| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
26.12.2016, 16:03
| #1 |
 |  BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Hallo zusammen, erstmal besten Dank, dass ich hier die Gelegenheit habe, meine Frage zu posten und Unterstützung zu bekommen! Ich habe vorgestern einen meiner USB Sticks an mein Notebook angeschlossen. Daraufhin öffnete sich ein Windows Fenster, in dem eine Meldung im Sinne von "Gerät wird installiert" angezeigt wurde. Dann kam noch die Frage ob ich zulassen möchte, dass das Gerät Änderungen an meinem System vornimmt - diese habe ich mit Ja bestätigt. Im Datei Manager konnte ich anschließend aber kein zusätzliches Laufwerk entdecken. Also habe ich den USB Stick wieder raus und nochmal angeschlossen und konnte nun sehen, dass dieser als Tatstaur erkannt wurde. Das hat mich einigermaßen irritiert, so dass ich danach googelte habe und auf Meldungen aus dem Jahr 2013-2015 über BadUSB stieß. Nun bin ich nicht nur iritiiert sondern auch in großer Sorge, dass ich mir irgendeine Schadsoftware auf das Notebook geladen haben, die dieses nun ausspäht wird oder was auch immer. Den USB Stick hatte ich beim Media Markt neu gekauft (ich glaube, er ist von Hama, bin mir aber nicht ganz sicher und da es ein Winzlings-Teil ist, steht es auch nicht drauf). Ich habe ihn nur 2 oder 3 Mal bisher genutzt. Einmal an meinem eigenen Notebook, einmal an meinem dienstlichen Notebook und einmal an meinen Autoradio. Da bestand das - "wurde als Tatstaur erkannt Problem" - noch nicht - alles war ok. Insofern bin ich etwas verwundert, dass der Stick bei einer der beiden Gelegenheiten "was abbekommen" haben soll. Oder gibt es für dieses Phänomen evtl. auch eine ganz harmlose Ursache? Was muss ich tun, um ganz sicher zu gehen, dass mein Notebook tatsächlich nicht mit irgendwas infiziert ist? Meeine anderen beiden USB Sticks, die ich nicht an mein Dienst- Notebook angeschlossen hatte (es ist inzwischen durch ein neues ersetzt) werden einwandfrei als Laufwerk erkannt. Ich nutze KIS 2017 und habe schon mal die Rootkit-Suche laufen lassen - ohne Fund. Das reicht mir aber nicht... Für Eure Hilfe wäre ich wirklich ausgesprochen dankbar! Beste Grüße Traufrau Ich nutze Windows 10, KIS 2017 Geändert von Traufrau (26.12.2016 um 16:10 Uhr) Grund: Rechtschreibefehler korrigiert. Tatstaur schreibt immer mal doppelte Buschstaben... |
|
27.12.2016, 10:33
| #2 | |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Hi,
__________________Zitat:
Den hast du bitte woher? Auf der Straße gefunden, gekauft, von einem Freund, ???
__________________ |
|
27.12.2016, 11:44
| #3 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Hallo,
__________________das steht im Text: Den Stick hatte ich neu im Media Markt gekauft. Hersteller steht leider nicht drauf, da der Stick nur ca. 2-3 cm lang ist. Ich meine, er ist von Hama oder Intenso, bin mir aber nicht sicher. |
|
27.12.2016, 12:14
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Der Stick hat sich schon immer so verhalten? Media Markt sagt was dazu?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.12.2016, 13:09
| #5 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Nein, der Stick hat sich anfänglich normal verhalten, das hatte ich auch geschrieben. Deswegen war ich mit diesem Problem auch nicht beim Media Markt. |
|
27.12.2016, 13:25
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Der Stick wurde mal verliehen?
__________________ --> BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? |
|
27.12.2016, 14:56
| #7 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Nein, niemals. Und ich hatte ihn ausschließlich an meinem eigenen und meinem dienstlichen Notebook in Gebrauch. |
|
27.12.2016, 14:58
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Aha - dann erklär mal wie das sein kann, dass ein Stick aufeinmal zu einem bösen Device mutiert wenn du selbst nie was dran gemacht und diesen auch nie verliehen hast Dein Stick wird einfach nur defekt sein. Geht zum MM und tausch das Teil um.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
27.12.2016, 15:26
| #9 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Wenn ich die Informationen dazu im Netz richtig verstanden habe, ist es möglich, den USB Port anzugreifen und den Stick sozusagen umzuprogrammieren. siehe z. B. die Infos hier: https://www.indevis.de/de/service-und-support/advisory/articles/badusb-boese-tastaturen-erkennen.html (Sorry, bekommme den Link nicht als anclickbaren Link eingefügt...). Ich will ja gar nicht ausschließen, dass es eine völlig harmlose Ursache für das Problem gibt, deswegen hatte ich auch danach gefragt, ob diese Möglichkeit besteht. Aber ich weiß es eben nicht und bevor ich nun auf meinem Notebook ggf. eine Schadsoftware habe, die z. B. meine Tatstaureingaben ausliest und überträgt, hätte ich gerne Gewissheit, dass dem nicht so ist. Geändert von Traufrau (27.12.2016 um 15:43 Uhr) |
|
28.12.2016, 09:12
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? https://heise.de/-2281098 Ich hab darüber schon ewig nix mehr gelesen. Deine private Kiste können wir ja gern hier unter die Lupe nehmen aber was dein dienstliches Gerät angeht, damit gehst du mal lieber zu deinen Kollegen aus der IT-Abteilung.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.12.2016, 12:23
| #11 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Ok, ganz herzlichen Dank! Dann poste ich mal, was ich inzwischen gemacht habe. Hoffe, es ist so richtig... Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
durchgeführt von User (Administrator) auf DESKTOP-DRH7H7T (26-12-2016 15:38:34)
Gestartet von C:\Users\User\Downloads
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxEM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Program Files (x86)\PHotkey\Atouch64.exe
() C:\Program Files (x86)\PHotkey\Dolbyosd.exe
() C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\KeyboardMonitorTool.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcMon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(G Data Software AG) C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(The OpenVPN Project) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\openvpn.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16427256 2016-02-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1427704 2016-02-17] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3352808 2016-01-25] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [628736 2015-06-16] ()
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110008 2015-05-26] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [499128 2015-05-26] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD12Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-12] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GDataUsbProtection] => C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe [1412216 2014-09-05] (G Data Software AG)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-1213055294-2461168806-142959829-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\PhotoScreensaver.scr [572416 2016-07-16] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{7b6e48f4-9bbd-43b0-8d9d-9177a371cfed}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c3e6a0a0-7e2e-4ade-9e02-0cb5115ea29a}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1213055294-2461168806-142959829-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1213055294-2461168806-142959829-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
FireFox:
========
FF DefaultProfile: hotscrov.default
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default [2016-12-26]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\hotscrov.default -> MetaGer
FF NetworkProxy: Mozilla\Firefox\Profiles\hotscrov.default -> http", "192.241.239.27:"
FF NetworkProxy: Mozilla\Firefox\Profiles\hotscrov.default -> http_port", 80
FF NetworkProxy: Mozilla\Firefox\Profiles\hotscrov.default -> type", 0
FF Extension: (MEGA) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\Extensions\firefox@mega.co.nz.xpi [2016-12-23]
FF Extension: (HTTPS Everywhere) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\Extensions\https-everywhere@eff.org.xpi [2016-12-22]
FF Extension: (ProxTube) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\Extensions\ich@maltegoetz.de.xpi [2016-12-18]
FF Extension: (NoScript) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-12-03]
FF Extension: (View Cookies) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\Extensions\{8F6A6FD9-0619-459f-B9D0-81DE065D4E21}.xpi [2016-01-31]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\searchplugins\metager.xml [2016-03-08]
FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\hotscrov.default\searchplugins\mozilla-hilfe.xml [2016-03-05]
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\vls3s3h7.default-1469289382231 [2016-07-23]
FF Extension: (Kein Name) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [nicht gefunden]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-16] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-25] (NVIDIA Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 cphs; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe [301536 2016-11-01] (Intel Corporation)
S3 cplspcon; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe [480224 2016-11-01] (Intel Corporation)
R2 DAX2API; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [163328 2016-01-27] () [Datei ist nicht signiert]
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [437224 2016-12-12] (Digital Wave Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144104 2016-01-25] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe [341984 2016-11-01] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-06-12] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 PGFNEXSrv; C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe [135680 2014-08-07] () [Datei ist nicht signiert]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831200 2015-06-12] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 clwvd6; C:\WINDOWS\system32\DRIVERS\clwvd6.sys [41400 2015-08-31] (CyberLink Corporation)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [30808 2016-01-25] (ELAN Microelectronic Corp.)
R3 GDKBBlocker; C:\WINDOWS\system32\drivers\GDKBBlocker64.sys [30720 2016-12-19] (G Data Software AG)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [349960 2016-07-12] (Intel Corporation)
R3 igfx; C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys [11033056 2016-11-01] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [435032 2016-11-20] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2016-11-21] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2016-12-08] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-10] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2016-12-15] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-10] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-10] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-10] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2016-12-08] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47976 2015-07-02] (NVIDIA Corporation)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 PegaRadioSwitch; C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys [33560 2015-06-05] (Windows (R) Win 7 DDK provider)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2016-01-25] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [402136 2015-07-17] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-26 15:38 - 2016-12-26 15:38 - 00020208 _____ C:\Users\User\Downloads\FRST.txt
2016-12-26 15:38 - 2016-12-26 15:38 - 00000000 ____D C:\FRST
2016-12-26 15:37 - 2016-12-26 15:37 - 02420736 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2016-12-23 17:14 - 2016-12-23 17:14 - 00001420 _____ C:\Users\Public\Desktop\Free MP4 Video Converter.lnk
2016-12-23 17:11 - 2016-12-23 17:11 - 02268432 _____ (Digital Wave Ltd ) C:\Users\User\Downloads\FreeMP4VideoConverter_5.0.102.1027_d.exe
2016-12-20 06:22 - 2016-12-20 06:25 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2016-12-19 22:46 - 2016-12-19 22:46 - 00030720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBBlocker64.sys
2016-12-19 22:46 - 2016-12-19 22:46 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBBlocker64_01007.Wdf
2016-12-19 22:46 - 2016-12-19 22:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA USB KEYBOARD GUARD
2016-12-19 22:46 - 2016-12-19 22:46 - 00000000 ____D C:\Program Files (x86)\G DATA
2016-12-19 22:45 - 2016-12-19 22:45 - 00000000 ____D C:\ProgramData\G Data
2016-12-19 22:43 - 2016-12-19 22:45 - 12357536 _____ (G DATA Software AG) C:\Users\User\Downloads\INT_GD_USB_KEYBOARD_GUARD.exe
2016-12-19 00:51 - 2016-12-19 00:51 - 00001078 _____ C:\Users\Public\Desktop\EaseUS Data Recovery Wizard.lnk
2016-12-19 00:51 - 2016-12-19 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2016-12-19 00:51 - 2016-12-19 00:51 - 00000000 ____D C:\Program Files\EaseUS
2016-12-19 00:48 - 2016-12-19 00:50 - 16097104 _____ (EaseUS ) C:\Users\User\Downloads\drw_free.exe
2016-12-19 00:28 - 2016-12-19 00:28 - 00000000 ____D C:\Users\User\Downloads\Documents\Lyrics
2016-12-18 22:48 - 2016-12-18 22:48 - 00000000 ____D C:\ProgramData\FNET
2016-12-18 00:54 - 2016-12-18 00:54 - 988178050 _____ C:\WINDOWS\MEMORY.DMP
2016-12-18 00:54 - 2016-12-18 00:54 - 00805828 _____ C:\WINDOWS\Minidump\121816-6187-01.dmp
2016-12-18 00:54 - 2016-12-18 00:54 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-17 21:25 - 2016-12-17 21:25 - 00001379 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk
2016-12-17 20:07 - 2016-12-17 20:08 - 07025546 _____ C:\Users\User\Downloads\rezept-apfelschmandkuchen-100.pdf
2016-12-16 00:26 - 2016-12-16 21:27 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-12-16 00:26 - 2016-12-16 00:26 - 00003860 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-12-15 21:26 - 2016-12-15 21:26 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2016-12-14 23:22 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 23:22 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 23:22 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 23:22 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 23:22 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 23:22 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 23:22 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 23:22 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 23:22 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 23:22 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 23:22 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 23:22 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 23:22 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 23:22 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 23:22 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 23:22 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 23:22 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 23:22 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 23:22 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 23:22 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 23:22 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 23:22 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 23:22 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 23:22 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 23:22 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 23:22 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 23:22 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 23:22 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 23:22 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 23:22 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 23:22 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 23:22 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 23:22 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 23:22 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 23:22 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 23:22 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 23:22 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 23:22 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 23:22 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 23:22 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 23:22 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 23:22 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 23:22 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 23:22 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 23:22 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 23:22 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 23:22 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 23:22 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 23:22 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 23:22 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 23:22 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 23:22 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 23:22 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 23:22 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 23:22 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 23:22 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 23:22 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 23:22 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 23:22 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 23:22 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 23:22 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 23:22 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 23:22 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 23:22 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 23:22 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 23:22 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 23:22 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 23:22 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 23:22 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 23:22 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 23:22 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 23:22 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 23:22 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 23:22 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 23:22 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 23:22 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 23:22 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 23:22 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 23:22 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 23:22 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 23:22 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 23:22 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 23:22 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 23:22 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 23:22 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 23:22 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 23:22 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 23:22 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 23:22 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 23:22 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 23:22 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 23:22 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 23:22 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 23:22 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 23:22 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 23:22 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 23:22 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 23:22 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 23:22 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 23:22 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 23:22 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 23:22 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 23:22 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 23:22 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 23:22 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 23:22 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 23:22 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 23:22 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 23:22 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 23:22 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 23:22 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 23:22 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 23:22 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 23:22 - 2016-11-02 11:28 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-12-14 23:22 - 2016-11-02 11:25 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-12-14 23:22 - 2016-09-15 17:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-12-11 00:37 - 2016-12-11 00:39 - 02163175 _____ (Igor Pavlov) C:\Users\User\Downloads\OXConnector.exe
2016-12-11 00:35 - 2016-12-12 21:18 - 05259240 _____ (Oleg N. Scherbakov) C:\Users\User\Downloads\OX Drive_v2.2.0.exe
2016-12-10 22:37 - 2016-12-10 22:37 - 00001830 _____ C:\Users\Public\Desktop\Presentations 2016.lnk
2016-12-10 22:37 - 2016-12-10 22:37 - 00001802 _____ C:\Users\Public\Desktop\TextMaker 2016.lnk
2016-12-10 22:37 - 2016-12-10 22:37 - 00001802 _____ C:\Users\Public\Desktop\PlanMaker 2016.lnk
2016-12-10 22:37 - 2016-12-10 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftMaker FreeOffice 2016
2016-12-10 22:37 - 2016-12-10 22:37 - 00000000 ____D C:\Program Files (x86)\SoftMaker FreeOffice 2016
2016-12-10 22:05 - 2016-12-10 22:33 - 82230104 _____ (SoftMaker Software GmbH) C:\Users\User\Downloads\freeoffice2016.exe
2016-12-10 10:43 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-10 10:43 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-10 10:43 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-10 10:43 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-10 10:43 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-10 10:43 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-10 10:43 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-10 10:43 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-10 10:43 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-10 10:43 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-10 10:43 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-10 10:43 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-10 10:43 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-10 10:43 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-10 10:43 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-10 10:43 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-10 10:43 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-10 10:43 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-10 10:43 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-10 10:43 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-10 10:43 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-10 10:43 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-10 10:43 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-10 10:43 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-10 10:43 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-10 10:43 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-10 10:43 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-10 10:43 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-10 10:43 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-10 10:43 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-10 10:43 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-10 10:43 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-10 10:43 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-10 10:43 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-10 10:43 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-10 10:43 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-10 10:43 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-10 10:43 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-10 10:43 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-10 10:43 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-10 10:43 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-10 10:43 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-10 10:43 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-10 10:43 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-10 10:43 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-10 10:43 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-10 10:43 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-10 10:43 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-10 10:43 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-10 10:43 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-10 10:43 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-10 10:43 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-10 10:43 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-10 10:43 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-10 10:43 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-10 10:43 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-10 10:43 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-10 10:43 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-10 10:43 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-10 10:43 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-10 10:43 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 10:43 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-10 10:43 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-10 10:43 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-10 10:43 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-10 10:43 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-10 10:43 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-10 10:43 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-10 10:43 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-10 10:43 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-10 10:43 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-10 10:43 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-10 10:43 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-10 10:43 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-10 10:43 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-10 10:43 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-10 10:43 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-10 10:43 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-10 10:43 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-10 10:43 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-10 10:43 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-10 10:43 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-10 10:43 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-10 10:43 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-10 10:43 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-10 10:43 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-10 10:43 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-10 10:43 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-10 10:43 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-10 10:43 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-10 10:43 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-10 10:43 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-10 10:43 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-10 10:43 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-10 10:43 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-10 10:43 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-10 10:43 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-10 10:43 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-10 10:43 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-10 10:43 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-10 10:43 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-10 