-20 20:09 - 00243656 _____ C:\Users\Thorsten\Downloads\Firefox Setup Stub 50.0.exe 2016-11-19 00:03 - 2016-11-19 00:03 - 02952963 _____ C:\Users\Thorsten\Downloads\manual (1).pdf 2016-11-19 00:01 - 2016-11-19 00:01 - 02952963 _____ C:\Users\Thorsten\Downloads\manual.pdf 2016-11-17 17:17 - 2016-11-17 17:17 - 00203900 _____ C:\Users\Thorsten\Downloads\3441119-3290097-Feedback.pdf 2016-11-17 17:07 - 2016-11-17 17:07 - 00183388 _____ C:\Users\Thorsten\Downloads\3440522-3289533-Feedback.pdf 2016-11-16 21:15 - 2016-11-16 21:15 - 00001518 _____ C:\Users\Thorsten\Downloads\LifeCam3.60 (1) - Verknüpfung.lnk 2016-11-16 21:15 - 2016-11-16 21:15 - 00001500 _____ C:\Users\Thorsten\Downloads\ifunbox_setup - Verknüpfung.lnk 2016-11-16 21:15 - 2016-11-16 21:15 - 00001482 _____ C:\Users\Thorsten\Downloads\LifeCam3.60 - Verknüpfung.lnk 2016-11-16 21:15 - 2016-11-16 21:15 - 00001080 _____ C:\Users\Thorsten\Downloads\node-v4.6.1.tar.gz - Verknüpfung.lnk 2016-11-14 18:18 - 2016-11-26 23:30 - 00000000 ___RD C:\Users\Thorsten\iCloudDrive 2016-11-13 03:54 - 2016-11-13 03:54 - 00000000 ____D C:\Users\Thorsten\Documents\Ashampoo Burning Studio 16 2016-11-10 03:48 - 2016-11-10 03:48 - 00504109 _____ C:\Users\Thorsten\Downloads\smartset (4).zip 2016-11-10 03:34 - 2016-11-10 03:35 - 00081878 _____ C:\Users\Thorsten\Downloads\TouchPro_Pro-G_DS_1.pdf 2016-11-10 00:02 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-11-10 00:02 - 2016-11-02 13:01 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2016-11-10 00:02 - 2016-11-02 12:22 - 01570672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-11-10 00:02 - 2016-11-02 12:20 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-11-10 00:02 - 2016-11-02 12:13 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-11-10 00:02 - 2016-11-02 12:13 - 00773720 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2016-11-10 00:02 - 2016-11-02 12:12 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2016-11-10 00:02 - 2016-11-02 12:12 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-11-10 00:02 - 2016-11-02 12:10 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2016-11-10 00:02 - 2016-11-02 12:09 - 02257104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-11-10 00:02 - 2016-11-02 12:08 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-11-10 00:02 - 2016-11-02 12:08 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll 2016-11-10 00:02 - 2016-11-02 12:05 - 06657176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-11-10 00:02 - 2016-11-02 12:05 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-11-10 00:02 - 2016-11-02 12:05 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2016-11-10 00:02 - 2016-11-02 12:05 - 00951904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-11-10 00:02 - 2016-11-02 12:05 - 00405856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-11-10 00:02 - 2016-11-02 12:04 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-11-10 00:02 - 2016-11-02 12:03 - 00714592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2016-11-10 00:02 - 2016-11-02 12:02 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-11-10 00:02 - 2016-11-02 12:02 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll 2016-11-10 00:02 - 2016-11-02 12:01 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-11-10 00:02 - 2016-11-02 12:01 - 00545936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2016-11-10 00:02 - 2016-11-02 12:00 - 08156080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-11-10 00:02 - 2016-11-02 12:00 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2016-11-10 00:02 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2016-11-10 00:02 - 2016-11-02 11:59 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-11-10 00:02 - 2016-11-02 11:50 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-11-10 00:02 - 2016-11-02 11:49 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys 2016-11-10 00:02 - 2016-11-02 11:49 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2016-11-10 00:02 - 2016-11-02 11:47 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll 2016-11-10 00:02 - 2016-11-02 11:46 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-11-10 00:02 - 2016-11-02 11:44 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-11-10 00:02 - 2016-11-02 11:44 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthExt.dll 2016-11-10 00:02 - 2016-11-02 11:43 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll 2016-11-10 00:02 - 2016-11-02 11:42 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll 2016-11-10 00:02 - 2016-11-02 11:42 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll 2016-11-10 00:02 - 2016-11-02 11:42 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe 2016-11-10 00:02 - 2016-11-02 11:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll 2016-11-10 00:02 - 2016-11-02 11:39 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll 2016-11-10 00:02 - 2016-11-02 11:38 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl 2016-11-10 00:02 - 2016-11-02 11:37 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe 2016-11-10 00:02 - 2016-11-02 11:36 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-11-10 00:02 - 2016-11-02 11:36 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe 2016-11-10 00:02 - 2016-11-02 11:33 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-11-10 00:02 - 2016-11-02 11:33 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-11-10 00:02 - 2016-11-02 11:32 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll 2016-11-10 00:02 - 2016-11-02 11:31 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll 2016-11-10 00:02 - 2016-11-02 11:31 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe 2016-11-10 00:02 - 2016-11-02 11:31 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll 2016-11-10 00:02 - 2016-11-02 11:31 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll 2016-11-10 00:02 - 2016-11-02 11:30 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-11-10 00:02 - 2016-11-02 11:30 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll 2016-11-10 00:02 - 2016-11-02 11:30 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2016-11-10 00:02 - 2016-11-02 11:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2016-11-10 00:02 - 2016-11-02 11:29 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-11-10 00:02 - 2016-11-02 11:29 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2016-11-10 00:02 - 2016-11-02 11:29 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll 2016-11-10 00:02 - 2016-11-02 11:29 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2016-11-10 00:02 - 2016-11-02 11:28 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll 2016-11-10 00:02 - 2016-11-02 11:27 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll 2016-11-10 00:02 - 2016-11-02 11:27 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll 2016-11-10 00:02 - 2016-11-02 11:27 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll 2016-11-10 00:02 - 2016-11-02 11:27 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2016-11-10 00:02 - 2016-11-02 11:27 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll 2016-11-10 00:02 - 2016-11-02 11:27 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 02747392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2016-11-10 00:02 - 2016-11-02 11:26 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2016-11-10 00:02 - 2016-11-02 11:25 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys 2016-11-10 00:02 - 2016-11-02 11:25 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2016-11-10 00:02 - 2016-11-02 11:25 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2016-11-10 00:02 - 2016-11-02 11:25 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll 2016-11-10 00:02 - 2016-11-02 11:24 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll 2016-11-10 00:02 - 2016-11-02 11:23 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe 2016-11-10 00:02 - 2016-11-02 11:23 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys 2016-11-10 00:02 - 2016-11-02 11:22 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-11-10 00:02 - 2016-11-02 11:22 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll 2016-11-10 00:02 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-11-10 00:02 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-11-10 00:02 - 2016-11-02 11:19 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll 2016-11-10 00:02 - 2016-11-02 11:19 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll 2016-11-10 00:02 - 2016-11-02 11:18 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2016-11-10 00:02 - 2016-11-02 11:18 - 00836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll 2016-11-10 00:02 - 2016-11-02 11:18 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2016-11-10 00:02 - 2016-11-02 11:17 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-11-10 00:02 - 2016-11-02 11:17 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2016-11-10 00:02 - 2016-11-02 11:17 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl 2016-11-10 00:02 - 2016-11-02 11:17 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 03133440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll 2016-11-10 00:02 - 2016-11-02 11:16 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2016-11-10 00:02 - 2016-11-02 11:15 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2016-11-10 00:02 - 2016-11-02 11:15 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2016-11-10 00:02 - 2016-11-02 11:14 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2016-11-10 00:02 - 2016-11-02 09:20 - 00446896 _____ C:\WINDOWS\system32\ApnDatabase.xml 2016-11-10 00:01 - 2016-11-02 12:22 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll 2016-11-10 00:01 - 2016-11-02 12:20 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2016-11-10 00:01 - 2016-11-02 12:15 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-11-10 00:01 - 2016-11-02 12:15 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-11-10 00:01 - 2016-11-02 12:14 - 07816544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-11-10 00:01 - 2016-11-02 12:13 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-11-10 00:01 - 2016-11-02 12:13 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-11-10 00:01 - 2016-11-02 12:13 - 00423776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe 2016-11-10 00:01 - 2016-11-02 12:12 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-11-10 00:01 - 2016-11-02 12:08 - 00602464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-11-10 00:01 - 2016-11-02 12:08 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll 2016-11-10 00:01 - 2016-11-02 12:05 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-11-10 00:01 - 2016-11-02 12:04 - 02678056 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2016-11-10 00:01 - 2016-11-02 12:04 - 00596832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll 2016-11-10 00:01 - 2016-11-02 12:03 - 02750936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-11-10 00:01 - 2016-11-02 12:02 - 00848736 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-11-10 00:01 - 2016-11-02 12:02 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll 2016-11-10 00:01 - 2016-11-02 12:01 - 01425000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2016-11-10 00:01 - 2016-11-02 12:01 - 01415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll 2016-11-10 00:01 - 2016-11-02 12:01 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll 2016-11-10 00:01 - 2016-11-02 12:01 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2016-11-10 00:01 - 2016-11-02 12:00 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-11-10 00:01 - 2016-11-02 12:00 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-11-10 00:01 - 2016-11-02 12:00 - 01061968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-11-10 00:01 - 2016-11-02 11:56 - 01609920 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2016-11-10 00:01 - 2016-11-02 11:56 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll 2016-11-10 00:01 - 2016-11-02 11:56 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-11-10 00:01 - 2016-11-02 11:56 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2016-11-10 00:01 - 2016-11-02 11:56 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll 2016-11-10 00:01 - 2016-11-02 11:55 - 00048992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys 2016-11-10 00:01 - 2016-11-02 11:48 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll 2016-11-10 00:01 - 2016-11-02 11:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2016-11-10 00:01 - 2016-11-02 11:48 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll 2016-11-10 00:01 - 2016-11-02 11:47 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll 2016-11-10 00:01 - 2016-11-02 11:47 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll 2016-11-10 00:01 - 2016-11-02 11:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll 2016-11-10 00:01 - 2016-11-02 11:45 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe 2016-11-10 00:01 - 2016-11-02 11:45 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll 2016-11-10 00:01 - 2016-11-02 11:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll 2016-11-10 00:01 - 2016-11-02 11:44 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll 2016-11-10 00:01 - 2016-11-02 11:43 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8.dll 2016-11-10 00:01 - 2016-11-02 11:43 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2016-11-10 00:01 - 2016-11-02 11:43 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll 2016-11-10 00:01 - 2016-11-02 11:43 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2016-11-10 00:01 - 2016-11-02 11:42 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll 2016-11-10 00:01 - 2016-11-02 11:42 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll 2016-11-10 00:01 - 2016-11-02 11:42 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll 2016-11-10 00:01 - 2016-11-02 11:42 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll 2016-11-10 00:01 - 2016-11-02 11:41 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2016-11-10 00:01 - 2016-11-02 11:40 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll 2016-11-10 00:01 - 2016-11-02 11:40 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll 2016-11-10 00:01 - 2016-11-02 11:39 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll 2016-11-10 00:01 - 2016-11-02 11:39 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAnimation.dll 2016-11-10 00:01 - 2016-11-02 11:38 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-11-10 00:01 - 2016-11-02 11:37 - 19415040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-11-10 00:01 - 2016-11-02 11:36 - 19415552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-11-10 00:01 - 2016-11-02 11:36 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetailsUpdate.dll 2016-11-10 00:01 - 2016-11-02 11:35 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe 2016-11-10 00:01 - 2016-11-02 11:34 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-11-10 00:01 - 2016-11-02 11:34 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-11-10 00:01 - 2016-11-02 11:33 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2016-11-10 00:01 - 2016-11-02 11:32 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 03196416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll 2016-11-10 00:01 - 2016-11-02 11:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-11-10 00:01 - 2016-11-02 11:30 - 12175360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-11-10 00:01 - 2016-11-02 11:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll 2016-11-10 00:01 - 2016-11-02 11:30 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll 2016-11-10 00:01 - 2016-11-02 11:30 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-11-10 00:01 - 2016-11-02 11:30 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2016-11-10 00:01 - 2016-11-02 11:29 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-11-10 00:01 - 2016-11-02 11:29 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCenter.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe 2016-11-10 00:01 - 2016-11-02 11:28 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2016-11-10 00:01 - 2016-11-02 11:28 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll 2016-11-10 00:01 - 2016-11-02 11:27 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-11-10 00:01 - 2016-11-02 11:27 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2016-11-10 00:01 - 2016-11-02 11:27 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-11-10 00:01 - 2016-11-02 11:27 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAnimation.dll 2016-11-10 00:01 - 2016-11-02 11:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-11-10 00:01 - 2016-11-02 11:25 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-11-10 00:01 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll 2016-11-10 00:01 - 2016-11-02 11:25 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll 2016-11-10 00:01 - 2016-11-02 11:25 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-11-10 00:01 - 2016-11-02 11:24 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-11-10 00:01 - 2016-11-02 11:23 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll 2016-11-10 00:01 - 2016-11-02 11:23 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-11-10 00:01 - 2016-11-02 11:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll 2016-11-10 00:01 - 2016-11-02 11:23 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetailsUpdate.dll 2016-11-10 00:01 - 2016-11-02 11:22 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-11-10 00:01 - 2016-11-02 11:22 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe 2016-11-10 00:01 - 2016-11-02 11:21 - 05111296 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll 2016-11-10 00:01 - 2016-11-02 11:20 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-11-10 00:01 - 2016-11-02 11:20 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 08127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll 2016-11-10 00:01 - 2016-11-02 11:19 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll 2016-11-10 00:01 - 2016-11-02 11:18 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll 2016-11-10 00:01 - 2016-11-02 11:18 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll 2016-11-10 00:01 - 2016-11-02 11:17 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-11-10 00:01 - 2016-11-02 11:17 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 04148736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll 2016-11-10 00:01 - 2016-11-02 11:16 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-11-10 00:01 - 2016-11-02 11:15 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-11-10 00:01 - 2016-11-02 11:15 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-11-10 00:01 - 2016-11-02 11:15 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-11-10 00:01 - 2016-11-02 11:15 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-11-10 00:01 - 2016-11-02 11:15 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2016-11-10 00:01 - 2016-11-02 11:13 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll 2016-11-10 00:01 - 2016-11-02 11:13 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe 2016-11-10 00:01 - 2016-11-02 11:13 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2016-11-10 00:01 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\SysWOW64\locale.nls 2016-11-10 00:01 - 2016-11-02 10:11 - 00788624 _____ C:\WINDOWS\system32\locale.nls 2016-11-10 00:01 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll 2016-11-08 18:21 - 2016-11-08 18:21 - 00201634 _____ C:\Users\Thorsten\Downloads\3422476-3265030-Feedback.pdf 2016-11-08 17:42 - 2016-11-08 17:42 - 00204175 _____ C:\Users\Thorsten\Downloads\3422449-3264996-Feedback.pdf 2016-11-08 17:29 - 2016-11-08 17:29 - 00184545 _____ C:\Users\Thorsten\Downloads\3422436-3264967-Feedback.pdf 2016-11-08 17:27 - 2016-11-08 17:27 - 00207692 _____ C:\Users\Thorsten\Downloads\3422408-3264956-Feedback.pdf 2016-11-08 16:58 - 2016-11-08 16:58 - 00213136 _____ C:\Users\Thorsten\Downloads\3422285-3264895-Feedback.pdf 2016-11-07 19:57 - 2016-11-07 19:57 - 00410392 _____ (Logitech) C:\Users\Thorsten\Downloads\MyHarmony-App (1).exe 2016-11-07 03:25 - 2016-11-07 03:25 - 02804122 _____ C:\Users\Thorsten\Downloads\enigma2-plugin-extensions-mediaportal_7.3.1_all.ipk 2016-11-07 03:23 - 2016-11-07 03:23 - 00820030 _____ C:\Users\Thorsten\Downloads\python-requests_2.11.1_git0_58d855e193-r1.1_mips32el.ipk 2016-11-07 03:23 - 2016-11-07 03:23 - 00184102 _____ C:\Users\Thorsten\Downloads\python-js2py_0.39_git0_144b1701fa-r1.1_mips32el.ipk 2016-11-07 03:23 - 2016-11-07 03:23 - 00016894 _____ C:\Users\Thorsten\Downloads\python-six_1.7.3-r1_mips32el.ipk 2016-11-07 02:41 - 2016-11-07 02:41 - 00000000 ____D C:\Users\Thorsten\Desktop\Neuer Ordner (2) ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-12-04 19:26 - 2016-02-13 18:32 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-11-30 10:11 - 2016-04-17 09:26 - 00000000 ___RD C:\Users\ttjh1\OneDrive 2016-11-28 23:36 - 2016-07-16 12:43 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TFTP.EXE 2016-11-28 23:35 - 2016-10-28 05:24 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmp.exe 2016-11-28 23:35 - 2016-10-28 05:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmp.exe 2016-11-28 23:35 - 2016-07-16 12:44 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmpsnap.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntwin.exe 2016-11-28 23:35 - 2016-07-16 12:44 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntwin.exe 2016-11-28 23:35 - 2016-07-16 12:44 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntagnt.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntagnt.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hostmib.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\lmmib2.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hostmib.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lmmib2.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\evntcmd.exe 2016-11-28 23:35 - 2016-07-16 12:44 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evntcmd.exe 2016-11-28 23:35 - 2016-07-16 12:44 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64mib.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpmib.dll 2016-11-28 23:35 - 2016-07-16 12:44 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\snmpmib.dll 2016-11-28 23:35 - 2016-07-16 12:43 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmpsnap.dll 2016-11-28 23:35 - 2016-07-16 12:43 - 00107882 _____ C:\WINDOWS\SysWOW64\mib_ii.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00107882 _____ C:\WINDOWS\system32\mib_ii.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00048593 _____ C:\WINDOWS\SysWOW64\hostmib.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00048593 _____ C:\WINDOWS\system32\hostmib.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00034317 _____ C:\WINDOWS\SysWOW64\msiprip2.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00034317 _____ C:\WINDOWS\system32\msiprip2.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00030448 _____ C:\WINDOWS\SysWOW64\mcastmib.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00030448 _____ C:\WINDOWS\system32\mcastmib.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00026236 _____ C:\WINDOWS\SysWOW64\wins.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00026236 _____ C:\WINDOWS\system32\wins.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00026100 _____ C:\WINDOWS\SysWOW64\lmmib2.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00026100 _____ C:\WINDOWS\system32\lmmib2.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00022462 _____ C:\WINDOWS\SysWOW64\rfc2571.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00022462 _____ C:\WINDOWS\system32\rfc2571.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00021271 _____ C:\WINDOWS\SysWOW64\http.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00021271 _____ C:\WINDOWS\system32\http.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00015799 _____ C:\WINDOWS\SysWOW64\ipforwd.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00015799 _____ C:\WINDOWS\system32\ipforwd.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00015032 _____ C:\WINDOWS\SysWOW64\authserv.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00015032 _____ C:\WINDOWS\system32\authserv.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00014032 _____ C:\WINDOWS\SysWOW64\accserv.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00014032 _____ C:\WINDOWS\system32\accserv.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00013767 _____ C:\WINDOWS\SysWOW64\msipbtp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00013767 _____ C:\WINDOWS\system32\msipbtp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00006179 _____ C:\WINDOWS\SysWOW64\ftp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00006179 _____ C:\WINDOWS\system32\ftp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00004597 _____ C:\WINDOWS\SysWOW64\dhcp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00004597 _____ C:\WINDOWS\system32\dhcp.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00004411 _____ C:\WINDOWS\SysWOW64\smi.mib 2016-11-28 23:35 - 2016-07-16 12:43 - 00004411 _____ C:\WINDOWS\system32\smi.mib 2016-11-27 04:42 - 2016-08-19 01:05 - 03133144 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll 2016-11-27 04:42 - 2016-08-19 01:04 - 05793528 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICV2apo.dll 2016-11-27 04:42 - 2016-08-19 00:51 - 05258248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys 2016-11-27 04:42 - 2016-08-19 00:51 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll 2016-11-27 00:34 - 2016-08-18 01:13 - 00000000 ____D C:\Windows10Upgrade 2016-11-27 00:10 - 2016-04-17 00:15 - 00000000 ___RD C:\Users\Thorsten\OneDrive 2016-11-26 23:29 - 2016-07-06 18:20 - 00009612 _____ C:\CYGWIN_SYSLOG.TXT 2016-11-25 03:26 - 2016-09-15 23:38 - 00000000 ____D C:\Users\Thorsten\Desktop\Cydia 2016-11-14 18:19 - 2016-04-21 21:16 - 00000000 ____D C:\Users\Thorsten\Documents\Outlook-Dateien 2016-11-14 04:00 - 2016-08-18 01:13 - 00000719 _____ C:\Users\Thorsten\Desktop\Windows 10-Upgrade-Assistent.lnk 2016-11-10 02:55 - 2016-05-06 17:19 - 00000000 ____D C:\Users\Thorsten\.dreamstream Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Thorsten\NTUSER - Kopie.DAT C:\Users\Thorsten\WDMyCloud_win.exe C:\Users\totti\NTUSER (2).DAT ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-11-26 23:49 ==================== Ende von FRST.txt ============================ Code:
ATTFilter eset online scan
C:\ProgramData\Logishrd\LogiOptions\Software\Current\dma_x64.dll Variante von Win64/WebBar.B evtl. unerwünschte Anwendung
C:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll Variante von Win64/WebBar.B evtl. unerwünschte Anwendung
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\b\00000601000000073701.dat Win32/Trustezeb.K Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\20000702000000073701.dat Variante von Win32/Kryptik.DHWI Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\b0000702000000073701.dat Win32/Trustezeb.J Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\e0000502000000073701.dat Variante von Win32/Injector.CQON Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\d\e0000503000000073701.dat Variante von Win32/Injector.CQON Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\f\40000905000000073701.dat Variante von Win32/Injector.UXF Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\h\40000907000000073701.dat Win32/Trustezeb.B Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\i\40000908000000073701.dat Win32/Trustezeb.B Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\40000909000000073701.dat Win32/Trustezeb.B Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\f0000709000000073701.dat Win32/Trustezeb.F Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\k\4000090a000000073701.dat Win32/Trustezeb.C Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\l\4000090b000000073701.dat Win32/Trustezeb.C Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\2000070c000000073701.dat Variante von MSIL/Injector.IFD Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\4000090c000000073701.dat Win32/Trustezeb.A Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\2000070d000000073701.dat Variante von MSIL/Injector.IBM Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\4000090d000000073701.dat Win32/Trustezeb.A Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\o\4000090e000000073701.dat Win32/Trustezeb.A Trojaner
C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\p\4000090f000000073701.dat Win32/Trustezeb.A Trojaner
C:\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\1IKI76C9\logioptions_logitech[1].exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Users\Thorsten\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TM8BD2KG\request[1].htm HTML/Refresh.BC Trojaner
C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_76.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Share-Online.biz.htm HTML/ScrInject.B Trojaner
C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Uploaded.htm HTML/ScrInject.B Trojaner
C:\Users\Thorsten\Downloads\Options_6.30.80 (1).exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Users\Thorsten\Downloads\Options_6.30.80.exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Users\ttjh1\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Windows.old\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll Variante von Win64/WebBar.B evtl. unerwünschte Anwendung
C:\Windows.old\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00659b Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Windows.old\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\VZR6RD7Z\logioptions_logitech[1].exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
C:\Windows.old\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
C:\Windows.old\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe Variante von Win32/WebBar.D evtl. unerwünschte Anwendung
D:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll Variante von Win64/WebBar.B evtl. unerwünschte Anwendung
D:\Users\Thorsten\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung
|
|
06.12.2016, 05:39
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Bitte auch Addition.txt posten.
