| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mails verschickt von eigenem Rechner - RAT?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
11.09.2018, 14:07
| #1 |
| |  Mails verschickt von eigenem Rechner - RAT? Hallo zusammen! Ich bekam heute eine Mail von meinem eigenen Rechner geschickt. Die Mail konnte ich im Postausgang finden. Da der Hoster ein Freund von mir ist, klärten wir im Vorfeld, von wo auf die Mail zugegriffen wurde und nur mein eigener Google Account hatte zu dieser Uhrzeit Zugriff (Verwalte Mailaccounts mit eigener Domain über Google). Dieser hat 2-Faktor Authentifizierung aktiv, war aber auf meinem Rechner offen. In der Mail stand etwas von RAT-Software sei bei mir installiert, AntiVir fand allerdings nix. Es wäre wirklich großartig, wenn mir hier jemand weiterhelfen könnte. Passwörter habe ich bereits geändert. Danke schonmal :-) Die Logs kommen in den nächsten Posts. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
durchgeführt von Chris (Administrator) auf INNERLICHELVIS (11-09-2018 15:00:40)
Gestartet von E:\Downloads
Geladene Profile: Chris (Verfügbare Profile: Chris)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Amazon Services LLC) C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(TechSmith Corporation) E:\Program Files (x86)\Snagit\Snagit32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Ulead Systems, Inc.) C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files\Gramblr\gramblr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files\Microvirt\MEmu\MemuService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(TechSmith Corporation) E:\Program Files (x86)\Snagit\SnagPriv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(TechSmith Corporation) E:\Program Files (x86)\Snagit\SnagitEditor.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(ESET spol. s r.o.) E:\Downloads\esetonlinescanner_deu.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) E:\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13764312 2014-10-23] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [316392 2018-05-11] (Adobe Systems, Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-05-22] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2018-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1871344 2018-06-29] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Ulead AutoDetector v2] => C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\monitor.exe [95504 2007-08-02] (Ulead Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6788032 2018-04-20] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Run: [GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1577816 2018-08-08] (Google Inc.)
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Run: [Dropbox Update] => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-09] (Dropbox, Inc.)
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [3207968 2018-08-29] (Valve Corporation)
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Run: [Amazon Music Helper] => C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music Helper.exe [3051448 2018-07-03] (Amazon Services LLC)
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Run: [Amazon Music] => C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music.exe [20116408 2018-07-03] (Amazon Services LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Canon LBP2900 状态窗口.lnk [2015-03-29]
ShortcutTarget: Canon LBP2900 状态窗口.lnk -> C:\Windows\System32\spool\drivers\x64\3\CNAB4LAD.EXE (CANON INC.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-03-17]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TSC_SI_13.lnk [2018-07-23]
ShortcutTarget: TSC_SI_13.lnk -> E:\Program Files (x86)\Snagit\Snagit32.exe (TechSmith Corporation)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-08-29]
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Twitch.lnk [2018-01-09]
ShortcutTarget: Twitch.lnk -> C:\Users\Chris\AppData\Roaming\Twitch\Bin\Twitch.exe (Twitch Interactive, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.44.1 0.0.0.0
Tcpip\..\Interfaces\{C6D0A526-F4CF-4024-9141-3A4BAEF07496}: [DhcpNameServer] 192.168.44.1 0.0.0.0
Tcpip\..\Interfaces\{D159A89C-4A1B-4566-9122-0C7631752B98}: [DhcpNameServer] 192.168.44.1 0.0.0.0
Internet Explorer:
==================
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.dell.com/
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_171\bin\ssv.dll [2018-08-23] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-08-23] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\g79H8NdV.default [2018-09-11]
FF Extension: (Avira Browserschutz) - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\g79H8NdV.default\Extensions\abs@avira.com.xpi [2018-05-31]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-02-22]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-08-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-08-23] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> c:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2215032524-1134360163-3996079730-1000: @zoom.us/ZoomVideoPlugin -> C:\Users\Chris\AppData\Roaming\Zoom\bin\npzoomplugin.dll [2018-05-25] (Zoom Video Communications, Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxps://news.google.de/","hxxp://www.google.de/"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default [2018-09-11]
CHR Extension: (Präsentationen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-09]
CHR Extension: (Symantec Authentication Client Extension) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahgdclgdhfeingghldkedleghekbfhef [2018-05-01]
CHR Extension: (Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-01-09]
CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (SEO META in 1 CLICK) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjogjfinolnhfhkbipphpdlldadpnmhc [2018-09-07]
CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Adblock Plus) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-09-11]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-07]
CHR Extension: (Google-Suche) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (Dropbox für Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpdmhfocilnekecfjgimjdeckachfbec [2018-05-01]