10:43 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-10 10:43 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-10 10:43 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-10 10:43 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-10 10:43 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-10 10:43 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-10 10:43 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-10 10:43 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-10 10:43 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-10 10:43 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-10 10:43 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-10 10:43 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-10 10:43 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-10 10:43 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-10 10:43 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-10 10:43 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-10 10:43 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-10 10:43 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-10 10:43 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-10 10:43 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-10 10:43 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-10 10:43 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-10 10:43 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-10 10:43 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-10 10:43 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-10 10:43 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-10 10:43 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-10 10:43 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-10 10:43 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-10 10:43 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-10 10:43 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-10 10:43 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-10 10:43 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-10 10:43 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-10 10:43 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-10 10:43 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-10 10:43 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-10 10:43 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-10 10:43 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-10 10:43 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-10 10:43 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-10 10:43 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-10 10:43 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-10 10:43 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-10 10:43 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-10 10:43 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-10 10:43 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-10 10:43 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-10 10:43 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-10 10:43 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-10 10:43 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-10 10:43 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-10 10:43 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-10 10:43 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-10 10:43 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-10 10:43 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-10 10:43 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-10 10:43 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-10 10:42 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-10 10:42 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-10 10:42 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-10 10:42 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-10 10:42 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-10 10:42 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-10 10:42 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-10 10:42 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-10 10:42 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-10 10:42 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-10 10:42 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-10 10:42 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-10 10:42 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-10 10:42 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-10 10:42 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-10 10:42 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-10 10:42 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-10 10:42 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-10 10:42 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-10 10:42 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-10 10:42 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-10 10:42 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-10 10:42 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-10 10:42 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-10 10:42 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-10 10:42 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-10 10:42 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-10 10:42 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-10 10:42 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-10 10:42 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-10 10:42 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-10 10:42 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-10 10:42 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-10 10:42 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-10 10:42 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-10 10:42 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-10 10:42 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-10 10:42 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-10 10:42 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-10 10:42 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-10 10:42 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-10 10:42 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-10 10:42 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-10 10:42 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-10 10:42 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-10 10:42 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-10 10:42 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-10 10:42 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-10 10:42 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-10 10:42 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-10 10:42 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-10 10:42 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-10 10:42 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-10 10:42 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-10 10:42 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-10 10:42 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-10 10:42 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-10 10:42 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-10 10:42 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-10 10:42 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-10 10:42 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-10 10:42 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-10 10:42 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-10 10:42 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-10 10:42 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-10 10:42 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-10 10:42 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-10 10:42 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-10 10:42 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-10 10:42 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-10 10:42 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-10 10:42 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-10 10:42 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-10 10:42 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-10 10:42 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-10 10:42 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-10 10:42 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-10 10:42 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-10 10:42 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-10 10:04 - 2016-12-10 10:04 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2016-12-10 10:01 - 2016-12-10 10:01 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2016-12-10 10:01 - 2016-12-10 10:01 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2016-12-10 10:01 - 2016-12-10 10:01 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2016-12-06 22:13 - 2016-12-06 22:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-12-01 21:34 - 2016-12-01 21:34 - 01516431 _____ C:\Users\User\Downloads\nutzungsbedingungen_family-phase_bonus_sparen.pdf
2016-11-30 22:20 - 2016-12-17 10:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-12-26 15:37 - 2016-02-25 00:39 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-12-26 15:30 - 2016-07-16 23:51 - 01468104 _____ C:\WINDOWS\system32\perfh007.dat
2016-12-26 15:30 - 2016-07-16 23:51 - 00359544 _____ C:\WINDOWS\system32\perfc007.dat
2016-12-26 15:30 - 2015-07-25 18:00 - 03269474 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-26 15:28 - 2016-11-18 19:33 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla
2016-12-26 15:26 - 2016-01-25 06:55 - 00000000 ____D C:\Users\User\Downloads\Documents\YouCam
2016-12-26 15:24 - 2016-08-14 21:52 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-26 15:24 - 2016-01-25 06:53 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles
2016-12-26 15:23 - 2016-08-14 21:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-26 02:04 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2016-12-26 02:02 - 2016-06-14 15:44 - 00000000 ____D C:\ProgramData\SoftMaker
2016-12-26 01:57 - 2016-08-14 21:52 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-12-24 22:13 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-23 18:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-23 17:14 - 2016-01-31 01:24 - 00001412 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2016-12-23 17:14 - 2016-01-31 01:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-12-23 17:14 - 2016-01-31 01:23 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft
2016-12-23 17:14 - 2016-01-31 01:23 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2016-12-23 01:50 - 2016-02-08 01:53 - 00007603 _____ C:\Users\User\AppData\Local\Resmon.ResmonCfg
2016-12-22 11:03 - 2016-05-22 18:12 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2016-12-22 11:03 - 2016-05-22 18:12 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2016-12-20 01:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-20 00:13 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2016-12-19 22:35 - 2016-02-14 17:18 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
2016-12-19 01:29 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-18 23:39 - 2016-02-24 00:20 - 00000000 ____D C:\Users\User\Downloads\Documents\Rezepte
2016-12-17 10:07 - 2016-01-29 21:43 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-12-16 21:27 - 2016-08-14 21:52 - 00226984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-16 00:27 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-16 00:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-12-16 00:25 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-12-15 21:47 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-14 22:48 - 2016-01-29 21:44 - 00001148 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-12-14 22:48 - 2016-01-29 21:43 - 00001160 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-12-14 22:21 - 2016-01-29 23:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 22:20 - 2016-01-29 23:00 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-10 22:37 - 2016-06-14 15:42 - 00000000 ____D C:\Users\User\Downloads\Documents\SoftMaker
2016-12-10 22:37 - 2016-06-14 15:42 - 00000000 ____D C:\Users\User\AppData\Roaming\SoftMaker
2016-12-10 20:16 - 2015-07-25 09:53 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-10 20:14 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-10 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-10 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-10 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-10 20:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-10 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-10 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-10 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-10 20:14 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-10 10:00 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-08 21:34 - 2016-11-20 11:48 - 00001477 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2016-12-08 21:32 - 2016-02-25 00:39 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2016-12-08 21:32 - 2015-06-16 21:56 - 00134880 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2016-12-08 21:32 - 2015-06-11 19:35 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2016-12-04 10:54 - 2016-11-23 21:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-25 08:53 - 2016-01-25 08:53 - 0000036 _____ () C:\Program Files\smaple.txt
2016-01-25 07:25 - 2016-01-25 07:25 - 0003072 _____ () C:\Users\User\AppData\Local\file__0.localstorage
2016-02-08 01:53 - 2016-12-23 01:50 - 0007603 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg
2016-08-14 21:53 - 2016-08-14 21:53 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-08-14 21:53 - 2016-08-14 21:53 - 0000102 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
2015-10-02 11:09 - 2015-10-02 11:09 - 0000119 _____ () C:\ProgramData\{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}.log
2015-10-02 11:06 - 2015-10-02 11:06 - 0000106 _____ () C:\ProgramData\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}.log
2015-10-02 11:08 - 2015-10-02 11:08 - 0000108 _____ () C:\ProgramData\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}.log
2015-10-02 11:06 - 2015-10-02 11:06 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2015-10-02 11:08 - 2015-10-02 11:08 - 0000032 _____ () C:\ProgramData\{E1646825-D391-42A0-93AA-27FA810DA093}.log
2015-10-02 11:07 - 2015-10-02 11:07 - 0000110 _____ () C:\ProgramData\{E3D04529-6EDB-11D8-A372-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\_is680.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-12-25 22:41
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 21-12-2016
durchgeführt von User (26-12-2016 15:39:04)
Gestartet von C:\Users\User\Downloads
Windows 10 Home Version 1607 (X64) (2016-08-14 20:59:22)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1213055294-2461168806-142959829-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1213055294-2461168806-142959829-503 - Limited - Disabled)
Gast (S-1-5-21-1213055294-2461168806-142959829-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1213055294-2461168806-142959829-1009 - Limited - Enabled)
User (S-1-5-21-1213055294-2461168806-142959829-1003 - Administrator - Enabled) => C:\Users\User
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Brother MFL-Pro Suite (HKLM-x32\...\{A3FEC306-FBFF-4B0D-95B9-F9C67C65079E}) (Version: 1.00 - Brother Industries, Ltd.)
CoolUtils Outlook Viewer (HKLM-x32\...\CoolUtils Outlook Viewer_is1) (Version: 2.5 - Softplicity, Inc.)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.4118.0 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.4510 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.4510 - CyberLink Corp.) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{6A478BF2-F67F-4ABC-A7F1-B6B5BA862371}) (Version: 0.6.3.44 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{7DA57EF8-9D20-4126-AF15-D0CC97D0C017}) (Version: 0.4.0.22 - Dolby Laboratories, Inc.)
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
ELAN Touchpad 15.19.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.19.7.1 - ELAN Microelectronic Corp.)
Free MP4 Video Converter (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.102.1027 - Digital Wave Ltd)
Free Studio (HKLM-x32\...\Free Studio_is1) (Version: 6.6.1.119 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.1.31.1208 - Digital Wave Ltd)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.29.1027 - Digital Wave Ltd)
G DATA USB KEYBOARD GUARD (HKLM-x32\...\{D8CBD59F-B29D-4E38-9D66-DEAEAB473FA9}) (Version: 1.1.0.4 - G DATA Software AG)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.11 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4279 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1519.7 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{9A287643-10C5-4463-B9D1-B2404CE18CCF}) (Version: 17.1.1529.1620 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{e6f0207e-ac43-48a9-bfff-3d879b45694d}) (Version: 18.12.1 - Intel Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 50.1.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.1.0 (x86 de)) (Version: 50.1.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.1.0 - Mozilla)
Mozilla Thunderbird 45.5.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.5.1 (x86 de)) (Version: 45.5.1 - Mozilla)
NVIDIA 3D Vision Treiber 359.37 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.37 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.37 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.37 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0117 - Pegatron Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7738 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
SoftMaker FreeOffice 2016 (HKLM-x32\...\{8EBB8452-274B-465D-8324-00B0832FBB05}) (Version: 1.0.3815 - SoftMaker Software GmbH)
SoundCloud Download (HKLM-x32\...\SoundCloud Download_is1) (Version: 2.1.5.323 - DVDVideoSoft Ltd.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0AE9B045-D305-4D9C-BF2A-58315267F25A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-16] (Adobe Systems Incorporated)
Task: {2DD657B2-68BB-47FA-A508-6D101CB4161A} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2015-08-27] (CyberLink Corp.)
Task: {6BE5E5B2-C544-41AD-9EF8-A306616C19AF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {ACFA15C3-3387-43B3-BB6C-8FBF691B1360} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {BBC7BB40-B8D1-457C-B343-3148DA68A1BF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {C7B9ABC5-1DAF-4A5C-B66F-30518F6C5ABD} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [2015-09-09] (CyberLink Corp.)
Task: {DE82A2EA-DFD5-434B-8110-FCE67D1F11FA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {F5BCEC9D-2B95-4FCD-AFB8-569EDCDEFBAD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 23:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-08-14 21:52 - 2016-01-25 04:58 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-05 12:56 - 2014-08-07 11:45 - 00135680 _____ () C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
2016-01-27 04:04 - 2016-01-27 04:04 - 00163328 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
2015-10-02 11:08 - 2014-04-14 19:59 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-12-14 23:22 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-14 22:03 - 2016-08-14 22:03 - 00959168 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-13 22:56 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-12-14 23:22 - 2016-12-09 10:41 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2016-11-08 22:39 - 2016-11-02 11:21 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-08 22:39 - 2016-11-02 11:15 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-08 22:39 - 2016-11-02 11:14 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-11-08 22:39 - 2016-11-02 11:15 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-11-08 22:39 - 2016-11-02 11:16 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-08 22:39 - 2016-11-02 11:17 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-05 12:56 - 2015-07-14 16:24 - 02407424 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2015-10-05 12:56 - 2010-01-12 18:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2015-10-05 12:56 - 2010-01-12 18:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2015-10-05 12:56 - 2010-12-17 15:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2015-10-05 12:56 - 2014-03-18 22:54 - 05644800 _____ () C:\Program Files (x86)\PHotkey\Dolbyosd.exe
2015-10-05 12:56 - 2014-02-21 18:19 - 08857088 _____ () C:\Program Files (x86)\PHotkey\GPMTray.exe
2015-10-05 12:56 - 2015-03-20 10:44 - 00331776 _____ () C:\Program Files (x86)\PHotkey\Keyboardmonitortool.exe
2015-06-16 03:53 - 2015-06-16 03:53 - 00628736 _____ () C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
2016-12-14 22:13 - 2016-12-14 22:18 - 00072192 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2016-12-14 22:13 - 2016-12-14 22:18 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-12-14 22:13 - 2016-12-14 22:18 - 42130432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2016-12-14 22:13 - 2016-12-14 22:18 - 02216448 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-01-31 01:23 - 2016-10-27 12:18 - 00114664 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-31 01:23 - 2016-10-27 12:13 - 00108008 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-31 01:23 - 2016-10-27 12:13 - 00024040 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-31 01:23 - 2016-10-27 12:13 - 00048104 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-10-05 12:42 - 2015-07-14 11:07 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-05 12:56 - 2009-12-18 16:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2015-10-05 12:56 - 2013-09-18 00:23 - 00108032 _____ () C:\Program Files (x86)\PHotkey\PGFNEX.dll
2015-10-02 11:06 - 2014-12-08 08:28 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-12-08 16:28 - 2014-12-08 16:28 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-06-28 01:48 - 2016-12-08 21:31 - 01358360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\KasperskyLab.Ksde.NativeInterop.dll
2016-08-14 22:02 - 2016-08-14 22:02 - 00679624 _____ () C:\Users\User\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1213055294-2461168806-142959829-1003\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKU\S-1-5-21-1213055294-2461168806-142959829-1003\...\StartupApproved\Run: => "OneDrive"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{37FFC411-80BF-4E0E-B597-6203EC45F1D0}] => C:\Program Files\CyberLink\PowerDirector12\PDR10.EXE
FirewallRules: [{6D586B32-113C-4971-971D-AC083B815C8C}] => C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD Cinema\PowerDVDCinema12.exe
FirewallRules: [{578F82A3-4E6F-48DB-83C2-A3913485BAF1}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{202F4B9A-CCF6-455E-8A93-A69D1B3C2F93}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{37AFEDE0-CF45-4BF0-94A4-6CE9E4C2936F}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A66743D7-E0C3-4A20-848B-75F5DCF61875}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F943B7F8-C32A-44C6-B0E9-D41E96244A93}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{93FC5197-2C9E-4389-A9AB-69AF97D66A35}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{63D84CC5-E60E-40AC-8C09-2DFA90CF2DBB}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1BC459E7-C63C-4863-8EB0-D18CB77C3191}] => C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{8398D314-727B-49A8-8A7C-87F9419674F9}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9C895D63-3944-4596-B388-8CF074D008A6}] => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1318A3CF-707B-4470-9FFB-B749F68A114F}] => C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{E4ABB708-0C5E-487C-AD12-8D50C3D52926}] => C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
==================== Wiederherstellungspunkte =========================
06-12-2016 22:33:51 Geplanter Prüfpunkt
10-12-2016 10:45:48 Windows Update
14-12-2016 22:20:02 Windows Update
24-12-2016 00:23:21 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/25/2016 10:44:02 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/24/2016 12:23:24 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/18/2016 10:06:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 4.1.1976.1377, Zeitstempel: 0x55a42da0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000030bdd
ID des fehlerhaften Prozesses: 0x16c0
Startzeit der fehlerhaften Anwendung: 0x01d258c0f1a79b34
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 7460c482-072b-4059-ab82-3936d82058ee
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/16/2016 11:13:09 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (12/14/2016 10:20:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/13/2016 08:39:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 4.1.1976.1377, Zeitstempel: 0x55a42da0
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000030bdd
ID des fehlerhaften Prozesses: 0x3350
Startzeit der fehlerhaften Anwendung: 0x01d254aae56df0a5
Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 00926715-3da7-4592-927f-f14aaddc6f91
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (12/12/2016 08:27:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DRH7H7T)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/12/2016 08:26:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Microsoft.Photos.exe, Version 1.0.1611.18000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 323c
Startzeit: 01d254ada41c3bd5
Beendigungszeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
Berichts-ID: ef937758-c0a0-11e6-9c42-4c34885d3256
Vollständiger Name des fehlerhaften Pakets: Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe
Auf das fehlerhafte Paket bezogene Anwendungs-ID: App
Error: (12/12/2016 08:26:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-DRH7H7T)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/12/2016 08:26:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: DESKTOP-DRH7H7T)
Description: Die App „Microsoft.Windows.Photos_16.1118.10000.0_x64__8wekyb3d8bbwe+App“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Systemfehler:
=============
Error: (12/26/2016 03:26:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (12/26/2016 03:24:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/26/2016 03:24:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/26/2016 03:24:13 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/25/2016 10:33:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (12/25/2016 10:31:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/25/2016 10:31:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/25/2016 10:31:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (12/24/2016 05:34:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet:
Unbekannter Fehler
Error: (12/24/2016 05:32:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2016-12-25 22:41:38.749
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-24 00:24:12.602
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-23 01:17:51.870
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-22 08:58:50.969
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-21 22:27:06.596
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-20 01:28:28.857
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-09-25 16:23:04.683
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-6500U CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8107.64 MB
Verfügbarer physikalischer RAM: 5375.19 MB
Summe virtueller Speicher: 9387.64 MB
Verfügbarer virtueller Speicher: 6627.64 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:236.87 GB) (Free:40.04 GB) NTFS
Drive d: (Data) (Fixed) (Total:871.51 GB) (Free:859.15 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60 GB) (Free:38.11 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8896A5FB)
Partition: GPT.