__________________ |
|
06.12.2016, 16:18
| #3 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 05-12-2016
durchgeführt von totti (05-12-2016 23:05:47)
Gestartet von C:\Users\totti\Downloads
Windows 10 Pro Version 1607 (X64) (2016-11-26 22:54:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2586767532-3616519997-416612805-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2586767532-3616519997-416612805-503 - Limited - Disabled)
Gast (S-1-5-21-2586767532-3616519997-416612805-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2586767532-3616519997-416612805-1005 - Limited - Enabled)
jenny (S-1-5-21-2586767532-3616519997-416612805-1002 - Limited - Disabled)
Thorsten (S-1-5-21-2586767532-3616519997-416612805-1001 - Limited - Enabled) => C:\Users\Thorsten
totti (S-1-5-21-2586767532-3616519997-416612805-1006 - Administrator - Enabled) => C:\Users\totti
ttjh1 (S-1-5-21-2586767532-3616519997-416612805-1003 - Administrator - Enabled) => C:\Users\ttjh1
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.01.49 - ASUSTeK Computer Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.26.1 - Asmedia Technology)
ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.22 - ASUSTeK Computer Inc.)
ASUS ROG Connect Plus (HKLM-x32\...\{ECF51D37-52ED-4871-BF8B-FEA34B8B4120}) (Version: 1.00.30 - ASUSTeK Computer Inc.)
Asus Sonic Suite Plugins (HKLM-x32\...\{c5017606-8bde-4f85-94f4-ba61dcf59860}) (Version: 2.2.2801 - ASUSTeKcomputer.Inc)
ASUS(R) Intel(R) Extreme Tuning Utility (HKLM-x32\...\{969659ef-5e6c-4c40-8aec-6b1bd3819fab}) (Version: 6.1.2.208 - Intel Corporation)
ASUS(R) Intel(R) Extreme Tuning Utility (x32 Version: 6.1.2.208 - Intel Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CheckDevicesConfigurator (Version: 2.2.2801 - ASUSTeKcomputer.Inc) Hidden
EaseUS Todo PCTrans 9.0 (HKLM-x32\...\EaseUS Todo PCTrans_is1) (Version: - EaseUS)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Front Base Driver (HKLM-x32\...\{3A02F836-5D7E-4DDE-ADAE-28DFA9B278DC}) (Version: 1.01.17 - ASUSTeK Computer Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
HDClone 6 Free Edition (HKLM\...\Miray.HDClone.fe.6.0.7.1031-{9111A38F-76E7-40B5-8E0F-EE2C0E43230D}) (Version: 6 - Miray Software AG)
Intel(R) Network Connections 20.2.4001.0 (HKLM\...\PROSetDX) (Version: 20.2.4001.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
LauncherSetup (Version: 2.2.2801 - ASUSTeKcomputer.Inc) Hidden
Logitech Options (HKLM\...\LogiOptions) (Version: - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Mozilla Firefox 50.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0.2 (x86 de)) (Version: 50.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.2.6177 - Mozilla)
NahimicSettingsConfigurator (Version: 2.2.2801 - ASUSTeKcomputer.Inc) Hidden
ProductDaemonSetup (Version: 2.2.2801 - ASUSTeKcomputer.Inc) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7904 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9.7 - Samsung Electronics)
SonicRadarSetup (Version: 1.0.0.0 - ASUSTeKcomputer.Inc) Hidden
SonicStudioSetup (Version: 2.2.2801 - ASUSTeKcomputer.Inc) Hidden
SVLoadSense (HKLM-x32\...\{C4226734-F925-448C-8F15-0D5419F003DF}) (Version: 1.0.12 - SAVITECH)
SyncFileSetup (x86) (x32 Version: 1.3.5949.26210 - Western Digital Technologies, Inc) Hidden
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.71503 - TeamViewer)
WD Access (HKLM-x32\...\{046643f7-6206-46bb-8968-92c37fee39e0}) (Version: 1.4.5949.29996 - Western Digital Technologies, Inc.)
WD Access (x32 Version: 1.4.5949.29996 - Western Digital Technologies, Inc) Hidden
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Sync (HKLM-x32\...\{0d591303-bbc5-4645-a03b-1c3f75f1a762}) (Version: 1.3.5949.26210 - Western Digital Technologies, Inc.)
WiFi Station N (HKLM-x32\...\{155314D4-C46C-434A-9297-643E260232C0}) (Version: 3.7.0.0 - Hercules)
XTUPackage (HKLM-x32\...\{84D11A20-6E7F-4FBB-A2FB-117FCF871040}) (Version: 1.0.0 - ASUSTeK COMPUTER INC.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {188B9885-CAC6-4C29-9051-F3FE2C0F4DF4} - System32\Tasks\SS2Svc32Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2Svc32.exe [2016-08-12] ()
Task: {188EF076-1076-41D7-875F-1DD8F69606C6} - System32\Tasks\SS2UILauncherRun => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe [2016-08-12] ()
Task: {2F5ACAD3-FDC4-49A4-91BF-D582F5424D5B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
Task: {43B6F1BF-91BF-4BDD-BD97-EA8C0BE9C13F} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite III\USB 3.0 Boost\U3BoostSvr.exe [2013-07-24] (ASUSTeK Computer Inc.)
Task: {5F4CF43C-7BEE-49B2-B0A0-8D7E6AC8A788} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\GpuFanHelper.exe [2016-03-07] (TODO: <Company name>)
Task: {81E98030-F60F-430C-AF12-C1A02FE6DF61} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2016-08-11] (ASUSTeK Computer Inc.)
Task: {8C538313-6404-41FF-867D-214170AAA8A1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-27] (Google Inc.)
Task: {8D28B0BE-DF11-4E05-BD63-4D7B59468AB9} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [2015-11-20] (Intel Corporation)
Task: {8DA5F8A2-2102-49F6-B97A-FF4B65DE6B9E} - System32\Tasks\SS2Svc64Run => C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2Svc64.exe [2016-08-12] ()
Task: {9B4D2772-9992-4DE1-B9B9-6B5BCA519D46} - System32\Tasks\ASUS\RC TweakIt Server Execute => C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe [2015-06-25] ()
Task: {A7857351-7FC8-4119-8720-ED706A5775D6} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2016-05-13] (Samsung Electronics.)
Task: {B230353A-C381-4FA6-9DF9-0B1C5FBB69CD} - System32\Tasks\ASUS\Push Notice Server Execute => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe [2014-05-28] (ASUSTeK Computer Inc.)
Task: {B47F2739-667E-4812-8FF0-9BAC6C0FE401} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2016-07-28] ()
Task: {F0820D76-C981-4B46-AD51-BFF9253FB633} - System32\Tasks\ASUS\WonderBox => C:\Program Files (x86)\ASUS\Front Base Driver\WBoxTT.exe [2015-08-05] ()
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 ____N () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-29 22:58 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-26 23:49 - 2015-11-05 16:08 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-11-27 04:15 - 2016-11-27 04:15 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-10-05 18:17 - 2016-10-05 18:17 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-11-27 04:16 - 2016-11-27 04:15 - 01360016 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-08-12 12:17 - 2016-08-12 12:17 - 00287760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll
2016-08-12 12:17 - 2016-08-12 12:17 - 00209936 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll
2016-11-28 23:40 - 2015-06-25 10:42 - 01986872 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
2016-11-27 04:16 - 2016-07-28 23:33 - 01269208 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2016-09-29 22:58 - 2016-09-15 18:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-12-04 19:27 - 2016-12-04 19:27 - 01864384 _____ () C:\Users\totti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-11-28 23:39 - 2015-08-05 09:25 - 01384400 _____ () C:\Program Files (x86)\ASUS\Front Base Driver\WBoxTT.exe
2016-09-21 22:27 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-11-10 00:02 - 2016-11-02 11:30 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-10 00:01 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-10 00:01 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-10 00:01 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-10 00:01 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-10 00:01 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-10 00:01 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-11-27 04:16 - 2015-05-14 09:18 - 01075712 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNoticeMonitor.exe
2016-11-27 04:16 - 2014-08-28 10:37 - 00033424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotify_PCCtrl.exe
2016-11-27 04:16 - 2016-04-21 13:35 - 01529816 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AsPowerBar\AsPowerBar.exe
2016-11-27 04:50 - 2016-11-27 04:42 - 00105312 _____ () C:\WINDOWS\SYSTEM32\audioLibVc.dll
2016-08-12 12:15 - 2016-08-12 12:15 - 00557072 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
2016-08-12 12:15 - 2016-08-12 12:15 - 02741760 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2svc32.exe
2016-08-12 12:18 - 2016-08-12 12:18 - 00486400 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2svc64.exe
2016-12-05 20:19 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2016-11-27 04:15 - 2016-12-05 22:35 - 00040232 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-11-27 04:15 - 2016-11-27 04:15 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-11-27 04:16 - 2015-09-17 10:58 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2016-11-27 04:16 - 2015-09-17 10:58 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2016-11-27 04:16 - 2015-02-09 17:53 - 00872960 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AI Charger+\AIChargerPlus.dll
2016-11-27 04:16 - 2016-08-15 10:36 - 04712752 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2016-11-27 04:16 - 2016-03-07 21:42 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2016-11-27 04:16 - 2015-11-05 11:13 - 01464320 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Mobo Connect\MoboConnect.dll
2016-11-27 04:16 - 2015-09-17 10:58 - 00838456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2016-11-28 23:49 - 2016-08-02 15:05 - 00061440 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.26\Exeio.dll
2016-11-28 23:49 - 2016-08-02 14:51 - 01752576 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.26\Vender.dll
2016-11-28 23:48 - 2016-08-05 15:25 - 00669656 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMLib.dll
2016-11-27 04:17 - 2012-01-19 09:39 - 00028672 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\PEInfo.dll
2016-08-12 12:14 - 2016-08-12 12:14 - 00256016 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2OSD.dll
2016-08-12 12:14 - 2016-08-12 12:14 - 00178704 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2DevProps.dll
2016-11-27 04:16 - 2015-09-17 10:58 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ImageHelper.dll
2016-11-27 04:16 - 2015-09-17 10:58 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\pngio.dll
2016-11-27 04:17 - 2010-02-25 14:01 - 00139264 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\Aszip.dll
2016-11-27 04:17 - 2015-10-14 14:47 - 02613248 _____ () C:\Program Files (x86)\ASUS\AI Suite III\USB BIOS Flashback\EzULIB_UFB.dll
2016-11-28 23:40 - 2015-06-05 09:37 - 00179712 _____ () C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsusService.dll
2016-11-27 04:16 - 2016-04-20 23:52 - 00260056 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4cTDPAction.dll
2016-11-27 04:16 - 2016-05-04 21:46 - 00786416 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2016-11-27 04:16 - 2016-04-20 23:52 - 00878040 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2016-11-27 04:16 - 2016-04-20 23:52 - 00828376 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2016-11-27 04:16 - 2016-04-20 23:52 - 00838616 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2016-11-27 04:16 - 2013-11-20 10:10 - 00662016 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\aaHMLib.dll
2016-11-27 04:16 - 2013-07-02 10:40 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\pngio.dll
2016-08-12 12:15 - 2016-08-12 12:15 - 00098816 _____ () C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\sradarlauncher.dll
2016-12-04 19:27 - 2016-12-04 19:27 - 01383616 _____ () C:\Users\totti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-12-04 19:27 - 2016-12-04 19:27 - 00118976 _____ () C:\Users\totti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2016-11-26 23:45 - 2016-11-26 23:44 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2586767532-3616519997-416612805-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{54E4918F-A16A-4FA9-9F2F-160EDBB8443A}] => C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{19192873-968D-4E2F-98DB-E134957E191E}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9C5C5112-6DE2-41AD-A69F-BA05190A96A5}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8483DF55-D597-4E26-BD9B-C06CCC10B227}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AD27A2B5-5842-4E00-8C06-FF9F7053163E}C:\users\thorsten\desktop\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => C:\users\thorsten\desktop\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [UDP Query User{DFB24A96-1288-41E3-B341-14F1E1C3CBE9}C:\users\thorsten\desktop\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe] => C:\users\thorsten\desktop\jperf-2.0.2\jperf-2.0.2\bin\iperf.exe
FirewallRules: [SNMP-In-UDP] => %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP] => %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-In-UDP-NoScope] => %SystemRoot%\system32\snmp.exe
FirewallRules: [SNMP-Out-UDP-NoScope] => %SystemRoot%\system32\snmp.exe
FirewallRules: [TCP Query User{7B5C2E71-F3E4-4159-8248-FCB8735D3F12}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [UDP Query User{5930F899-70D2-401D-8760-CDFD22F72C6B}C:\program files (x86)\western digital\wd app manager\wdappmanager.exe] => C:\program files (x86)\western digital\wd app manager\wdappmanager.exe
FirewallRules: [{B5AF83E3-86A9-4279-9DAB-34A9F65B5BFB}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6FE7BDB7-317E-40D9-BA68-E88F174AC1AB}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{20B49414-1915-4941-A2B1-C73B8E532466}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EA22D8B-07BB-4F54-8384-E1DC8DCB9A35}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E490789F-B35E-48B2-A406-23F972D5C058}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{6D2571BC-0D6E-45F5-992C-9499BD739CC0}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E65D46E-9309-4FBF-8FC6-6C6C26FBEDE7}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{27370EAC-C5BD-4802-9745-008EDAADBC30}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E159694B-A5B6-4723-997D-8131C58D391D}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{92164D59-5689-4281-BB74-7EAA0DE82283}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [UDP Query User{5DBC668B-0188-40A0-9693-12926839932A}C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe] => C:\program files (x86)\easeus\easeus todo pctrans\bin\pctrans.exe
FirewallRules: [{005472F9-413B-4A50-9312-FDA5E1D351B1}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
FirewallRules: [{A9FD5A86-CB20-4FC9-86F4-0D52136A8354}] => C:\Program Files (x86)\ASUS\AI Suite III\Push Notice\PushNotifyServer.exe
==================== Wiederherstellungspunkte =========================
28-11-2016 23:23:29 Installed ASUS Boot Setting
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/05/2016 11:00:45 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 10:59:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\totti\Downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 08:51:04 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: HOME-PC)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.
Error: (12/05/2016 08:47:38 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: HOME-PC)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.
Error: (12/05/2016 08:46:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 08:46:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 08:46:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HOME-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/05/2016 08:20:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 08:20:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Error: (12/05/2016 08:19:42 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\totti\downloads\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.
Systemfehler:
=============
Error: (12/05/2016 11:01:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/05/2016 11:01:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\totti\AppData\Local\Temp\ehdrv.sys
Error: (12/05/2016 11:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/05/2016 11:01:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\totti\AppData\Local\Temp\ehdrv.sys
Error: (12/05/2016 11:01:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/05/2016 11:01:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\totti\AppData\Local\Temp\ehdrv.sys
Error: (12/05/2016 11:01:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/05/2016 11:01:37 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\totti\AppData\Local\Temp\ehdrv.sys
Error: (12/05/2016 11:01:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (12/05/2016 11:01:36 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\totti\AppData\Local\Temp\ehdrv.sys
CodeIntegrity:
===================================
Date: 2016-12-05 23:05:02.673
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-05 23:05:02.671
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-05 23:00:41.176
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Store signing level requirements.
Date: 2016-12-05 23:00:41.162
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Store signing level requirements.
Date: 2016-12-05 22:35:07.016
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-12-05 22:33:05.801
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2OSD.dll that did not meet the Store signing level requirements.
Date: 2016-12-05 22:33:05.788
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume4\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\x64\SS2DevProps.dll that did not meet the Store signing level requirements.
Date: 2016-12-05 22:28:58.216
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-05 22:28:58.215
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-05 22:16:23.135
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Samsung\Samsung Magician\magdrvamd64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 11%
Installierter physikalischer RAM: 32690.58 MB
Verfügbarer physikalischer RAM: 28843.98 MB
Summe virtueller Speicher: 37554.58 MB
Verfügbarer virtueller Speicher: 33559.18 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:464.67 GB) (Free:313.65 GB) NTFS
Drive d: (Samsung850) (Fixed) (Total:232.35 GB) (Free:76.77 GB) NTFS
Drive e: () (Fixed) (Total:232.33 GB) (Free:64.47 GB) NTFS
Drive f: (WD Black ) (Fixed) (Total:931.41 GB) (Free:652.5 GB) NTFS
Drive g: () (Fixed) (Total:465.66 GB) (Free:294.09 GB) NTFS
Drive h: (WD Elements black) (Fixed) (Total:1862.98 GB) (Free:1318.54 GB) NTFS
Drive i: () (CDROM) (Total:0.02 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 5DAD4F98)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: FD91664C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 2 (Size: 232.9 GB) (Disk ID: 5DAD4F98)
Partition: GPT.
========================================================
Disk: 3 (Size: 931.5 GB) (Disk ID: C032F668)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 044B42CF)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: FB639362)
Partition 1: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
06.12.2016, 17:18
| #4 | ||
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Zitat:
Zitat:
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2016, 20:08
| #5 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? war etwas unglücklich ausgedrückt: Mein Benutzerkonto war nicht mehr unter meinem Namen und E-Mail Adresse vorhanden vorhanden. Es hieß jetz S S mit mit folgender E-Mai Adresse: batlautfinal@yandex.ru. Die Anmeldung mit diesem Konto funktioniert mit meiner erfassten PIN. Nur das Passwort ist ein unbekanntes. |
|
07.12.2016, 17:30
| #6 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Zitat:
Sorry, ich verstehe nur noch Bahnhof. Wenn man sich bei W10 anmeldet, dann macht man das i.d.R. über ein Microsoft-Konto. Sprich eine Email-Adresse. Willst Du mir jetzt sagen, dass batlautfinal@yandex.ru die Anmelde-Email ist und Du das Passwort nicht weißt? Das Konto muss ja jemand gehören der Zugriff auf den PC hat. Oder soll ein Trojaner das Passwort eintippen? Und warum soll Malware das überhaupt machen? Code:
ATTFilter 2016-12-04 22:38 - 2016-12-04 22:39 - 05335456 _____ (EaseUS ) C:\Users\totti\Downloads\pctrans.exe
2016-12-04 22:21 - 2016-12-04 21:37 - 02359296 ____H C:\Users\totti\NTUSER (2).DAT
2016-12-04 22:21 - 2016-12-04 21:37 - 02359296 ____H C:\Users\Thorsten\NTUSER - Kopie.DAT
__________________ --> Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? |
|
07.12.2016, 21:38
| #7 | |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Hallo deeprybka, vorab erst einmal vielen Dank für deine Hilfe ! [QUOTEWas meinst Du denn mit PIN? Sorry, ich verstehe nur noch Bahnhof. Wenn man sich bei W10 anmeldet, dann macht man das i.d.R. über ein Microsoft-Konto. Sprich eine Email-Adresse. Willst Du mir jetzt sagen, dass batlautfinal@yandex.ru die Anmelde-Email ist und Du das Passwort nicht weißt? Das Konto muss ja jemand gehören der Zugriff auf den PC hat. Oder soll ein Trojaner das Passwort eintippen? Und warum soll Malware das überhaupt machen? ][/QUOTE] Es ist so wie du ungläubig vermutest. batlautfinal@yandex.ru ist die Anmelde-Email und ich kenne weder die E-Mail noch das Passwort. Ich kann mich aber über das Benutzerkonto mit der alternativen PIN Eingabe anmelden. Die entspricht meiner PIN (..und ist nicht 0000 oder 1234). Da es mein privater PC ist haben zu 100 % nur meine Wenigkeit, meine Frau und Tochter Zugriff. Wobei letztgenannten nicht einmal wüssten was ein Benutzerkonto ist oder gar wüssten wie mein ein solches erstellt. (etwas drastisch ausgedrückt) Ich denke, das sich das Thema so langsam erledigt, da ich den PC besser verbrenne! Glaub es oder nicht: ich wollte Gestern spaßeshalber noch einmal versuchen ob ggf ein älteres von mir genutzte PW mit diesem E-Mail account geht. Den Benutzernamen konnte ich bei MS noch eingeben, beim versuch ein PW einzugeben meinte meine Tastatur das ein Finger dauerhaft auf einer Taste liegt .... aber weder ich noch meine Tastatur spinnen. Konnte nur noch einen Hard Reset machen. Als anschließen das Selbe in der Win Benutzerkontensteuerung passierte habe ich den Stecker gezogen und die halbe Nacht über meinen Raspberry und Handy alle mögliche passwörter geändert (E-Mails, icloud, NAS, Router usw. ) Zitat:
lg totti6169 |
|
08.12.2016, 17:02
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Machen wir mal unsere Routineprüfung auf Standard-Malware: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
09.12.2016, 19:30
| #9 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Code:
ATTFilter 19:22:22.0132 0x27fc TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
19:22:22.0132 0x27fc UEFI system
19:23:05.0651 0x27fc ============================================================
19:23:05.0651 0x27fc Current date / time: 2016/12/09 19:23:05.0651
19:23:05.0652 0x27fc SystemInfo:
19:23:05.0652 0x27fc
19:23:05.0652 0x27fc OS Version: 10.0.14393 ServicePack: 0.0
19:23:05.0652 0x27fc Product type: Workstation
19:23:05.0652 0x27fc ComputerName: HOME-PC
19:23:05.0652 0x27fc UserName: totti
19:23:05.0652 0x27fc Windows directory: C:\WINDOWS
19:23:05.0652 0x27fc System windows directory: C:\WINDOWS
19:23:05.0652 0x27fc Running under WOW64
19:23:05.0652 0x27fc Processor architecture: Intel x64
19:23:05.0652 0x27fc Number of processors: 4
19:23:05.0652 0x27fc Page size: 0x1000
19:23:05.0652 0x27fc Boot type: Normal boot
19:23:05.0652 0x27fc CodeIntegrityOptions = 0x0000C001
19:23:05.0652 0x27fc ============================================================
19:23:05.0713 0x27fc KLMD registered as C:\WINDOWS\system32\drivers\37315107.sys
19:23:05.0713 0x27fc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.447, osProperties = 0x19
19:23:06.0145 0x27fc System UUID: {32E4349E-6680-75A9-F219-6FFB837C823D}
19:23:06.0539 0x27fc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:06.0542 0x27fc Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:06.0543 0x27fc Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:23:06.0895 0x27fc Drive \Device\Harddisk3\DR3 - Size: 0x1D1BF100000 ( 1862.99 Gb ), SectorSize: 0x200, Cylinders: 0x3B5FD, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:23:07.0620 0x27fc Drive \Device\Harddisk4\DR4 - Size: 0x7470AFDE00 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
19:23:07.0623 0x27fc ============================================================
19:23:07.0623 0x27fc \Device\Harddisk0\DR0:
19:23:07.0624 0x27fc GPT partitions:
19:23:07.0624 0x27fc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {673D8A49-07E4-4D52-AFAC-3A6AF0457C97}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1C101E
19:23:07.0624 0x27fc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C1C3E8E5-9561-4B9E-AB19-15C7DC453CAE}, Name: EFI system partition, StartLBA 0x1C1820, BlocksNum 0x63006
19:23:07.0624 0x27fc \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DC75CCC1-46FA-402A-A7A2-073F086AC78D}, Name: Microsoft reserved partition, StartLBA 0x224828, BlocksNum 0x8000
19:23:07.0624 0x27fc \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6CC1B1DD-EE57-46F6-A3E3-30C874FEFB55}, Name: Basic data partition, StartLBA 0x22C828, BlocksNum 0x3A156FDA
19:23:07.0624 0x27fc MBR partitions:
19:23:07.0624 0x27fc \Device\Harddisk1\DR1:
19:23:07.0627 0x27fc MBR partitions:
19:23:07.0627 0x27fc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:23:07.0627 0x27fc \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D0B1800
19:23:07.0627 0x27fc \Device\Harddisk2\DR2:
19:23:07.0627 0x27fc MBR partitions:
19:23:07.0627 0x27fc \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D4000
19:23:07.0627 0x27fc \Device\Harddisk3\DR3:
19:23:07.0627 0x27fc MBR partitions:
19:23:07.0627 0x27fc \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8DF8000
19:23:07.0627 0x27fc \Device\Harddisk4\DR4:
19:23:07.0628 0x27fc MBR partitions:
19:23:07.0628 0x27fc \Device\Harddisk4\DR4\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
19:23:07.0628 0x27fc ============================================================
19:23:07.0628 0x27fc C: <-> \Device\Harddisk0\DR0\Partition4
19:23:07.0629 0x27fc D: <-> \Device\Harddisk1\DR1\Partition2