CHR Extension: (MozBar) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eakacpaijcpapndcfffdgphdiccmpknp [2018-08-28]
CHR Extension: (Adobe Acrobat) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-21]
CHR Extension: (comdirect Bonus-Radar) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\egjjgbegfbbgmmcofjeffbibhodkmajf [2018-07-13]
CHR Extension: (VR Viewer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagmjpknkfadjnehfkgkkbjnjpnnpcic [2018-08-12]
CHR Extension: (Tabellen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-09]
CHR Extension: (Avira Browserschutz) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-31]
CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Gantter Projektmanagement) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\himomacamcpodhkahelbnmaddladgjgo [2018-05-10]
CHR Extension: (Kill News Feed) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjobfcedfgohjkaieocljfcppjbkglfd [2018-08-26]
CHR Extension: (New Tab Redirect) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\icpgjfneehieebagbmdbhnlpiopdcmna [2018-05-01]
CHR Extension: (Hootsuite) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\kneloppijbcidgidihgdjnooihjcdbij [2015-03-17]
CHR Extension: (Toolkit for YNAB) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmhdkkhepllpnondndgpgclfjnlofgjl [2018-08-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-01-23]
CHR Extension: (Google Maps) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2018-05-01]
CHR Extension: (Boomerang for Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdanidgdpmkimeiiojknlnekblgmpdll [2018-05-01]
CHR Extension: (LINE) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\menkifleemblimdogmoihpfopnplikde [2018-05-01]
CHR Extension: (Pocket) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2018-09-08]
CHR Extension: (Save to Pocket) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2018-09-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-01]
CHR Extension: (Buffer) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\noojglkidnpfjbincgijbaiedldjfbhh [2018-05-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2018-09-04]
CHR Extension: (Google Mail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-10]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2321384 2018-05-11] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2128872 2018-05-11] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [895056 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [226000 2018-09-04] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1148568 2018-09-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244448 2014-10-28] (Foxit Software Inc.)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [14291536 2018-08-22] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 MEmusvc; C:\Program Files\Microvirt\MEmu\MemuService.exe [85296 2018-06-22] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892256 2018-04-20] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [3943664 2018-04-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [233712 2018-02-06] (Safer-Networking Ltd.)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-10] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [199920 2018-07-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [153040 2018-07-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-04-04] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495888 2013-04-23] (Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152184 2018-04-26] (Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [190696 2018-09-11] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [112864 2018-09-11] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [44768 2018-09-11] (Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-09-11] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [94328 2018-09-11] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
R2 memudrv; C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys [319304 2018-03-30] (Maiwei Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-10-01] (Synaptics Incorporated)
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-09-11 13:50 - 2018-09-11 13:50 - 000000000 ____D C:\Users\Chris\AppData\Local\ESET
2018-09-11 13:38 - 2018-09-11 13:39 - 000000000 ____D C:\AdwCleaner
2018-09-11 13:26 - 2018-09-11 14:51 - 000094328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-09-11 13:26 - 2018-09-11 13:40 - 000112864 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-09-11 13:26 - 2018-09-11 13:40 - 000044768 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-09-11 13:26 - 2018-09-11 13:26 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-09-11 13:26 - 2018-09-11 13:26 - 000190696 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2018-09-11 13:26 - 2018-09-11 13:26 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-09-11 13:26 - 2018-09-11 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-09-11 13:26 - 2018-09-11 13:26 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-09-11 13:26 - 2018-09-11 13:26 - 000000000 ____D C:\Program Files\Malwarebytes
2018-09-11 13:26 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-09-11 12:52 - 2018-09-11 15:00 - 000000000 ____D C:\FRST
2018-09-11 12:46 - 2018-09-11 12:46 - 000000000 ____D C:\Users\Chris\Desktop\HiJackThis
2018-09-11 12:42 - 2018-09-11 13:40 - 000000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-09-11 12:42 - 2018-09-11 13:25 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2018-09-11 12:42 - 2018-09-11 12:42 - 000001395 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2018-09-11 12:42 - 2018-09-11 12:42 - 000001383 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2018-09-11 12:42 - 2018-09-11 12:42 - 000000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2018-09-11 12:42 - 2018-09-11 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2018-09-11 12:42 - 2018-02-06 19:04 - 000032168 _____ (Safer-Networking Ltd.) C:\Windows\system32\sdnclean64.exe
2018-09-05 20:09 - 2018-09-05 20:09 - 007792288 _____ (Tim Kosse) C:\Users\Chris\Downloads\FileZilla_3.36.0_win64-setup.exe