========================================================
Disk: 1 (Size: 238.5 GB) (Disk ID: 8896A5E5)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
28.12.2016, 12:35
| #12 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Dann habe ich den Adware Cleaner durchlaufen lassen. Hier das Protokoll: Code:
ATTFilter # AdwCleaner v6.041 - Bericht erstellt am 27/12/2016 um 22:36:47
# Aktualisiert am 16/12/2016 von Malwarebytes
# Datenbank : 2016-12-26.3 [Server]
# Betriebssystem : Windows 10 Home (X64)
# Benutzername : User - DESKTOP-DRH7H7T
# Gestartet von : C:\Users\User\Desktop\AdwCleaner_6.041.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Aufgabe Gefunden: YCMServiceAgent
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[S0].txt - [1188 Bytes] - [27/12/2016 22:36:47]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1261 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.12.2016 Suchlaufzeit: 23:08 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.12.27.06 Rootkit-Datenbank: v2016.11.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: User Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 316633 Abgelaufene Zeit: 9 Min., 57 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 5 PUP.Optional.FusionCore, C:\Users\User\AppData\Local\Temp\is-24PS4.tmp\Fusion.dll, In Quarantäne, [ee648d5fb5e5999d8b33f6aa6b958b75], PUP.Optional.FusionCore, C:\Users\User\AppData\Local\Temp\is-GM2LO.tmp\Fusion.dll, In Quarantäne, [98ba4ca0bcded95d417d257b35cbc13f], PUP.Optional.FusionCore, C:\Users\User\AppData\Local\Temp\is-RNP3M.tmp\Fusion.dll, In Quarantäne, [c58d84682377fd39328c2a768080bb45], PUP.Optional.FusionCore, C:\Users\User\Downloads\FreeMP4VideoConverter_5.0.102.1027_d.exe, In Quarantäne, [d57db5370694c175514ec7a719e7f20e], PUP.Optional.OpenCandy, C:\Users\User\Downloads\KeyFinderInstaller.exe, In Quarantäne, [a3afe10b34661521d405fb53bf43c040], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Geändert von Traufrau (28.12.2016 um 12:33 Uhr) |
|
28.12.2016, 12:39
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? 1. Schritt: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers 2. Schritt: Kaspersky TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
 Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
28.12.2016, 13:20
| #14 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Anschließend den Eset Online-Scanner. Hier das Log-File: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=14fe4e4f38ad114b84f7490b4980fc5f
# end=init
# utc_time=2016-12-27 11:02:55
# local_time=2016-12-28 12:02:55 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 31872
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=14fe4e4f38ad114b84f7490b4980fc5f
# end=updated
# utc_time=2016-12-27 11:10:20
# local_time=2016-12-28 12:10:20 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=14fe4e4f38ad114b84f7490b4980fc5f
# engine=31872
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-12-28 12:01:10
# local_time=2016-12-28 01:01:10 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 3830 15813804 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 6825 14213886 0 0
# scanned=219053
# found=5
# cleaned=0
# scan_time=3050
sh=21157B4B1DDD6111160E848D29A4A453DC6C3B46 ft=1 fh=57d9a0e9a38d05e3 vn="Variante von Win32/DealPly.EZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Temp\ns772E0319\69AAFC57_stp\tirafi.exe"
sh=5C1016CEC291721EC6BD63A53C0A111295F31F14 ft=1 fh=40be34a04d220424 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Roaming\DVDVideoSoft\FreeYouTubeToMP3Converter.exe"
sh=1FB23EF3A6F7C3B4C54E1785CBC812C7444DDC84 ft=1 fh=86ed053e05779ba1 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\User\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader.exe"
sh=1FB23EF3A6F7C3B4C54E1785CBC812C7444DDC84 ft=1 fh=86ed053e05779ba1 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\DigitalWave.ApplicationUpdater_files\install_app_60.exe"
sh=5C1016CEC291721EC6BD63A53C0A111295F31F14 ft=1 fh=40be34a04d220424 vn="Variante von Win32/FusionCore.I evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Temp\DigitalWave.ApplicationUpdater_files\install_app_61.exe"
Das war es dann auch. Ich habe nichts gelöscht, bis auf die YCMServiceAgent, die der AdWCleaner gefunden hatte. Hoffe, das war nicht falsch. Weil mir die Datei Tirafi.exe, die Eset gefunden hat, so gar nix sagtte, habe ich die mal bei VirusTotal hochgeladen: Hier das Ergebnis der Scanner, die was erkannt haben. Mir sagt das leider gar nichts... Code:
ATTFilter Antivirus Ergebnis Aktualisierung
CAT-QuickHeal Adware.DealPly.AL8 20161228
CrowdStrike Falcon (ML) malicious_confidence_83% (D) 20161024
DrWeb Adware.DealPly.260 20161228
ESET-NOD32 a variant of Win32/DealPly.EZ potentially unwanted 20161228
Invincea backdoor.win32.nosrawec.a 20161216
Qihoo-360 HEUR/QVM05.1.0000.Malware.Gen 20161228
Sorry, ich habe eben erst deine Anweisung gelesen. Mache ich sofort.... Hier die mbar log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.12.28.03
rootkit: v2016.11.20.01
Windows 10 x64 NTFS
Internet Explorer 11.576.14393.0
User :: DESKTOP-DRH7H7T [administrator]
28.12.2016 12:56:56
mbar-log-2016-12-28 (12-56-56).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 316687
Time elapsed: 8 minute(s), 25 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 13:11:31.0795 0x23dc TDSS rootkit removing tool 3.1.0.12 Nov 7 2016 07:10:01
13:11:31.0796 0x23dc UEFI system
13:11:49.0219 0x23dc ============================================================
13:11:49.0220 0x23dc Current date / time: 2016/12/28 13:11:49.0219
13:11:49.0220 0x23dc SystemInfo:
13:11:49.0220 0x23dc
13:11:49.0220 0x23dc OS Version: 10.0.14393 ServicePack: 0.0
13:11:49.0220 0x23dc Product type: Workstation
13:11:49.0220 0x23dc ComputerName: DESKTOP-DRH7H7T
13:11:49.0220 0x23dc UserName: User
13:11:49.0220 0x23dc Windows directory: C:\WINDOWS
13:11:49.0220 0x23dc System windows directory: C:\WINDOWS
13:11:49.0220 0x23dc Running under WOW64
13:11:49.0220 0x23dc Processor architecture: Intel x64
13:11:49.0220 0x23dc Number of processors: 4
13:11:49.0220 0x23dc Page size: 0x1000
13:11:49.0220 0x23dc Boot type: Normal boot
13:11:49.0220 0x23dc CodeIntegrityOptions = 0x00000001
13:11:49.0220 0x23dc ============================================================
13:11:49.0311 0x23dc KLMD registered as C:\WINDOWS\system32\drivers\38648167.sys
13:11:49.0311 0x23dc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.576, osProperties = 0x19
13:11:49.0478 0x23dc System UUID: {9FDF30BE-9F5A-587C-CFC9-793631D20764}
13:11:50.0284 0x23dc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:50.0285 0x23dc Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:50.0305 0x23dc ============================================================
13:11:50.0305 0x23dc \Device\Harddisk0\DR0:
13:11:50.0305 0x23dc GPT partitions:
13:11:50.0307 0x23dc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {58727A6D-BBA3-4403-8445-7D3C60FAC282}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x6CF06000
13:11:50.0307 0x23dc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {92D461CA-1F82-47BA-BE84-1884832F975A}, Name: Basic data partition, StartLBA 0x6CF06800, BlocksNum 0x7800000
13:11:50.0307 0x23dc MBR partitions:
13:11:50.0308 0x23dc \Device\Harddisk1\DR1:
13:11:50.0308 0x23dc GPT partitions:
13:11:50.0310 0x23dc \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3D931155-8F2A-4ADF-AC85-8EB007F11106}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:11:50.0310 0x23dc \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D4C5EF94-EB43-4F87-A43A-2B665531484C}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x8000
13:11:50.0310 0x23dc \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {E1A561D3-6B60-49DC-BD48-B950859205F0}, Name: Basic data partition, StartLBA 0x3A800, BlocksNum 0x1D9BF000
13:11:50.0310 0x23dc \Device\Harddisk1\DR1\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7A05FCFB-129E-4536-8F5C-59F6B9FB6E63}, Name: Basic data partition, StartLBA 0x1D9F9800, BlocksNum 0xF9800
13:11:50.0310 0x23dc \Device\Harddisk1\DR1\Partition5: GPT, TypeGUID: {8D7F0CC6-879E-47F6-A767-0ED8FD3B0659}, UniqueGUID: {AC58B697-4E30-4E3F-B6D5-7BFF877AD23A}, Name: Basic data partition, StartLBA 0x1DAF3000, BlocksNum 0x200000
13:11:50.0310 0x23dc MBR partitions:
13:11:50.0310 0x23dc ============================================================
13:11:50.0314 0x23dc C: <-> \Device\Harddisk1\DR1\Partition3
13:11:50.0352 0x23dc D: <-> \Device\Harddisk0\DR0\Partition1
13:11:50.0394 0x23dc E: <-> \Device\Harddisk0\DR0\Partition2
13:11:50.0394 0x23dc ============================================================
13:11:50.0394 0x23dc Initialize success
13:11:50.0394 0x23dc ============================================================
13:12:34.0450 0x0f40 ============================================================
13:12:34.0450 0x0f40 Scan started
13:12:34.0450 0x0f40 Mode: Manual; SigCheck; TDLFS;
13:12:34.0450 0x0f40 ============================================================
13:12:34.0450 0x0f40 KSN ping started
13:12:34.0664 0x0f40 KSN ping finished: true
13:12:35.0596 0x0f40 ================ Scan system memory ========================
13:12:35.0596 0x0f40 System memory - ok
13:12:35.0598 0x0f40 ================ Scan services =============================
13:12:35.0719 0x0f40 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
13:12:35.0789 0x0f40 1394ohci - ok
13:12:35.0802 0x0f40 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
13:12:35.0814 0x0f40 3ware - ok
13:12:35.0832 0x0f40 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
13:12:35.0859 0x0f40 ACPI - ok
13:12:35.0864 0x0f40 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
13:12:35.0877 0x0f40 AcpiDev - ok
13:12:35.0884 0x0f40 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
13:12:35.0897 0x0f40 acpiex - ok
13:12:35.0901 0x0f40 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
13:12:35.0915 0x0f40 acpipagr - ok
13:12:35.0919 0x0f40 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
13:12:35.0933 0x0f40 AcpiPmi - ok
13:12:35.0937 0x0f40 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
13:12:35.0949 0x0f40 acpitime - ok
13:12:35.0980 0x0f40 [ B79750091FC0842182FE49D263791294, 32FC260A74C9C45CD1E8998523642C285866378FCD9478FEFD15A0CC42EC0E0B ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:35.0993 0x0f40 AdobeFlashPlayerUpdateSvc - ok
13:12:36.0021 0x0f40 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
13:12:36.0054 0x0f40 ADP80XX - ok
13:12:36.0071 0x0f40 [ 323AA1953ED9C01E23F740FA891FE064, 4CED6E3D61749316CDE28965C913E7ED462539DAAD637A29484F62AF47AD650D ] AFD C:\WINDOWS\system32\drivers\afd.sys
13:12:36.0093 0x0f40 AFD - ok
13:12:36.0104 0x0f40 [ 23522E5D581F7722B1B5B86737CAE39C, FB81ABD304376A1E87B65F5E1B34477B628CEDB2091C5D754DE97464B6050C5B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
13:12:36.0124 0x0f40 ahcache - ok
13:12:36.0128 0x0f40 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll
13:12:36.0144 0x0f40 AJRouter - ok
13:12:36.0151 0x0f40 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe
13:12:36.0168 0x0f40 ALG - ok
13:12:36.0174 0x0f40 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
13:12:36.0191 0x0f40 AmdK8 - ok
13:12:36.0196 0x0f40 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
13:12:36.0211 0x0f40 AmdPPM - ok
13:12:36.0217 0x0f40 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
13:12:36.0228 0x0f40 amdsata - ok
13:12:36.0237 0x0f40 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
13:12:36.0253 0x0f40 amdsbs - ok
13:12:36.0257 0x0f40 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
13:12:36.0266 0x0f40 amdxata - ok
13:12:36.0272 0x0f40 [ 5B0F4FB165256DE463A51E3A3127969E, 6751ADFFE95FA671C584427A9624EEB79518DE08132FD7A83148700B75487316 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
13:12:36.0290 0x0f40 AppHostSvc - ok
13:12:36.0298 0x0f40 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys
13:12:36.0310 0x0f40 AppID - ok
13:12:36.0317 0x0f40 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
13:12:36.0338 0x0f40 AppIDSvc - ok
13:12:36.0344 0x0f40 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll
13:12:36.0361 0x0f40 Appinfo - ok
13:12:36.0366 0x0f40 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
13:12:36.0390 0x0f40 applockerfltr - ok
13:12:36.0404 0x0f40 [ A0746EF6C5AB7A17A67BC167167499C1, 1D2154D3AFC5219293EDD508C7726E7756FB72BF04F73861C575D1FE5C553411 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
13:12:36.0434 0x0f40 AppReadiness - ok
13:12:36.0476 0x0f40 [ 2C1CEC25F6D92871F38960E2E84CC3EE, 979DB74192644A71F3031EB29480ECEFE014B916636D85AACD64292CB58494A5 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
13:12:36.0554 0x0f40 AppXSvc - ok
13:12:36.0562 0x0f40 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
13:12:36.0574 0x0f40 arcsas - ok
13:12:36.0578 0x0f40 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
13:12:36.0593 0x0f40 AsyncMac - ok
13:12:36.0603 0x0f40 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
13:12:36.0612 0x0f40 atapi - ok
13:12:36.0622 0x0f40 [ 59F44051BCD479E70446506B7E4E78BB, CB58E55196EC702DC85916F963A3C16D429C141391F9AA7F415BD63E7328C4C6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
13:12:36.0647 0x0f40 AudioEndpointBuilder - ok
13:12:36.0667 0x0f40 [ 1C986DC8F4FDA1B040AC1176FB24467F, DEDA2FF4D0369348C2A74D29FB08AC86219BBCFDF44C59339BC39A25AE0727EB ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
13:12:36.0706 0x0f40 Audiosrv - ok
13:12:36.0719 0x0f40 [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
13:12:36.0736 0x0f40 AVP17.0.0 - ok
13:12:36.0742 0x0f40 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
13:12:36.0757 0x0f40 AxInstSV - ok
13:12:36.0771 0x0f40 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
13:12:36.0792 0x0f40 b06bdrv - ok
13:12:36.0799 0x0f40 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
13:12:36.0813 0x0f40 BasicDisplay - ok
13:12:36.0818 0x0f40 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
13:12:36.0830 0x0f40 BasicRender - ok
13:12:36.0836 0x0f40 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
13:12:36.0849 0x0f40 bcmfn - ok
13:12:36.0852 0x0f40 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
13:12:36.0863 0x0f40 bcmfn2 - ok
13:12:36.0874 0x0f40 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
13:12:36.0900 0x0f40 BDESVC - ok
13:12:36.0905 0x0f40 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys
13:12:36.0917 0x0f40 Beep - ok
13:12:36.0935 0x0f40 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll
13:12:36.0972 0x0f40 BFE - ok
13:12:36.0997 0x0f40 [ D876C567AB767258036F05E4766189FD, DE8BA67325CB64495BD454B8F9DDCAE82636253844FC68B360C7E1CF5D51DD0E ] BITS C:\WINDOWS\System32\qmgr.dll
13:12:37.0054 0x0f40 BITS - ok
13:12:37.0063 0x0f40 [ 9CD2A4821DE379305CACB2E99AD8953A, 89D700DFC3C59ACBBADB48954A28C0EBF8D6A11A9E63837689DD891868E43188 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
13:12:37.0091 0x0f40 bowser - ok
13:12:37.0112 0x0f40 [ 2447BD15B41298622CC662249CD0F496, 013A326D2E3BF68D654BBABE2F1E5DF0FF0A153A4B95D570EE28F9BC0F5A78C3 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
13:12:37.0158 0x0f40 BrokerInfrastructure - ok
13:12:37.0166 0x0f40 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll
13:12:37.0194 0x0f40 Browser - ok
13:12:37.0203 0x0f40 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
13:12:37.0228 0x0f40 BthAvrcpTg - ok
13:12:37.0238 0x0f40 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