19:23:07.0649 0x27fc F: <-> \Device\Harddisk2\DR2\Partition1
19:23:07.0668 0x27fc G: <-> \Device\Harddisk4\DR4\Partition1
19:23:08.0481 0x27fc H: <-> \Device\Harddisk3\DR3\Partition1
19:23:08.0481 0x27fc ============================================================
19:23:08.0481 0x27fc Initialize success
19:23:08.0481 0x27fc ============================================================
19:23:47.0547 0x2a20 ============================================================
19:23:47.0547 0x2a20 Scan started
19:23:47.0547 0x2a20 Mode: Manual; SigCheck; TDLFS;
19:23:47.0547 0x2a20 ============================================================
19:23:47.0547 0x2a20 KSN ping started
19:23:47.0773 0x2a20 KSN ping finished: true
19:23:49.0258 0x2a20 ================ Scan system memory ========================
19:23:49.0258 0x2a20 System memory - ok
19:23:49.0258 0x2a20 ================ Scan services =============================
19:23:49.0292 0x2a20 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:23:49.0326 0x2a20 1394ohci - ok
19:23:49.0332 0x2a20 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:23:49.0340 0x2a20 3ware - ok
19:23:49.0352 0x2a20 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:23:49.0357 0x2a20 ACPI - ok
19:23:49.0357 0x2a20 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
19:23:49.0373 0x2a20 AcpiDev - ok
19:23:49.0373 0x2a20 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:23:49.0390 0x2a20 acpiex - ok
19:23:49.0393 0x2a20 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:23:49.0399 0x2a20 acpipagr - ok
19:23:49.0402 0x2a20 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:23:49.0409 0x2a20 AcpiPmi - ok
19:23:49.0411 0x2a20 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:23:49.0418 0x2a20 acpitime - ok
19:23:49.0436 0x2a20 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:23:49.0457 0x2a20 ADP80XX - ok
19:23:49.0457 0x2a20 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:23:49.0473 0x2a20 AFD - ok
19:23:49.0490 0x2a20 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:23:49.0501 0x2a20 ahcache - ok
19:23:49.0511 0x2a20 [ 4BFB41025FA1C37205EDEEFDE36F7771, EA171520C0C8DAFA3D656EC4815393F77096C1E22EC9F39756B52D1565483102 ] AiChargerPlus C:\WINDOWS\syswow64\drivers\AiChargerPlus.sys
19:23:49.0518 0x2a20 AiChargerPlus - ok
19:23:49.0520 0x2a20 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
19:23:49.0524 0x2a20 AJRouter - ok
19:23:49.0524 0x2a20 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
19:23:49.0540 0x2a20 ALG - ok
19:23:49.0540 0x2a20 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:23:49.0540 0x2a20 AmdK8 - ok
19:23:49.0555 0x2a20 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:23:49.0555 0x2a20 AmdPPM - ok
19:23:49.0555 0x2a20 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:23:49.0571 0x2a20 amdsata - ok
19:23:49.0571 0x2a20 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:23:49.0587 0x2a20 amdsbs - ok
19:23:49.0587 0x2a20 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:23:49.0587 0x2a20 amdxata - ok
19:23:49.0587 0x2a20 [ 86E1C9CAD3A9C2345189308AF62DE14B, EA0C937A63B4360427C80DB55EB95A94E09E942AB5D2BF3BF534AC2E0E0ED2B2 ] AndroidAFD C:\WINDOWS\syswow64\drivers\AndroidAFDx64.sys
19:23:49.0604 0x2a20 AndroidAFD - ok
19:23:49.0604 0x2a20 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:23:49.0604 0x2a20 AppID - ok
19:23:49.0620 0x2a20 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:23:49.0620 0x2a20 AppIDSvc - ok
19:23:49.0620 0x2a20 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:23:49.0635 0x2a20 Appinfo - ok
19:23:49.0635 0x2a20 [ 7D811EA7A2AAA49B0446D42CBC1CD338, AFECE5E44E48F756C7EB81D95C9237552AF8A9C02CBE756E0F3D3C6524DE49AD ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:23:49.0651 0x2a20 Apple Mobile Device Service - ok
19:23:49.0651 0x2a20 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
19:23:49.0651 0x2a20 applockerfltr - ok
19:23:49.0667 0x2a20 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
19:23:49.0667 0x2a20 AppMgmt - ok
19:23:49.0682 0x2a20 [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:23:49.0704 0x2a20 AppReadiness - ok
19:23:49.0720 0x2a20 [ 6010A920FDE5BFE4EA056F9736FBDC06, F55F68D5AD1F272BC285E716E02090C62FC87476DD6CE7ABA6BE7EF8EF6178DE ] AppVClient C:\WINDOWS\system32\AppVClient.exe
19:23:49.0736 0x2a20 AppVClient - ok
19:23:49.0736 0x2a20 [ B66ED2CB37F7E4696A51612AFBA08834, 70BA67AF7F1290E3145B873B53516F138E50D8AAC80CD00CBA66467ABC6643CB ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
19:23:49.0751 0x2a20 AppvStrm - ok
19:23:49.0751 0x2a20 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
19:23:49.0751 0x2a20 AppvVemgr - ok
19:23:49.0767 0x2a20 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
19:23:49.0767 0x2a20 AppvVfs - ok
19:23:49.0805 0x2a20 [ F9F4CFCB3845EABF81A654001C80854C, 2CB7BED0A838585903056E41D46C2604B5EECA3B6C673497A22BFFCAE7986C5F ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:23:49.0852 0x2a20 AppXSvc - ok
19:23:49.0852 0x2a20 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:23:49.0867 0x2a20 arcsas - ok
19:23:49.0883 0x2a20 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
19:23:49.0978 0x2a20 asComSvc - ok
19:23:49.0994 0x2a20 [ 56D377C9EE91F0778B44901B9DBBD38D, 4DB3699554BF2D977980AAC36F40D7BCD6AD1FAA6CA84A24939CF7BCFF54BB17 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.25\aaHMSvc.exe
19:23:50.0008 0x2a20 asHmComSvc - ok
19:23:50.0008 0x2a20 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
19:23:50.0027 0x2a20 AsIO - ok
19:23:50.0031 0x2a20 [ 3616CEE8DBBC5677F8E76EFC357AA9D9, F58ED13680B0C4B5F6DC445FDE55D5BFB78AAFC57272933573065081EAD68DF5 ] asmthub3 C:\WINDOWS\System32\drivers\asmthub3.sys
19:23:50.0036 0x2a20 asmthub3 - ok
19:23:50.0044 0x2a20 [ CB5C6A4562A1F9E96887739704A7AA9B, E58E2BCCAA0979B502418384510F13A83F53E43CDEB82517BFF5378816AF496A ] asmtxhci C:\WINDOWS\System32\drivers\asmtxhci.sys
19:23:50.0053 0x2a20 asmtxhci - ok
19:23:50.0057 0x2a20 [ E42B80A2A0E0192626DC3AFCA1B95DE6, 8E8D9AC610B8D6D4CACC863CFAFB98E375632ADF1A6A96ECC2D131817C7564A9 ] asstahci64 C:\WINDOWS\system32\drivers\asstahci64.sys
19:23:50.0061 0x2a20 asstahci64 - ok
19:23:50.0075 0x2a20 [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
19:23:50.0129 0x2a20 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
19:23:50.0388 0x2a20 Detect skipped due to KSN trusted
19:23:50.0389 0x2a20 AsSysCtrlService - ok
19:23:50.0392 0x2a20 [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO C:\WINDOWS\syswow64\drivers\AsUpIO.sys
19:23:50.0404 0x2a20 AsUpIO - ok
19:23:50.0411 0x2a20 [ 8B18DE4E8D649CFBFBFBC67C1AA13C57, E6FACE3BF363AE82105B63771DCA502DB82B188EC090086C7F960CE37A28E9E1 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.08.15\AsusFanControlService.exe
19:23:50.0420 0x2a20 AsusFanControlService - ok
19:23:50.0424 0x2a20 [ 82CE67C7AAD548F2584F69541CE7C8C9, 686F6AB361C859A816E93AAD0C7C3C22F9323DEDE4B73BBC1D79744021EBD392 ] ASUSfilter C:\WINDOWS\System32\drivers\ASUSfilter.sys
19:23:50.0428 0x2a20 ASUSfilter - ok
19:23:50.0431 0x2a20 [ E2E6EE5795AA7E9851BF57186B303E88, D0BD161364A8B0475DFCBCD716BD329E9ABDE53098678D3E5A0238781949AA9E ] ASUSstpt C:\WINDOWS\System32\drivers\ASUSstpt.sys
19:23:50.0434 0x2a20 ASUSstpt - ok
19:23:50.0438 0x2a20 [ 698BB5F9FD5270539D2500B54F42459D, 86CBB5B6E8C64D70005C328E2136F632CAA50E1DB78C81B8178BC2764809FE9A ] ASUSumsc C:\WINDOWS\System32\drivers\ASUSumsc.sys
19:23:50.0441 0x2a20 ASUSumsc - ok
19:23:50.0441 0x2a20 [ 07BC7AF2D5F62CCDEB394D443F9B718F, B6240B6FA0CDB80B5B45D1C430B92F2046989D66243E76EC38FDA7582B75BEB8 ] ASUSxpsp C:\WINDOWS\System32\drivers\ASUSxpsp.sys
19:23:50.0441 0x2a20 ASUSxpsp - ok
19:23:50.0441 0x2a20 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
19:23:50.0457 0x2a20 AsyncMac - ok
19:23:50.0457 0x2a20 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:23:50.0457 0x2a20 atapi - ok
19:23:50.0475 0x2a20 [ 2DC3D53FFA0D10EB8C911AE2DB7BF4CF, 8E0A4B5D610D487A216E70396A99ACC1BEA12C46A6681B1A39CD0FD01EDD406A ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:23:50.0488 0x2a20 AudioEndpointBuilder - ok
19:23:50.0502 0x2a20 [ 7B993290E7691C446C16A56A431669BA, 004551934E27E9FC1A939C9BD1DEB850A216CBED9B18CB3317920F5656D9F6BF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:23:50.0523 0x2a20 Audiosrv - ok
19:23:50.0523 0x2a20 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:23:50.0539 0x2a20 AxInstSV - ok
19:23:50.0539 0x2a20 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:23:50.0554 0x2a20 b06bdrv - ok
19:23:50.0554 0x2a20 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:23:50.0570 0x2a20 BasicDisplay - ok
19:23:50.0570 0x2a20 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:23:50.0570 0x2a20 BasicRender - ok
19:23:50.0585 0x2a20 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
19:23:50.0585 0x2a20 bcmfn - ok
19:23:50.0585 0x2a20 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:23:50.0602 0x2a20 bcmfn2 - ok
19:23:50.0606 0x2a20 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:23:50.0622 0x2a20 BDESVC - ok
19:23:50.0622 0x2a20 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:23:50.0622 0x2a20 Beep - ok
19:23:50.0637 0x2a20 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
19:23:50.0653 0x2a20 BFE - ok
19:23:50.0684 0x2a20 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
19:23:50.0714 0x2a20 BITS - ok
19:23:50.0724 0x2a20 [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:23:50.0724 0x2a20 Bonjour Service - ok
19:23:50.0724 0x2a20 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:23:50.0740 0x2a20 bowser - ok
19:23:50.0755 0x2a20 [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:23:50.0771 0x2a20 BrokerInfrastructure - ok
19:23:50.0787 0x2a20 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
19:23:50.0787 0x2a20 Browser - ok
19:23:50.0787 0x2a20 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:23:50.0806 0x2a20 BthAvrcpTg - ok
19:23:50.0806 0x2a20 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
19:23:50.0822 0x2a20 BthEnum - ok
19:23:50.0822 0x2a20 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:23:50.0837 0x2a20 BthHFEnum - ok
19:23:50.0837 0x2a20 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:23:50.0837 0x2a20 bthhfhid - ok
19:23:50.0853 0x2a20 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:23:50.0853 0x2a20 BthHFSrv - ok
19:23:50.0869 0x2a20 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:23:50.0869 0x2a20 BTHMODEM - ok
19:23:50.0869 0x2a20 [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
19:23:50.0894 0x2a20 BthPan - ok
19:23:50.0908 0x2a20 [ E6D5762958A839B119C041256149AAD6, 8FB489F6771C392347E333935E00024309A19F1D3143F365A039A9D2DE0A639C ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
19:23:50.0923 0x2a20 BTHPORT - ok
19:23:50.0939 0x2a20 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
19:23:50.0939 0x2a20 bthserv - ok
19:23:50.0939 0x2a20 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
19:23:50.0954 0x2a20 BTHUSB - ok
19:23:50.0954 0x2a20 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
19:23:50.0970 0x2a20 buttonconverter - ok
19:23:50.0970 0x2a20 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
19:23:50.0986 0x2a20 CapImg - ok
19:23:50.0986 0x2a20 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:23:51.0003 0x2a20 cdfs - ok
19:23:51.0006 0x2a20 [ B737F6FB33A6F79BCBC293A5B32C1C4E, B2EAF621052A4CBEE78208ECF1AC9286BD1EB431019372254E442319308112F8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
19:23:51.0022 0x2a20 CDPSvc - ok
19:23:51.0022 0x2a20 [ 2531EF3423A9FE1692005A41907E3BE3, 4E7D3E216937305B73CBCC5031F513CEC38F4FEFE3F2291DED5F37641221CCA0 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
19:23:51.0038 0x2a20 CDPUserSvc - ok
19:23:51.0038 0x2a20 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:23:51.0053 0x2a20 cdrom - ok
19:23:51.0053 0x2a20 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:23:51.0069 0x2a20 CertPropSvc - ok
19:23:51.0085 0x2a20 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
19:23:51.0095 0x2a20 cht4iscsi - ok
19:23:51.0123 0x2a20 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
19:23:51.0154 0x2a20 cht4vbd - ok
19:23:51.0154 0x2a20 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:23:51.0170 0x2a20 circlass - ok
19:23:51.0170 0x2a20 [ 39591D8510CEC3BA6ED4330EE689B791, E827DEA20AB338308D6E4EEFEF551088088B77CD10BF08C8BE568090E04172E2 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:23:51.0186 0x2a20 CLFS - ok
19:23:51.0203 0x2a20 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
19:23:51.0206 0x2a20 ClipSVC - ok
19:23:51.0222 0x2a20 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
19:23:51.0222 0x2a20 clreg - ok
19:23:51.0222 0x2a20 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:23:51.0238 0x2a20 CmBatt - ok
19:23:51.0238 0x2a20 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:23:51.0269 0x2a20 CNG - ok
19:23:51.0269 0x2a20 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
19:23:51.0269 0x2a20 cnghwassist - ok
19:23:51.0284 0x2a20 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
19:23:51.0284 0x2a20 CompositeBus - ok
19:23:51.0284 0x2a20 COMSysApp - ok
19:23:51.0302 0x2a20 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:23:51.0307 0x2a20 condrv - ok
19:23:51.0307 0x2a20 [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
19:23:51.0338 0x2a20 CoreMessagingRegistrar - ok
19:23:51.0338 0x2a20 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:23:51.0338 0x2a20 CryptSvc - ok
19:23:51.0353 0x2a20 [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC C:\WINDOWS\system32\drivers\csc.sys
19:23:51.0369 0x2a20 CSC - ok
19:23:51.0385 0x2a20 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\WINDOWS\System32\cscsvc.dll
19:23:51.0407 0x2a20 CscService - ok
19:23:51.0407 0x2a20 [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\WINDOWS\system32\drivers\dam.sys
19:23:51.0407 0x2a20 dam - ok
19:23:51.0422 0x2a20 [ A4700D1F78539C0ED32FA50E64F9C692, 5CB03B5F36307BA152245BAD29CB2AC703BBE8197ABC0338A7092ADEA1C3221A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys
19:23:51.0422 0x2a20 dc3d - ok
19:23:51.0438 0x2a20 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:23:51.0469 0x2a20 DcomLaunch - ok
19:23:51.0469 0x2a20 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
19:23:51.0485 0x2a20 DcpSvc - ok
19:23:51.0502 0x2a20 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:23:51.0507 0x2a20 defragsvc - ok
19:23:51.0523 0x2a20 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:23:51.0538 0x2a20 DeviceAssociationService - ok
19:23:51.0538 0x2a20 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:23:51.0554 0x2a20 DeviceInstall - ok
19:23:51.0554 0x2a20 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
19:23:51.0570 0x2a20 DevQueryBroker - ok
19:23:51.0570 0x2a20 [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:23:51.0590 0x2a20 Dfsc - ok
19:23:51.0597 0x2a20 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:23:51.0614 0x2a20 Dhcp - ok
19:23:51.0617 0x2a20 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
19:23:51.0624 0x2a20 diagnosticshub.standardcollector.service - ok
19:23:51.0655 0x2a20 [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:23:51.0707 0x2a20 DiagTrack - ok
19:23:51.0707 0x2a20 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:23:51.0707 0x2a20 disk - ok
19:23:51.0726 0x2a20 [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
19:23:51.0741 0x2a20 DmEnrollmentSvc - ok
19:23:51.0744 0x2a20 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:23:51.0751 0x2a20 dmvsc - ok
19:23:51.0754 0x2a20 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
19:23:51.0765 0x2a20 dmwappushservice - ok
19:23:51.0771 0x2a20 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:23:51.0774 0x2a20 Dnscache - ok
19:23:51.0790 0x2a20 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:23:51.0790 0x2a20 dot3svc - ok
19:23:51.0808 0x2a20 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
19:23:51.0808 0x2a20 DPS - ok
19:23:51.0808 0x2a20 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
19:23:51.0823 0x2a20 drmkaud - ok
19:23:51.0823 0x2a20 [ 50AAD2A07BD8B90A8CFB4F6D7A4D165A, 2F29D81D4EDEE3AC9A9EFC6E6F7669E01F1438EC8CE27E844BED7435834218B7 ] DSI_SiUSBXp_3_1 C:\WINDOWS\system32\drivers\DSI_SiUSBXp_3_1.sys
19:23:51.0823 0x2a20 DSI_SiUSBXp_3_1 - ok
19:23:51.0839 0x2a20 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:23:51.0839 0x2a20 DsmSvc - ok
19:23:51.0854 0x2a20 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
19:23:51.0854 0x2a20 DsSvc - ok
19:23:51.0870 0x2a20 [ 87932C8BE855063DD8FC542483E564A9, 4BBA77B45891047D4A9DC6E6FF6C6FF08275A686E6AD2F50CF3D3CD6AB66A998 ] dtultrascsibus C:\WINDOWS\System32\drivers\dtultrascsibus.sys
19:23:51.0870 0x2a20 dtultrascsibus - ok
19:23:51.0870 0x2a20 [ EE02881FE4C95B6CA5EB4CF49460617E, A120A7D58F5431B5A5A74847BE808582E75E4876F52C35692243221046DAE1D9 ] dtultrausbbus C:\WINDOWS\System32\drivers\dtultrausbbus.sys
19:23:51.0870 0x2a20 dtultrausbbus - ok
19:23:51.0912 0x2a20 [ 125C83C44EEE61E2ED5893F23AEF0FC9, D6599AFFA1A554124AEF6862C69027F9FF9B343362091439866641A1CFB0E76A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:23:51.0941 0x2a20 DXGKrnl - ok
19:23:51.0956 0x2a20 [ DF8EAF458365A63223DF8AE632B90373, D4ADAAEDCCA1F73B615B0885FEDCEDC3883283C53B56DE95B6E753F502BD2393 ] e1dexpress C:\WINDOWS\system32\DRIVERS\e1d65x64.sys
19:23:51.0972 0x2a20 e1dexpress - ok
19:23:51.0972 0x2a20 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
19:23:51.0988 0x2a20 EapHost - ok
19:23:52.0039 0x2a20 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:23:52.0107 0x2a20 ebdrv - ok
19:23:52.0108 0x2a20 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
19:23:52.0108 0x2a20 EFS - ok
19:23:52.0124 0x2a20 [ 11881837014D517A234E0B3B5481A121, C05AC6B7ADE4A847EFC09150111E1AFB944E4AD14DF5A48F7CAAEB8423EE3427 ] EgisTec Service C:\Program Files (x86)\EgisTec BioExcess\EgisService.exe
19:23:52.0139 0x2a20 EgisTec Service - ok
19:23:52.0155 0x2a20 [ C8D2470259DCD1A94B7D59827ED44028, 0E2AEB3115E8A0198A307536587A87BB6470899821EA18E6B236AFD1CBAF138A ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:23:52.0155 0x2a20 EgisTec Ticket Service - ok
19:23:52.0170 0x2a20 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:23:52.0170 0x2a20 EhStorClass - ok
19:23:52.0170 0x2a20 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:23:52.0186 0x2a20 EhStorTcgDrv - ok
19:23:52.0186 0x2a20 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
19:23:52.0206 0x2a20 embeddedmode - ok
19:23:52.0208 0x2a20 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
19:23:52.0224 0x2a20 EntAppSvc - ok
19:23:52.0224 0x2a20 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:23:52.0224 0x2a20 ErrDev - ok
19:23:52.0239 0x2a20 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
19:23:52.0255 0x2a20 EventSystem - ok
19:23:52.0255 0x2a20 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:23:52.0271 0x2a20 exfat - ok
19:23:52.0286 0x2a20 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:23:52.0286 0x2a20 fastfat - ok
19:23:52.0309 0x2a20 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
19:23:52.0324 0x2a20 Fax - ok
19:23:52.0324 0x2a20 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:23:52.0324 0x2a20 fdc - ok
19:23:52.0340 0x2a20 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:23:52.0340 0x2a20 fdPHost - ok
19:23:52.0340 0x2a20 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:23:52.0355 0x2a20 FDResPub - ok
19:23:52.0355 0x2a20 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:23:52.0377 0x2a20 fhsvc - ok
19:23:52.0380 0x2a20 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
19:23:52.0387 0x2a20 FileCrypt - ok
19:23:52.0390 0x2a20 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:23:52.0397 0x2a20 FileInfo - ok
19:23:52.0400 0x2a20 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:23:52.0408 0x2a20 Filetrace - ok
19:23:52.0411 0x2a20 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:23:52.0417 0x2a20 flpydisk - ok
19:23:52.0424 0x2a20 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:23:52.0425 0x2a20 FltMgr - ok
19:23:52.0456 0x2a20 [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\WINDOWS\system32\FntCache.dll
19:23:52.0509 0x2a20 FontCache - ok
19:23:52.0509 0x2a20 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:23:52.0509 0x2a20 FontCache3.0.0.0 - ok
19:23:52.0509 0x2a20 [ B7C32510C5564551CFEEE89929863052, 333B6CA888CAF601F2B0EA5140EC839A4D1A03E63FD02693C501F7FB84AE21E9 ] FPWinIo C:\WINDOWS\system32\drivers\FPWinIo.sys
19:23:52.0509 0x2a20 FPWinIo - ok
19:23:52.0538 0x2a20 [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
19:23:52.0564 0x2a20 FrameServer - ok
19:23:52.0567 0x2a20 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:23:52.0573 0x2a20 FsDepends - ok
19:23:52.0574 0x2a20 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:23:52.0574 0x2a20 Fs_Rec - ok
19:23:52.0590 0x2a20 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:23:52.0607 0x2a20 fvevol - ok
19:23:52.0609 0x2a20 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:23:52.0609 0x2a20 gencounter - ok
19:23:52.0609 0x2a20 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
19:23:52.0625 0x2a20 genericusbfn - ok
19:23:52.0629 0x2a20 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:23:52.0637 0x2a20 GPIOClx0101 - ok
19:23:52.0655 0x2a20 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:23:52.0674 0x2a20 gpsvc - ok
19:23:52.0690 0x2a20 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
19:23:52.0690 0x2a20 GpuEnergyDrv - ok
19:23:52.0690 0x2a20 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:23:52.0708 0x2a20 gupdate - ok
19:23:52.0709 0x2a20 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B99A296EFEE5737 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:23:52.0709 0x2a20 gupdatem - ok
19:23:52.0709 0x2a20 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
19:23:52.0738 0x2a20 HdAudAddService - ok
19:23:52.0741 0x2a20 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:23:52.0749 0x2a20 HDAudBus - ok
19:23:52.0752 0x2a20 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:23:52.0758 0x2a20 HidBatt - ok
19:23:52.0761 0x2a20 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:23:52.0769 0x2a20 HidBth - ok
19:23:52.0772 0x2a20 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:23:52.0774 0x2a20 hidi2c - ok
19:23:52.0774 0x2a20 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
19:23:52.0774 0x2a20 hidinterrupt - ok
19:23:52.0790 0x2a20 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:23:52.0790 0x2a20 HidIr - ok
19:23:52.0790 0x2a20 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:23:52.0808 0x2a20 hidserv - ok
19:23:52.0809 0x2a20 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:23:52.0809 0x2a20 HidUsb - ok
19:23:52.0829 0x2a20 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:23:52.0844 0x2a20 HomeGroupListener - ok
19:23:52.0853 0x2a20 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:23:52.0868 0x2a20 HomeGroupProvider - ok
19:23:52.0871 0x2a20 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:23:52.0874 0x2a20 HpSAMD - ok
19:23:52.0890 0x2a20 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:23:52.0909 0x2a20 HTTP - ok
19:23:52.0909 0x2a20 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
19:23:52.0925 0x2a20 HvHost - ok
19:23:52.0925 0x2a20 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
19:23:52.0925 0x2a20 hvservice - ok
19:23:52.0925 0x2a20 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:23:52.0940 0x2a20 hwpolicy - ok
19:23:52.0940 0x2a20 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:23:52.0940 0x2a20 hyperkbd - ok
19:23:52.0956 0x2a20 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:23:52.0956 0x2a20 i8042prt - ok
19:23:52.0956 0x2a20 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
19:23:52.0976 0x2a20 iagpio - ok
19:23:52.0979 0x2a20 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
19:23:52.0986 0x2a20 iai2c - ok
19:23:52.0989 0x2a20 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
19:23:52.0997 0x2a20 iaLPSS2i_GPIO2 - ok
19:23:53.0001 0x2a20 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
19:23:53.0007 0x2a20 iaLPSS2i_I2C - ok
19:23:53.0009 0x2a20 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:23:53.0009 0x2a20 iaLPSSi_GPIO - ok
19:23:53.0009 0x2a20 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:23:53.0025 0x2a20 iaLPSSi_I2C - ok
19:23:53.0041 0x2a20 [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:23:53.0072 0x2a20 iaStorA - ok
19:23:53.0072 0x2a20 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:23:53.0088 0x2a20 iaStorAV - ok
19:23:53.0105 0x2a20 [ 14E3DB5ADA7E2187A404129F4E5CE336, 5925C8E9DC00A6C682D6A3B37C6EBF2C325D37C8E4BF584F0B5AAC5A7B666E47 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:23:53.0110 0x2a20 IAStorDataMgrSvc - ok
19:23:53.0117 0x2a20 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:23:53.0129 0x2a20 iaStorV - ok
19:23:53.0138 0x2a20 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
19:23:53.0141 0x2a20 ibbus - ok
19:23:53.0141 0x2a20 [ E54BFAB1679CCFBE2C28AD18BE9D0E5F, DAFFCFEBDADEE43FE657FFFFCFADA2F7AE62FCB29915540F620FDC0041A99CD1 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
19:23:53.0172 0x2a20 ICCS - ok
19:23:53.0172 0x2a20 [ 231ADCE77616144B8E3D29707B282C82, D2429E0CAABE3E3A50D62DEC6C9F8D13AC8786EB57D9075489425E623EC84165 ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys
19:23:53.0188 0x2a20 ICCWDT - ok
19:23:53.0206 0x2a20 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
19:23:53.0210 0x2a20 icssvc - ok
19:23:53.0232 0x2a20 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:23:53.0258 0x2a20 IKEEXT - ok
19:23:53.0261 0x2a20 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
19:23:53.0268 0x2a20 IndirectKmd - ok
19:23:53.0326 0x2a20 [ 6BA2F4C3936BA77E1C1E48FBAF01A77E, EB469EB759B3651CFD100BD78C1FD9D63035E700601EC971382CFB375DA3FFFB ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:23:53.0418 0x2a20 IntcAzAudAddService - ok
19:23:53.0424 0x2a20 [ F28C5A79A1698E9F1374569A1C0FB880, 9DD0A9539AFE0DB71C2CDE1E9649D4178C28E3740E99E54E3337E7DD32971D72 ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