2018-08-29 19:49 - 2018-08-29 19:49 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-08-29 06:58 - 2018-08-29 06:58 - 000000000 ____D C:\Users\Chris\AppData\Roaming\twitch-electron
2018-08-28 08:08 - 2018-08-28 08:08 - 000000053 _____ C:\Users\Chris\Desktop\googlef1203c1cb4db8e4a.html
2018-08-27 11:57 - 2018-08-27 11:57 - 000000594 _____ C:\Users\Chris\Desktop\functions2.php
2018-08-27 11:49 - 2018-08-27 11:54 - 000004800 _____ C:\Users\Chris\Desktop\style.css
2018-08-26 10:25 - 2018-08-26 10:25 - 000000000 ____D C:\Users\Chris\Desktop\Sicherheit Innerlich Elvis
2018-08-24 07:43 - 2018-08-24 07:43 - 000000000 _____ C:\Users\Chris\Desktop\Neues Textdokument (6).txt
2018-08-23 07:26 - 2018-08-23 07:26 - 000111048 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2018-08-23 07:26 - 2018-08-23 07:26 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Sun
2018-08-23 07:26 - 2018-08-23 07:26 - 000000000 ____D C:\Users\Chris\AppData\LocalLow\Sun
2018-08-23 07:26 - 2018-08-23 07:26 - 000000000 ____D C:\ProgramData\Oracle
2018-08-23 07:26 - 2018-08-23 07:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-08-23 07:26 - 2018-08-23 07:26 - 000000000 ____D C:\Program Files\Java
2018-08-17 18:44 - 2018-08-17 18:44 - 000000000 ____D C:\Program Files (x86)\FFmpeg for Audacity
2018-08-17 18:08 - 2018-08-17 18:08 - 000000000 ____D C:\Users\Chris\Desktop\freac-1.0.31a-bin
2018-08-17 18:06 - 2018-08-17 18:06 - 000001241 _____ C:\Users\Chris\Desktop\AVS Audio Converter.lnk
2018-08-17 18:06 - 2018-08-17 18:06 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2018-08-17 18:06 - 2018-08-17 18:06 - 000000000 ____D C:\Users\Chris\AppData\Roaming\AVS4YOU
2018-08-17 18:06 - 2018-08-17 18:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2018-08-17 18:06 - 2018-08-17 18:06 - 000000000 ____D C:\ProgramData\AVS4YOU
2018-08-17 18:06 - 2018-08-17 18:06 - 000000000 ____D C:\Program Files (x86)\AVS4YOU
2018-08-17 18:06 - 2010-05-11 13:17 - 001700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2018-08-17 18:06 - 2010-05-11 13:17 - 000024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2018-08-17 17:11 - 2018-08-18 12:20 - 000000000 ____D C:\Users\Chris\Desktop\Freie Wildbahn eV Interview
2018-08-15 09:47 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 09:47 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 09:47 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-15 09:47 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-15 09:47 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-15 09:47 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-15 09:47 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 09:47 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 09:47 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-15 09:47 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-15 09:47 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-15 09:47 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-15 09:47 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-15 09:47 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-15 09:47 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-15 09:47 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 09:47 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-15 09:47 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 09:47 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-15 09:47 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-15 09:47 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-15 09:47 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-15 09:47 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-15 09:47 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-15 09:47 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-15 09:47 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-15 09:47 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-15 09:47 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-15 09:47 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-15 09:47 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-15 09:47 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-15 09:47 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-15 09:47 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-15 09:47 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-15 09:47 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-15 09:47 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-15 09:47 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-15 09:47 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 09:47 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 09:47 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-15 09:47 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 09:47 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 09:47 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-15 09:47 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-15 09:47 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 09:47 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-15 09:47 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 09:47 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 09:47 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-15 09:47 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-15 09:47 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 09:47 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-15 09:47 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-15 09:47 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 09:47 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 09:47 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 09:47 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-15 09:47 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-15 09:47 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 09:47 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-15 09:47 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 09:47 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-15 09:47 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 09:47 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 09:47 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-15 09:47 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-15 