13:12:37.0271 0x0f40 BthEnum - ok
13:12:37.0278 0x0f40 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
13:12:37.0299 0x0f40 BthHFEnum - ok
13:12:37.0310 0x0f40 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
13:12:37.0327 0x0f40 bthhfhid - ok
13:12:37.0346 0x0f40 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
13:12:37.0375 0x0f40 BthHFSrv - ok
13:12:37.0385 0x0f40 [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys
13:12:37.0409 0x0f40 BthLEEnum - ok
13:12:37.0415 0x0f40 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
13:12:37.0427 0x0f40 BTHMODEM - ok
13:12:37.0435 0x0f40 [ 224BA1CB1F3C702F0D001D2AFC9793B1, F139F6F78C716E1167E16530AE31E4A26C2A69467BCB08A9A52A101B31DF7771 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
13:12:37.0451 0x0f40 BthPan - ok
13:12:37.0472 0x0f40 [ 851ED52AE3E62CD5374BD4BBFF7A9DAB, 381281CB7D8FC4026092330B06E24BC84EEF79EE3C97E21900D950D7D9AB2FC3 ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys
13:12:37.0510 0x0f40 BTHPORT - ok
13:12:37.0518 0x0f40 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll
13:12:37.0535 0x0f40 bthserv - ok
13:12:37.0541 0x0f40 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys
13:12:37.0553 0x0f40 BTHUSB - ok
13:12:37.0558 0x0f40 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
13:12:37.0573 0x0f40 buttonconverter - ok
13:12:37.0579 0x0f40 [ 60EB6A4CE3E21887D302350631C16F26, 4270EFA22285C1A9336CF1220761E416950D2DA9C6A40D1D8452686CD5040DAB ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
13:12:37.0596 0x0f40 CapImg - ok
13:12:37.0602 0x0f40 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
13:12:37.0618 0x0f40 cdfs - ok
13:12:37.0630 0x0f40 [ 2E6612376D257F74781F2EF1F869D8C3, 908B0DECB9F098F7F11B029A03C06C67FB52E5E8BEA42033A2B579D3B3686AB8 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
13:12:37.0655 0x0f40 CDPSvc - ok
13:12:37.0665 0x0f40 [ A93C9B9EBE2FDE5A536000D72CC17F7F, 9793CFAE8BE8C6B5B39A1D276577965FBB2CE131325A410B7C68BD23492ADAAF ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
13:12:37.0686 0x0f40 CDPUserSvc - ok
13:12:37.0698 0x0f40 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
13:12:37.0713 0x0f40 cdrom - ok
13:12:37.0720 0x0f40 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
13:12:37.0738 0x0f40 CertPropSvc - ok
13:12:37.0749 0x0f40 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
13:12:37.0767 0x0f40 cht4iscsi - ok
13:12:37.0809 0x0f40 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
13:12:37.0881 0x0f40 cht4vbd - ok
13:12:37.0896 0x0f40 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
13:12:37.0921 0x0f40 circlass - ok
13:12:37.0935 0x0f40 [ B72D26074E72A757D788FB1BEF8B2F2E, 36847C5315AFB9A5EC66AD3EF2A09C24C0FAF669FDF0831F78600F4609352CB4 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
13:12:37.0958 0x0f40 CLFS - ok
13:12:37.0977 0x0f40 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
13:12:38.0011 0x0f40 ClipSVC - ok
13:12:38.0020 0x0f40 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys
13:12:38.0044 0x0f40 clreg - ok
13:12:38.0065 0x0f40 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
13:12:38.0079 0x0f40 CLVirtualDrive - ok
13:12:38.0090 0x0f40 [ 228CB7727EC19833A74DAA5BE8627114, 7ABDEABF648C0CF04C736D9F1056CD54D5913837E1543CC358FDDFA9389934EC ] clwvd6 C:\WINDOWS\system32\DRIVERS\clwvd6.sys
13:12:38.0104 0x0f40 clwvd6 - ok
13:12:38.0110 0x0f40 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
13:12:38.0129 0x0f40 CmBatt - ok
13:12:38.0145 0x0f40 [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km C:\WINDOWS\system32\DRIVERS\cm_km.sys
13:12:38.0162 0x0f40 cm_km - ok
13:12:38.0185 0x0f40 [ B0D9B87B795B7833C9152441CBD55CC4, D86C0FE8BF03D6F3330E16728FE6645AE910F95D23A9EFBDF3A50F45AB5D525B ] CNG C:\WINDOWS\system32\Drivers\cng.sys
13:12:38.0209 0x0f40 CNG - ok
13:12:38.0214 0x0f40 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
13:12:38.0224 0x0f40 cnghwassist - ok
13:12:38.0244 0x0f40 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
13:12:38.0255 0x0f40 CompositeBus - ok
13:12:38.0258 0x0f40 COMSysApp - ok
13:12:38.0263 0x0f40 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
13:12:38.0273 0x0f40 condrv - ok
13:12:38.0289 0x0f40 [ 5DE2049D5F57C1D142F36FA9CE443693, E6C2807C0B1EF90C11EB39634693B76EACE6CC675777776112835212A334F328 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
13:12:38.0316 0x0f40 CoreMessagingRegistrar - ok
13:12:38.0330 0x0f40 [ 0F0BB33129C878432400F003599F466E, 91821B07F2902435DA0A763E00C8C63380C79B1A48A9713B28ACA75EC888A7BF ] cphs C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHeciSvc.exe
13:12:38.0350 0x0f40 cphs - ok
13:12:38.0362 0x0f40 [ 53C56B7FA0426DF2DEF08B7CBFFC3ABF, 19E5A5AD69D79993F1A5BE960569AD3DA35E5FFFF6674C73BCB96CE0CCE34D47 ] cplspcon C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\IntelCpHDCPSvc.exe
13:12:38.0380 0x0f40 cplspcon - ok
13:12:38.0386 0x0f40 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
13:12:38.0405 0x0f40 CryptSvc - ok
13:12:38.0410 0x0f40 [ 039B5A8CBD5C75D1C46DF15F7C74D136, A5C8A41F2D406D37E147939F2058373ED091BFCC00CA7E829F887638CD3A2F64 ] dam C:\WINDOWS\system32\drivers\dam.sys
13:12:38.0421 0x0f40 dam - ok
13:12:38.0428 0x0f40 [ E59CAC3C48E862959CBDFD08DF40CD2D, 303CB1C89AD2608BB5837D3860964AA1F88F87B296A5C6AB8C88E2169CE6228B ] DAX2API C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
13:12:38.0439 0x0f40 DAX2API - detected UnsignedFile.Multi.Generic ( 1 )
13:12:38.0705 0x0f40 Detect skipped due to KSN trusted
13:12:38.0706 0x0f40 DAX2API - ok
13:12:38.0761 0x0f40 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
13:12:38.0801 0x0f40 DcomLaunch - ok
13:12:38.0809 0x0f40 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
13:12:38.0829 0x0f40 DcpSvc - ok
13:12:38.0843 0x0f40 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
13:12:38.0874 0x0f40 defragsvc - ok
13:12:38.0887 0x0f40 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
13:12:38.0912 0x0f40 DeviceAssociationService - ok
13:12:38.0918 0x0f40 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
13:12:38.0937 0x0f40 DeviceInstall - ok
13:12:38.0941 0x0f40 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
13:12:38.0955 0x0f40 DevQueryBroker - ok
13:12:38.0962 0x0f40 [ 0D1D392ED2597F295956D058D33BD7C3, 2F7FE5A06D880F9E2A46C9803DD249DC40C2898C04E946D14E7EECCCC9F2B24F ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
13:12:38.0979 0x0f40 Dfsc - ok
13:12:38.0986 0x0f40 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
13:12:38.0995 0x0f40 dg_ssudbus - ok
13:12:39.0007 0x0f40 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
13:12:39.0031 0x0f40 Dhcp - ok
13:12:39.0037 0x0f40 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
13:12:39.0054 0x0f40 diagnosticshub.standardcollector.service - ok
13:12:39.0091 0x0f40 [ CAD14E0AD1F03397E9B1C8733D76BEF4, 0035EF35F6520B1DF0E599C8A06D4163C52576BCE0976BF729B44DECDC506627 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
13:12:39.0159 0x0f40 DiagTrack - ok
13:12:39.0174 0x0f40 [ 532D267FCF197E88207B218C99813FE5, 5CAB368C4E17DC5AA8DB3E2D0C732E20C61B3F7CE164CDB30FA4250295214870 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
13:12:39.0189 0x0f40 DigitalWave.Update.Service - ok
13:12:39.0195 0x0f40 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys
13:12:39.0205 0x0f40 disk - ok
13:12:39.0216 0x0f40 [ 09CF47A74BFB480B8262FCEE222004B6, F5CD0ACA04BCB95984595CC2E17BC9E92865091A0A3BCAD4B06438A1570E7696 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
13:12:39.0242 0x0f40 DmEnrollmentSvc - ok
13:12:39.0247 0x0f40 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
13:12:39.0261 0x0f40 dmvsc - ok
13:12:39.0266 0x0f40 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
13:12:39.0294 0x0f40 dmwappushservice - ok
13:12:39.0303 0x0f40 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
13:12:39.0324 0x0f40 Dnscache - ok
13:12:39.0333 0x0f40 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll
13:12:39.0354 0x0f40 dot3svc - ok
13:12:39.0360 0x0f40 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll
13:12:39.0379 0x0f40 DPS - ok
13:12:39.0383 0x0f40 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
13:12:39.0392 0x0f40 drmkaud - ok
13:12:39.0400 0x0f40 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
13:12:39.0423 0x0f40 DsmSvc - ok
13:12:39.0430 0x0f40 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll
13:12:39.0448 0x0f40 DsSvc - ok
13:12:39.0492 0x0f40 [ 19F2B54EE8861D90579BD0E3AE5182F9, FDD4F091C61C8C20550C8F68375ABD7ED718A733F680F0F0367D4796C302BA14 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
13:12:39.0560 0x0f40 DXGKrnl - ok
13:12:39.0568 0x0f40 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll
13:12:39.0588 0x0f40 EapHost - ok
13:12:39.0649 0x0f40 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
13:12:39.0739 0x0f40 ebdrv - ok
13:12:39.0749 0x0f40 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe
13:12:39.0764 0x0f40 EFS - ok
13:12:39.0770 0x0f40 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
13:12:39.0780 0x0f40 EhStorClass - ok
13:12:39.0787 0x0f40 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
13:12:39.0802 0x0f40 EhStorTcgDrv - ok
13:12:39.0809 0x0f40 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
13:12:39.0826 0x0f40 embeddedmode - ok
13:12:39.0836 0x0f40 [ 3CE2B6AECB9AF8BC159299EEC46A35CA, E933B28BB6E4D01FCCDF8FBBB134C244B28DA3ECBDFA13333F0D4C24B2551780 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
13:12:39.0857 0x0f40 EntAppSvc - ok
13:12:39.0861 0x0f40 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
13:12:39.0876 0x0f40 ErrDev - ok
13:12:39.0894 0x0f40 [ BF8362193CB83B5283BC5D24AA3D8DF3, 9A45520D624B101D18A434E63DB7EA6CC44F598EDA36B8A916BB76C1DBB0955C ] ETD C:\WINDOWS\system32\DRIVERS\ETD.sys
13:12:39.0913 0x0f40 ETD - ok
13:12:39.0921 0x0f40 [ 06C67EE6E9E5DF0692BBE14437E56F3F, 9569B03031AE0CAC51AEF8B8CB8F8F2E717478B482AB4760711E1427C33A396D ] ETDService C:\Program Files\Elantech\ETDService.exe
13:12:39.0932 0x0f40 ETDService - ok
13:12:39.0937 0x0f40 [ C75C4769BBAE1397E1333D895C2DAE63, A066F6D6BCF25976EA16EC2077A0656C44952A3CB49C6A1A857482C8346E9D2D ] ETDSMBus C:\WINDOWS\System32\drivers\ETDSMBus.sys
13:12:39.0944 0x0f40 ETDSMBus - ok
13:12:39.0959 0x0f40 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll
13:12:39.0984 0x0f40 EventSystem - ok
13:12:40.0001 0x0f40 [ 8828725F79A93611CB4AB80B65DEC4F9, C208641DAD2EEBB07BAC489352CED7D6B3C7574836DD9D3158BB58089185C7C0 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
13:12:40.0019 0x0f40 EvtEng - ok
13:12:40.0029 0x0f40 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys
13:12:40.0052 0x0f40 exfat - ok
13:12:40.0063 0x0f40 [ FA918EC296EB410FF02867D008D02421, 23D164A24CB0D212778FA9592A046B6BA1F3628003E04181744A1F891B5B3E5A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
13:12:40.0082 0x0f40 fastfat - ok
13:12:40.0098 0x0f40 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe
13:12:40.0129 0x0f40 Fax - ok
13:12:40.0136 0x0f40 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
13:12:40.0149 0x0f40 fdc - ok
13:12:40.0153 0x0f40 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
13:12:40.0174 0x0f40 fdPHost - ok
13:12:40.0180 0x0f40 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll
13:12:40.0196 0x0f40 FDResPub - ok
13:12:40.0203 0x0f40 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
13:12:40.0222 0x0f40 fhsvc - ok
13:12:40.0228 0x0f40 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
13:12:40.0244 0x0f40 FileCrypt - ok
13:12:40.0249 0x0f40 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
13:12:40.0260 0x0f40 FileInfo - ok
13:12:40.0265 0x0f40 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
13:12:40.0281 0x0f40 Filetrace - ok
13:12:40.0286 0x0f40 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
13:12:40.0298 0x0f40 flpydisk - ok
13:12:40.0308 0x0f40 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
13:12:40.0327 0x0f40 FltMgr - ok
13:12:40.0363 0x0f40 [ 49BF5C8182C3D2D6CD9F7EEDF1CFDB66, 0977EBE86B57FC370D27CA69D58122397D5D5369AF0C8DBCC492AE7AD55CBA2B ] FontCache C:\WINDOWS\system32\FntCache.dll
13:12:40.0440 0x0f40 FontCache - ok
13:12:40.0447 0x0f40 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:12:40.0457 0x0f40 FontCache3.0.0.0 - ok
13:12:40.0477 0x0f40 [ 8B52024D3A5C3A12F1C4D75D30A976C5, 982F1C783966C9A6D255AA7DBAB6D225EBE0050A36176B8DE85E8ADBFE17FDF1 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
13:12:40.0516 0x0f40 FrameServer - ok
13:12:40.0521 0x0f40 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
13:12:40.0532 0x0f40 FsDepends - ok
13:12:40.0536 0x0f40 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
13:12:40.0545 0x0f40 Fs_Rec - ok
13:12:40.0562 0x0f40 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
13:12:40.0586 0x0f40 fvevol - ok
13:12:40.0592 0x0f40 [ 3F6F2BEF3880C4CC9A381EE227DA0BBD, 26E7BD7DB254125904911B1E751710C645C770AAB089442678D7ACFC2CDEDB0E ] GDKBBlocker C:\WINDOWS\system32\drivers\GDKBBlocker64.sys
13:12:40.0600 0x0f40 GDKBBlocker - ok
13:12:40.0604 0x0f40 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
13:12:40.0621 0x0f40 gencounter - ok
13:12:40.0626 0x0f40 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
13:12:40.0639 0x0f40 genericusbfn - ok
13:12:40.0664 0x0f40 [ EECE18D068A5DCE3D3EC468FC6921672, FD6D70269DFECD9A97BD97C1AFE9BAE28897489B2590F2B4BCF240376E740EBD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:12:40.0691 0x0f40 GfExperienceService - ok
13:12:40.0701 0x0f40 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
13:12:40.0714 0x0f40 GPIOClx0101 - ok
13:12:40.0741 0x0f40 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
13:12:40.0794 0x0f40 gpsvc - ok
13:12:40.0799 0x0f40 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
13:12:40.0812 0x0f40 GpuEnergyDrv - ok
13:12:40.0818 0x0f40 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
13:12:40.0836 0x0f40 HDAudBus - ok
13:12:40.0841 0x0f40 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
13:12:40.0855 0x0f40 HidBatt - ok
13:12:40.0860 0x0f40 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
13:12:40.0876 0x0f40 HidBth - ok
13:12:40.0882 0x0f40 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
13:12:40.0898 0x0f40 hidi2c - ok
13:12:40.0903 0x0f40 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
13:12:40.0914 0x0f40 hidinterrupt - ok
13:12:40.0919 0x0f40 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
13:12:40.0932 0x0f40 HidIr - ok
13:12:40.0937 0x0f40 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll
13:12:40.0951 0x0f40 hidserv - ok
13:12:40.0961 0x0f40 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
13:12:40.0975 0x0f40 HidUsb - ok
13:12:40.0985 0x0f40 [ 0AC1BD5A28FAA371EF34859FE703E515, 1DD1C33AF8D6EBE7C36FCD051F066E4039D2B47ABAECF7C68BC3933D567930B2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
13:12:41.0007 0x0f40 HomeGroupListener - ok
13:12:41.0019 0x0f40 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
13:12:41.0045 0x0f40 HomeGroupProvider - ok
13:12:41.0051 0x0f40 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
13:12:41.0065 0x0f40 HpSAMD - ok
13:12:41.0089 0x0f40 [ A10C7C1E69FC90620C7BF2E51302A01F, D725AEAE38255CED73F4922A10F226215528706580B06D01C228488F93AC0397 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
13:12:41.0124 0x0f40 HTTP - ok
13:12:41.0131 0x0f40 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
13:12:41.0149 0x0f40 HvHost - ok
13:12:41.0154 0x0f40 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