19:23:53.0440 0x2a20 Intel(R) PROSet Monitoring Service - ok
19:23:53.0440 0x2a20 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:23:53.0456 0x2a20 intelide - ok
19:23:53.0456 0x2a20 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:23:53.0456 0x2a20 intelpep - ok
19:23:53.0471 0x2a20 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:23:53.0471 0x2a20 intelppm - ok
19:23:53.0471 0x2a20 [ 6F50493D15629076EEC6A5B73A4D1C7D, 4BE8741D0239988084F8161E390511C5B9408FDD5E6946CE341840A706ADA2F9 ] iocbios2 C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
19:23:53.0504 0x2a20 iocbios2 - ok
19:23:53.0507 0x2a20 [ 7C0766B89BACA46A5CEE48FD4F5DF2AD, 8843F02A3F2F395698D618C376283314A0D729B2C3C2AE8BFA13F0CB64F61097 ] IOMap C:\WINDOWS\system32\drivers\IOMap64.sys
19:23:53.0511 0x2a20 IOMap - ok
19:23:53.0513 0x2a20 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
19:23:53.0519 0x2a20 iorate - ok
19:23:53.0522 0x2a20 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:23:53.0525 0x2a20 IpFilterDriver - ok
19:23:53.0540 0x2a20 [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:23:53.0572 0x2a20 iphlpsvc - ok
19:23:53.0572 0x2a20 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:23:53.0572 0x2a20 IPMIDRV - ok
19:23:53.0588 0x2a20 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:23:53.0598 0x2a20 IPNAT - ok
19:23:53.0609 0x2a20 [ C37FAF1F0CE458D124A326FC8A7FF08D, 0147897CDF6DC2AB7113672D2B62CB258303FB0482B084C23C2E7EFCDE0065B4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:23:53.0621 0x2a20 iPod Service - ok
19:23:53.0625 0x2a20 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
19:23:53.0634 0x2a20 irda - ok
19:23:53.0636 0x2a20 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:23:53.0641 0x2a20 IRENUM - ok
19:23:53.0641 0x2a20 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
19:23:53.0641 0x2a20 irmon - ok
19:23:53.0641 0x2a20 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:23:53.0657 0x2a20 isapnp - ok
19:23:53.0657 0x2a20 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:23:53.0672 0x2a20 iScsiPrt - ok
19:23:53.0672 0x2a20 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:23:53.0672 0x2a20 kbdclass - ok
19:23:53.0688 0x2a20 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:23:53.0695 0x2a20 kbdhid - ok
19:23:53.0698 0x2a20 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
19:23:53.0705 0x2a20 kdnic - ok
19:23:53.0708 0x2a20 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
19:23:53.0713 0x2a20 KeyIso - ok
19:23:53.0717 0x2a20 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:23:53.0724 0x2a20 KSecDD - ok
19:23:53.0724 0x2a20 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:23:53.0740 0x2a20 KSecPkg - ok
19:23:53.0740 0x2a20 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:23:53.0755 0x2a20 ksthunk - ok
19:23:53.0755 0x2a20 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:23:53.0771 0x2a20 KtmRm - ok
19:23:53.0771 0x2a20 [ 28A4BB5CCFA252FC1D9460E5FB22AB08, 85DC7F8191245FDBBD90DABC2D03D70B373550615125471C90C10550EF6D5EEB ] L4301_Solar C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
19:23:53.0787 0x2a20 L4301_Solar - ok
19:23:53.0787 0x2a20 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:23:53.0811 0x2a20 LanmanServer - ok
19:23:53.0811 0x2a20 [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:23:53.0827 0x2a20 LanmanWorkstation - ok
19:23:53.0827 0x2a20 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
19:23:53.0843 0x2a20 lfsvc - ok
19:23:53.0843 0x2a20 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
19:23:53.0843 0x2a20 LicenseManager - ok
19:23:53.0843 0x2a20 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
19:23:53.0858 0x2a20 lltdio - ok
19:23:53.0858 0x2a20 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:23:53.0874 0x2a20 lltdsvc - ok
19:23:53.0874 0x2a20 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:23:53.0889 0x2a20 lmhosts - ok
19:23:53.0889 0x2a20 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:23:53.0889 0x2a20 LSI_SAS - ok
19:23:53.0907 0x2a20 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
19:23:53.0912 0x2a20 LSI_SAS2i - ok
19:23:53.0912 0x2a20 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
19:23:53.0912 0x2a20 LSI_SAS3i - ok
19:23:53.0927 0x2a20 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:23:53.0927 0x2a20 LSI_SSS - ok
19:23:53.0943 0x2a20 [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM C:\WINDOWS\System32\lsm.dll
19:23:53.0958 0x2a20 LSM - ok
19:23:53.0958 0x2a20 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:23:53.0974 0x2a20 luafv - ok
19:23:53.0974 0x2a20 [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker C:\WINDOWS\System32\moshost.dll
19:23:53.0990 0x2a20 MapsBroker - ok
19:23:53.0990 0x2a20 [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
19:23:53.0990 0x2a20 MBAMProtector - ok
19:23:54.0012 0x2a20 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
19:23:54.0043 0x2a20 MBAMScheduler - ok
19:23:54.0062 0x2a20 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:23:54.0082 0x2a20 MBAMService - ok
19:23:54.0088 0x2a20 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
19:23:54.0106 0x2a20 MBAMSwissArmy - ok
19:23:54.0109 0x2a20 [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
19:23:54.0113 0x2a20 MBAMWebAccessControl - ok
19:23:54.0116 0x2a20 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:23:54.0122 0x2a20 megasas - ok
19:23:54.0126 0x2a20 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
19:23:54.0132 0x2a20 megasas2i - ok
19:23:54.0141 0x2a20 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:23:54.0141 0x2a20 megasr - ok
19:23:54.0157 0x2a20 [ 86F565B0D41EBCCE7256B812F3A0442B, BACB5753D4501679B0C3D5D6B2D2D5233EC6B5BF76D0C2BD616EC460D5B9918F ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
19:23:54.0180 0x2a20 MEIx64 - ok
19:23:54.0183 0x2a20 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
19:23:54.0191 0x2a20 MessagingService - ok
19:23:54.0206 0x2a20 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
19:23:54.0224 0x2a20 mlx4_bus - ok
19:23:54.0224 0x2a20 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
19:23:54.0224 0x2a20 MMCSS - ok
19:23:54.0224 0x2a20 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:23:54.0240 0x2a20 Modem - ok
19:23:54.0240 0x2a20 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:23:54.0240 0x2a20 monitor - ok
19:23:54.0256 0x2a20 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:23:54.0256 0x2a20 mouclass - ok
19:23:54.0256 0x2a20 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:23:54.0271 0x2a20 mouhid - ok
19:23:54.0271 0x2a20 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:23:54.0271 0x2a20 mountmgr - ok
19:23:54.0271 0x2a20 [ 7AAFF443581F9B6F86CDF761ED0A437D, 6E159C875F5666E6D17C58628EEAF79818697355AFE213CE778BD3FEA04248C0 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:23:54.0287 0x2a20 MozillaMaintenance - ok
19:23:54.0287 0x2a20 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:23:54.0303 0x2a20 mpsdrv - ok
19:23:54.0312 0x2a20 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:23:54.0343 0x2a20 MpsSvc - ok
19:23:54.0343 0x2a20 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:23:54.0343 0x2a20 MRxDAV - ok
19:23:54.0359 0x2a20 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:23:54.0375 0x2a20 mrxsmb - ok
19:23:54.0375 0x2a20 [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:23:54.0390 0x2a20 mrxsmb10 - ok
19:23:54.0390 0x2a20 [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:23:54.0409 0x2a20 mrxsmb20 - ok
19:23:54.0412 0x2a20 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
19:23:54.0412 0x2a20 MsBridge - ok
19:23:54.0412 0x2a20 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:23:54.0428 0x2a20 MSDTC - ok
19:23:54.0428 0x2a20 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:23:54.0444 0x2a20 Msfs - ok
19:23:54.0444 0x2a20 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:23:54.0444 0x2a20 msgpiowin32 - ok
19:23:54.0444 0x2a20 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:23:54.0459 0x2a20 mshidkmdf - ok
19:23:54.0459 0x2a20 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:23:54.0459 0x2a20 mshidumdf - ok
19:23:54.0459 0x2a20 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:23:54.0475 0x2a20 msisadrv - ok
19:23:54.0475 0x2a20 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:23:54.0490 0x2a20 MSiSCSI - ok
19:23:54.0490 0x2a20 msiserver - ok
19:23:54.0490 0x2a20 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
19:23:54.0508 0x2a20 MSKSSRV - ok
19:23:54.0511 0x2a20 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
19:23:54.0513 0x2a20 MsLldp - ok
19:23:54.0513 0x2a20 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
19:23:54.0528 0x2a20 MSPCLOCK - ok
19:23:54.0528 0x2a20 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
19:23:54.0528 0x2a20 MSPQM - ok
19:23:54.0544 0x2a20 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:23:54.0559 0x2a20 MsRPC - ok
19:23:54.0559 0x2a20 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
19:23:54.0559 0x2a20 MsSecFlt - ok
19:23:54.0575 0x2a20 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:23:54.0575 0x2a20 mssmbios - ok
19:23:54.0575 0x2a20 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
19:23:54.0591 0x2a20 MSTEE - ok
19:23:54.0591 0x2a20 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:23:54.0591 0x2a20 MTConfig - ok
19:23:54.0609 0x2a20 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:23:54.0613 0x2a20 Mup - ok
19:23:54.0613 0x2a20 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:23:54.0613 0x2a20 mvumis - ok
19:23:54.0613 0x2a20 [ C009123B206C56854F4E88596035231D, 670403A40B425F77C90ECB048A0C8BC11FB19E40A8CECC2C3DCF79175B745863 ] mwlPSDFilter C:\WINDOWS\system32\DRIVERS\mwlPSDFilter.sys
19:23:54.0628 0x2a20 mwlPSDFilter - ok
19:23:54.0628 0x2a20 [ BF3739EEB9F008B1DEBAC115089A53F8, 8546AB69087656259BBE17D6F80F4AB164B04171673CE2BF9FFD1B5C9584E9A4 ] mwlPSDNServ C:\WINDOWS\system32\DRIVERS\mwlPSDNServ.sys
19:23:54.0628 0x2a20 mwlPSDNServ - ok
19:23:54.0628 0x2a20 [ 38DD143D95E7A01B86F219DDA9C28779, 5FA8C0595CCF835DBCE1CC5322E8FD4BFB6DFB6CF869BB7CB73F919445D469AA ] mwlPSDVDisk C:\WINDOWS\system32\DRIVERS\mwlPSDVDisk.sys
19:23:54.0628 0x2a20 mwlPSDVDisk - ok
19:23:54.0644 0x2a20 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:23:54.0660 0x2a20 NativeWifiP - ok
19:23:54.0675 0x2a20 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:23:54.0675 0x2a20 NcaSvc - ok
19:23:54.0691 0x2a20 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:23:54.0691 0x2a20 NcbService - ok
19:23:54.0710 0x2a20 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:23:54.0713 0x2a20 NcdAutoSetup - ok
19:23:54.0713 0x2a20 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
19:23:54.0729 0x2a20 ndfltr - ok
19:23:54.0744 0x2a20 [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:23:54.0777 0x2a20 NDIS - ok
19:23:54.0782 0x2a20 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
19:23:54.0789 0x2a20 NdisCap - ok
19:23:54.0793 0x2a20 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
19:23:54.0805 0x2a20 NdisImPlatform - ok
19:23:54.0813 0x2a20 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:23:54.0823 0x2a20 NdisTapi - ok
19:23:54.0826 0x2a20 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
19:23:54.0833 0x2a20 Ndisuio - ok
19:23:54.0835 0x2a20 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:23:54.0841 0x2a20 NdisVirtualBus - ok
19:23:54.0841 0x2a20 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
19:23:54.0857 0x2a20 NdisWan - ok
19:23:54.0857 0x2a20 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:23:54.0873 0x2a20 ndiswanlegacy - ok
19:23:54.0873 0x2a20 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
19:23:54.0888 0x2a20 ndproxy - ok
19:23:54.0888 0x2a20 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:23:54.0909 0x2a20 Ndu - ok
19:23:54.0912 0x2a20 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\WINDOWS\System32\drivers\netaapl64.sys
19:23:54.0931 0x2a20 Netaapl - ok
19:23:54.0935 0x2a20 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
19:23:54.0943 0x2a20 NetAdapterCx - ok
19:23:54.0946 0x2a20 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
19:23:54.0953 0x2a20 NetBIOS - ok
19:23:54.0957 0x2a20 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:23:54.0973 0x2a20 NetBT - ok
19:23:54.0973 0x2a20 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
19:23:54.0973 0x2a20 Netlogon - ok
19:23:54.0993 0x2a20 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
19:23:55.0006 0x2a20 Netman - ok
19:23:55.0015 0x2a20 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:23:55.0034 0x2a20 netprofm - ok
19:23:55.0040 0x2a20 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
19:23:55.0055 0x2a20 NetSetupSvc - ok
19:23:55.0058 0x2a20 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:23:55.0074 0x2a20 NetTcpPortSharing - ok
19:23:55.0074 0x2a20 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
19:23:55.0101 0x2a20 NgcCtnrSvc - ok
19:23:55.0115 0x2a20 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
19:23:55.0152 0x2a20 NgcSvc - ok
19:23:55.0158 0x2a20 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:23:55.0173 0x2a20 NlaSvc - ok
19:23:55.0173 0x2a20 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:23:55.0173 0x2a20 Npfs - ok
19:23:55.0189 0x2a20 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:23:55.0195 0x2a20 npsvctrig - ok
19:23:55.0201 0x2a20 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:23:55.0210 0x2a20 nsi - ok
19:23:55.0212 0x2a20 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:23:55.0219 0x2a20 nsiproxy - ok
19:23:55.0251 0x2a20 [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
19:23:55.0295 0x2a20 NTFS - ok
19:23:55.0300 0x2a20 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
19:23:55.0307 0x2a20 Null - ok
19:23:55.0313 0x2a20 [ 1F346E981A76BA8B98540B3481C1D659, 701F49AD67AD23A5B935F8A2A8A64CBEC194368889FE8CF09EEE44192D25E3E3 ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
19:23:55.0320 0x2a20 NVHDA - ok
19:23:55.0472 0x2a20 [ E5613925525AEB14E5A479C5AD6C8ADB, 09782EE1D1B566DB2C1A90602D0A6795F226F22C75F41D9A0466584900AB3922 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
19:23:55.0620 0x2a20 nvlddmkm - ok
19:23:55.0625 0x2a20 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:23:55.0625 0x2a20 nvraid - ok
19:23:55.0640 0x2a20 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:23:55.0640 0x2a20 nvstor - ok
19:23:55.0656 0x2a20 [ 81470B9600F7504D0581BD4533F45CFC, 84DB158345C67AF54E0D9943F8F20B85FD78A15469A67F1F05A98FD8753A7EBF ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
19:23:55.0656 0x2a20 NvStUSB - ok
19:23:55.0672 0x2a20 [ 1CD8D5BF5E4058A2E12949D74A7E27FD, EB99D0451F28E20A06B9E184217B8B968C1BA968C24E1DD223C3AC648D968641 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
19:23:55.0687 0x2a20 nvsvc - ok
19:23:55.0710 0x2a20 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
19:23:55.0714 0x2a20 OneSyncSvc - ok
19:23:55.0729 0x2a20 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:23:55.0729 0x2a20 p2pimsvc - ok
19:23:55.0745 0x2a20 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:23:55.0761 0x2a20 p2psvc - ok
19:23:55.0761 0x2a20 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:23:55.0776 0x2a20 Parport - ok
19:23:55.0776 0x2a20 [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:23:55.0776 0x2a20 partmgr - ok
19:23:55.0792 0x2a20 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:23:55.0814 0x2a20 PcaSvc - ok
19:23:55.0814 0x2a20 [ 101CC1FD8D48ED1EF71F0840158D0E6D, A944D70DE230E3FBD8B371EF3BED1FCD12AAFD56945A8F5C44994AF13283FCCD ] pci C:\WINDOWS\system32\drivers\pci.sys
19:23:55.0830 0x2a20 pci - ok
19:23:55.0830 0x2a20 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:23:55.0830 0x2a20 pciide - ok
19:23:55.0830 0x2a20 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:23:55.0845 0x2a20 pcmcia - ok
19:23:55.0845 0x2a20 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:23:55.0845 0x2a20 pcw - ok
19:23:55.0861 0x2a20 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:23:55.0861 0x2a20 pdc - ok
19:23:55.0877 0x2a20 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:23:55.0892 0x2a20 PEAUTH - ok
19:23:55.0930 0x2a20 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
19:23:55.0977 0x2a20 PeerDistSvc - ok
19:23:55.0977 0x2a20 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
19:23:55.0995 0x2a20 percsas2i - ok
19:23:55.0998 0x2a20 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
19:23:56.0005 0x2a20 percsas3i - ok
19:23:56.0018 0x2a20 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:23:56.0027 0x2a20 PerfHost - ok
19:23:56.0042 0x2a20 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
19:23:56.0058 0x2a20 PhoneSvc - ok
|
|
09.12.2016, 19:33
| #10 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Code:
ATTFilter 19:23:56.0058 0x2a20 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
19:23:56.0073 0x2a20 PimIndexMaintenanceSvc - ok
19:23:56.0105 0x2a20 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
19:23:56.0141 0x2a20 pla - ok
19:23:56.0141 0x2a20 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:23:56.0156 0x2a20 PlugPlay - ok
19:23:56.0156 0x2a20 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:23:56.0172 0x2a20 PNRPAutoReg - ok
19:23:56.0172 0x2a20 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:23:56.0188 0x2a20 PNRPsvc - ok
19:23:56.0188 0x2a20 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:23:56.0215 0x2a20 PolicyAgent - ok
19:23:56.0215 0x2a20 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
19:23:56.0230 0x2a20 Power - ok
19:23:56.0230 0x2a20 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
19:23:56.0246 0x2a20 PptpMiniport - ok
19:23:56.0277 0x2a20 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:23:56.0362 0x2a20 PrintNotify - ok
19:23:56.0362 0x2a20 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:23:56.0383 0x2a20 Processor - ok
19:23:56.0390 0x2a20 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:23:56.0406 0x2a20 ProfSvc - ok
19:23:56.0410 0x2a20 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
19:23:56.0418 0x2a20 Psched - ok
19:23:56.0423 0x2a20 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:23:56.0424 0x2a20 QWAVE - ok
19:23:56.0424 0x2a20 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:23:56.0440 0x2a20 QWAVEdrv - ok
19:23:56.0440 0x2a20 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:23:56.0440 0x2a20 RasAcd - ok
19:23:56.0456 0x2a20 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
19:23:56.0456 0x2a20 RasAgileVpn - ok
19:23:56.0471 0x2a20 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:23:56.0471 0x2a20 RasAuto - ok
19:23:56.0471 0x2a20 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
19:23:56.0496 0x2a20 Rasl2tp - ok
19:23:56.0507 0x2a20 [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:23:56.0515 0x2a20 RasMan - ok
19:23:56.0515 0x2a20 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:23:56.0531 0x2a20 RasPppoe - ok
19:23:56.0531 0x2a20 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
19:23:56.0546 0x2a20 RasSstp - ok
19:23:56.0546 0x2a20 [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:23:56.0562 0x2a20 rdbss - ok
19:23:56.0562 0x2a20 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:23:56.0578 0x2a20 rdpbus - ok
19:23:56.0586 0x2a20 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:23:56.0595 0x2a20 RDPDR - ok
19:23:56.0600 0x2a20 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:23:56.0605 0x2a20 RdpVideoMiniport - ok
19:23:56.0611 0x2a20 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:23:56.0620 0x2a20 rdyboost - ok
19:23:56.0625 0x2a20 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
19:23:56.0641 0x2a20 ReFSv1 - ok
19:23:56.0657 0x2a20 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:23:56.0672 0x2a20 RemoteAccess - ok
19:23:56.0690 0x2a20 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:23:56.0704 0x2a20 RemoteRegistry - ok
19:23:56.0715 0x2a20 [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
19:23:56.0731 0x2a20 RetailDemo - ok
19:23:56.0731 0x2a20 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
19:23:56.0746 0x2a20 RFCOMM - ok
19:23:56.0746 0x2a20 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
19:23:56.0762 0x2a20 RmSvc - ok
19:23:56.0762 0x2a20 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:23:56.0762 0x2a20 RpcEptMapper - ok
19:23:56.0762 0x2a20 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
19:23:56.0778 0x2a20 RpcLocator - ok
19:23:56.0793 0x2a20 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:23:56.0822 0x2a20 RpcSs - ok
19:23:56.0826 0x2a20 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
19:23:56.0833 0x2a20 rspndr - ok
19:23:56.0845 0x2a20 [ 14190644E437A95B244BFC9B37ACDB61, 793142BF5BD234F6ADA35899CA0E3ED613BE7FD09D035E5851B8C893C20F98FB ] RTL8192su C:\WINDOWS\System32\drivers\RTL8192su.sys
19:23:56.0858 0x2a20 RTL8192su - ok
19:23:56.0858 0x2a20 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:23:56.0858 0x2a20 s3cap - ok
19:23:56.0873 0x2a20 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
19:23:56.0873 0x2a20 SamSs - ok
19:23:56.0873 0x2a20 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:23:56.0889 0x2a20 sbp2port - ok
19:23:56.0889 0x2a20 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:23:56.0911 0x2a20 SCardSvr - ok
19:23:56.0916 0x2a20 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:23:56.0916 0x2a20 ScDeviceEnum - ok
19:23:56.0916 0x2a20 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:23:56.0938 0x2a20 scfilter - ok
19:23:56.0953 0x2a20 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:23:56.0975 0x2a20 Schedule - ok
19:23:56.0975 0x2a20 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
19:23:56.0990 0x2a20 scmbus - ok
19:23:56.0990 0x2a20 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
19:23:56.0990 0x2a20 scmdisk0101 - ok
19:23:57.0010 0x2a20 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:23:57.0016 0x2a20 SCPolicySvc - ok
19:23:57.0016 0x2a20 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:23:57.0032 0x2a20 sdbus - ok
19:23:57.0032 0x2a20 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
19:23:57.0049 0x2a20 SDRSVC - ok
19:23:57.0053 0x2a20 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:23:57.0059 0x2a20 sdstor - ok
19:23:57.0062 0x2a20 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
19:23:57.0069 0x2a20 seclogon - ok
19:23:57.0073 0x2a20 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
19:23:57.0082 0x2a20 SENS - ok
19:23:57.0084 0x2a20 Sense - ok
19:23:57.0091 0x2a20 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
19:23:57.0131 0x2a20 SensorDataService - ok
19:23:57.0147 0x2a20 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
19:23:57.0163 0x2a20 SensorService - ok
19:23:57.0168 0x2a20 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:23:57.0180 0x2a20 SensrSvc - ok
19:23:57.0182 0x2a20 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:23:57.0189 0x2a20 SerCx - ok
19:23:57.0193 0x2a20 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:23:57.0201 0x2a20 SerCx2 - ok
19:23:57.0203 0x2a20 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:23:57.0210 0x2a20 Serenum - ok
19:23:57.0213 0x2a20 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:23:57.0216 0x2a20 Serial - ok
19:23:57.0216 0x2a20 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:23:57.0216 0x2a20 sermouse - ok
19:23:57.0245 0x2a20 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:23:57.0256 0x2a20 SessionEnv - ok
19:23:57.0256 0x2a20 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:23:57.0256 0x2a20 sfloppy - ok
19:23:57.0271 0x2a20 [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:23:57.0298 0x2a20 SharedAccess - ok
19:23:57.0310 0x2a20 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:23:57.0331 0x2a20 ShellHWDetection - ok
19:23:57.0331 0x2a20 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
19:23:57.0347 0x2a20 shpamsvc - ok
19:23:57.0347 0x2a20 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:23:57.0347 0x2a20 SiSRaid2 - ok
19:23:57.0347 0x2a20 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:23:57.0363 0x2a20 SiSRaid4 - ok
19:23:57.0363 0x2a20 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
19:23:57.0363 0x2a20 smphost - ok
19:23:57.0378 0x2a20 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
19:23:57.0408 0x2a20 SmsRouter - ok
19:23:57.0413 0x2a20 [ 05EAA28938D976811BD86DDA93F572DB, 8D0A8668A6610804217DDF0A7A9054A0470343185672A614389013EAB3613717 ] SNMP C:\WINDOWS\System32\snmp.exe
19:23:57.0424 0x2a20 SNMP - ok
19:23:57.0426 0x2a20 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:23:57.0434 0x2a20 SNMPTRAP - ok
19:23:57.0443 0x2a20 [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:23:57.0457 0x2a20 spaceport - ok
19:23:57.0458 0x2a20 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:23:57.0458 0x2a20 SpbCx - ok
19:23:57.0474 0x2a20 [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:23:57.0506 0x2a20 Spooler - ok
19:23:57.0572 0x2a20 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:23:57.0656 0x2a20 sppsvc - ok
19:23:57.0671 0x2a20 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:23:57.0687 0x2a20 srv - ok
19:23:57.0710 0x2a20 [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:23:57.0729 0x2a20 srv2 - ok
19:23:57.0735 0x2a20 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:23:57.0741 0x2a20 srvnet - ok
19:23:57.0741 0x2a20 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:23:57.0757 0x2a20 SSDPSRV - ok
19:23:57.0757 0x2a20 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:23:57.0772 0x2a20 SstpSvc - ok
19:23:57.0824 0x2a20 [ FD881B87C853EB2F0B8B7B5CC71D6FE3, 780038C203C9277C366794302D90BC0AE75568863F1FB7044197BA20D798E4BA ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
19:23:57.0921 0x2a20 StateRepository - ok
19:23:57.0924 0x2a20 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:23:57.0924 0x2a20 stexstor - ok