09:47 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-15 09:47 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-15 09:47 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 09:47 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-15 09:47 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 09:47 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-15 09:47 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-15 09:47 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-15 09:47 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-15 09:47 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-15 09:47 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-15 09:47 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-15 09:47 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 09:47 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-15 09:47 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 09:47 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 09:47 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 09:47 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-15 09:47 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 09:47 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 09:47 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 09:47 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-15 09:47 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-15 09:47 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-15 09:47 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-15 09:47 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-15 09:47 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-15 09:47 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-15 09:47 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-15 09:47 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 09:47 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 09:47 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 09:47 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 09:47 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 09:47 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 09:47 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-15 09:47 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 09:47 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 09:47 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 09:47 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 09:47 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 09:47 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 09:47 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-15 09:47 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 09:47 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-15 09:47 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 09:47 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 09:47 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-15 09:47 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-15 09:47 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-15 09:47 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-15 09:47 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 09:47 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-15 09:47 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 09:47 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-15 09:47 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-15 09:47 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 09:47 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 09:47 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-15 09:47 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-15 09:47 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-15 09:47 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-15 09:47 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-15 09:47 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-15 09:47 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-15 09:47 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-15 09:47 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-15 09:47 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-15 09:47 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-15 09:47 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-15 09:47 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 09:47 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-15 09:47 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 09:47 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-15 09:47 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 09:47 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-15 09:47 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 09:47 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 09:47 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-15 09:47 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-15 09:47 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 09:47 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 09:47 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 09:47 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-15 09:47 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-12 14:37 - 2018-08-12 14:37 - 000000000 ____D C:\vr
2018-08-12 14:11 - 2018-08-12 14:11 - 000000000 ____D C:\Users\Chris\AppData\LocalLow\Valve
2018-08-12 13:57 - 2018-08-12 13:57 - 000000000 ____D C:\temp
2018-08-12 13:55 - 2018-08-12 13:55 - 000000000 ____D C:\Users\Chris\AppData\Local\SteamVR
2018-08-12 13:49 - 2018-08-12 13:49 - 000000000 ____D C:\Users\Chris\Documents\steamvr
2018-08-12 13:39 - 2018-08-12 13:39 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01009.Wdf
2018-08-12 13:37 - 2018-08-12 13:37 - 000000000 ____D C:\Users\Chris\AppData\Local\openvr
2018-08-12 13:30 - 2018-08-12 13:30 - 000000222 _____ C:\Users\Chris\Desktop\SteamVR.url
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2018-09-11 15:00 - 2018-05-28 21:12 - 000000000 ____D C:\ProgramData\Gramblr
2018-09-11 14:50 - 2017-11-30 13:00 - 000003316 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-11 14:08 - 2015-06-19 20:36 - 000001224 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000UA.job