13:12:41.0166 0x0f40 hvservice - ok
13:12:41.0171 0x0f40 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
13:12:41.0183 0x0f40 hwpolicy - ok
13:12:41.0187 0x0f40 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
13:12:41.0199 0x0f40 hyperkbd - ok
13:12:41.0205 0x0f40 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
13:12:41.0222 0x0f40 i8042prt - ok
13:12:41.0227 0x0f40 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
13:12:41.0242 0x0f40 iagpio - ok
13:12:41.0247 0x0f40 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
13:12:41.0260 0x0f40 iai2c - ok
13:12:41.0271 0x0f40 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
13:12:41.0288 0x0f40 iaLPSS2i_GPIO2 - ok
13:12:41.0296 0x0f40 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
13:12:41.0308 0x0f40 iaLPSS2i_I2C - ok
13:12:41.0312 0x0f40 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
13:12:41.0321 0x0f40 iaLPSSi_GPIO - ok
13:12:41.0326 0x0f40 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
13:12:41.0340 0x0f40 iaLPSSi_I2C - ok
13:12:41.0369 0x0f40 [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
13:12:41.0405 0x0f40 iaStorA - ok
13:12:41.0426 0x0f40 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
13:12:41.0454 0x0f40 iaStorAV - ok
13:12:41.0461 0x0f40 [ D90885430767C6152AF908D57A5159AC, A3C25AA5CDDFBBA91199F673471C64A8A4792A0F2D642F46AD54B18879A464B1 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:12:41.0467 0x0f40 IAStorDataMgrSvc - ok
13:12:41.0481 0x0f40 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
13:12:41.0508 0x0f40 iaStorV - ok
13:12:41.0525 0x0f40 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
13:12:41.0552 0x0f40 ibbus - ok
13:12:41.0556 0x0f40 ibtsiva - ok
13:12:41.0570 0x0f40 [ 17CF9460BCF23BB4F96EAE3E160D7DB9, 68ABB485CBFCC22B9A5A5847557424937E5001086AB30EE5A717B18EDB81DE18 ] ibtusb C:\WINDOWS\system32\DRIVERS\ibtusb.sys
13:12:41.0588 0x0f40 ibtusb - ok
13:12:41.0595 0x0f40 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll
13:12:41.0618 0x0f40 icssvc - ok
13:12:41.0895 0x0f40 [ 42A8E802D412117D6707FB5CB819CF33, 585C81320D58F731472827D9E67F5752ACB554BB5333221A3D91E6F60454E26D ] igfx C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igdkmd64.sys
13:12:42.0124 0x0f40 igfx - ok
13:12:42.0147 0x0f40 [ 5495E7F548D0DD4BD5A3D2C071DB1FB3, 320344AEF67751BA80E5737F90D736DEF6555D1610F27D4BE86747C1D8200E31 ] igfxCUIService2.0.0.0 C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_0745f11ce6fc197c\igfxCUIService.exe
13:12:42.0159 0x0f40 igfxCUIService2.0.0.0 - ok
13:12:42.0181 0x0f40 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll
13:12:42.0220 0x0f40 IKEEXT - ok
13:12:42.0226 0x0f40 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
13:12:42.0239 0x0f40 IndirectKmd - ok
13:12:42.0245 0x0f40 [ AFA7F1696B431C07729E9BF2565D6045, 77966485A23581C079A480BEC13982AB926F5C62686F48A44F8C562B3C67745B ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
13:12:42.0255 0x0f40 intaud_WaveExtensible - ok
13:12:42.0348 0x0f40 [ 685320240F91DCBCABD7E0F7D3BE8418, CE29837039689A67180CE22336DEB196A740637E27D5CC0CE4EC77F1C52E5DBF ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
13:12:42.0463 0x0f40 IntcAzAudAddService - ok
13:12:42.0489 0x0f40 [ 739A977693ACC5D64967F3809BAB1854, 1FAE0ABB0412053D9ACE960C1233E2F556BD8F524A29AB7242847C8D6B4B87AD ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
13:12:42.0513 0x0f40 IntcDAud - ok
13:12:42.0520 0x0f40 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys
13:12:42.0529 0x0f40 intelide - ok
13:12:42.0534 0x0f40 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
13:12:42.0545 0x0f40 intelpep - ok
13:12:42.0552 0x0f40 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
13:12:42.0566 0x0f40 intelppm - ok
13:12:42.0571 0x0f40 [ DB32758F3A7F6CCE81A5430080A2EA65, 36A26BAA884E96804F8EA0B12BB3E81BBE6D4EE704809904091445F36CAB5A29 ] iorate C:\WINDOWS\system32\drivers\iorate.sys
13:12:42.0580 0x0f40 iorate - ok
13:12:42.0586 0x0f40 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
13:12:42.0601 0x0f40 IpFilterDriver - ok
13:12:42.0623 0x0f40 [ EF1BB0EF8A12C32DD88C409706B8145E, 7AEDE717C258C29592CC8AEC40F61617E5382646E5141E1C0941882ACE5C5758 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
13:12:42.0665 0x0f40 iphlpsvc - ok
13:12:42.0670 0x0f40 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
13:12:42.0681 0x0f40 IPMIDRV - ok
13:12:42.0689 0x0f40 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
13:12:42.0706 0x0f40 IPNAT - ok
13:12:42.0712 0x0f40 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys
13:12:42.0727 0x0f40 irda - ok
13:12:42.0731 0x0f40 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
13:12:42.0743 0x0f40 IRENUM - ok
13:12:42.0747 0x0f40 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll
13:12:42.0759 0x0f40 irmon - ok
13:12:42.0762 0x0f40 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
13:12:42.0772 0x0f40 isapnp - ok
13:12:42.0781 0x0f40 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
13:12:42.0797 0x0f40 iScsiPrt - ok
13:12:42.0802 0x0f40 [ DA0A946E6C4228B659FA798EF0B075C1, BC2F5710D6165615CD578A970BC154C8DB1ECCA5725D09A29954E9BE8FAC0ED7 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
13:12:42.0809 0x0f40 iwdbus - ok
13:12:42.0815 0x0f40 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
13:12:42.0825 0x0f40 kbdclass - ok
13:12:42.0829 0x0f40 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
13:12:42.0842 0x0f40 kbdhid - ok
13:12:42.0847 0x0f40 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
13:12:42.0859 0x0f40 kdnic - ok
13:12:42.0863 0x0f40 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe
13:12:42.0874 0x0f40 KeyIso - ok
13:12:42.0892 0x0f40 [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1 C:\WINDOWS\system32\DRIVERS\kl1.sys
13:12:42.0910 0x0f40 kl1 - ok
13:12:42.0917 0x0f40 [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
13:12:42.0925 0x0f40 klbackupdisk - ok
13:12:42.0930 0x0f40 [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
13:12:42.0939 0x0f40 klbackupflt - ok
13:12:42.0944 0x0f40 [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk C:\WINDOWS\system32\DRIVERS\kldisk.sys
13:12:42.0953 0x0f40 kldisk - ok
13:12:42.0957 0x0f40 [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam C:\WINDOWS\system32\DRIVERS\klelam.sys
13:12:42.0970 0x0f40 klelam - ok
13:12:42.0977 0x0f40 [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt C:\WINDOWS\system32\DRIVERS\klflt.sys
13:12:42.0987 0x0f40 klflt - ok
13:12:42.0999 0x0f40 [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk C:\WINDOWS\system32\DRIVERS\klhk.sys
13:12:43.0015 0x0f40 klhk - ok
13:12:43.0025 0x0f40 [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
13:12:43.0036 0x0f40 klids - ok
13:12:43.0059 0x0f40 [ 2CE22F21119A089277B067A1B1BDC592, 7CDE229899B6344967098FB03C7C1C360CC3DC2DCC096F8AAC6CC96536FF1AE9 ] KLIF C:\WINDOWS\system32\DRIVERS\klif.sys
13:12:43.0086 0x0f40 KLIF - ok
13:12:43.0092 0x0f40 [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6 C:\WINDOWS\system32\DRIVERS\klim6.sys
13:12:43.0099 0x0f40 KLIM6 - ok
13:12:43.0103 0x0f40 [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
13:12:43.0112 0x0f40 klkbdflt - ok
13:12:43.0117 0x0f40 [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt C:\WINDOWS\system32\DRIVERS\klmouflt.sys
13:12:43.0125 0x0f40 klmouflt - ok
13:12:43.0129 0x0f40 [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd C:\WINDOWS\system32\DRIVERS\klpd.sys
13:12:43.0137 0x0f40 klpd - ok
13:12:43.0142 0x0f40 [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap C:\WINDOWS\System32\drivers\kltap.sys
13:12:43.0150 0x0f40 kltap - ok
13:12:43.0157 0x0f40 [ 66516A704F1D378E58B85D79633C103D, 54E3EB342D2FD17CF742A8ACADCA81A553216AA289955DD176A54D6414727DA5 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
13:12:43.0168 0x0f40 klupd_klif_arkmon - ok
13:12:43.0173 0x0f40 [ 941727CDC11A0E1A407B602D88CD58CB, 8E290245A42E75FC532A72A850BAF5516BA7488BEF015F46CA9D215BCA0D7CE0 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
13:12:43.0181 0x0f40 klupd_klif_kimul - ok
13:12:43.0189 0x0f40 [ 55FC7F42A5AA55A265CE466227ABD0DE, AB72152F39460327D74DB693BFB36A93BC2D752653D3633BB7F439DC4B9AB081 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
13:12:43.0201 0x0f40 klupd_klif_klark - ok
13:12:43.0206 0x0f40 [ D7709E365C10F99DE58BB688C45358B7, C028FB885B7A4AFB98FD2B8EABF99E913F480891A9ED859FE5B4E077BDE8ACB5 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
13:12:43.0216 0x0f40 klupd_klif_klbg - ok
13:12:43.0223 0x0f40 [ 8D7E0B5D4F843D39AA1F644B2578B0EE, C4A8E569A253738AA7B7CDE8D0E987954D1DA6BE6F32D962BD458CA5275A5D76 ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
13:12:43.0233 0x0f40 klupd_klif_mark - ok
13:12:43.0242 0x0f40 [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
13:12:43.0251 0x0f40 klvssbrigde64 - ok
13:12:43.0257 0x0f40 [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp C:\WINDOWS\system32\DRIVERS\klwfp.sys
13:12:43.0266 0x0f40 klwfp - ok
13:12:43.0272 0x0f40 [ EF1AFCADCA485B3846D7A8B71F87509B, C27B579742389ACD8804EC372CBA3C4FDFFB1A8AA6280AE1353BC089E8E34C76 ] Klwtp C:\WINDOWS\system32\DRIVERS\klwtp.sys
13:12:43.0282 0x0f40 Klwtp - ok
13:12:43.0289 0x0f40 [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps C:\WINDOWS\system32\DRIVERS\kneps.sys
13:12:43.0300 0x0f40 kneps - ok
13:12:43.0309 0x0f40 [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
13:12:43.0319 0x0f40 KSDE1.0.0 - ok
13:12:43.0327 0x0f40 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
13:12:43.0339 0x0f40 KSecDD - ok
13:12:43.0346 0x0f40 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
13:12:43.0358 0x0f40 KSecPkg - ok
13:12:43.0363 0x0f40 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
13:12:43.0379 0x0f40 ksthunk - ok
13:12:43.0390 0x0f40 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
13:12:43.0414 0x0f40 KtmRm - ok
13:12:43.0424 0x0f40 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
13:12:43.0446 0x0f40 LanmanServer - ok
13:12:43.0455 0x0f40 [ 33DBBCF71F68EA97D9FD34E4C9AB5AC6, 104F04A1560E75EB224A3825707CE51E8798ABD764F5CC3B854FFFC93A39AF60 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
13:12:43.0478 0x0f40 LanmanWorkstation - ok
13:12:43.0485 0x0f40 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll
13:12:43.0499 0x0f40 lfsvc - ok
13:12:43.0503 0x0f40 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
13:12:43.0517 0x0f40 LicenseManager - ok
13:12:43.0522 0x0f40 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
13:12:43.0536 0x0f40 lltdio - ok
13:12:43.0544 0x0f40 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
13:12:43.0563 0x0f40 lltdsvc - ok
13:12:43.0567 0x0f40 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
13:12:43.0580 0x0f40 lmhosts - ok
13:12:43.0588 0x0f40 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
13:12:43.0600 0x0f40 LSI_SAS - ok
13:12:43.0605 0x0f40 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
13:12:43.0617 0x0f40 LSI_SAS2i - ok
13:12:43.0622 0x0f40 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
13:12:43.0634 0x0f40 LSI_SAS3i - ok
13:12:43.0639 0x0f40 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
13:12:43.0650 0x0f40 LSI_SSS - ok
13:12:43.0667 0x0f40 [ D5EFC0BAEC21EDE6FE03D377D403B421, 41BE71AF7C896FD4C51EF7E3871AAB769164DFB8050DA43E48C7A100711414B4 ] LSM C:\WINDOWS\System32\lsm.dll
13:12:43.0701 0x0f40 LSM - ok
13:12:43.0707 0x0f40 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
13:12:43.0726 0x0f40 luafv - ok
13:12:43.0731 0x0f40 [ CAAF0CD70FEE7C5110B1E62804E41B17, 48482A6C8D2296C4DC613304637C8DBB7DD1DB39326F27650EBCA6FD2793BCFD ] MapsBroker C:\WINDOWS\System32\moshost.dll
13:12:43.0747 0x0f40 MapsBroker - ok
13:12:43.0752 0x0f40 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
13:12:43.0763 0x0f40 megasas - ok
13:12:43.0769 0x0f40 [ 2CF0CB2A0ED68C5455371E84C16F9627, 1C9166B52140145F1968E83E52BFF041250811B23C770FE181A18A4BA060CA81 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
13:12:43.0778 0x0f40 megasas2i - ok
13:12:43.0793 0x0f40 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys
13:12:43.0816 0x0f40 megasr - ok
13:12:43.0824 0x0f40 [ 296C443FCC228EA643ED310465772820, 4846A29DD631E2E253560E7A28439AE11F244AB77F0C826AD56EA485577DBDD6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
13:12:43.0835 0x0f40 MEIx64 - ok
13:12:43.0840 0x0f40 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
13:12:43.0853 0x0f40 MessagingService - ok
13:12:43.0873 0x0f40 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
13:12:43.0901 0x0f40 mlx4_bus - ok
13:12:43.0908 0x0f40 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
13:12:43.0923 0x0f40 MMCSS - ok
13:12:43.0927 0x0f40 [ 0D50B3F3AB32D416786B58D4553859CE, 9DA4D7A30982E8B31C45BDB721AEF5240EAD9DA6839CF34FDDBCF123BF104F2C ] Modem C:\WINDOWS\system32\drivers\modem.sys
13:12:43.0942 0x0f40 Modem - ok
13:12:43.0946 0x0f40 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys
13:12:43.0958 0x0f40 monitor - ok
13:12:43.0964 0x0f40 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
13:12:43.0974 0x0f40 mouclass - ok
13:12:43.0977 0x0f40 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
13:12:43.0991 0x0f40 mouhid - ok
13:12:43.0996 0x0f40 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
13:12:44.0007 0x0f40 mountmgr - ok
13:12:44.0014 0x0f40 [ E464A0A92E2E354D07DDA713D3E10DE4, D5CF213F03DF54EF9933027A7A7D4413371C1ECBFF61E4DE818D50FA72C8C5FC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:12:44.0023 0x0f40 MozillaMaintenance - ok
13:12:44.0028 0x0f40 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
13:12:44.0043 0x0f40 mpsdrv - ok
13:12:44.0064 0x0f40 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
13:12:44.0101 0x0f40 MpsSvc - ok
13:12:44.0109 0x0f40 [ 25D32BE04FE0A23FDF57FD5382757672, 64E39E3E21D9173FB1116B989D80C244C49DA827698A05AF5CC5CD1C6AE155DE ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
13:12:44.0126 0x0f40 MRxDAV - ok
13:12:44.0138 0x0f40 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
13:12:44.0157 0x0f40 mrxsmb - ok
13:12:44.0167 0x0f40 [ D4D12BC29DE0F09280868FDCA65B3474, A6FE89ABD52087FEE52FDF31DDF4CB627ED400E94FDA86BEBF1D4763F1E42518 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
13:12:44.0186 0x0f40 mrxsmb10 - ok
13:12:44.0194 0x0f40 [ 93A77008A8932FC84A173C4E97E52874, B7510CF7998C538D68BD2ECDC512A0BFC7CB7362F598EE4110F728427AFF0F5A ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
13:12:44.0207 0x0f40 mrxsmb20 - ok
13:12:44.0213 0x0f40 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
13:12:44.0227 0x0f40 MsBridge - ok
13:12:44.0235 0x0f40 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe
13:12:44.0251 0x0f40 MSDTC - ok
13:12:44.0257 0x0f40 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
13:12:44.0272 0x0f40 Msfs - ok
13:12:44.0276 0x0f40 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
13:12:44.0286 0x0f40 msgpiowin32 - ok
13:12:44.0289 0x0f40 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
13:12:44.0302 0x0f40 mshidkmdf - ok
13:12:44.0305 0x0f40 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
13:12:44.0318 0x0f40 mshidumdf - ok
13:12:44.0321 0x0f40 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
13:12:44.0330 0x0f40 msisadrv - ok
13:12:44.0337 0x0f40 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
13:12:44.0355 0x0f40 MSiSCSI - ok
13:12:44.0358 0x0f40 msiserver - ok
13:12:44.0362 0x0f40 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