19:23:57.0940 0x2a20 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:23:57.0956 0x2a20 stisvc - ok
19:23:57.0956 0x2a20 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:23:57.0971 0x2a20 storahci - ok
19:23:57.0971 0x2a20 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:23:57.0971 0x2a20 storflt - ok
19:23:57.0987 0x2a20 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:23:57.0987 0x2a20 stornvme - ok
19:23:57.0987 0x2a20 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
19:23:58.0006 0x2a20 storqosflt - ok
19:23:58.0014 0x2a20 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:23:58.0029 0x2a20 StorSvc - ok
19:23:58.0032 0x2a20 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
19:23:58.0037 0x2a20 storufs - ok
19:23:58.0040 0x2a20 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:23:58.0041 0x2a20 storvsc - ok
19:23:58.0041 0x2a20 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
19:23:58.0057 0x2a20 svsvc - ok
19:23:58.0057 0x2a20 [ F7BBFE134E2FB4F49BB836AA872FD505, CD8A5883C8A244BB35EAE4D112B45C27F047FEAA39CE539B4EBE462C6A5AED93 ] SvThLSNS c:\Program Files (x86)\SAVITECH\SVLoadSense\x64\SvThLSNS.sys
19:23:58.0072 0x2a20 SvThLSNS - ok
19:23:58.0072 0x2a20 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:23:58.0072 0x2a20 swenum - ok
19:23:58.0088 0x2a20 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
19:23:58.0110 0x2a20 swprv - ok
19:23:58.0114 0x2a20 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
19:23:58.0120 0x2a20 Synth3dVsc - ok
19:23:58.0135 0x2a20 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
19:23:58.0157 0x2a20 SysMain - ok
19:23:58.0173 0x2a20 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:23:58.0188 0x2a20 SystemEventsBroker - ok
19:23:58.0188 0x2a20 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:23:58.0204 0x2a20 TabletInputService - ok
19:23:58.0211 0x2a20 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:23:58.0216 0x2a20 TapiSrv - ok
19:23:58.0248 0x2a20 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:23:58.0294 0x2a20 Tcpip - ok
19:23:58.0332 0x2a20 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
19:23:58.0379 0x2a20 Tcpip6 - ok
19:23:58.0379 0x2a20 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:23:58.0379 0x2a20 tcpipreg - ok
19:23:58.0395 0x2a20 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:23:58.0395 0x2a20 tdx - ok
19:23:58.0517 0x2a20 [ 553DF8F873F595C870C17D47EEDD8188, FAF966BFDC83FD3EAFBE943B59FCA2C6AB439B520D33E69FCF3F86215471B450 ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
19:23:58.0918 0x2a20 TeamViewer - ok
19:23:58.0933 0x2a20 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:23:58.0933 0x2a20 terminpt - ok
19:23:58.0959 0x2a20 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
19:23:58.0987 0x2a20 TermService - ok
19:23:58.0991 0x2a20 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
19:23:59.0004 0x2a20 Themes - ok
19:23:59.0011 0x2a20 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
19:23:59.0025 0x2a20 TieringEngineService - ok
19:23:59.0025 0x2a20 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
19:23:59.0057 0x2a20 tiledatamodelsvc - ok
19:23:59.0062 0x2a20 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
19:23:59.0073 0x2a20 TimeBrokerSvc - ok
19:23:59.0078 0x2a20 [ 3D04046C468AD2868A093925B5E2AA0A, 44696259BEF49AC200DEE146DE0E4375B0CD09F9356CCFA22BD7AD8B53E48658 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
19:23:59.0087 0x2a20 TPM - ok
19:23:59.0091 0x2a20 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:23:59.0100 0x2a20 TrkWks - ok
19:23:59.0104 0x2a20 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:23:59.0112 0x2a20 TrustedInstaller - ok
19:23:59.0116 0x2a20 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
19:23:59.0123 0x2a20 tsusbflt - ok
19:23:59.0125 0x2a20 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:23:59.0125 0x2a20 TsUsbGD - ok
19:23:59.0125 0x2a20 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
19:23:59.0140 0x2a20 tsusbhub - ok
19:23:59.0140 0x2a20 [ AF62F7CFDCC1ADFE43F6A8374DA13F86, 81ABCFB49BA93622693B2515BDC31D36586E1F1BD31DC28FCD9C26B78D5C1064 ] TTHID C:\WINDOWS\System32\drivers\Cinergy_Hybrid-Stick_HID.sys
19:23:59.0161 0x2a20 TTHID - ok
19:23:59.0165 0x2a20 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
19:23:59.0174 0x2a20 tunnel - ok
19:23:59.0178 0x2a20 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
19:23:59.0189 0x2a20 tzautoupdate - ok
19:23:59.0192 0x2a20 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:23:59.0199 0x2a20 UASPStor - ok
19:23:59.0202 0x2a20 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
19:23:59.0210 0x2a20 UcmCx0101 - ok
19:23:59.0214 0x2a20 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
19:23:59.0221 0x2a20 UcmTcpciCx0101 - ok
19:23:59.0225 0x2a20 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
19:23:59.0225 0x2a20 UcmUcsi - ok
19:23:59.0225 0x2a20 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
19:23:59.0241 0x2a20 Ucx01000 - ok
19:23:59.0241 0x2a20 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
19:23:59.0241 0x2a20 UdeCx - ok
19:23:59.0256 0x2a20 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:23:59.0272 0x2a20 udfs - ok
19:23:59.0287 0x2a20 [ BC8B8BE4EB7D33145A7A4A7761825C13, 1C3EFAB5B55FA09854E914B595F15056CA89B35B12D0449499C5A74AD9FE0FA3 ] UDXTTM6010 C:\WINDOWS\system32\DRIVERS\UDXTTM6010.sys
19:23:59.0318 0x2a20 UDXTTM6010 - ok
19:23:59.0318 0x2a20 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:23:59.0318 0x2a20 UEFI - ok
19:23:59.0318 0x2a20 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
19:23:59.0334 0x2a20 UevAgentDriver - ok
19:23:59.0349 0x2a20 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\WINDOWS\system32\AgentService.exe
19:23:59.0388 0x2a20 UevAgentService - ok
19:23:59.0394 0x2a20 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
19:23:59.0404 0x2a20 Ufx01000 - ok
19:23:59.0408 0x2a20 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
19:23:59.0415 0x2a20 UfxChipidea - ok
19:23:59.0419 0x2a20 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
19:23:59.0426 0x2a20 ufxsynopsys - ok
19:23:59.0431 0x2a20 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:23:59.0439 0x2a20 UI0Detect - ok
19:23:59.0441 0x2a20 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:23:59.0441 0x2a20 umbus - ok
19:23:59.0441 0x2a20 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:23:59.0457 0x2a20 UmPass - ok
19:23:59.0457 0x2a20 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:23:59.0473 0x2a20 UmRdpService - ok
19:23:59.0488 0x2a20 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
19:23:59.0518 0x2a20 UnistoreSvc - ok
19:23:59.0534 0x2a20 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:23:59.0550 0x2a20 upnphost - ok
19:23:59.0550 0x2a20 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
19:23:59.0550 0x2a20 UrsChipidea - ok
19:23:59.0566 0x2a20 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
19:23:59.0572 0x2a20 UrsCx01000 - ok
19:23:59.0575 0x2a20 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
19:23:59.0581 0x2a20 UrsSynopsys - ok
19:23:59.0584 0x2a20 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:23:59.0606 0x2a20 USBAAPL64 - ok
19:23:59.0611 0x2a20 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:23:59.0619 0x2a20 usbccgp - ok
19:23:59.0622 0x2a20 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:23:59.0630 0x2a20 usbcir - ok
19:23:59.0634 0x2a20 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:23:59.0640 0x2a20 usbehci - ok
19:23:59.0641 0x2a20 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:23:59.0657 0x2a20 usbhub - ok
19:23:59.0657 0x2a20 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:23:59.0672 0x2a20 USBHUB3 - ok
19:23:59.0672 0x2a20 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:23:59.0688 0x2a20 usbohci - ok
19:23:59.0688 0x2a20 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:23:59.0688 0x2a20 usbprint - ok
19:23:59.0706 0x2a20 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
19:23:59.0714 0x2a20 usbser - ok
19:23:59.0718 0x2a20 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:23:59.0719 0x2a20 USBSTOR - ok
19:23:59.0719 0x2a20 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:23:59.0734 0x2a20 usbuhci - ok
19:23:59.0734 0x2a20 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:23:59.0750 0x2a20 USBXHCI - ok
19:23:59.0774 0x2a20 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
19:23:59.0810 0x2a20 UserDataSvc - ok
19:23:59.0827 0x2a20 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
19:23:59.0857 0x2a20 UserManager - ok
19:23:59.0857 0x2a20 [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc C:\WINDOWS\system32\usocore.dll
19:23:59.0872 0x2a20 UsoSvc - ok
19:23:59.0888 0x2a20 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:23:59.0888 0x2a20 VaultSvc - ok
19:23:59.0888 0x2a20 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:23:59.0906 0x2a20 vdrvroot - ok
19:23:59.0917 0x2a20 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
19:23:59.0934 0x2a20 vds - ok
19:23:59.0934 0x2a20 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:23:59.0950 0x2a20 VerifierExt - ok
19:23:59.0950 0x2a20 [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:23:59.0981 0x2a20 vhdmp - ok
19:23:59.0981 0x2a20 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
19:23:59.0981 0x2a20 vhf - ok
19:23:59.0981 0x2a20 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:23:59.0997 0x2a20 vmbus - ok
19:23:59.0997 0x2a20 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:23:59.0997 0x2a20 VMBusHID - ok
19:24:00.0013 0x2a20 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
19:24:00.0019 0x2a20 vmgid - ok
19:24:00.0019 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
19:24:00.0035 0x2a20 vmicguestinterface - ok
19:24:00.0035 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
19:24:00.0050 0x2a20 vmicheartbeat - ok
19:24:00.0050 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
19:24:00.0066 0x2a20 vmickvpexchange - ok
19:24:00.0066 0x2a20 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
19:24:00.0082 0x2a20 vmicrdv - ok
19:24:00.0097 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
19:24:00.0114 0x2a20 vmicshutdown - ok
19:24:00.0119 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
19:24:00.0119 0x2a20 vmictimesync - ok
19:24:00.0135 0x2a20 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
19:24:00.0135 0x2a20 vmicvmsession - ok
19:24:00.0151 0x2a20 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
19:24:00.0166 0x2a20 vmicvss - ok
19:24:00.0166 0x2a20 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:24:00.0166 0x2a20 volmgr - ok
19:24:00.0182 0x2a20 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:24:00.0182 0x2a20 volmgrx - ok
19:24:00.0197 0x2a20 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:24:00.0215 0x2a20 volsnap - ok
19:24:00.0217 0x2a20 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
19:24:00.0220 0x2a20 volume - ok
19:24:00.0220 0x2a20 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:24:00.0220 0x2a20 vpci - ok
19:24:00.0235 0x2a20 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:24:00.0235 0x2a20 vsmraid - ok
19:24:00.0265 0x2a20 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
19:24:00.0305 0x2a20 VSS - ok
19:24:00.0313 0x2a20 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:24:00.0323 0x2a20 VSTXRAID - ok
19:24:00.0325 0x2a20 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:24:00.0325 0x2a20 vwifibus - ok
19:24:00.0325 0x2a20 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
19:24:00.0340 0x2a20 vwififlt - ok
19:24:00.0340 0x2a20 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
19:24:00.0372 0x2a20 W32Time - ok
19:24:00.0372 0x2a20 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:24:00.0372 0x2a20 WacomPen - ok
19:24:00.0387 0x2a20 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
19:24:00.0408 0x2a20 WalletService - ok
19:24:00.0412 0x2a20 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:24:00.0423 0x2a20 wanarp - ok
19:24:00.0426 0x2a20 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:24:00.0436 0x2a20 wanarpv6 - ok
19:24:00.0458 0x2a20 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
19:24:00.0499 0x2a20 wbengine - ok
19:24:00.0515 0x2a20 [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:24:00.0536 0x2a20 WbioSrvc - ok
19:24:00.0536 0x2a20 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
19:24:00.0553 0x2a20 wcifs - ok
19:24:00.0565 0x2a20 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:24:00.0591 0x2a20 Wcmsvc - ok
19:24:00.0600 0x2a20 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:24:00.0618 0x2a20 wcncsvc - ok
19:24:00.0621 0x2a20 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
19:24:00.0625 0x2a20 wcnfs - ok
19:24:00.0625 0x2a20 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:24:00.0625 0x2a20 WdBoot - ok
19:24:00.0641 0x2a20 [ DF166352F6E356BFA33A66DD37A96AA7, 3993C22810A490281F74BF26210C9A868BF8E99A0CB090BA8E0250A5D2BC1EB2 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
19:24:00.0641 0x2a20 WDDriveService - ok
19:24:00.0656 0x2a20 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:24:00.0672 0x2a20 Wdf01000 - ok
19:24:00.0672 0x2a20 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:24:00.0688 0x2a20 WdFilter - ok
19:24:00.0688 0x2a20 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:24:00.0703 0x2a20 WdiServiceHost - ok
19:24:00.0703 0x2a20 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:24:00.0720 0x2a20 WdiSystemHost - ok
19:24:00.0736 0x2a20 [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
19:24:00.0752 0x2a20 wdiwifi - ok
19:24:00.0752 0x2a20 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:24:00.0767 0x2a20 WdNisDrv - ok
19:24:00.0767 0x2a20 WdNisSvc - ok
19:24:00.0767 0x2a20 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:24:00.0783 0x2a20 WebClient - ok
19:24:00.0783 0x2a20 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:24:00.0798 0x2a20 Wecsvc - ok
19:24:00.0798 0x2a20 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:24:00.0819 0x2a20 WEPHOSTSVC - ok
19:24:00.0821 0x2a20 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:24:00.0821 0x2a20 wercplsupport - ok
19:24:00.0836 0x2a20 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:24:00.0836 0x2a20 WerSvc - ok
19:24:00.0836 0x2a20 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
19:24:00.0852 0x2a20 WFPLWFS - ok
19:24:00.0852 0x2a20 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:24:00.0867 0x2a20 WiaRpc - ok
19:24:00.0867 0x2a20 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:24:00.0867 0x2a20 WIMMount - ok
19:24:00.0867 0x2a20 WinDefend - ok
19:24:00.0883 0x2a20 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
19:24:00.0883 0x2a20 WindowsTrustedRT - ok
19:24:00.0883 0x2a20 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
19:24:00.0899 0x2a20 WindowsTrustedRTProxy - ok
19:24:00.0914 0x2a20 [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:24:00.0936 0x2a20 WinHttpAutoProxySvc - ok
19:24:00.0936 0x2a20 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
19:24:00.0936 0x2a20 WinMad - ok
19:24:00.0952 0x2a20 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:24:00.0952 0x2a20 Winmgmt - ok
19:24:00.0999 0x2a20 [ A26570B4A21AD6F4D597148D3C22274E, 594BD3B9B9B4027E5A7025CAB715378FB565FC5E00A0315A2EC3A6EFBC9CC72E ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:24:01.0061 0x2a20 WinRM - ok
19:24:01.0068 0x2a20 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
19:24:01.0076 0x2a20 WINUSB - ok
19:24:01.0079 0x2a20 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
19:24:01.0085 0x2a20 WinVerbs - ok
19:24:01.0088 0x2a20 [ 3A627A24EAC6CEC3BA59548AA70BAD6E, C4B908CEB2D6F7F14C635AE02E20B16DAF795073975AE3967627D27E8ABAB015 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
19:24:01.0094 0x2a20 WirelessKeyboardFilter - ok
19:24:01.0105 0x2a20 [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\WINDOWS\system32\flightsettings.dll
19:24:01.0123 0x2a20 wisvc - ok
19:24:01.0141 0x2a20 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:24:01.0213 0x2a20 WlanSvc - ok
19:24:01.0244 0x2a20 [ 8CBA7957D7F7B48C0D396E40AA2FBCDA, 15B0B46B0C6B90350948BA4780C0AADC16FD1754F56D14F5F5C23560190EFAFF ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:24:01.0291 0x2a20 wlidsvc - ok
19:24:01.0296 0x2a20 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:24:01.0302 0x2a20 WmiAcpi - ok
19:24:01.0308 0x2a20 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:24:01.0319 0x2a20 wmiApSrv - ok
19:24:01.0321 0x2a20 WMPNetworkSvc - ok
19:24:01.0325 0x2a20 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:24:01.0325 0x2a20 Wof - ok
19:24:01.0356 0x2a20 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:24:01.0408 0x2a20 workfolderssvc - ok
19:24:01.0414 0x2a20 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:24:01.0422 0x2a20 WPDBusEnum - ok
19:24:01.0425 0x2a20 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:24:01.0431 0x2a20 WpdUpFltr - ok
19:24:01.0436 0x2a20 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
19:24:01.0441 0x2a20 WpnService - ok
19:24:01.0441 0x2a20 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
19:24:01.0457 0x2a20 WpnUserService - ok
19:24:01.0457 0x2a20 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:24:01.0457 0x2a20 ws2ifsl - ok
19:24:01.0473 0x2a20 [ FF190115CBA067F58C981F0A9F43ABDF, C90353C748C02DB38B561C250682E12C82985A6F7ED7D497AF5DE10EC243FCBA ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:24:01.0473 0x2a20 wscsvc - ok
19:24:01.0488 0x2a20 [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
19:24:01.0488 0x2a20 WSDPrintDevice - ok
19:24:01.0488 0x2a20 WSearch - ok
19:24:01.0524 0x2a20 [ 6BA66FE47BFAF223AEE6C98F28EB4D8E, 3B380329594DAD5BB50301F5A8A912BF6121788F395133C70C893879F68450FB ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:24:01.0571 0x2a20 wuauserv - ok
19:24:01.0587 0x2a20 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:24:01.0587 0x2a20 WudfPf - ok
19:24:01.0587 0x2a20 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:24:01.0602 0x2a20 WUDFRd - ok
19:24:01.0602 0x2a20 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:24:01.0621 0x2a20 wudfsvc - ok
19:24:01.0621 0x2a20 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:24:01.0637 0x2a20 WUDFWpdFs - ok
19:24:01.0637 0x2a20 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:24:01.0658 0x2a20 WUDFWpdMtp - ok
19:24:01.0677 0x2a20 [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:24:01.0714 0x2a20 WwanSvc - ok
19:24:01.0721 0x2a20 [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
19:24:01.0752 0x2a20 XblAuthManager - ok
19:24:01.0768 0x2a20 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
19:24:01.0812 0x2a20 XblGameSave - ok
19:24:01.0819 0x2a20 [ C1E85B4FB08B4CCF16841B165910148B, AB33A6630BFC0E230BA464F721DD4ABB7DF79DF2D81C9C7366CC0BA2251F09F3 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
19:24:01.0824 0x2a20 xboxgip - ok
19:24:01.0840 0x2a20 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
19:24:01.0871 0x2a20 XboxNetApiSvc - ok
19:24:01.0871 0x2a20 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
19:24:01.0887 0x2a20 xinputhid - ok
19:24:01.0887 0x2a20 [ DA23F650B065D94FE6AA0B7AFA41E618, 393B8959251F98FAA3AB0AD9FD78F96A09DE12815CF5EB37ACE8986E869EAE00 ] XTU3SERVICE C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
19:24:01.0910 0x2a20 XTU3SERVICE - ok
19:24:01.0913 0x2a20 [ 127702D90B07657E8421817D2D50A097, 3969817D67C21D7D4E146BC137557C62AB22FEC2FA55D36177D781BE83D3573B ] XtuAcpiDriver C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys
19:24:01.0922 0x2a20 XtuAcpiDriver - ok
19:24:01.0923 0x2a20 ================ Scan global ===============================
19:24:01.0926 0x2a20 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
19:24:01.0930 0x2a20 [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
19:24:01.0935 0x2a20 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
19:24:01.0941 0x2a20 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\WINDOWS\system32\services.exe
19:24:01.0941 0x2a20 [ Global ] - ok
19:24:01.0941 0x2a20 ================ Scan MBR ==================================
19:24:01.0941 0x2a20 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:24:01.0957 0x2a20 \Device\Harddisk0\DR0 - ok
19:24:01.0972 0x2a20 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:24:02.0004 0x2a20 \Device\Harddisk1\DR1 - ok
19:24:02.0020 0x2a20 [ B9E0D9356AB54111DDE6320FCE645407 ] \Device\Harddisk2\DR2
19:24:02.0237 0x2a20 \Device\Harddisk2\DR2 - ok
19:24:02.0237 0x2a20 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
19:24:02.0622 0x2a20 \Device\Harddisk3\DR3 - ok
19:24:02.0622 0x2a20 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk4\DR4
19:24:03.0069 0x2a20 \Device\Harddisk4\DR4 - ok
19:24:03.0069 0x2a20 ================ Scan VBR ==================================
19:24:03.0069 0x2a20 [ 78523583CA6A6DEE7854D3336B92F906 ] \Device\Harddisk0\DR0\Partition1
19:24:03.0069 0x2a20 \Device\Harddisk0\DR0\Partition1 - ok
19:24:03.0069 0x2a20 [ 452258E009D4DB2878D53DC3074D58A1 ] \Device\Harddisk0\DR0\Partition2
19:24:03.0069 0x2a20 \Device\Harddisk0\DR0\Partition2 - ok
19:24:03.0069 0x2a20 [ C1EB29D8A43C21EBC5A7AC2B28AC40D7 ] \Device\Harddisk0\DR0\Partition3
19:24:03.0069 0x2a20 \Device\Harddisk0\DR0\Partition3 - ok
19:24:03.0069 0x2a20 [ 55871C9CBE6275B568CE6AED207D8191 ] \Device\Harddisk0\DR0\Partition4
19:24:03.0069 0x2a20 \Device\Harddisk0\DR0\Partition4 - ok
19:24:03.0069 0x2a20 [ D11B4C361A9F8617C0687C8E94A3736C ] \Device\Harddisk1\DR1\Partition1
19:24:03.0085 0x2a20 \Device\Harddisk1\DR1\Partition1 - ok
19:24:03.0085 0x2a20 [ 123AF78A7E344B7B8B9F28B9C0CD440A ] \Device\Harddisk1\DR1\Partition2
19:24:03.0085 0x2a20 \Device\Harddisk1\DR1\Partition2 - ok
19:24:03.0085 0x2a20 [ 715EE248E377D4779729118EEFC76B31 ] \Device\Harddisk2\DR2\Partition1
19:24:03.0085 0x2a20 \Device\Harddisk2\DR2\Partition1 - ok
19:24:03.0085 0x2a20 [ 5DB2964D79F1D8BF196A1BFF5708EE05 ] \Device\Harddisk3\DR3\Partition1
19:24:03.0085 0x2a20 \Device\Harddisk3\DR3\Partition1 - ok
19:24:03.0085 0x2a20 [ 20F33A7D33C7E0CCDF360C06D6E4F463 ] \Device\Harddisk4\DR4\Partition1
19:24:03.0085 0x2a20 \Device\Harddisk4\DR4\Partition1 - ok
19:24:03.0085 0x2a20 ================ Scan generic autorun ======================
19:24:03.0085 0x2a20 WindowsDefender - ok
19:24:03.0085 0x2a20 [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
19:24:03.0101 0x2a20 Logitech Download Assistant - ok
19:24:03.0138 0x2a20 [ 9E14107C0C1E0E5AFF69FFABB410308A, EAAFC052D584E189744D38F5521CA86E32BB539D387B829FAC5EFA22DADF9E9E ] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
19:24:03.0154 0x2a20 LogiOptions - ok
19:24:03.0270 0x2a20 [ 882A2894A07A1349C8796728F501DE52, A4136A55D632B86A2577D9950469A73A0595F57AF0386679DB7D982935A720B7 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
19:24:03.0439 0x2a20 RTHDVCPL - ok
19:24:03.0480 0x2a20 [ 45C02F67FB4FD15A61779F365E4C6994, FE833FFCB0CBD4911B9096BC017C857740B902F3BC4D03EFC9C8E32A32E42DDC ] c:\Program Files (x86)\SAVITECH\SVLoadSense\SVLoadSense.exe
19:24:03.0571 0x2a20 SVLoadSense - ok
19:24:03.0589 0x2a20 [ AD561616DD9092D3BB5EAE9DCCD1A651, 92E563CBCE177A8E75EE26BD2529DC33D398A3DC81DF9F11FBEE40D89C7654C1 ] C:\Program Files\ASUSTeKcomputer.Inc\SS2\UserInterface\SS2UILauncher.exe
19:24:03.0625 0x2a20 SS2UILauncher - ok
19:24:03.0625 0x2a20 [ BAEDADCD6509201F82CE5B404AB14814, 8C39C18CE00DB254F370D9C4AA80E88BF67C457240F3D30A58E39DBF9B96F44B ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:24:03.0641 0x2a20 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
19:24:03.0904 0x2a20 Detect skipped due to KSN trusted
19:24:03.0904 0x2a20 IAStorIcon - ok
19:24:03.0904 0x2a20 [ D91AB5CCE502F95726AC1E035C867BC6, A27B2AAB26C844454A0CEA97F861623C518A837B9DF41778AC7F4E9184E6BC8C ] C:\Program Files\iTunes\iTunesHelper.exe
19:24:03.0904 0x2a20 iTunesHelper - ok
19:24:03.0973 0x2a20 [ 44F7F1C8873201DE4F68389DD478A425, 04A0E29E697BD58719DF8EE3C904B336B1A5FDB21B867E7CF2C6F9BAE8AD0113 ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
19:24:04.0054 0x2a20 WD Quick View - ok
19:24:04.0058 0x2a20 [ 26443C4332B966C44481D1DE8D1BCBB4, 2407EE6A227D2F52AE0AB270FCBECB00242F715B4A63CE2E0362D388740FB67B ] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
19:24:04.0073 0x2a20 ASUS AiChargerPlus Execute - ok
19:24:04.0073 0x2a20 AO Link Server - ok
19:24:04.0073 0x2a20 [ 5153C06FC9D4D094D1A785545928B134, 0037C935722663F9EF028F841DE222FC6418E9D60939AB60C965807E67A458DC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:24:04.0089 0x2a20 SunJavaUpdateSched - ok
19:24:04.0089 0x2a20 [ 2493166C8392AD396E30E1EAF2EE41F8, 567D92BCE8B0CD89B78B56AF9BD3EF068CDD10539EA72751C18D9F4568AEEADB ] C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe
19:24:04.0122 0x2a20 WDAppManager - ok
19:24:04.0125 0x2a20 [ 450D08D1FB8E5D4F14A6F2FD99531017, 4A48B5DC4997E241ED7F49B0AA05110C50667117FCE284EBBAF4D41428AF997D ] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
19:24:04.0125 0x2a20 EgisTecPMMUpdate - ok
19:24:04.0140 0x2a20 [ 5DA6B2FA3E3F95BB3B63A53C7D7E8A68, AA41FC5106D2336BF55AE69CD4BD36EF09641CF02A186AE6660D0BFAD1C78710 ] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
19:24:04.0140 0x2a20 EgisUpdate - ok
19:24:04.0140 0x2a20 [ B6B3B59B8BD615BED4CD0BEEF20BC88F, CFC2E2A9ACD4DDB002D3A1672182071C0E7A2573F3473DB91743B415E0B93AAD ] C:\Program Files (x86)\EgisTec BioExcess\EgisTSR.exe
19:24:04.0156 0x2a20 VitaKeyTSR - ok
19:24:04.0272 0x2a20 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:24:04.0403 0x2a20 OneDriveSetup - ok
19:24:04.0521 0x2a20 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
19:24:04.0626 0x2a20 OneDriveSetup - ok
19:24:04.0657 0x2a20 [ E0DE46964C1BB0F337B85829DEDE92B8, 00CD5B3DC02D1129A9FB3510C69FB1F31630004A952FF9B1E584C2266E0E7D99 ] C:\Users\Thorsten\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:24:04.0688 0x2a20 OneDrive - ok
19:24:04.0704 0x2a20 [ 9131DC75E7AA3AC61DB05D88EB69913F, 21D6888DDDB0DCEF5373287AEACAB174CE7C23434C40AA6E705BC1457EFDB226 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