2018-09-11 13:49 - 2018-01-09 09:43 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Twitch
2018-09-11 13:48 - 2009-07-14 06:45 - 000025872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-11 13:48 - 2009-07-14 06:45 - 000025872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-11 13:46 - 2015-03-17 21:08 - 000699092 _____ C:\Windows\system32\perfh007.dat
2018-09-11 13:46 - 2015-03-17 21:08 - 000149232 _____ C:\Windows\system32\perfc007.dat
2018-09-11 13:46 - 2009-07-14 07:13 - 001619284 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-11 13:46 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-09-11 13:40 - 2015-03-17 14:57 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-11 13:40 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-11 13:25 - 2018-01-09 09:35 - 000000000 ____D C:\Users\Chris\AppData\Local\Battle.net
2018-09-11 13:08 - 2015-06-19 20:36 - 000001172 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000Core.job
2018-09-11 12:46 - 2015-12-25 03:13 - 000000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2018-09-11 02:00 - 2015-03-17 16:48 - 000000000 ____D C:\Users\Chris\AppData\Local\Adobe
2018-09-08 07:50 - 2016-10-25 19:35 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2018-09-07 18:30 - 2015-03-17 15:46 - 000000000 ____D C:\Users\Chris\AppData\Local\Spotify
2018-09-07 18:21 - 2015-03-17 15:35 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Spotify
2018-09-07 08:33 - 2015-12-19 21:35 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-09-07 08:31 - 2015-12-21 19:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\FileZilla
2018-09-06 17:49 - 2015-03-17 15:26 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Audacity
2018-09-06 08:09 - 2015-03-17 12:12 - 000000000 ____D C:\Users\Chris
2018-09-04 18:50 - 2018-01-09 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-08-30 16:18 - 2015-03-17 14:39 - 000000000 ____D C:\ProgramData\Package Cache
2018-08-29 19:49 - 2015-03-22 17:51 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox
2018-08-27 20:23 - 2016-06-12 13:41 - 000000691 _____ C:\Users\Chris\Desktop\.htaccess
2018-08-27 11:48 - 2018-05-30 13:30 - 000000000 ____D C:\Users\Chris\AppData\Local\FileZilla
2018-08-22 13:03 - 2015-06-19 20:36 - 000004194 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000UA
2018-08-22 13:03 - 2015-06-19 20:36 - 000003798 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000Core
2018-08-22 04:04 - 2018-05-28 21:17 - 000000000 ____D C:\Program Files\Gramblr
2018-08-20 09:12 - 2018-07-23 16:33 - 000000000 ____D C:\Users\Chris\Documents\Camtasia Studio
2018-08-19 00:56 - 2015-12-19 21:37 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2018-08-19 00:50 - 2015-03-17 16:22 - 000000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2018-08-17 18:54 - 2015-10-27 20:10 - 000000000 ____D C:\Users\Chris\Documents\Cubase LE AI Elements Projects
2018-08-16 03:44 - 2018-07-20 03:55 - 000000000 ____D C:\Windows\rescache
2018-08-16 03:19 - 2009-07-14 06:45 - 005037224 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-16 03:01 - 2018-01-09 10:20 - 001592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-16 01:45 - 2018-06-29 07:11 - 000002504 _____ C:\Users\Chris\Desktop\Hearthstone Deck Tracker.lnk
2018-08-16 01:45 - 2018-06-29 07:11 - 000000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2018-08-16 01:45 - 2018-06-29 07:11 - 000000000 ____D C:\Users\Chris\AppData\Local\HearthstoneDeckTracker
2018-08-16 01:45 - 2018-05-01 21:30 - 000000000 ____D C:\Users\Chris\AppData\Local\SquirrelTemp
2018-08-15 10:00 - 2018-01-09 09:37 - 000000699 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2018-08-14 22:15 - 2015-04-30 19:12 - 000002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-08-14 15:14 - 2018-05-13 10:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-02-26 21:14 - 2016-11-03 21:11 - 000000034 _____ () C:\Users\Chris\AppData\Roaming\AdobeWLCMCache.dat
2015-07-01 20:17 - 2016-03-05 14:32 - 000001456 _____ () C:\Users\Chris\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-06-12 13:19 - 2018-05-30 13:30 - 000000600 _____ () C:\Users\Chris\AppData\Local\PUTTY.RND
Einige Dateien in TEMP:
====================
2015-03-17 14:51 - 2018-09-11 12:45 - 000000000 ____D () C:\Users\Chris\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2018-09-05 08:38
==================== Ende von FRST.txt ============================
Geändert von Schwarzwo (11.09.2018 um 14:26 Uhr) |
|
11.09.2018, 14:08
| #2 |
| | Mails verschickt von eigenem Rechner - RAT? Addition.txt:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23.08.2018
durchgeführt von Chris (11-09-2018 15:01:05)
Gestartet von E:\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-03-17 10:12:50)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2215032524-1134360163-3996079730-500 - Administrator - Disabled)
Chris (S-1-5-21-2215032524-1134360163-3996079730-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-2215032524-1134360163-3996079730-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2215032524-1134360163-3996079730-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Spybot - Search and Destroy (Enabled - Up to date) {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Ableton Live 9 Standard (HKLM-x32\...\{AAD72040-1FF4-4DBC-95DB-E6456C321330}) (Version: 9.0.0.0 - Ableton)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe After Effects CC 2015 (HKLM-x32\...\{147EC100-14BE-45EF-AB42-35BAEE7D02F0}) (Version: 13.5.0 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Amazon Amazon Music) (Version: 6.7.1.1366 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
AVS Audio Converter 8.4.3 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.4.3.580 - Online Media Technologies Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Camtasia 9 (HKLM\...\{33E08945-3D7B-40BB-B34F-1A3C8B9650DE}) (Version: 9.1.2.3011 - TechSmith Corporation) Hidden
Camtasia 9 (HKLM-x32\...\{34ab05ac-3089-417f-828e-c2da3d5b4e09}) (Version: 9.1.2.3011 - TechSmith Corporation)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Discord (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Discord) (Version: 0.0.301 - Discord Inc.)