13:12:44.0379 0x0f40 MSKSSRV - ok
13:12:44.0385 0x0f40 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
13:12:44.0399 0x0f40 MsLldp - ok
13:12:44.0403 0x0f40 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
13:12:44.0419 0x0f40 MSPCLOCK - ok
13:12:44.0422 0x0f40 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
13:12:44.0438 0x0f40 MSPQM - ok
13:12:44.0448 0x0f40 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
13:12:44.0465 0x0f40 MsRPC - ok
13:12:44.0470 0x0f40 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
13:12:44.0480 0x0f40 mssmbios - ok
13:12:44.0485 0x0f40 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
13:12:44.0501 0x0f40 MSTEE - ok
13:12:44.0505 0x0f40 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
13:12:44.0516 0x0f40 MTConfig - ok
13:12:44.0522 0x0f40 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
13:12:44.0534 0x0f40 Mup - ok
13:12:44.0538 0x0f40 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
13:12:44.0548 0x0f40 mvumis - ok
13:12:44.0557 0x0f40 [ F41102EEE5B1D6001CD003CED1D63812, 1A879823FAF5240A6CFAEBE999EB4097284C2D5541E4499B6D87CA6C214DD9CE ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
13:12:44.0569 0x0f40 MyWiFiDHCPDNS - ok
13:12:44.0585 0x0f40 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
13:12:44.0614 0x0f40 NativeWifiP - ok
13:12:44.0622 0x0f40 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
13:12:44.0641 0x0f40 NcaSvc - ok
13:12:44.0650 0x0f40 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll
13:12:44.0673 0x0f40 NcbService - ok
13:12:44.0678 0x0f40 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
13:12:44.0706 0x0f40 NcdAutoSetup - ok
13:12:44.0711 0x0f40 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
13:12:44.0722 0x0f40 ndfltr - ok
13:12:44.0750 0x0f40 [ D5564FC81350458ED570528C4E3B1CCF, DD3C5012492EF9BCE3BE635BBB3AA40B3C5F5FDBD795A76B327D9C994102AC2B ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
13:12:44.0787 0x0f40 NDIS - ok
13:12:44.0793 0x0f40 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
13:12:44.0807 0x0f40 NdisCap - ok
13:12:44.0813 0x0f40 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
13:12:44.0833 0x0f40 NdisImPlatform - ok
13:12:44.0836 0x0f40 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
13:12:44.0852 0x0f40 NdisTapi - ok
13:12:44.0857 0x0f40 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
13:12:44.0870 0x0f40 Ndisuio - ok
13:12:44.0874 0x0f40 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
13:12:44.0888 0x0f40 NdisVirtualBus - ok
13:12:44.0895 0x0f40 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
13:12:44.0917 0x0f40 NdisWan - ok
13:12:44.0924 0x0f40 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
13:12:44.0944 0x0f40 ndiswanlegacy - ok
13:12:44.0950 0x0f40 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
13:12:44.0967 0x0f40 ndproxy - ok
13:12:44.0973 0x0f40 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
13:12:44.0992 0x0f40 Ndu - ok
13:12:44.0998 0x0f40 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
13:12:45.0012 0x0f40 NetAdapterCx - ok
13:12:45.0017 0x0f40 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
13:12:45.0027 0x0f40 NetBIOS - ok
13:12:45.0039 0x0f40 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
13:12:45.0060 0x0f40 NetBT - ok
13:12:45.0065 0x0f40 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe
13:12:45.0075 0x0f40 Netlogon - ok
13:12:45.0085 0x0f40 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll
13:12:45.0104 0x0f40 Netman - ok
13:12:45.0118 0x0f40 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
13:12:45.0147 0x0f40 netprofm - ok
13:12:45.0155 0x0f40 [ D65F295A049473E6A39EA9A0EA76CA32, 274FC0BA044EB2D14093AB0E561F7FACEE06A3F433C81343C8B926FA2F9BD251 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
13:12:45.0176 0x0f40 NetSetupSvc - ok
13:12:45.0187 0x0f40 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:45.0198 0x0f40 NetTcpPortSharing - ok
13:12:45.0349 0x0f40 [ CCF9FF5616904BCFCB410F613BB1AC67, 25D867B1FACA01AEF96CA0909F0E8A45857EC847926A696F1DA969868117D693 ] Netwtw04 C:\WINDOWS\System32\drivers\Netwtw04.sys
13:12:45.0567 0x0f40 Netwtw04 - ok
13:12:45.0586 0x0f40 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
13:12:45.0609 0x0f40 NgcCtnrSvc - ok
13:12:45.0630 0x0f40 [ 54C31C2B815E2E26BB8158022F837C9C, CED660D1A58F635C6452F82FCB2EF8ACEEB7785E31617B2ADFD9EE69A2BDF2B8 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
13:12:45.0671 0x0f40 NgcSvc - ok
13:12:45.0681 0x0f40 [ 9B9F520C72EE33EAEC857124BB800243, DFA9386B272F4D86F3E4BE861A2FC4617261E1AA40576DDA610FC24AB4961A63 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
13:12:45.0705 0x0f40 NlaSvc - ok
13:12:45.0711 0x0f40 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
13:12:45.0724 0x0f40 Npfs - ok
13:12:45.0727 0x0f40 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
13:12:45.0743 0x0f40 npsvctrig - ok
13:12:45.0748 0x0f40 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll
13:12:45.0763 0x0f40 nsi - ok
13:12:45.0767 0x0f40 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
13:12:45.0778 0x0f40 nsiproxy - ok
13:12:45.0831 0x0f40 [ DB69C6DA8B3DDFDC547D455CA23A8250, AE495CEB18924C8B21F7F150FF17CD00880F2E222D7B5155661798E0535D63C4 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
13:12:45.0890 0x0f40 NTFS - ok
13:12:45.0898 0x0f40 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys
13:12:45.0909 0x0f40 Null - ok
13:12:46.0141 0x0f40 [ B31D1C67E337D4D2F5D26152218FE04B, BCD93C33570B208C206F2CC349D03304FFFC7640E6F5BABAC7260B2400CE785B ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
13:12:46.0372 0x0f40 nvlddmkm - ok
13:12:46.0426 0x0f40 [ 0D8FD1F6DCD537D97D9072D04DFC56A7, DAB608E8AE3000B2B32DD9DCD621E44F9466D8CCAA15AAE31CC53CA747355C95 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:12:46.0466 0x0f40 NvNetworkService - ok
13:12:46.0476 0x0f40 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
13:12:46.0488 0x0f40 nvraid - ok
13:12:46.0494 0x0f40 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
13:12:46.0507 0x0f40 nvstor - ok
13:12:46.0512 0x0f40 [ B9B0A76E8AA23E7FF4645D64C0238CE2, F6D0AF1FA63285ADC984991ED989DB4EB0CED34520B3078CDD27F9C8CC02C737 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:12:46.0518 0x0f40 NvStreamKms - ok
13:12:46.0626 0x0f40 [ CFCEFB5EAB2B196A0E5E7F3D89FC13DE, FF7B031334A97F67546705B1385B6625D8BBA53E9FBB64E4A4C57DC363CDBDCF ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
13:12:46.0735 0x0f40 NvStreamSvc - ok
13:12:46.0765 0x0f40 [ 20DC4DCF024DFE4C3C84802E055943C0, 16DADC0A4FD098F7D4D420309DC005EC5E7E4E6ED9208667F1CB14317A59952B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
13:12:46.0790 0x0f40 nvsvc - ok
13:12:46.0796 0x0f40 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
13:12:46.0803 0x0f40 nvvad_WaveExtensible - ok
13:12:46.0813 0x0f40 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
13:12:46.0836 0x0f40 OneSyncSvc - ok
13:12:46.0848 0x0f40 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
13:12:46.0870 0x0f40 p2pimsvc - ok
13:12:46.0881 0x0f40 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll
13:12:46.0906 0x0f40 p2psvc - ok
13:12:46.0912 0x0f40 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys
13:12:46.0927 0x0f40 Parport - ok
13:12:46.0934 0x0f40 [ CDBD029BAEC8D09F6FBD404632D9AF28, 71F4401150CD4C9C6BBF2DA854CF07EA2F8C9BBE900833858F49134DDAF14414 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
13:12:46.0945 0x0f40 partmgr - ok
13:12:46.0959 0x0f40 [ CDD8EDF4C35BE6D6137112F5CC7A70DA, 80EECA6BC2E668E5652A5CA9B119CCCE2A2E421F0EED1FD0EAC20C42E77C02ED ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
13:12:46.0980 0x0f40 PcaSvc - ok
13:12:46.0990 0x0f40 [ E2DD2E5BDCCD225670831B439826065B, 0153F1CE26D402C03CFC155F428EBA04D6EA8E19A28AF629B1CE347363B7697C ] pci C:\WINDOWS\system32\drivers\pci.sys
13:12:47.0006 0x0f40 pci - ok
13:12:47.0011 0x0f40 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys
13:12:47.0020 0x0f40 pciide - ok
13:12:47.0026 0x0f40 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
13:12:47.0038 0x0f40 pcmcia - ok
13:12:47.0042 0x0f40 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
13:12:47.0053 0x0f40 pcw - ok
13:12:47.0063 0x0f40 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys
13:12:47.0074 0x0f40 pdc - ok
13:12:47.0091 0x0f40 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
13:12:47.0126 0x0f40 PEAUTH - ok
13:12:47.0131 0x0f40 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys
13:12:47.0138 0x0f40 PEGAGFN - ok
13:12:47.0142 0x0f40 [ 2C71A1D7A1521871DD5719F5D6742A08, F285B43E1B7FD5A080F8A0ACED5E1F2AE9AAEF73E2DE020200688D67AE9D3092 ] PegaRadioSwitch C:\WINDOWS\System32\drivers\PegaRadioSwitch.sys
13:12:47.0154 0x0f40 PegaRadioSwitch - ok
13:12:47.0159 0x0f40 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
13:12:47.0169 0x0f40 percsas2i - ok
13:12:47.0174 0x0f40 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
13:12:47.0184 0x0f40 percsas3i - ok
13:12:47.0215 0x0f40 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
13:12:47.0230 0x0f40 PerfHost - ok
13:12:47.0241 0x0f40 [ 9A7B272B8815093763B996C7EE5D001F, B0499C50D031B6BDED2365C105D0274B72D611C23CFD4B6AE58B1C7F84B30A00 ] PGFNEXSrv C:\Program Files (x86)\PHotkey\PGFNEXSrv.exe
13:12:47.0251 0x0f40 PGFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
13:12:47.0665 0x0f40 PGFNEXSrv ( UnsignedFile.Multi.Generic ) - warning
13:12:47.0859 0x0f40 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
13:12:47.0903 0x0f40 PhoneSvc - ok
13:12:47.0911 0x0f40 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
13:12:47.0934 0x0f40 PimIndexMaintenanceSvc - ok
13:12:47.0967 0x0f40 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll
13:12:48.0025 0x0f40 pla - ok
13:12:48.0032 0x0f40 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
13:12:48.0050 0x0f40 PlugPlay - ok
13:12:48.0054 0x0f40 [ 0BEE791C7C7ACE453C134E73633C497D, 82B30461DBF40AC15FCE6A83B9BAD2EBD05B27DEA1B784EAA096422FE8927B7B ] pmxdrv C:\Windows\system32\drivers\pmxdrv.sys
13:12:48.0061 0x0f40 pmxdrv - ok
13:12:48.0066 0x0f40 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
13:12:48.0079 0x0f40 PNRPAutoReg - ok
13:12:48.0089 0x0f40 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
13:12:48.0110 0x0f40 PNRPsvc - ok
13:12:48.0123 0x0f40 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
13:12:48.0147 0x0f40 PolicyAgent - ok
13:12:48.0154 0x0f40 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll
13:12:48.0172 0x0f40 Power - ok
13:12:48.0178 0x0f40 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
13:12:48.0197 0x0f40 PptpMiniport - ok
13:12:48.0258 0x0f40 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
13:12:48.0365 0x0f40 PrintNotify - ok
13:12:48.0375 0x0f40 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys
13:12:48.0388 0x0f40 Processor - ok
13:12:48.0398 0x0f40 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
13:12:48.0423 0x0f40 ProfSvc - ok
13:12:48.0430 0x0f40 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys
13:12:48.0443 0x0f40 Psched - ok
13:12:48.0452 0x0f40 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll
13:12:48.0473 0x0f40 QWAVE - ok
13:12:48.0477 0x0f40 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
13:12:48.0490 0x0f40 QWAVEdrv - ok
13:12:48.0494 0x0f40 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
13:12:48.0505 0x0f40 RasAcd - ok
13:12:48.0511 0x0f40 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
13:12:48.0527 0x0f40 RasAgileVpn - ok
13:12:48.0533 0x0f40 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll
13:12:48.0548 0x0f40 RasAuto - ok
13:12:48.0554 0x0f40 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
13:12:48.0573 0x0f40 Rasl2tp - ok
13:12:48.0589 0x0f40 [ F79BFB5588B777C71734C1D1EC129D07, 9B9D70EC8978AAC19B2B94694EE1B9957C13DFDDFCBE8AA82C5F0D0EA04CDBDF ] RasMan C:\WINDOWS\System32\rasmans.dll
13:12:48.0620 0x0f40 RasMan - ok
13:12:48.0626 0x0f40 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
13:12:48.0640 0x0f40 RasPppoe - ok
13:12:48.0645 0x0f40 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
13:12:48.0663 0x0f40 RasSstp - ok
13:12:48.0674 0x0f40 [ AF6963414B820B7C45578ED3300438A7, C00F60FD72608E6983D32642768AECE891DD816FADFA7B872BA88091C16B95D7 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
13:12:48.0693 0x0f40 rdbss - ok
13:12:48.0700 0x0f40 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
13:12:48.0712 0x0f40 rdpbus - ok
13:12:48.0719 0x0f40 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
13:12:48.0736 0x0f40 RDPDR - ok
13:12:48.0743 0x0f40 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
13:12:48.0753 0x0f40 RdpVideoMiniport - ok
13:12:48.0762 0x0f40 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
13:12:48.0776 0x0f40 rdyboost - ok
13:12:48.0798 0x0f40 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
13:12:48.0827 0x0f40 ReFSv1 - ok
13:12:48.0835 0x0f40 [ 0060A50F5E3A397E1F84B0C8F5F9898B, 685452985AF6BF68A63A8A306E7BFA4051B0E8C41CA67EE74D506E6F560FF5DD ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
13:12:48.0844 0x0f40 RegSrvc - ok
13:12:48.0857 0x0f40 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
13:12:48.0884 0x0f40 RemoteAccess - ok
13:12:48.0891 0x0f40 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
13:12:48.0912 0x0f40 RemoteRegistry - ok
13:12:48.0928 0x0f40 [ 0660F4A14F9D2A2F59B26B1D74F1A6D0, A9443B6B7ED1ECA22AC960A2C6A2BE18C0BA58CD7BCF60E7AA617CD3662D122D ] RetailDemo C:\WINDOWS\system32\RDXService.dll
13:12:48.0963 0x0f40 RetailDemo - ok
13:12:48.0979 0x0f40 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
13:12:49.0006 0x0f40 RFCOMM - ok
13:12:49.0018 0x0f40 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
13:12:49.0040 0x0f40 RichVideo64 - ok
13:12:49.0047 0x0f40 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll
13:12:49.0072 0x0f40 RmSvc - ok
13:12:49.0078 0x0f40 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
13:12:49.0104 0x0f40 RpcEptMapper - ok
13:12:49.0110 0x0f40 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe
13:12:49.0130 0x0f40 RpcLocator - ok
13:12:49.0162 0x0f40 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll
13:12:49.0217 0x0f40 RpcSs - ok
13:12:49.0228 0x0f40 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
13:12:49.0254 0x0f40 rspndr - ok
13:12:49.0271 0x0f40 [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
13:12:49.0311 0x0f40 rt640x64 - ok
|
|
28.12.2016, 13:21
| #15 |
| | BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? Teil 2 Code:
ATTFilter 13:12:49.0330 0x0f40 [ CD119D2452BCB3ED0803FAF8A24F74AE, 8FC84679AE0B682DD79FE3879F92F854430C724C22E4F1DCD1E2D01777103492 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
13:12:49.0345 0x0f40 RTSUER - ok
13:12:49.0351 0x0f40 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
13:12:49.0361 0x0f40 s3cap - ok
13:12:49.0366 0x0f40 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe
13:12:49.0377 0x0f40 SamSs - ok
13:12:49.0384 0x0f40 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
13:12:49.0395 0x0f40 sbp2port - ok
13:12:49.0404 0x0f40 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
13:12:49.0424 0x0f40 SCardSvr - ok
13:12:49.0432 0x0f40 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
13:12:49.0451 0x0f40 ScDeviceEnum - ok
13:12:49.0456 0x0f40 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
13:12:49.0470 0x0f40 scfilter - ok
13:12:49.0491 0x0f40 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll
13:12:49.0535 0x0f40 Schedule - ok
13:12:49.0541 0x0f40 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
13:12:49.0552 0x0f40 scmbus - ok
13:12:49.0557 0x0f40 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys
13:12:49.0572 0x0f40 scmdisk0101 - ok
13:12:49.0580 0x0f40 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
13:12:49.0596 0x0f40 SCPolicySvc - ok
13:12:49.0605 0x0f40 [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
13:12:49.0621 0x0f40 sdbus - ok
13:12:49.0627 0x0f40 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
13:12:49.0647 0x0f40 SDRSVC - ok
13:12:49.0653 0x0f40 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
13:12:49.0664 0x0f40 sdstor - ok
13:12:49.0669 0x0f40 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll
13:12:49.0683 0x0f40 seclogon - ok
13:12:49.0689 0x0f40 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll
13:12:49.0704 0x0f40 SENS - ok
13:12:49.0731 0x0f40 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
13:12:49.0789 0x0f40 SensorDataService - ok
13:12:49.0804 0x0f40 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll
13:12:49.0843 0x0f40 SensorService - ok
13:12:49.0854 0x0f40 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
13:12:49.0887 0x0f40 SensrSvc - ok
13:12:49.0895 0x0f40 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
13:12:49.0916 0x0f40 SerCx - ok
13:12:49.0929 0x0f40 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
13:12:49.0954 0x0f40 SerCx2 - ok
13:12:49.0961 0x0f40 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
13:12:49.0989 0x0f40 Serenum - ok
13:12:49.0996 0x0f40 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys
13:12:50.0019 0x0f40 Serial - ok
13:12:50.0027 0x0f40 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
13:12:50.0049 0x0f40 sermouse - ok
13:12:50.0078 0x0f40 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll
13:12:50.0115 0x0f40 SessionEnv - ok
13:12:50.0126 0x0f40 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
13:12:50.0145 0x0f40 sfloppy - ok
13:12:50.0166 0x0f40 [ 832E933AA8DB9FD4733B96D8B6484D3F, 3A8E3D7ECA192EEE154CB568073B7211FDA06078EFC3BC7E961563A1BFDD0CAA ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
13:12:50.0195 0x0f40 SharedAccess - ok
13:12:50.0214 0x0f40 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
13:12:50.0249 0x0f40 ShellHWDetection - ok
13:12:50.0256 0x0f40 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
13:12:50.0273 0x0f40 shpamsvc - ok
13:12:50.0278 0x0f40 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
13:12:50.0287 0x0f40 SiSRaid2 - ok
13:12:50.0292 0x0f40 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
13:12:50.0303 0x0f40 SiSRaid4 - ok
13:12:50.0307 0x0f40 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll
13:12:50.0322 0x0f40 smphost - ok
13:12:50.0337 0x0f40 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
13:12:50.0368 0x0f40 SmsRouter - ok
13:12:50.0377 0x0f40 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
13:12:50.0391 0x0f40 SNMPTRAP - ok
13:12:50.0406 0x0f40 [ C994DF90427103CCB80F893FFD2B1CE8, 7E4B08095C77E68D337A3425EEA38F8FEC4D103CA7661E34FD96BF518DFB4BCB ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
13:12:50.0427 0x0f40 spaceport - ok
13:12:50.0433 0x0f40 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
13:12:50.0445 0x0f40 SpbCx - ok
13:12:50.0464 0x0f40 [ 79DCE27E8C4CF6701BFE49EC2446BBF6, F51CBB7A45C3C878F41653FD5FBDC93CC302712B7725DAAB4D3475A1F4771E3D ] Spooler C:\WINDOWS\System32\spoolsv.exe
13:12:50.0502 0x0f40 Spooler - ok
13:12:50.0605 0x0f40 [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
13:12:50.0745 0x0f40 sppsvc - ok
13:12:50.0763 0x0f40 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
13:12:50.0785 0x0f40 srv - ok
13:12:50.0804 0x0f40 [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
13:12:50.0838 0x0f40 srv2 - ok
13:12:50.0848 0x0f40 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
13:12:50.0865 0x0f40 srvnet - ok
13:12:50.0873 0x0f40 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
13:12:50.0893 0x0f40 SSDPSRV - ok
13:12:50.0901 0x0f40 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
13:12:50.0920 0x0f40 SstpSvc - ok
13:12:50.0927 0x0f40 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
13:12:50.0936 0x0f40 ssudmdm - ok
13:12:51.0012 0x0f40 [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
13:12:51.0145 0x0f40 StateRepository - ok
13:12:51.0161 0x0f40 [ 756E3E9563312FB885C5E1291647C866, 2F1F98EBA19365DE531CCA8E5BB83675B7E99B95D751BB64AF165E71BFA5F214 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:12:51.0173 0x0f40 Stereo Service - ok
13:12:51.0178 0x0f40 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
13:12:51.0188 0x0f40 stexstor - ok
13:12:51.0204 0x0f40 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll
13:12:51.0240 0x0f40 stisvc - ok
13:12:51.0247 0x0f40 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
13:12:51.0258 0x0f40 storahci - ok
13:12:51.0263 0x0f40 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
13:12:51.0273 0x0f40 storflt - ok
13:12:51.0278 0x0f40 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
13:12:51.0289 0x0f40 stornvme - ok
13:12:51.0294 0x0f40 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
13:12:51.0310 0x0f40 storqosflt - ok
13:12:51.0322 0x0f40 [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc C:\WINDOWS\system32\storsvc.dll
13:12:51.0349 0x0f40 StorSvc - ok
13:12:51.0353 0x0f40 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
13:12:51.0363 0x0f40 storufs - ok
13:12:51.0367 0x0f40 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
13:12:51.0376 0x0f40 storvsc - ok
13:12:51.0381 0x0f40 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll
13:12:51.0395 0x0f40 svsvc - ok
13:12:51.0400 0x0f40 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys
13:12:51.0408 0x0f40 swenum - ok
13:12:51.0420 0x0f40 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll
13:12:51.0447 0x0f40 swprv - ok
13:12:51.0452 0x0f40 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
13:12:51.0466 0x0f40 Synth3dVsc - ok
13:12:51.0489 0x0f40 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll
13:12:51.0531 0x0f40 SysMain - ok
13:12:51.0544 0x0f40 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
13:12:51.0567 0x0f40 SystemEventsBroker - ok
13:12:51.0574 0x0f40 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
13:12:51.0591 0x0f40 TabletInputService - ok
13:12:51.0600 0x0f40 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
13:12:51.0621 0x0f40 TapiSrv - ok
13:12:51.0675 0x0f40 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
13:12:51.0741 0x0f40 Tcpip - ok
13:12:51.0798 0x0f40 [ 4F25E481124059CC593B4C68BC485640, 2814D2BA4E83D3B0F7569E6C6EE0C763D9801BC505D8ED84675D19C8573834DB ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
13:12:51.0860 0x0f40 Tcpip6 - ok
13:12:51.0870 0x0f40 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
13:12:51.0885 0x0f40 tcpipreg - ok
13:12:51.0891 0x0f40 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
13:12:51.0903 0x0f40 tdx - ok
13:12:51.0908 0x0f40 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
13:12:51.0917 0x0f40 terminpt - ok
13:12:51.0939 0x0f40 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll
13:12:51.0978 0x0f40 TermService - ok
13:12:51.0985 0x0f40 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll
13:12:52.0003 0x0f40 Themes - ok
13:12:52.0013 0x0f40 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
13:12:52.0036 0x0f40 TieringEngineService - ok
13:12:52.0051 0x0f40 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
13:12:52.0081 0x0f40 tiledatamodelsvc - ok
13:12:52.0088 0x0f40 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
13:12:52.0105 0x0f40 TimeBrokerSvc - ok
13:12:52.0113 0x0f40 [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
13:12:52.0127 0x0f40 TPM - ok
13:12:52.0133 0x0f40 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\WINDOWS\System32\trkwks.dll
13:12:52.0149 0x0f40 TrkWks - ok
13:12:52.0154 0x0f40 [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
13:12:52.0171 0x0f40 TrustedInstaller - ok
13:12:52.0177 0x0f40 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
13:12:52.0192 0x0f40 tsusbflt - ok
13:12:52.0196 0x0f40 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
13:12:52.0208 0x0f40 TsUsbGD - ok
13:12:52.0215 0x0f40 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
13:12:52.0233 0x0f40 tunnel - ok
13:12:52.0240 0x0f40 [ F723552F65D44FE693DB1A383825B3A8, EF8C343C4EB5EEA4EC830378EF576CCD6CD4EEDEDD486C0F29697044E8C71F45 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
13:12:52.0257 0x0f40 tzautoupdate - ok
13:12:52.0262 0x0f40 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
13:12:52.0273 0x0f40 UASPStor - ok
13:12:52.0278 0x0f40 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
13:12:52.0293 0x0f40 UcmCx0101 - ok
13:12:52.0299 0x0f40 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
13:12:52.0313 0x0f40 UcmTcpciCx0101 - ok
13:12:52.0318 0x0f40 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
13:12:52.0330 0x0f40 UcmUcsi - ok
13:12:52.0337 0x0f40 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
13:12:52.0351 0x0f40 Ucx01000 - ok
13:12:52.0357 0x0f40 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
13:12:52.0371 0x0f40 UdeCx - ok
13:12:52.0380 0x0f40 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
13:12:52.0404 0x0f40 udfs - ok
13:12:52.0409 0x0f40 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
13:12:52.0418 0x0f40 UEFI - ok
13:12:52.0427 0x0f40 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
13:12:52.0442 0x0f40 Ufx01000 - ok
13:12:52.0448 0x0f40 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
13:12:52.0459 0x0f40 UfxChipidea - ok
13:12:52.0465 0x0f40 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
13:12:52.0477 0x0f40 ufxsynopsys - ok
13:12:52.0485 0x0f40 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
13:12:52.0501 0x0f40 UI0Detect - ok
13:12:52.0506 0x0f40 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\WINDOWS\System32\drivers\umbus.sys
13:12:52.0519 0x0f40 umbus - ok
13:12:52.0523 0x0f40 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
13:12:52.0534 0x0f40 UmPass - ok
13:12:52.0543 0x0f40 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
13:12:52.0562 0x0f40 UmRdpService - ok
13:12:52.0589 0x0f40 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
13:12:52.0637 0x0f40 UnistoreSvc - ok
13:12:52.0653 0x0f40 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\WINDOWS\System32\upnphost.dll
13:12:52.0682 0x0f40 upnphost - ok
13:12:52.0687 0x0f40 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
13:12:52.0697 0x0f40 UrsChipidea - ok
13:12:52.0701 0x0f40 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
13:12:52.0711 0x0f40 UrsCx01000 - ok
13:12:52.0717 0x0f40 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
13:12:52.0726 0x0f40 UrsSynopsys - ok
13:12:52.0733 0x0f40 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
13:12:52.0747 0x0f40 usbccgp - ok
13:12:52.0753 0x0f40 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
13:12:52.0766 0x0f40 usbcir - ok
13:12:52.0773 0x0f40 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
13:12:52.0783 0x0f40 usbehci - ok
13:12:52.0796 0x0f40 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
13:12:52.0817 0x0f40 usbhub - ok
13:12:52.0831 0x0f40 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
13:12:52.0852 0x0f40 USBHUB3 - ok
13:12:52.0857 0x0f40 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
13:12:52.0870 0x0f40 usbohci - ok
13:12:52.0874 0x0f40 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
13:12:52.0887 0x0f40 usbprint - ok
13:12:52.0892 0x0f40 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
13:12:52.0905 0x0f40 usbscan - ok
13:12:52.0910 0x0f40 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
13:12:52.0923 0x0f40 usbser - ok
13:12:52.0930 0x0f40 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
13:12:52.0942 0x0f40 USBSTOR - ok
13:12:52.0946 0x0f40 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
13:12:52.0957 0x0f40 usbuhci - ok
13:12:52.0966 0x0f40 [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
13:12:52.0984 0x0f40 usbvideo - ok
13:12:53.0035 0x0f40 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
13:12:53.0113 0x0f40 USBXHCI - ok
13:12:53.0152 0x0f40 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
13:12:53.0208 0x0f40 UserDataSvc - ok
13:12:53.0236 0x0f40 [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager C:\WINDOWS\System32\usermgr.dll
13:12:53.0280 0x0f40 UserManager - ok
13:12:53.0294 0x0f40 [ C75B1B48BCAADEB0275C1EBE2EAE742D, 19875B87BDB23E5B60D6D3173FDF7A7634E81E43501529A56FFCCEE21B7E3B71 ] UsoSvc C:\WINDOWS\system32\usocore.dll
13:12:53.0324 0x0f40 UsoSvc - ok
13:12:53.0330 0x0f40 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc C:\WINDOWS\system32\lsass.exe
13:12:53.0340 0x0f40 VaultSvc - ok
13:12:53.0346 0x0f40 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
13:12:53.0355 0x0f40 vdrvroot - ok
13:12:53.0372 0x0f40 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\WINDOWS\System32\vds.exe
13:12:53.0408 0x0f40 vds - ok
13:12:53.0418 0x0f40 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
13:12:53.0440 0x0f40 VerifierExt - ok
13:12:53.0462 0x0f40 [ 46ADD0CD4473AAEF1C68266A803F704D, D521E46891253884CF8285E864FAE63F2E8E0974AD8D2EB4D910E8A35350844F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
13:12:53.0494 0x0f40 vhdmp - ok
13:12:53.0506 0x0f40 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
13:12:53.0524 0x0f40 vhf - ok
13:12:53.0529 0x0f40 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
13:12:53.0553 0x0f40 vmbus - ok
13:12:53.0560 0x0f40 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
13:12:53.0578 0x0f40 VMBusHID - ok
13:12:53.0586 0x0f40 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
13:12:53.0607 0x0f40 vmgid - ok
13:12:53.0618 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
13:12:53.0653 0x0f40 vmicguestinterface - ok
13:12:53.0663 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
13:12:53.0693 0x0f40 vmicheartbeat - ok
13:12:53.0705 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
13:12:53.0737 0x0f40 vmickvpexchange - ok
13:12:53.0753 0x0f40 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
13:12:53.0789 0x0f40 vmicrdv - ok
13:12:53.0799 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
13:12:53.0825 0x0f40 vmicshutdown - ok
13:12:53.0833 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
13:12:53.0851 0x0f40 vmictimesync - ok
13:12:53.0859 0x0f40 [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
13:12:53.0877 0x0f40 vmicvmsession - ok
13:12:53.0889 0x0f40 [ 0F621B52259D88A719AA20C6D04E3D72, 80B0528CCDE6E1B6F092787E1C0769C649698B196602859A5855134F0ECCBAE5 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
13:12:53.0909 0x0f40 vmicvss - ok
13:12:53.0914 0x0f40 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
13:12:53.0924 0x0f40 volmgr - ok
13:12:53.0935 0x0f40 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
13:12:53.0952 0x0f40 volmgrx - ok
13:12:53.0963 0x0f40 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
13:12:53.0981 0x0f40 volsnap - ok
13:12:53.0985 0x0f40 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\WINDOWS\system32\drivers\volume.sys
13:12:53.0994 0x0f40 volume - ok
13:12:54.0000 0x0f40 [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
13:12:54.0010 0x0f40 vpci - ok