19:24:04.0721 0x2a20 GoogleChromeAutoLaunch_9906BCA8B778C22137C71ED2D82220B6 - ok
19:24:04.0728 0x2a20 [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
19:24:04.0741 0x2a20 Uninstall C:\Users\Thorsten\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64 - ok
19:24:04.0741 0x2a20 [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
19:24:04.0757 0x2a20 Uninstall 17.3.6517.0809\amd64 - ok
19:24:04.0757 0x2a20 [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
19:24:04.0784 0x2a20 Uninstall 17.3.6517.0809 - ok
19:24:04.0795 0x2a20 [ 1D7DD340E13DF9585EABB849CFC3E11B, 31CCD9753402DC030C641214B4ECB48A757BCD9F427A143A88745C62EFF87766 ] C:\Users\ttjh1\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:24:04.0809 0x2a20 OneDrive - ok
19:24:04.0830 0x2a20 [ 44348495F9D6ED21F4EFB3FF80677D99, 05B76248764B2BF7F9229626D7EFAFF96B724D38A82969EBE376CBE879E30450 ] C:\Users\totti\AppData\Local\Microsoft\OneDrive\OneDrive.exe
19:24:04.0841 0x2a20 OneDrive - ok
19:24:04.0857 0x2a20 [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
19:24:04.0873 0x2a20 Uninstall 17.3.6705.1122\amd64 - ok
19:24:04.0873 0x2a20 [ F4F684066175B77E0C3A000549D2922C, 935C1861DF1F4018D698E8B65ABFA02D7E9037D8F68CA3C2065B6CA165D44AD2 ] C:\WINDOWS\system32\cmd.exe
19:24:04.0888 0x2a20 Uninstall 17.3.6705.1122 - ok
19:24:04.0888 0x2a20 Waiting for KSN requests completion. In queue: 273
19:24:05.0918 0x2a20 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x61100 ( enabled : updated )
19:24:05.0924 0x2a20 Win FW state via NFP2: enabled ( trusted )
19:24:06.0040 0x2a20 ============================================================
19:24:06.0040 0x2a20 Scan finished
19:24:06.0040 0x2a20 ============================================================
19:24:06.0041 0x290c Detected object count: 0
19:24:06.0041 0x290c Actual detected object count: 0
|
|
09.12.2016, 19:34
| #11 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Schritt 1 Downloade Dir HitmanPro  auf Deinen Desktop:HitmanPro-32 Bit Version HitmanPro-64 Bit Version
´Jetzt bitte Suchscan durchführen: Schritt 2 ESET Online Scanner
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
10.12.2016, 03:29
| #12 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Code:
ATTFilter HitmanPro 3.7.15.281
www.hitmanpro.com
Computer name . . . . : HOME-PC
Windows . . . . . . . : 10.0.0.14393.X64/4
User name . . . . . . : HOME-PC\totti
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2016-12-10 03:20:49
Scan mode . . . . . . : Normal
Scan duration . . . . : 2m 55s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 3
Traces . . . . . . . : 9
Objects scanned . . . : 2.134.311
Files scanned . . . . : 173.992
Remnants scanned . . : 857.314 files / 1.103.005 keys
Malware _____________________________________________________________________
C:\Users\totti\Downloads\K-Lite_Codec_Pack_1265_Mega_CB-DL-Manager.exe
Size . . . . . . . : 566.904 bytes
Age . . . . . . . : 0.2 days (2016-12-09 23:27:09)
Entropy . . . . . : 6.9
SHA-256 . . . . . : BB5B1A340CA914DBC98C4E8B3F7819799E69BB1BD7AAE11D0AE7981AC4373A7F
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.Win32.DownloaderGuide.gen
Fuzzy . . . . . . : 101.0
Forensic Cluster
-338.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110a
-331.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110b
-330.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110c
-330.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110d
-329.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110e
-328.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00110f
-328.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001110
-328.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001111
-328.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001112
-327.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001113
-327.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001114
-327.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001115
-322.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001116
-306.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001117
-306.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001118
-306.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001119
-288.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111a
-284.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111b
-284.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111c
-284.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111d
-282.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111e
-282.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00111f
-275.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001120
-272.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001121
-272.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001122
-260.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001123
-260.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001124
-260.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001125
-259.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001126
-259.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001127
-255.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001128
-252.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001129
-245.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112a
-244.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112b
-244.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112c
-244.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112d
-244.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112e
-240.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000041
-239.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000042
-239.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000043
-230.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00112f
-230.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001130
-230.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001131
-230.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001132
-229.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001133
-229.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001134
-229.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001135
-226.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001136
-225.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001137
-224.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001138
-221.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001139
-220.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113a
-218.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113b
-214.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113c
-211.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113d
-211.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113e
-211.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00113f
-210.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001140
-210.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001141
-210.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001142
-201.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001143
-194.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001144
-194.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001145
-194.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001146
-194.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001147
-194.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001148
-194.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001149
-194.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114a
-194.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114b
-194.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114c
-193.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114d
-189.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114e
-179.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00114f
-179.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001150
-175.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001151
-175.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001152
-174.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001153
-164.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001154
-156.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001155
-156.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001156
-156.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001157
-155.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001158
-155.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001159
-155.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115a
-155.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115b
-155.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115c
-155.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115d
-155.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115e
-155.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00115f
-155.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001160
-155.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001161
-155.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001162
-155.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001163
-154.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001164
-154.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001165
-154.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001166
-154.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001167
-154.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001169
-154.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116a
-152.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116b
-152.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116c
-152.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116d
-152.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116e
-152.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00116f
-152.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001170
-152.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001171
-150.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.computerbild.de_0.localstorage
-150.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.computerbild.de_0.localstorage-journal
-150.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_a3143730321.cdn.optimizely.com_0.localstorage
-150.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_a3143730321.cdn.optimizely.com_0.localstorage-journal
-150.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001172
-144.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001173
-139.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001174
-139.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001175
-139.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001177
-139.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001178
-138.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001179
-138.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117a
-138.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000044
-138.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000045
-138.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000046
-134.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117b
-128.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117c
-128.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117d
-128.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117e
-128.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00117f
-127.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001180
-127.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001181
-127.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001182
-127.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001184
-127.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001185
-127.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001186
-127.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001187
-127.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001188
-127.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001189
-126.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118a
-126.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118b
-126.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118c
-114.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118d
-114.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118e
-94.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00118f
-84.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001190
-72.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001191
-64.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001192
-54.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001193
-49.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001194
-49.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001195
-49.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001196
-49.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001197
-49.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001198
-49.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001199
-49.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119a
-47.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119b
-47.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119c
-47.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119d
-34.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119e
-34.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00119f
-21.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a0
-21.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a1
-21.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a2
-20.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a3
-20.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a4
-20.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a5
-20.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a6
-20.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a7
-20.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a8
-20.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011a9
-10.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011aa
-10.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ab
-9.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ac
-9.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ad
-6.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ae
-5.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011af
-5.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b0
-5.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b1
-5.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b2
-5.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b3
-5.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b4
-5.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b5
-4.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b6
-4.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b7
-4.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b8
-4.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011b9
-4.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ba
-4.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011bb
-4.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011bc
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011bd
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011be
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011bf
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c0
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c1
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c2
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c3
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c4
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c5
-4.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c6
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c7
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c8
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011c9
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ca
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011cb
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011cc
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011cd
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ce
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011cf
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d0
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d1
-4.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d2
-4.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d3
-4.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d4
-4.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d5
-4.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d6
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d8
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011d9
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011da
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011db
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011dc
-4.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011dd
-3.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011de
-3.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011df
-3.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e0
-2.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e1
-2.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e2
-1.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e3
0.0s C:\Users\totti\Downloads\K-Lite_Codec_Pack_1265_Mega_CB-DL-Manager.exe
1.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\44\F0B3DC7AE69B49C8.dat
1.6s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\10\D38454007D024886.dat
1.6s C:\Windows\Logs\WindowsUpdate\WindowsUpdate.20161209.232711.404.1.etl
8.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e4
9.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e5
9.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e6
9.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e7
9.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e8
9.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011e9
10.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ea
12.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{AB4C9775-AD8F-4B3C-8454-AE68A3C4AEB9}
12.5s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{FE78516F-E3FB-499A-AD79-13A5D8BB83AC}
14.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011eb
14.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ec
14.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ed
18.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ee
18.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ef
18.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f0
19.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f1
19.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f2
19.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f3
19.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f4
19.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f5
19.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f6
19.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f7
19.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f8
19.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011f9
19.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011fa
19.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011fb
19.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011fc
19.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011fe
19.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_0011ff
19.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001200
19.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001201
19.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001202
20.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001203
20.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001204
20.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001205
20.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001206
20.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001207
20.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000047
20.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001208
20.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001209
20.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000048
20.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000049
20.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120a
20.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120b
21.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120c
21.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120d
21.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120e
21.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00120f
22.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001210
22.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001211
22.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001212
22.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001213
22.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001214
22.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001215
22.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001216
22.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001217
22.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001218
22.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001219
23.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121a
23.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121b
23.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121c
26.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_renderer.qmerce.com_0.localstorage
26.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_renderer.qmerce.com_0.localstorage-journal
28.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004a
31.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121d
33.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121e
42.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00121f
42.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001220
50.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004b
50.4s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004c
50.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004d
51.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004e
51.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_00004f
53.8s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000050
58.9s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000051
61.3s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000052
65.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000053
69.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Media Cache\f_000054
69.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001221
70.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001222
70.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001223
70.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001224
70.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001226
70.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001227
71.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001228
71.0s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001229
71.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122a
71.2s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122b
71.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122c
71.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122d
71.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122e
71.6s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00122f
71.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001230
71.7s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001231
72.1s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001232
72.5s C:\Users\totti\AppData\Local\Google\Chrome\User Data\Default\Cache\f_001233
C:\Users\ttjh1\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe
Size . . . . . . . : 1.473.544 bytes
Age . . . . . . . : 187.2 days (2016-06-05 21:44:33)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 23944257A41EDD24E9B73C8F9D594C4D274E3F342DD16A0A63954578A7AFDA85
Needs elevation . : Yes
RSA Key Size . . . : 2048
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
Fuzzy . . . . . . : 103.0
Suspicious files ____________________________________________________________
C:\Users\Thorsten\Downloads\FRST64.exe
Size . . . . . . . : 2.419.712 bytes
Age . . . . . . . : 4.2 days (2016-12-05 22:28:39)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 73A98F66CB64732FBE7C225F365A5EF6BF2BC269DD57BEAF43A5859EC378F53D
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
-20.6s C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e9a
-5.9s C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e9b
-5.5s C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000e9c
-4.7s C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\3\h\b0002207000000031013.dat
-2.0s C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\3\i\b0002208000000031000.dat
0.0s C:\Users\Thorsten\Downloads\FRST64.exe
3.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\15\A4E488937C9FC857.dat
3.3s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\15\A4E488937C9FC857.dat
C:\Users\totti\Downloads\FRST64.exe
Size . . . . . . . : 2.419.712 bytes
Age . . . . . . . : 4.2 days (2016-12-05 23:04:38)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 73A98F66CB64732FBE7C225F365A5EF6BF2BC269DD57BEAF43A5859EC378F53D
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\totti\Downloads\FRST64.exe
1.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\82\F68D22BE6772CE12.dat
1.4s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\4\82\
2.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\E33360CDF9217EDA9A7496DFEB69E82A
3.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{6DB62634-6F4D-4025-847C-55BF9B3D1059}
3.7s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\1\82\F68D22BE6772CE12.dat
23.7s C:\Users\totti\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Microsoft\Windows\
23.7s C:\Users\totti\AppData\Local\Packages\Microsoft.Windows.Apprep.ChxApp_cw5n1h2txyewy\AC\Microsoft\
23.9s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{63F9501A-7F0B-4D7A-9FBB-A815D50EF030}
28.5s C:\FRST\Hives\ERDNT.INF
28.5s C:\FRST\Hives\ERDNT.CON
28.5s C:\FRST\Hives\BCD
28.5s C:\FRST\Hives\SYSTEM
28.6s C:\FRST\Hives\SOFTWARE
28.8s C:\FRST\Hives\DEFAULT
28.8s C:\FRST\Hives\SECURITY
28.8s C:\FRST\Hives\SAM
28.8s C:\FRST\Hives\Users\
28.8s C:\FRST\Hives\Users\00000001\
28.8s C:\FRST\Hives\Users\00000001\NTUSER.DAT
28.8s C:\FRST\Hives\Users\00000002\
28.8s C:\FRST\Hives\Users\00000002\UsrClass.dat
28.9s C:\FRST\Hives\ERDNT.EXE
28.9s C:\FRST\Hives\ERDNTWIN.LOC
28.9s C:\FRST\Hives\ERDNTDOS.LOC
29.0s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\82\F68D22BE6772CE12.dat
29.2s C:\Users\totti\AppData\Local\Microsoft\Windows\INetCookies\3P1U9K67.cookie
29.2s C:\Users\totti\AppData\Local\Microsoft\Windows\INetCache\IE\H8UBV6HX\up64[1]
38.5s C:\Users\totti\Downloads\FRST.txt
Malware remnants ____________________________________________________________
mysearchdial.com
C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Web Data
Potential Unwanted Programs _________________________________________________
istartsurf
C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Web Data
istartsurf.com
C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Web Data
search.snapdo.com
C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Web Data
webssearches
C:\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Web Data
|
|
10.12.2016, 16:54
| #13 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Und ESET bitte sobald fertig... 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
10.12.2016, 17:17
| #14 |
| | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt?Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=init
# utc_time=2016-12-05 07:19:46
# local_time=2016-12-05 08:19:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31633
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=updated
# utc_time=2016-12-05 07:23:53
# local_time=2016-12-05 08:23:53 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=restart
# utc_time=2016-12-05 07:46:19
# local_time=2016-12-05 08:46:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 12297795 0 0
# scanned=103859
# found=29
# cleaned=0
# scan_time=1346
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=AC1FE70A83AE8A92A98AFC21D0004DFA6F829762 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\b\00000601000000073701.dat"
sh=D14CEDF453B7957273E5A6C1A61CCD0B31E2466C ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.DHWI Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\20000702000000073701.dat"
sh=9027E23BFA2361937D6615E272BFBBEFB672DCF9 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.J Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\b0000702000000073701.dat"
sh=A4D6BD2132D8BE0AA3E7785D55AFEBE451CF68BD ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\e0000502000000073701.dat"
sh=627FD5D763393596EC365CDCDFA7C457A7AABFBA ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\d\e0000503000000073701.dat"
sh=F2C88FE7DA932106FC831CC5410D1389C8A5C434 ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.UXF Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\f\40000905000000073701.dat"
sh=8219477394B6BE1B09E06314344FE3BB3645AD6B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\h\40000907000000073701.dat"
sh=275A01050BA932988D516C1D1B2F517920E654BC ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\i\40000908000000073701.dat"
sh=FB682CCC821D9EF2D0B1F6DCD73A8BA1AEE82223 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\40000909000000073701.dat"
sh=D6F2AD9B9587DF4270899085ABF6731AF9901306 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.F Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\f0000709000000073701.dat"
sh=4EB6C3381F599D0DA6A2436DA6AF6D8B5BC3613B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\k\4000090a000000073701.dat"
sh=02097C0699DD499B5AFA94B797CCE9EB004434C0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\l\4000090b000000073701.dat"
sh=23708D6804B12C321D4CC32F2A5958EB9FDE3411 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IFD Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\2000070c000000073701.dat"
sh=DEF16A055EA86A4DBBAC9A8039883275262398D1 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\4000090c000000073701.dat"
sh=13AB643534D05DB15C26577D3310D134A3233928 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IBM Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\2000070d000000073701.dat"
sh=48EDAFB041EAB1EF104492713AB6D8E96094BDD0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\4000090d000000073701.dat"
sh=DC7B9E493C7EAB5AC8C84B653C565BEA631A1EC4 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\o\4000090e000000073701.dat"
sh=7442F86B550A40D70323E9F887CC5266ED3FA433 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\p\4000090f000000073701.dat"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\1IKI76C9\logioptions_logitech[1].exe"
sh=6EA63D6E8E82BED8A8E47ADDCEA228E03846240C ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TM8BD2KG\request[1].htm"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_76.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=11AC44F373A3BE1DBFD932784A284ADA18461CFC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Share-Online.biz.htm"
sh=050DD3DA5BE861FA17A2C4C3CDE8B60CDB77FACB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Uploaded.htm"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80 (1).exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=init
# utc_time=2016-12-05 10:00:06
# local_time=2016-12-05 11:00:06 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31635
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=updated
# utc_time=2016-12-05 10:02:01
# local_time=2016-12-05 11:02:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# engine=31635
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-05 11:16:29
# local_time=2016-12-06 12:16:29 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 12310405 0 0
# scanned=588458
# found=37
# cleaned=0
# scan_time=4467
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=AC1FE70A83AE8A92A98AFC21D0004DFA6F829762 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\b\00000601000000073701.dat"
sh=D14CEDF453B7957273E5A6C1A61CCD0B31E2466C ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.DHWI Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\20000702000000073701.dat"
sh=9027E23BFA2361937D6615E272BFBBEFB672DCF9 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.J Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\b0000702000000073701.dat"
sh=A4D6BD2132D8BE0AA3E7785D55AFEBE451CF68BD ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\e0000502000000073701.dat"
sh=627FD5D763393596EC365CDCDFA7C457A7AABFBA ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\d\e0000503000000073701.dat"
sh=F2C88FE7DA932106FC831CC5410D1389C8A5C434 ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.UXF Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\f\40000905000000073701.dat"
sh=8219477394B6BE1B09E06314344FE3BB3645AD6B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\h\40000907000000073701.dat"
sh=275A01050BA932988D516C1D1B2F517920E654BC ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\i\40000908000000073701.dat"
sh=FB682CCC821D9EF2D0B1F6DCD73A8BA1AEE82223 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\40000909000000073701.dat"
sh=D6F2AD9B9587DF4270899085ABF6731AF9901306 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.F Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\f0000709000000073701.dat"
sh=4EB6C3381F599D0DA6A2436DA6AF6D8B5BC3613B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\k\4000090a000000073701.dat"
sh=02097C0699DD499B5AFA94B797CCE9EB004434C0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\l\4000090b000000073701.dat"
sh=23708D6804B12C321D4CC32F2A5958EB9FDE3411 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IFD Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\2000070c000000073701.dat"
sh=DEF16A055EA86A4DBBAC9A8039883275262398D1 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\4000090c000000073701.dat"
sh=13AB643534D05DB15C26577D3310D134A3233928 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IBM Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\2000070d000000073701.dat"
sh=48EDAFB041EAB1EF104492713AB6D8E96094BDD0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\4000090d000000073701.dat"
sh=DC7B9E493C7EAB5AC8C84B653C565BEA631A1EC4 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\o\4000090e000000073701.dat"
sh=7442F86B550A40D70323E9F887CC5266ED3FA433 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\p\4000090f000000073701.dat"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\1IKI76C9\logioptions_logitech[1].exe"
sh=6EA63D6E8E82BED8A8E47ADDCEA228E03846240C ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TM8BD2KG\request[1].htm"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_76.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=11AC44F373A3BE1DBFD932784A284ADA18461CFC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Share-Online.biz.htm"
sh=050DD3DA5BE861FA17A2C4C3CDE8B60CDB77FACB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Uploaded.htm"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80 (1).exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80.exe"
sh=C3044944CB7C876CFAEE6FBAC7E596F91BE5401D ft=1 fh=89384885b6ce704f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ttjh1\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00659b"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\VZR6RD7Z\logioptions_logitech[1].exe"
sh=928A536FBFF196495B90E4BD51B932485B84A099 ft=1 fh=748b6a41a833329e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="D:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=2CB28F975406C7E6CA2B0861E1BD6B3AC3E0DBD6 ft=1 fh=e150e21647711374 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\Thorsten\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=init
# utc_time=2016-12-10 02:34:26
# local_time=2016-12-10 03:34:26 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31687
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# end=updated
# utc_time=2016-12-10 02:36:25
# local_time=2016-12-10 03:36:25 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=feaf1c9f5f7e9843bc8d5bcfe210587a
# engine=31687
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-10 10:29:49
# local_time=2016-12-10 11:29:49 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 49536 12696405 0 0
# scanned=1721358
# found=308
# cleaned=0
# scan_time=28404
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\ProgramData\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=AC1FE70A83AE8A92A98AFC21D0004DFA6F829762 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\b\00000601000000073701.dat"
sh=D14CEDF453B7957273E5A6C1A61CCD0B31E2466C ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.DHWI Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\20000702000000073701.dat"
sh=9027E23BFA2361937D6615E272BFBBEFB672DCF9 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.J Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\b0000702000000073701.dat"
sh=A4D6BD2132D8BE0AA3E7785D55AFEBE451CF68BD ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\c\e0000502000000073701.dat"
sh=627FD5D763393596EC365CDCDFA7C457A7AABFBA ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\d\e0000503000000073701.dat"
sh=F2C88FE7DA932106FC831CC5410D1389C8A5C434 ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.UXF Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\f\40000905000000073701.dat"
sh=8219477394B6BE1B09E06314344FE3BB3645AD6B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\h\40000907000000073701.dat"
sh=275A01050BA932988D516C1D1B2F517920E654BC ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\i\40000908000000073701.dat"
sh=FB682CCC821D9EF2D0B1F6DCD73A8BA1AEE82223 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\40000909000000073701.dat"
sh=D6F2AD9B9587DF4270899085ABF6731AF9901306 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.F Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\j\f0000709000000073701.dat"
sh=4EB6C3381F599D0DA6A2436DA6AF6D8B5BC3613B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\k\4000090a000000073701.dat"
sh=02097C0699DD499B5AFA94B797CCE9EB004434C0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\l\4000090b000000073701.dat"
sh=23708D6804B12C321D4CC32F2A5958EB9FDE3411 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IFD Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\2000070c000000073701.dat"
sh=DEF16A055EA86A4DBBAC9A8039883275262398D1 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\m\4000090c000000073701.dat"
sh=13AB643534D05DB15C26577D3310D134A3233928 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IBM Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\2000070d000000073701.dat"
sh=48EDAFB041EAB1EF104492713AB6D8E96094BDD0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\n\4000090d000000073701.dat"
sh=DC7B9E493C7EAB5AC8C84B653C565BEA631A1EC4 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\o\4000090e000000073701.dat"
sh=7442F86B550A40D70323E9F887CC5266ED3FA433 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Comms\Unistore\data\7\p\4000090f000000073701.dat"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\1IKI76C9\logioptions_logitech[1].exe"
sh=6EA63D6E8E82BED8A8E47ADDCEA228E03846240C ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="C:\Users\Thorsten\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TM8BD2KG\request[1].htm"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\DMR\dmr_76.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=11AC44F373A3BE1DBFD932784A284ADA18461CFC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Share-Online.biz.htm"
sh=050DD3DA5BE861FA17A2C4C3CDE8B60CDB77FACB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="C:\Users\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Uploaded.htm"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80 (1).exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thorsten\Downloads\Options_6.30.80.exe"
sh=C3044944CB7C876CFAEE6FBAC7E596F91BE5401D ft=1 fh=89384885b6ce704f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\ttjh1\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Google\Chrome\User Data\Default\Cache\f_00659b"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\VZR6RD7Z\logioptions_logitech[1].exe"
sh=928A536FBFF196495B90E4BD51B932485B84A099 ft=1 fh=748b6a41a833329e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="C:\Windows.old\Users\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="D:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=2CB28F975406C7E6CA2B0861E1BD6B3AC3E0DBD6 ft=1 fh=e150e21647711374 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Users\Thorsten\Downloads\HP USB Disk Storage Format Tool - CHIP-Installer.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="D:\Windows.old\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=AC1FE70A83AE8A92A98AFC21D0004DFA6F829762 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.K Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\b\00000601000000073701.dat"
sh=D14CEDF453B7957273E5A6C1A61CCD0B31E2466C ft=0 fh=0000000000000000 vn="Variante von Win32/Kryptik.DHWI Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\c\20000702000000073701.dat"
sh=9027E23BFA2361937D6615E272BFBBEFB672DCF9 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.J Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\c\b0000702000000073701.dat"
sh=A4D6BD2132D8BE0AA3E7785D55AFEBE451CF68BD ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\c\e0000502000000073701.dat"
sh=627FD5D763393596EC365CDCDFA7C457A7AABFBA ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.CQON Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\d\e0000503000000073701.dat"
sh=F2C88FE7DA932106FC831CC5410D1389C8A5C434 ft=0 fh=0000000000000000 vn="Variante von Win32/Injector.UXF Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\f\40000905000000073701.dat"
sh=8219477394B6BE1B09E06314344FE3BB3645AD6B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\h\40000907000000073701.dat"
sh=275A01050BA932988D516C1D1B2F517920E654BC ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\i\40000908000000073701.dat"
sh=FB682CCC821D9EF2D0B1F6DCD73A8BA1AEE82223 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.B Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\j\40000909000000073701.dat"
sh=D6F2AD9B9587DF4270899085ABF6731AF9901306 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.F Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\j\f0000709000000073701.dat"
sh=4EB6C3381F599D0DA6A2436DA6AF6D8B5BC3613B ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\k\4000090a000000073701.dat"
sh=02097C0699DD499B5AFA94B797CCE9EB004434C0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.C Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\l\4000090b000000073701.dat"
sh=23708D6804B12C321D4CC32F2A5958EB9FDE3411 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IFD Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\m\2000070c000000073701.dat"
sh=DEF16A055EA86A4DBBAC9A8039883275262398D1 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\m\4000090c000000073701.dat"
sh=13AB643534D05DB15C26577D3310D134A3233928 ft=0 fh=0000000000000000 vn="Variante von MSIL/Injector.IBM Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\n\2000070d000000073701.dat"
sh=48EDAFB041EAB1EF104492713AB6D8E96094BDD0 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\n\4000090d000000073701.dat"
sh=DC7B9E493C7EAB5AC8C84B653C565BEA631A1EC4 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\o\4000090e000000073701.dat"
sh=7442F86B550A40D70323E9F887CC5266ED3FA433 ft=0 fh=0000000000000000 vn="Win32/Trustezeb.A Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Comms\Unistore\data\7\p\4000090f000000073701.dat"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Microsoft\Windows\INetCache\IE\1IKI76C9\logioptions_logitech[1].exe"
sh=6EA63D6E8E82BED8A8E47ADDCEA228E03846240C ft=0 fh=0000000000000000 vn="HTML/Refresh.BC Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Packages\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\AC\#!001\MicrosoftEdge\Cache\TM8BD2KG\request[1].htm"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Temp\DMR\dmr_72.exe"
sh=9516BE8DF910FF582FE5B967C7C38BE2AD334C2B ft=1 fh=d3d62eb55e18ca8c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Temp\DMR\dmr_76.exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\AppData\Local\Temp\lu\nada_264_logioptions_logitech.exe"
sh=11AC44F373A3BE1DBFD932784A284ADA18461CFC ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Share-Online.biz.htm"
sh=050DD3DA5BE861FA17A2C4C3CDE8B60CDB77FACB ft=0 fh=0000000000000000 vn="HTML/ScrInject.B Trojaner" ac=I fn="F:\Documents and Settings\Thorsten\Desktop\Neuer Ordner\Wiiu\games\Super_Mario_3D_World_EUR_WiiU-ABSTRAKT\Uploaded.htm"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\Downloads\Options_6.30.80 (1).exe"
sh=F8BE0890A1B99B9A2C993CDC60AF046908927486 ft=1 fh=31e4305cd3f1d2c4 vn="Variante von Win32/WebBar.D evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\Thorsten\Downloads\Options_6.30.80.exe"
sh=C3044944CB7C876CFAEE6FBAC7E596F91BE5401D ft=1 fh=89384885b6ce704f vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="F:\Documents and Settings\ttjh1\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=37FDB0E58E70BEABAFBAC4C50E6CBAA59B89EEE5 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.BrowSecX.AR Anwendung" ac=I fn="F:\HOME-PC\Backup Set 2015-10-11 200835\Backup Files 2015-10-11 200835\Backup files 8.zip"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="F:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=DD569E70A6786216BFEB2E06442F644D3CED4929 ft=1 fh=9cf58ecb99ccae65 vn="Win32/Toolbar.Babylon evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Thorsten\AppData\Local\Temp\is1070216317\MyBabylonTB.exe"
sh=86714522B37ED784615FC105793F0EDA2EE9D76B ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Thorsten\AppData\Roaming\OpenCandy\OpenCandy_0181FAC22AA54A5D97FBE1D8AA98F393\LinkuryInstaller.msi"
sh=63EDCEFCB99BE2DB7D0734B7FDBDE7D88A236F01 ft=1 fh=94b3273b155dd2fb vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="F:\Users\Thorsten\AppData\Roaming\OpenCandy\OpenCandy_0181FAC22AA54A5D97FBE1D8AA98F393\LinkuryInstaller_p1v5.exe"
sh=2162094F11A8982D46AE975538C89A7A56EBFB30 ft=1 fh=b4afbcb73b25d784 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$R09HRF2.exe"
sh=D6C6175B942737CBEF0A1042095AB68516B0F97F ft=1 fh=c20ed2af470aa448 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$R1K4JDO.exe"
sh=D6C6175B942737CBEF0A1042095AB68516B0F97F ft=1 fh=c20ed2af470aa448 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$R27UN9B.exe"
sh=8FFC5FA3BDC425E0DA87D834E0093ACBCC26075B ft=1 fh=99c632bbf10bb611 vn="Win32/Packed.ScrambleWrapper.C evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$RCK5YYL.exe"
sh=9B82EB02B7726EB99B3539A64B8FAACB72222082 ft=1 fh=e6c8db4ef0dbf8d7 vn="Win32/DomaIQ.H evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$RLW6BJZ.exe"
sh=88B690970B4EC771E872B540F73098F0DFD930E4 ft=1 fh=ba89339f900475c7 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$RVOUJKL.exe"
sh=9B82EB02B7726EB99B3539A64B8FAACB72222082 ft=1 fh=e6c8db4ef0dbf8d7 vn="Win32/DomaIQ.H evtl. unerwünschte Anwendung" ac=I fn="G:\$Recycle.Bin\S-1-5-21-841948778-772456818-3102405132-1001\$RXWAU53.exe"
sh=535083D61D58BC4975012BC060A7D06DC6012DDE ft=1 fh=0d7c9d1074a9eb70 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Program Files\ConduitEngine\ConduitEngine.dll"
sh=4CBEA1ADF328E3DAF17DE451C4DEDB9FF17DEA43 ft=1 fh=0527b0215a5e6faa vn="Variante von Win32/Toolbar.Conduit.AR evtl. unerwünschte Anwendung" ac=I fn="G:\Program Files\ConduitEngine\ConduitEngineUninstall.exe"
sh=9E65377522C06482B376E8C17BE5822B357C5BB5 ft=1 fh=a057379578883b80 vn="Variante von Win32/HackTool.Crack.DM Trojaner" ac=I fn="G:\Program Files\DAEMON Tools Pro\DTCommonRes.dll"
sh=C8ED29CF039F3DAAB8E5BF160CA541D424F1631A ft=1 fh=b97a03e253ae60b9 vn="Variante von Win32/Adware.SpeedingUpMyPC.AL Anwendung" ac=I fn="G:\Program Files\Driver Pro\DPSchedule.exe"
sh=D4BD507F917917B829EB9FCE79A29047635E3668 ft=1 fh=6a4bd6f73db15183 vn="Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="G:\Program Files\Driver Pro\DPSmartScan.exe"
sh=D277F5FC4485D569BF4887243B1C2EBF7CD4E5DB ft=1 fh=a462282cfbd78069 vn="Variante von Win32/Adware.SpeedingUpMyPC.AL Anwendung" ac=I fn="G:\Program Files\Driver Pro\DPUninstaller.exe"
sh=D12F9D4711BE592EA7C85EA5B34F3BFCDF86FB90 ft=1 fh=d4051548bbdf3ceb vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung" ac=I fn="G:\Program Files\Driver Pro\DriverPro.exe"
sh=78D53E1560E2C815F597BB5D6B8ADE9CC58E7A6C ft=1 fh=4e3af72ed1709949 vn="Variante von Win64/WebBar.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\All Users\Logishrd\LogiOptions\Software\Current\dma_x64.dll"
sh=A6FD149D506F3EE6FFD460BECEDF628AACD3CAF1 ft=1 fh=c2e118c96fb78a0e vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0\GoogleChromeRemotePlugin.dll"
sh=C8C8B305076C61FC91D073A54DE0EA50FC67619A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\ads_only_5_m[1].js"
sh=C7C186E54D042C9DCAACD170347F10C188AEC85D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\arcadi2_m[1].js"
sh=140BE41E58E7CB6E9B38B4ED892886CED78C2E58 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\corticas_m[1].js"
sh=1ACBDE6A28470C5787F8BA42ADA7279029BA4D32 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\cortica_m[1].js"
sh=DED4D5AC65600899CE571E960D7B9D20DBEFD9BB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\coupish_m[1].js"
sh=83CDCE21D2E22142F1D24D0C225529B9D8485EAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\dealply_m[1].js"
sh=64E1E6B4EF399CFE19D4D144505F344FF97E8CCB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\intext_fa_m[1].js"
sh=FB769B3B65B545D39552BC5E5F106D62EC09B9E3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\monetizationLoader[1].js"
sh=D9E733FDF0D484D87633C4AC3784F0E9931C531B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\monetizationLoader[2].js"
sh=431AC6F8406F059B0E9126386C40A2EE543E5EC3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.M evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\resources_background[1].js"
sh=1F2641FFCA5C1DACAAA217BE7C9989F7AC05C1A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\similar_web_m[1].js"
sh=5BD7B82662A263F1138F5E2A90138A8BFA5C4853 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\50WHA9YC\widdit_m[1].js"
sh=D466CE5076CDBA688A4C4FAFE614E0EAFCCF0086 ft=0 fh=0000000000000000 vn="Win32/bProtector.F evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8NFWNK03\pack[2].7z"
sh=35EE5BDB974F620F3924F9F405CA5E9E4D360706 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\ads_only_5_m[1].js"
sh=089CC10FABD94FCFF67B2C2A2A0FE6437CC67E5C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.P evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\appApiMessage[1].js"
sh=6B4372E517F582ED30D5A7FE077C6EB3592889AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\coupish_m[1].js"
sh=5F4085D36D3743A164582B9628469218ECD72EBA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\getdeal_m[1].js"
sh=4AD40410B772BA23B08FE8EADE8AC75B46FBF70B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\intext_5_m[1].js"
sh=24C0EE2DBAD341EE7D515AA440918FB25C556288 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\intext_adv_m[1].js"
sh=E008307C95AD4C1D040B009D307E13C03146B1BF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\jollywallet_m[1].js"
sh=6E9E9DF1AB9D6241C43D6019BF1026B5F2460A8F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\revizer_p_m[1].js"
sh=064998775930A5B4DEFAC1B64A38B7FBD90334F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\similar_web_m[1].js"
sh=9239C2FAB9BFCC2F3089888467DEFB4C784BB694 ft=1 fh=a0e417f6f875ee28 vn="Mehrere Bedrohungen" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\SingAlong_1060-1052_v114[1]"
sh=4E7B680E849A1337D71405401B55648BA7072A22 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\superfish_no_coupons_m[1].js"
sh=B000BD27F2700253BC968C68DF16B5F3F7C5282E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BCXS9211\superfish_no_coupons_m[2].js"