13:12:54.0017 0x0f40 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
13:12:54.0028 0x0f40 vsmraid - ok
13:12:54.0061 0x0f40 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\WINDOWS\system32\vssvc.exe
13:12:54.0118 0x0f40 VSS - ok
13:12:54.0129 0x0f40 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
13:12:54.0144 0x0f40 VSTXRAID - ok
13:12:54.0150 0x0f40 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
13:12:54.0162 0x0f40 vwifibus - ok
13:12:54.0168 0x0f40 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
13:12:54.0180 0x0f40 vwififlt - ok
13:12:54.0185 0x0f40 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
13:12:54.0196 0x0f40 vwifimp - ok
13:12:54.0210 0x0f40 [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time C:\WINDOWS\system32\w32time.dll
13:12:54.0241 0x0f40 W32Time - ok
13:12:54.0253 0x0f40 [ 4053FB949F48647A327BC18DFEEA4374, 52511C35854A673ADCD9084FEF9BC6A339BCA0290374B81140A371D67B13A8FB ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
13:12:54.0274 0x0f40 w3logsvc - ok
13:12:54.0292 0x0f40 [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] W3SVC C:\WINDOWS\system32\inetsrv\iisw3adm.dll
13:12:54.0332 0x0f40 W3SVC - ok
13:12:54.0343 0x0f40 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
13:12:54.0365 0x0f40 WacomPen - ok
13:12:54.0385 0x0f40 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\WINDOWS\system32\WalletService.dll
13:12:54.0427 0x0f40 WalletService - ok
13:12:54.0436 0x0f40 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:12:54.0462 0x0f40 wanarp - ok
13:12:54.0473 0x0f40 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
13:12:54.0507 0x0f40 wanarpv6 - ok
13:12:54.0525 0x0f40 [ 85461F6AD65CCE84A7BC6D9F2A5861B3, 0C9A662F1BADF429B1DF62E91F4626DE996F84945D3A42D26A0FA09EC15CC9D7 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
13:12:54.0564 0x0f40 WAS - ok
13:12:54.0604 0x0f40 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\WINDOWS\system32\wbengine.exe
13:12:54.0663 0x0f40 wbengine - ok
13:12:54.0684 0x0f40 [ 7C4FAE7A8D55C897E5AE681B245A005F, 7E1E6299579BF02E89C5B828A1C19A43FF4E1F43D46D058F8DC0A8E6421C86A7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
13:12:54.0723 0x0f40 WbioSrvc - ok
13:12:54.0729 0x0f40 [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
13:12:54.0742 0x0f40 wcifs - ok
13:12:54.0760 0x0f40 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
13:12:54.0798 0x0f40 Wcmsvc - ok
13:12:54.0811 0x0f40 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
13:12:54.0838 0x0f40 wcncsvc - ok
13:12:54.0843 0x0f40 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
13:12:54.0857 0x0f40 wcnfs - ok
13:12:54.0861 0x0f40 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
13:12:54.0872 0x0f40 WdBoot - ok
13:12:54.0896 0x0f40 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
13:12:54.0938 0x0f40 Wdf01000 - ok
13:12:54.0950 0x0f40 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
13:12:54.0972 0x0f40 WdFilter - ok
13:12:54.0978 0x0f40 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
13:12:55.0006 0x0f40 WdiServiceHost - ok
13:12:55.0011 0x0f40 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
13:12:55.0039 0x0f40 WdiSystemHost - ok
13:12:55.0058 0x0f40 [ 8CB606A3057355FD5A9DBDD1A0AC94EF, 6DD0B4A2270633086EBB569A00B87430EE6EF173525E341404B15845B57BE86D ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
13:12:55.0095 0x0f40 wdiwifi - ok
13:12:55.0109 0x0f40 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
13:12:55.0125 0x0f40 WdNisDrv - ok
13:12:55.0128 0x0f40 WdNisSvc - ok
13:12:55.0145 0x0f40 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\WINDOWS\System32\webclnt.dll
13:12:55.0173 0x0f40 WebClient - ok
13:12:55.0181 0x0f40 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
13:12:55.0216 0x0f40 Wecsvc - ok
13:12:55.0221 0x0f40 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
13:12:55.0235 0x0f40 WEPHOSTSVC - ok
13:12:55.0241 0x0f40 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
13:12:55.0266 0x0f40 wercplsupport - ok
13:12:55.0273 0x0f40 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
13:12:55.0290 0x0f40 WerSvc - ok
13:12:55.0297 0x0f40 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
13:12:55.0309 0x0f40 WFPLWFS - ok
13:12:55.0315 0x0f40 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
13:12:55.0329 0x0f40 WiaRpc - ok
13:12:55.0334 0x0f40 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
13:12:55.0343 0x0f40 WIMMount - ok
13:12:55.0346 0x0f40 WinDefend - ok
13:12:55.0357 0x0f40 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
13:12:55.0369 0x0f40 WindowsTrustedRT - ok
13:12:55.0373 0x0f40 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
13:12:55.0383 0x0f40 WindowsTrustedRTProxy - ok
13:12:55.0402 0x0f40 [ C2A3B07F0118D61086C99BDCBAB6A6A3, 04D646BEF1C6F427503C594F0ECBB33140C3991A3A7AFB66B2C9581E358F9FD2 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
13:12:55.0438 0x0f40 WinHttpAutoProxySvc - ok
13:12:55.0444 0x0f40 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
13:12:55.0454 0x0f40 WinMad - ok
13:12:55.0465 0x0f40 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
13:12:55.0485 0x0f40 Winmgmt - ok
13:12:55.0540 0x0f40 [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
13:12:55.0670 0x0f40 WinRM - ok
13:12:55.0694 0x0f40 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
13:12:55.0721 0x0f40 WINUSB - ok
13:12:55.0728 0x0f40 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
13:12:55.0745 0x0f40 WinVerbs - ok
13:12:55.0768 0x0f40 [ ECD999D8412A3473C26B118F89DB9908, 5FB9B93E4B5482CCFF01D805DFA386FD8D3441BC81E7BD5DF89EE3078FD724F3 ] wisvc C:\WINDOWS\system32\flightsettings.dll
13:12:55.0801 0x0f40 wisvc - ok
13:12:55.0846 0x0f40 [ 7671078AEF4C0203B053A9642C401FF7, BBFADA89CD31F20ADDBFAFAD2E492C72D82BF2F8B823BB6773F04D229B62534C ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
13:12:55.0928 0x0f40 WlanSvc - ok
13:12:55.0975 0x0f40 [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
13:12:56.0051 0x0f40 wlidsvc - ok
13:12:56.0058 0x0f40 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
13:12:56.0069 0x0f40 WmiAcpi - ok
13:12:56.0078 0x0f40 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
13:12:56.0095 0x0f40 wmiApSrv - ok
13:12:56.0098 0x0f40 WMPNetworkSvc - ok
13:12:56.0107 0x0f40 [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
13:12:56.0120 0x0f40 Wof - ok
13:12:56.0163 0x0f40 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
13:12:56.0230 0x0f40 workfolderssvc - ok
13:12:56.0239 0x0f40 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
13:12:56.0257 0x0f40 WPDBusEnum - ok
13:12:56.0261 0x0f40 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
13:12:56.0271 0x0f40 WpdUpFltr - ok
13:12:56.0279 0x0f40 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\WINDOWS\system32\WpnService.dll
13:12:56.0299 0x0f40 WpnService - ok
13:12:56.0304 0x0f40 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
13:12:56.0318 0x0f40 WpnUserService - ok
13:12:56.0324 0x0f40 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
13:12:56.0338 0x0f40 ws2ifsl - ok
13:12:56.0345 0x0f40 [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
13:12:56.0366 0x0f40 wscsvc - ok
13:12:56.0369 0x0f40 WSearch - ok
13:12:56.0418 0x0f40 [ 5163F5BABAE1FF8CCC0AFD60B6EDD20A, E4F3FC2D7E9995DD34D6DD392D33B51649077985ECA0BF2AF0552D72DC3DF08E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
13:12:56.0497 0x0f40 wuauserv - ok
13:12:56.0507 0x0f40 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
13:12:56.0521 0x0f40 WudfPf - ok
13:12:56.0529 0x0f40 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\WINDOWS\system32\drivers\WudfRd.sys
13:12:56.0547 0x0f40 WUDFRd - ok
13:12:56.0553 0x0f40 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
13:12:56.0569 0x0f40 wudfsvc - ok
13:12:56.0576 0x0f40 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:12:56.0593 0x0f40 WUDFWpdFs - ok
13:12:56.0600 0x0f40 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
13:12:56.0616 0x0f40 WUDFWpdMtp - ok
13:12:56.0643 0x0f40 [ E231728BC515A4B85543AF74A1FEDFCB, 5D250D7D789B5BB56BFA2E7A109BCEB3686B7636C54D89F4E9804101D145C955 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
13:12:56.0695 0x0f40 WwanSvc - ok
13:12:56.0720 0x0f40 [ F39D6915451D9226AC9A5E7AE70E2ABA, E05D678DC0423A4D0EB8B3BB5A942721BB4F3B0BED22748252DBD6053FE956F1 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
13:12:56.0763 0x0f40 XblAuthManager - ok
13:12:56.0790 0x0f40 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
13:12:56.0840 0x0f40 XblGameSave - ok
13:12:56.0850 0x0f40 [ 9627BBAA50878F6833A6A7843EE3B1D9, 637566BB56501C4D11E3B6E6AC1C602D880C9D357CCE3DF1DF74EE672744F2B7 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
13:12:56.0869 0x0f40 xboxgip - ok
13:12:56.0893 0x0f40 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
13:12:56.0939 0x0f40 XboxNetApiSvc - ok
13:12:56.0945 0x0f40 [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
13:12:56.0957 0x0f40 xinputhid - ok
13:12:57.0038 0x0f40 [ 8BA550098E9A09FA934C05F0CF9D5857, EF105D2A1FEEF7F3253810F0CF4694E2668CE9964BD528F10BBCCE02CA7F3485 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
13:12:57.0108 0x0f40 ZeroConfigService - ok
13:12:57.0113 0x0f40 ================ Scan global ===============================
13:12:57.0120 0x0f40 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll
13:12:57.0127 0x0f40 [ C509CCD23B086DFC9EAF86E280043672, BF431DC1C618BAF0CB67976C5A8BCCDC3F3CB266F83C614D605BA559BA8EDFD8 ] C:\WINDOWS\system32\winsrv.dll
13:12:57.0135 0x0f40 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll
13:12:57.0149 0x0f40 [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe
13:12:57.0157 0x0f40 [ Global ] - ok
13:12:57.0157 0x0f40 ================ Scan MBR ==================================
13:12:57.0188 0x0f40 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:12:57.0378 0x0f40 \Device\Harddisk0\DR0 - ok
13:12:57.0383 0x0f40 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
13:12:57.0427 0x0f40 \Device\Harddisk1\DR1 - ok
13:12:57.0427 0x0f40 ================ Scan VBR ==================================
13:12:57.0451 0x0f40 [ 9351C4CDD73BE4ED4B9A04B8D97450BE ] \Device\Harddisk0\DR0\Partition1
13:12:57.0454 0x0f40 \Device\Harddisk0\DR0\Partition1 - ok
13:12:57.0457 0x0f40 [ C70FDF6684F9F7A43AEEB9CA1F1934DC ] \Device\Harddisk0\DR0\Partition2
13:12:57.0458 0x0f40 \Device\Harddisk0\DR0\Partition2 - ok
13:12:57.0460 0x0f40 [ 9300B518CE88712C7137B59CAA0A540D ] \Device\Harddisk1\DR1\Partition1
13:12:57.0461 0x0f40 \Device\Harddisk1\DR1\Partition1 - ok
13:12:57.0466 0x0f40 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
13:12:57.0467 0x0f40 \Device\Harddisk1\DR1\Partition2 - ok
13:12:57.0474 0x0f40 [ 102219D28C1162D08BF031A4BA15888F ] \Device\Harddisk1\DR1\Partition3
13:12:57.0475 0x0f40 \Device\Harddisk1\DR1\Partition3 - ok
13:12:57.0477 0x0f40 [ 33CBA1B4C6673C09FEBA1347C2C42A40 ] \Device\Harddisk1\DR1\Partition4
13:12:57.0479 0x0f40 \Device\Harddisk1\DR1\Partition4 - ok
13:12:57.0488 0x0f40 [ 5C36A8B236EAC85AD6DA07C2E6100EBB ] \Device\Harddisk1\DR1\Partition5
13:12:57.0489 0x0f40 \Device\Harddisk1\DR1\Partition5 - ok
13:12:57.0489 0x0f40 ================ Scan generic autorun ======================
13:12:57.0780 0x0f40 [ 47B6DAB8908B5385697255C7614A5396, D2E66A8085A6E6296E638EF7D665540C8EE4CD5FE97CA2E71D8B33FDEAC1ABC9 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:12:58.0055 0x0f40 RTHDVCPL - ok
13:12:58.0099 0x0f40 [ 849643565F668874D4F2670D014DEC19, 20232083693DD04278BC7C02F0E19F9B805A0C63ABF170972608E8C6940F20B4 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
13:12:58.0130 0x0f40 RtHDVBg_Dolby - ok
13:12:58.0132 0x0f40 ETDCtrl - ok
13:12:58.0187 0x0f40 [ 0FD818A72C3602A8FCFD5189F1FE094C, D3D74DD361E4728B0EDA3B49F746ED6D1D22BDDDEF4739DFA97AB61ECAA3727A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:12:58.0238 0x0f40 NvBackend - ok
13:12:58.0245 0x0f40 [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe
13:12:58.0265 0x0f40 ShadowPlay - ok
13:12:58.0278 0x0f40 [ 5DB2D863BEECABABE5AFBD36AD055919, EDA57E210834275DD78650C55267F1EB55BB03964D0BCB8C87CCB5CCE290AE51 ] C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
13:12:58.0303 0x0f40 DAX2_APP - detected UnsignedFile.Multi.Generic ( 1 )
13:12:58.0570 0x0f40 Detect skipped due to KSN trusted
13:12:58.0570 0x0f40 DAX2_APP - ok
13:12:58.0571 0x0f40 WindowsDefender - ok
13:12:58.0579 0x0f40 [ DCE6C721D61156C1D2CBFD2C568B3ED2, 6F682D48A9372EEFDA724718102D48D13085B5AFAF69E09F972DB8BF814E685C ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
13:12:58.0588 0x0f40 CLMLServer_For_P2G8 - ok
13:12:58.0599 0x0f40 [ 46015CA32B99E1953DE0BF725C665651, B0130D097273F7FBB2B1D0B93B52AABCC7EA5B3FD601CC11AA02A4A3FD0B2294 ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
13:12:58.0615 0x0f40 CLVirtualDrive - ok
13:12:58.0617 0x0f40 PowerDVD12Agent - ok
13:12:58.0633 0x0f40 [ 7E6EFC5383FEF3EF852F2C7D41DEE83F, 552A0A158CBEFEA6B2FC969F5E9481C6D688A0D3FEE1C2F1F3BD8A5A4F32F6F9 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
13:12:58.0660 0x0f40 BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
13:12:58.0926 0x0f40 Detect skipped due to KSN trusted
13:12:58.0926 0x0f40 BrMfcWnd - ok
13:12:58.0932 0x0f40 [ 8148563E8623EB5AC747297FAED928E0, 6278A17785EA8B2A333B556315012866354017F86D6B600EFFD1B9440EAE6749 ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
13:12:58.0946 0x0f40 ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
13:12:59.0214 0x0f40 Detect skipped due to KSN trusted
13:12:59.0214 0x0f40 ControlCenter3 - ok
13:12:59.0240 0x0f40 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
13:12:59.0279 0x0f40 PDFPrint - ok
13:12:59.0313 0x0f40 [ 92186E427B216F010C5886A618801CF7, D2B652C692A38B29CBF66B6264CE7EF9A155E968744DD642D519D240E83B5CC7 ] C:\Program Files (x86)\G DATA\USB KEYBOARD GUARD\GD2NDKBB.exe
13:12:59.0341 0x0f40 GDataUsbProtection - ok
13:12:59.0519 0x0f40 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:12:59.0690 0x0f40 OneDriveSetup - ok
13:12:59.0856 0x0f40 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
13:13:00.0012 0x0f40 OneDriveSetup - ok
13:13:00.0034 0x0f40 [ FD9A7F99A09DB266D0C1361B0ACCBD7E, 579160BDACDFE39AE5DDD7B5C2964453E89BA8D933F3FB16C6E3897EA3BDED29 ] C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe
13:13:00.0054 0x0f40 OneDrive - ok
13:13:00.0059 0x0f40 Waiting for KSN requests completion. In queue: 261
13:13:01.0172 0x0f40 AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
13:13:01.0176 0x0f40 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
13:13:01.0177 0x0f40 FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
13:13:01.0265 0x0f40 ============================================================
13:13:01.0265 0x0f40 Scan finished
13:13:01.0265 0x0f40 ============================================================
13:13:01.0294 0x2270 Detected object count: 1
13:13:01.0294 0x2270 Actual detected object count: 1
13:13:29.0359 0x2270 PGFNEXSrv ( UnsignedFile.Multi.Generic ) - skipped by user
13:13:29.0359 0x2270 PGFNEXSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
| Themen zu BadUSB - mein USB Stick gibt sich als Tatstaur aus. Habe ich nun Schadsoftware auf meinem Notebook? |
| besten, datei, erkannt, fenster, gekauft, hallo zusammen, infiziert, installiert, kis, laufwerk, manager, markt, media, meldung, meldungen, neu, notebook, phänomen, problem, stick, system, usb, usb stick, windows, wirklich |
Linear-Darstellung