sh=414BA1B7AEF9A844B50F88BC0548E60F296EF5F5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\corticas_ru_m[1].js"
sh=EE0C01CA81EBB2B46504012816E1B3EC0FE5F29C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\cortica_m[1].js"
sh=61E8A9701240F4FF703EB36F781BE14D0891449D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\coupons_intext_ads_5_m[1].js"
sh=B32E8B7B8D9079D02EA3F8F9B0B35048B12A3F07 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\icm_m[1].js"
sh=54C882ADC94298EEED33D4249151BE9EB810BBA3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\jollywallet_m[1].js"
sh=9516EE6BB795B5ADF1449C8AB2A69CBA58C56719 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\luck_m[1].js"
sh=CF138C16214F3451EE8CF965CB30532461AA0614 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\superfish_no_search_no_coupons_m[1].js"
sh=176D4038122B1FF7370825F721F36F73103C5873 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PORYTW29\superfish_pricora_m[1].js"
sh=D67303051C4C06CDA7B352169D649F4AEFF862B6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\arcadi3_m[1].js"
sh=8BABE6BD92D6DA686154873CD5EB0B796C8FA42D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\coupons_intext_ads_5_m[1].js"
sh=6D2F2235E6E222A4C85EEA5503BBA4FC94C3D81C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.O evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\CrossriderUtils[1].js"
sh=4975A002E2B6A6FCFED7E6C03BBA5E61B5840B70 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\dealply_m[1].js"
sh=A25A0BC1A2A0420B02091E83382150FEFF594239 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\ibario_pops_m[1].js"
sh=1D0D0004624903CF66D059CC3EFB513926B2B8BC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\icm_m[1].js"
sh=1AC368C818CCE85AA9B40A2F5D683BC9296242F3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\intext_5_m[1].js"
sh=63362C65C083ABF77E174E7351F333927EB9A5C9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\luck_m[1].js"
sh=AC76360969B4C1DEABBF392242705FF7A8BF5922 ft=0 fh=0000000000000000 vn="Win32/bProtector.F evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\pack[1].7z"
sh=8FD569B99135D833A11DEF2C89FFF814D311A9EE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\revizer_ws_m[1].js"
sh=91A2DA51A06017D4FB10D2259CA572160B9B4CA9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\superfish_m[1].js"
sh=69C3AF55C20BCCC3E20E0FD53946E475A79FC691 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZD12F3MS\superfish_m[2].js"
sh=4975A002E2B6A6FCFED7E6C03BBA5E61B5840B70 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\1\92\A5268d01"
sh=BF566FFA5F66FCFA0BFA14484C1EB43BC0FB08A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\3\16\CFB4Cd01"
sh=E43B41E6D5F01A6321B98FBD6387227A08CBECF7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\4\39\9D74Bd01"
sh=6C39FBDF70AB21D5CD5F02897014D70A173C0771 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\6\58\18A64d01"
sh=E008307C95AD4C1D040B009D307E13C03146B1BF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\8\AA\ED51Bd01"
sh=54C882ADC94298EEED33D4249151BE9EB810BBA3 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Mozilla\Firefox\Profiles\iuim0fod.default\Cache\A\B9\50C7Ed01"
sh=8990E276CAA3CF2ED2209CBF57913165E8E340AD ft=1 fh=938c9632c995d755 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\BrowserHelper.exe"
sh=A2B585B74CE69BE4BD1E10E08A1F96B21A0B8CB6 ft=1 fh=4e6c174265a6a556 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll"
sh=070F0EF16B1870B20C482FA44EEBE8294F23A9A9 ft=1 fh=2eb7a04530ad975e vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\MACTrackBarLib.dll"
sh=21C6BD07C36AC3C681F93FFB573C30F2C606DC3F ft=1 fh=37a0abbf9b55f981 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\NDde.dll"
sh=B17BDD9A791CC884A0C340D74FC40D53C11A96C1 ft=1 fh=541488a5ad412f96 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Newtonsoft.Json.dll"
sh=8D305D5A743C4FA6193FC21FD3341698332FA128 ft=1 fh=067245ea1f058098 vn="Variante von Win32/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\QuickShare.exe"
sh=B64AEE904CDE1749CE7EA1D917C0A1E5D48DA3BC ft=1 fh=514902572a97660f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll"
sh=24F80D0093FBC348E1DD4DC668B778E647D4C976 ft=1 fh=8cb54be7ec2f0bdb vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll"
sh=F88A3C1636FF8B51AA1FAB5BF185A196562A6FCA ft=1 fh=f29543b6b4e93ad4 vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll"
sh=729105B22149AAF88493E60F9F5A6792EFC80C78 ft=1 fh=d346a96f69bff003 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll"
sh=A80B229DF2FA04B6BC5C7D7A47F2755EA3843AF6 ft=1 fh=d52ed53f52f9438a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll"
sh=84D1910DEC5C3FABFD1E1D44841259E7F5FE7A54 ft=1 fh=c44c8e31de4f5cf2 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll"
sh=FA906415E199EBEF0A19DA0986B5A893DD0B4959 ft=1 fh=32aea522a4a49f3b vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll"
sh=C68CAEED0189A8CC3ED0DD861033A113F0B7055F ft=1 fh=fe0e02f5d66bbd56 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll"
sh=4D01F3A72C792D23C2AC483D8F616706CBA86E57 ft=1 fh=3e4b5be84ac3f79a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll"
sh=F27791C7915CC30B27ECA57AAF06D0E0D25BC09D ft=1 fh=84cdce3c65118ae1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll"
sh=A649D0044923FA0780913912485B812BBE464726 ft=1 fh=7b9159063eee9b42 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll"
sh=5340D7875DFB8A55C23D3E9A5E52E2930388AC68 ft=1 fh=83dfdf4f25571383 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll"
sh=63A154FA3956A42D257DAA5F4A2FC3326AFA3CF4 ft=1 fh=a7b6901cd7f62787 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll"
sh=37DEA2DE9DD5AC6EE15198160AA74835D5B64B4A ft=1 fh=2de7094191406f20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll"
sh=BF92DD0CB2C6355E29756B94D4F1868C17047823 ft=1 fh=a6ab022afad9e54c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll"
sh=662A11BE1087BB9F3F397294B5296F275F334A01 ft=1 fh=b4ca62093e1ba8f6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll"
sh=3B9C0A0859685B6FC5BCA2A9074B693419E7452D ft=1 fh=b0a84723e8ab01f7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll"
sh=2E24B96C6CCE9A64DEAF2985663FFC202F305E26 ft=1 fh=137bf65d41a7b0e1 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll"
sh=82777106EA45BB35964B2D96F1CC162F82B2D4F7 ft=1 fh=317270a10cb1140f vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll"
sh=3539EE5A4F2DFF2B2BB7B44D8BA2530B26CC07A6 ft=1 fh=f2889898a5483011 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll"
sh=33CBECF595EC2352AA6ADF45210C2A811092A29F ft=1 fh=cd5bff7f28956953 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll"
sh=63368DE3C80EA6661DCC540F3E71B6F774AC56F6 ft=1 fh=2f9bb30bb76cc95f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll"
sh=0A62394F6C8912C5461507153F7084E8D1AA26C2 ft=1 fh=6d993863a49d2b20 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.GeneralUtilities.dll"
sh=F9DB06B27441D96BEABDB9DB548EEA683442A753 ft=1 fh=4508ccec1153f725 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll"
sh=5492FE0DA2E9F29F8008916C5D83B727930B4A53 ft=1 fh=802a037d81e6c97c vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll"
sh=F6A20C5EB7369E2878E23540A94D7BD6ACD6D437 ft=1 fh=2403be0b577fc584 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll"
sh=3B4FC42A542441B5727F10B4910EF1CDE4FACD53 ft=1 fh=0354afc6c5a6c2d5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll"
sh=443BCB73249D73F6650D7D89416CD70F44FCEEBE ft=1 fh=1880b86997065064 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductsRemovalLibary.dll"
sh=28ED102EB58DA8F22E7D73D3040E46E8B1D45EF1 ft=1 fh=62ae878b03043e2f vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll"
sh=DADC791B713F8F9F2D51421C80533E0CD59BAB94 ft=1 fh=f4cac559f4370f47 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll"
sh=24BA4E2BBD5136FFECFED26323FE8A72F7F2738F ft=1 fh=39224725b94bb06e vn="Variante von MSIL/Toolbar.Linkury.AS evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll"
sh=EB1782B2723D8EE10249597059C3C3B36D6201AC ft=1 fh=c3052f775fd58929 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.ShortcutsLibrary.dll"
sh=74686000C2D33B8AC91E835A1BD4FB69FE2923A3 ft=1 fh=b49770d7bfa93155 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll"
sh=8F8C37FF51527ACA1DB9A1680CB0281B89F0FFED ft=1 fh=ec30a536e181f5ec vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll"
sh=3BD0FB8092AEF7E95531C37432DC224055624676 ft=1 fh=6501640a08136ae6 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll"
sh=CBF9AF7E8DED8C1B4314E263137D72583E662BFD ft=1 fh=8794e8c87b304c6a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll"
sh=B79F217C622C0B5B6DAA19B3C74D2F087A1CFD3A ft=1 fh=a7b9390926b62c50 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.UninstallScreen.dll"
sh=F9389F48421E4A22F80A3BFC646050D4570D2FA1 ft=1 fh=7f35a7f5e0568bba vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll"
sh=CC8B6A07E8F48C236194745F3C1212AB10B8A0FC ft=1 fh=16dfeb9c8f4444db vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll"
sh=8F2E7716BE9E1C71D5215CE4BE5EC926483C7AD8 ft=1 fh=77c79c9f87e268d9 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll"
sh=866D243BC86FE5FC60209F450E20EC9B095F9030 ft=1 fh=992f160aaecfc783 vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll"
sh=4E1859C68B485319F073A43575C1FF619AA1E82E ft=1 fh=ae77c318e1a23889 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe"
sh=A6FD149D506F3EE6FFD460BECEDF628AACD3CAF1 ft=1 fh=c2e118c96fb78a0e vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll"
sh=22F6244F7101C7606598B297999FD61CF74DE280 ft=1 fh=6fa47544827ee62a vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll"
sh=E8A59ACD6A0C80D97C8ADF0DA29C75ADD6E415DD ft=1 fh=e4761d541f40a67f vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll"
sh=0FCFEC24FD73D4F15567BD261E70673B485986FC ft=1 fh=17fac77928ecd0af vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll"
sh=EF4529F6D6ED96A1615BE1F2BA541BACA5844190 ft=1 fh=dab3c819e78cf271 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll"
sh=52EC8EA3384AFADB66589E275EB894B4924CB652 ft=1 fh=fc2f9713cd4001d7 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=400E3ACE4D1F8D697919AA7B1F941E8CDD2FC735 ft=1 fh=02362f902529ea69 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll"
sh=59093E1D20DC233C5116B3C03DF1367A088B1536 ft=1 fh=eadc1f3a0144d9ec vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll"
sh=A24E0308386680857DE0CF2FA0EB1BC60B93E303 ft=1 fh=54e672e8b7a42c53 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll"
sh=AB2D4EF9EC062B299201D91662B199F821E5A850 ft=1 fh=b457e29583ba1fa6 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll"
sh=BCDC173F925130FFD31E9BF0D11377076FCAB3DF ft=1 fh=d2bc47b1b9271ad1 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll"
sh=C454D15B75DADFDA42FC58C76D2FF72212A9A213 ft=1 fh=53b864a121d00884 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll"
sh=DAB495D4C36C18A1547F938BB95DE9AE37B6B737 ft=1 fh=8e57c39575e4e045 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll"
sh=238D68911D5B3614CC0D6D2A8E7AE76AE515B811 ft=1 fh=c7731cdd54332ea7 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll"
sh=76B151721539533DD63E01CB2F175ADB5DAE9409 ft=1 fh=142af487ae64d514 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll"
sh=391A8B6792FEDD4D711BA3A117ED039BFBAD8D6F ft=1 fh=bcc98d01cbefe114 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll"
sh=95DBF48C3F1B9F0175A7BBB3578E1CB2F8C57ADB ft=1 fh=f0f560a5a66a039a vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll"
sh=7BCC2AD191C8751897858F205B9CBA2FAC4BA519 ft=1 fh=a6ff2d0b145de3f5 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll"
sh=4368ED4EFE437D5D313A3EB7794D9CC3114FA8C4 ft=1 fh=18e2fb87f85d379c vn="Win32/FileScout.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\2877.tmp"
sh=38BF08580CDB18595ED765EFDE3B2167FE909A0F ft=1 fh=51f85deb90e36917 vn="MSIL/MyPCBackup.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\BackupSetup.exe"
sh=EE002E71BC8A354FCCA40BBA75D56B87F1211AAE ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\che50FF.tmp"
sh=A982B10271B66D4153E5C4CBDF76796877E343FA ft=1 fh=16aeb78f4f898e6e vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\MixiDJToolbar.exe"
sh=1574A9C7440D9941D68F4C0E6ACCDE68063B5934 ft=1 fh=e3349bd8bc1a76dd vn="Mehrere Bedrohungen" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\SingAlong.exe"
sh=1BDF326D4F61733D0A2597D99BB902E41065ED75 ft=1 fh=ec9bdfc727260747 vn="Variante von MSIL/Toolbar.Linkury.P evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\SmartbarExeInstaller.exe"
sh=9239C2FAB9BFCC2F3089888467DEFB4C784BB694 ft=1 fh=a0e417f6f875ee28 vn="Mehrere Bedrohungen" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\sngalng.exe"
sh=58495F0458EDDC16D9A14A6E84CEE9C61AAE5E52 ft=1 fh=85d80dff1da9eafb vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\BabMaint.exe"
sh=56371D74005B39D794FF8F30891F27BACECA56C8 ft=1 fh=c3e79ff37423ee01 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\BUSolution.dll"
sh=B63A526551150E80C479E6F076E82DD5A7FB7FBE ft=1 fh=407239d3df8cef81 vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\CrxInstaller.dll"
sh=C179EC7FD95F96DE417DF6954395F005930420A5 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\delta1.crx"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\IEHelper.dll"
sh=C93CCF890C1E509C8FCE0001F591EE542810BE4B ft=1 fh=1ba84391c3067840 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\MyBabylonTB.exe"
sh=935F58155F74B051F9123B6022B7D358B52B146F ft=1 fh=4132c7bb6eed2e50 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\0E9E2FBA-BAB0-7891-AB7A-7036ED40CB4F\Setup.exe"
sh=58495F0458EDDC16D9A14A6E84CEE9C61AAE5E52 ft=1 fh=85d80dff1da9eafb vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\BabMaint.exe"
sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\BExternal.dll"
sh=56371D74005B39D794FF8F30891F27BACECA56C8 ft=1 fh=c3e79ff37423ee01 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\BUSolution.dll"
sh=B63A526551150E80C479E6F076E82DD5A7FB7FBE ft=1 fh=407239d3df8cef81 vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\CrxInstaller.dll"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\IEHelper.dll"
sh=9862A05F8F25964656DCAA7C6D032E4D0F7BA500 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\mixiDj.crx"
sh=D5BC3F514C1E1FD608FA02E4432CA31EA715D7BF ft=1 fh=020cfad13de95356 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\MyBabylonTB.exe"
sh=68C0DA61CCDF2D030CA8F7571FCA8885ABB32AE4 ft=1 fh=48d59b359e56918a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\3D780657-BAB0-7891-B4AE-EEEEDF4146C8\Latest\Setup.exe"
sh=FD77BC87BEE4F586A299540541FE37A2F7180FBE ft=1 fh=5fa0813bf2381fde vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\bus2A1\CrxUpdater_d.exe"
sh=FB619AC99F7351E7D0CA693213CFED92AD652136 ft=1 fh=d78e03289ad1e84e vn="Variante von Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\bus2BE0\BUSolution.dll"
sh=A5B2C42049A8340306CD976682585AAC803F3A89 ft=1 fh=6d4efb7db87b3c41 vn="Variante von Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\bus425D\fntupdtr.exe"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\bus58EA\BUSolution.dll"
sh=FD77BC87BEE4F586A299540541FE37A2F7180FBE ft=1 fh=5fa0813bf2381fde vn="Win32/Toolbar.Babylon.AF evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\busA6B\CrxUpdater_d.exe"
sh=1BC7381ED81FE4BE5FF57D7C524FF9405D752E4B ft=1 fh=31dc6aae04e14a9e vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\DomaIQ.exe"
sh=EC7350DCAE40314EECE454075AAE2C31CC9D4870 ft=1 fh=d8c657e0508922ac vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\DomaIQ10.exe"
sh=CD32179FFE4FD298CFAB8ACA6A11FEC8568FDA56 ft=0 fh=0000000000000000 vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\exes.zip"
sh=9B82EB02B7726EB99B3539A64B8FAACB72222082 ft=1 fh=e6c8db4ef0dbf8d7 vn="Win32/DomaIQ.H evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\installer.exe"
sh=372BA1ACD1E57D5F185713D83B15B280945E367A ft=1 fh=41beb9eb0f94c4e1 vn="Mehrere Bedrohungen" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\software\Addlyrics.exe"
sh=CC41CADBBD6BA6ED0BFDD17798B4C9F94D7955E0 ft=1 fh=e26a6656a404b558 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\software\Delta Babylon.exe"
sh=F43A66F5AC79276A3E27467D5DD100DDCFA61891 ft=1 fh=80399c2706f2ad8c vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\software\Format-Factory.exe"
sh=0CB314A079E7A0B23C5B4E7E7AAC7DD0E7E26550 ft=1 fh=2df14979b5d1142b vn="Variante von Win32/SpeedingUpMyPC.B Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\0lYgaw04EsPjIfy\software\OptimizerPro.exe"
sh=1BC7381ED81FE4BE5FF57D7C524FF9405D752E4B ft=1 fh=31dc6aae04e14a9e vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\wqk2oQ5UwIgqAQI\DomaIQ.exe"
sh=EC7350DCAE40314EECE454075AAE2C31CC9D4870 ft=1 fh=d8c657e0508922ac vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\wqk2oQ5UwIgqAQI\DomaIQ10.exe"
sh=CD32179FFE4FD298CFAB8ACA6A11FEC8568FDA56 ft=0 fh=0000000000000000 vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\wqk2oQ5UwIgqAQI\exes.zip"
sh=9B82EB02B7726EB99B3539A64B8FAACB72222082 ft=1 fh=e6c8db4ef0dbf8d7 vn="Win32/DomaIQ.H evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\wqk2oQ5UwIgqAQI\installer.exe"
sh=1BC7381ED81FE4BE5FF57D7C524FF9405D752E4B ft=1 fh=31dc6aae04e14a9e vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\DomaIQ.exe"
sh=EC7350DCAE40314EECE454075AAE2C31CC9D4870 ft=1 fh=d8c657e0508922ac vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\DomaIQ10.exe"
sh=CD32179FFE4FD298CFAB8ACA6A11FEC8568FDA56 ft=0 fh=0000000000000000 vn="Win32/DomaIQ.G evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\exes.zip"
sh=9B82EB02B7726EB99B3539A64B8FAACB72222082 ft=1 fh=e6c8db4ef0dbf8d7 vn="Win32/DomaIQ.H evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\installer.exe"
sh=4483993FD8FADA2D566306C3EDCBAEA9C005E227 ft=1 fh=fb7cd5db217c30e0 vn="Win32/Adware.SpeedingUpMyPC Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\software\Driverpro.exe"
sh=86BC15F28BC0F35693868A4B3EA924D2081D036B ft=1 fh=d6a2a71c4c4546b9 vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\software\Format-Factory"
sh=25592B49FFB4E3E9647DAE84B6E5C4AB780CDFF7 ft=1 fh=2ebeeb4379b1c9b2 vn="Win32/DownWare.N evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\software\Mixi Dj Yahoo.exe"
sh=E0D659617CDE986DFCD04E9BB42E250CEB6D34EF ft=1 fh=d971949cada49ada vn="Win32/DownWare.N evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\DM\Y7Zj39RkHOwktM6\software\QuickShare1.exe"
sh=6511B37C7ACE73216D35C2AA7AF2034E1780EB56 ft=1 fh=c71c0011fd19b3c0 vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\BExternal.dll"
sh=F2FB5115B7D03E90F6E9D4B1F6E882385AA00F5F ft=1 fh=f2472f77ed228eaa vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\IEHelper.dll"
sh=CAE38F7984A73FA129EB5FD190410A68C81350C2 ft=1 fh=b629c1bd568509dc vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\Setup.exe"
sh=DED201AE02FB9EA3646489AFEDA49270C4620D9C ft=1 fh=c71c001196f8c3ac vn="Variante von Win32/Toolbar.Babylon.C evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\Latest\BExternal.dll"
sh=7759A3318DE2ABC3755EBB7F50322C6D586B5286 ft=1 fh=e3d39714b3bfb2a0 vn="Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\Latest\IEHelper.dll"
sh=C93CCF890C1E509C8FCE0001F591EE542810BE4B ft=1 fh=1ba84391c3067840 vn="Win32/Toolbar.Montiera.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\Latest\MyBabylonTB.exe"
sh=0DFF286CC197580AD8BC374E1E7B57A321A0DF30 ft=1 fh=b5e362bb150f743a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\F8C7B83F-BAB0-7891-A2AC-3B07A4531600\Latest\Setup.exe"
sh=014A531D3CC8C338B54050E33F8169D8ACAD204C ft=1 fh=35b367b6db82c840 vn="Variante von Win32/Toolbar.Babylon.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\ibtmpc810632\component_612.decrpt"
sh=222CC84EBEC4C34BB2046AB3B875843F44175265 ft=1 fh=cef1ab5f7c8c5502 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\ibtmpc810632\component_625"
sh=10865E388F36174297EC4ECDAFD6265B331BFDCD ft=1 fh=c71442a0f17f9a09 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\nseC301.tmp\mt.dll"
sh=10865E388F36174297EC4ECDAFD6265B331BFDCD ft=1 fh=c71442a0f17f9a09 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\nsz2378.tmp\mt.dll"
sh=8598A291DAC2BE7B8EEE469D40D3307999BA2D12 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\Smartbar\LinkuryInstaller.msi"
sh=1E9E261D85783EEDEC0B3E8CB7BDCD6BDC4CCC82 ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\Smartbar\26bd7386-e546-41bb-ba63-886152ebd2d3\LinkuryInstaller.msi"
sh=31D020E4B21930C9DAB92C13741F8B26E69FA79E ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\Smartbar\934faaad-8ac9-423b-8166-8e363f9345cd\LinkuryInstaller.msi"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\upd2348\BabMaint.x"
sh=7664F6A327E5201011200E703489577A0971AB77 ft=1 fh=c71c0011451c6a93 vn="Variante von Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Local\Temp\upd2348\BUSolution.x"
sh=C179EC7FD95F96DE417DF6954395F005930420A5 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\BabSolution\CR\delta1.crx"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\BabSolution\Shared\BabMaint.exe"
sh=671E3E4E9E4C9A039D9AD1479A0C91E670AF18E3 ft=1 fh=d643e79c9fb8f862 vn="Win32/Toolbar.Babylon.AE evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\BabSolution\Shared\BUSolution.dll"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\staged\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\staged\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\staged\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\staged\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\staged\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\AppData\Roaming\Mozilla\Firefox\Profiles\iuim0fod.default\extensions\{d0d57ce3-9ce0-4175-aa1d-2823b2807a50}\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=45CB09F6D53416D32A5DB89E06038DCE8734CC8F ft=1 fh=b1634e7f08f95eeb vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="G:\Users\Jaqueline\Downloads\video_downloader.exe"
sh=F947AA34205F4C7C9202197D2FFE9D21E5938708 ft=1 fh=e3f519acea9fec13 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="G:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=31D020E4B21930C9DAB92C13741F8B26E69FA79E ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.A evtl. unerwünschte Anwendung" ac=I fn="G:\Windows\Installer\5916a.msi"
sh=E380C75C9904013FB23E09EB8B819B8B4998FD6A ft=1 fh=8a21180e008fd756 vn="Mehrere Bedrohungen" ac=I fn="G:\Windows\Temp\Optimizer_Pro.exe"
sh=4745B13310B631E7FEB471C61B9D8AB6957361E4 ft=1 fh=ab7c80c0896dc8a9 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\Dark_Theme - CHIP-Installer (1).exe"
sh=18EFA4C5D3735D55D09545B9EE384318D7FD8110 ft=1 fh=3d8373cf06f87863 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\Dark_Theme - CHIP-Installer (2).exe"
sh=E84CB57A26F61F6FB8775217DC1BF6F581D3861F ft=1 fh=b4b4f9ae6d60d828 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\Dark_Theme - CHIP-Installer.exe"
sh=AAB839ADE030E3A8C9B7390D7312F7E6BE747CDE ft=1 fh=a59fb2a1c2dd8d19 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\MediaPortal - CHIP-Installer.exe"
sh=9D99CB7E5815E3CCC57C13E683BAB40E36AA01D8 ft=1 fh=f9d10bbe128bbd43 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\micro SIM Schablone PDF Vorlage - CHIP-Installer.exe"
sh=A83F6778B2ADD25FDCC07E88281CD8E51626125F ft=1 fh=b8478270aad51b6a vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\Nano SIM Schablone PDF Vorlage - CHIP-Installer.exe"
sh=721A21BED12C81369FC15DFDD15735579179A346 ft=1 fh=b6805804fb0b6121 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="H:\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
sh=F12564CB8B3F002984DC99D16BC5A0CD7F09ADEC ft=0 fh=0000000000000000 vn="BAT/Qhost.NOV Trojaner" ac=I fn="H:\Downloads\Adobe Creative Cloud Collection 2015\Adobe Creative Cloud Collection 2015\Adobe Creative Cloud Collection 2015\Aktivierung für alle Versionen\XFORCE Cloud 2015\Adobe Block.cmd"
sh=741DB16CB93F22FC73D7564A67210DE82923C0D6 ft=0 fh=0000000000000000 vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="H:\Downloads\DAEMON Tools Pro Advanced v6.1.0.0483\DAEMON Tools Pro Advanced v6.1.0.0483.rar"
sh=60F3B729AFFF0BD2E449D7BC67E6047E722480E2 ft=1 fh=2d7bef2a04f77cfd vn="Variante von Win32/Packed.Themida verdächtige Datei" ac=I fn="H:\Downloads\DAEMON Tools Pro Advanced v6.1.0.0483\DAEMON Tools Pro Advanced v6.1.0.0483\Activator_DTP\activator.exe"
sh=F12564CB8B3F002984DC99D16BC5A0CD7F09ADEC ft=0 fh=0000000000000000 vn="BAT/Qhost.NOV Trojaner" ac=I fn="H:\FileHistory\totti\HOME-PC\Data\$OF\979\981 (2015_10_14 22_35_17 UTC).cmd"
sh=2A2B0D1BDF59D203AEDCCF60E0ED1EDF12EFE52F ft=1 fh=b58b6ff5e352b598 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Neuer Ordner\Transcend\Alcohol 120% 2.0.2 Build 5830 Retail\Alcohol120_retail_2.0.2.5830.exe"
sh=052529D1B57123707DE6304CA2A2E8832E80A1F1 ft=1 fh=487ceb503c81f5f9 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=2217E1961154CF4B0C3B3214571B5786CCBC9684 ft=1 fh=dce4548ffcc95958 vn="Win32/Toolbar.MyWebSearch.M evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Program Files (x86)\FunWebProducts\Installr\1.bin\F3EZSETP.DLL"
sh=BB975EE11563FEB8F5AE1EA682E97A00D689F4E9 ft=1 fh=e477418542ff9b15 vn="Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL"
sh=7545E5D53E00AA6872BF879DEC70FC81ABF60595 ft=1 fh=c086fa962fcc649c vn="Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung" ac=I fn="H:\Neuer Ordner (2)\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL"
|
|
10.12.2016, 18:01
| #15 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? Schritt 1   Speichere die angehängte fixlist.txt bitte in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet. (Download-Ordner)
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Windows 10 plötzlich unbekanntes Benutzerkonto/eMail. Microsoftkonto gehackt? |
| administrator, asus, besitzer, bonjour, computer, defender, desktop, e-mail, explorer, installation, mozilla, nvidia, prozesse, realtek, registry, router, rundll, scan, server, services.exe, software, super, svchost.exe, system, usb, windows, windowsapps, winlogon.exe |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