Dropbox (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Dropbox) (Version: 56.4.94 - Dropbox, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.8.5.1157 - Steinberg Media Technologies GmbH)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
FFmpeg (Windows) for Audacity Version 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FileZilla Client 3.35.1 (HKLM-x32\...\FileZilla Client) (Version: 3.35.1 - Tim Kosse)
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 2.3.25.1124 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.0.8.1216 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Drive (HKLM-x32\...\{A8DC81F2-D365-4248-892A-FA3B5951F731}) (Version: 2.34.9392.7803 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.149 - Gramblr Team)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hearthstone Deck Tracker (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\HearthstoneDeckTracker) (Version: 1.7.5 - HearthSim)
Intel(R) Network Connections 18.1.59.0 (HKLM\...\PROSetDX) (Version: 18.1.59.0 - Intel)
iTunes (HKLM\...\{CF713F23-4866-4A5D-91CC-A5F42111C82A}) (Version: 12.7.5.9 - Apple Inc.)
Java 8 Update 171 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malwarebytes Version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MEmu (HKLM-x32\...\MEmu) (Version: 5.5.2.0 - Microvirt Software Technology Co. Ltd)
Microsoft .NET Framework 4.7.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 de) (HKLM\...\Mozilla Firefox 61.0.1 (x64 de)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.3 - Mozilla)
Mp3tag v2.88 (HKLM-x32\...\Mp3tag) (Version: 2.88 - Florian Heidenreich)
Native Instruments Abbey Road 60s Drummer (HKLM-x32\...\Native Instruments Abbey Road 60s Drummer) (Version: 1.1.0.2 - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version: 5.2.0.1277 - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.2.2354 - Native Instruments)
Native Instruments Battery 4 Factory Library (HKLM-x32\...\Native Instruments Battery 4 Factory Library) (Version: 1.1.0.1 - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version: 1.3.0.3 - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version: 1.3.0.1244 - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.0.2770 - Native Instruments)
Native Instruments Guitar Rig Pro Library for Maschine (HKLM-x32\...\Native Instruments Guitar Rig Pro Library for Maschine) (Version: 1.0.0.2 - Native Instruments)
Native Instruments Komplete 9 (HKLM-x32\...\Native Instruments Komplete 9) (Version: - Native Instruments)
Native Instruments Kontakt 5 (HKLM-x32\...\Native Instruments Kontakt 5) (Version: 5.3.0.6464 - Native Instruments)
Native Instruments Kontakt Factory Library (HKLM-x32\...\Native Instruments Kontakt Factory Library) (Version: 1.1.0.5 - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version: 1.4.0.292 - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version: 1.1.0.8 - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version: 1.3.0.3 - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version: 2.0.0.4 - Native Instruments)
Native Instruments Rammfire for Maschine (HKLM-x32\...\Native Instruments Rammfire for Maschine) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version: 1.4.0.10 - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version: 1.3.0.6 - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Reflektor for Maschine (HKLM-x32\...\Native Instruments Reflektor for Maschine) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Retro Machines Mk2 (HKLM-x32\...\Native Instruments Retro Machines Mk2) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version: 1.2.0.4 - Native Instruments)
Native Instruments Scarbee Vintage Keys (HKLM-x32\...\Native Instruments Scarbee Vintage Keys) (Version: 1.2.0.3 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.5.2.1549 - Native Instruments)
Native Instruments Session Strings (HKLM-x32\...\Native Instruments Session Strings) (Version: 1.2.0.1 - Native Instruments)
Native Instruments Solid Bus Comp FX (HKLM-x32\...\Native Instruments Solid Bus Comp FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid Dynamics FX (HKLM-x32\...\Native Instruments Solid Dynamics FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Solid EQ FX (HKLM-x32\...\Native Instruments Solid EQ FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version: 1.2.0.3 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version: 1.3.0.12 - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version: 1.0.0.3 - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version: 2.0.0.6 - Native Instruments)
Native Instruments Traktors 12 for Maschine (HKLM-x32\...\Native Instruments Traktors 12 for Maschine) (Version: 1.0.0.1 - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version: 1.1.1.427 - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version: 1.3.0.2 - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version: 1.2.0.1 - Native Instruments)
Native Instruments West Africa (HKLM-x32\...\Native Instruments West Africa) (Version: 1.1.0.5 - Native Instruments)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PhotoImpact X3 (HKLM-x32\...\{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7368 - Realtek Semiconductor Corp.)
ReaPlugs/x64 (HKLM\...\ReaPlugs) (Version: - )
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Snagit 13 (HKLM-x32\...\{1d357fbd-f0e5-44e4-915b-463b419177c9}) (Version: 13.1.5.8014 - TechSmith Corporation)
Snagit 13 (HKLM-x32\...\{6B4ED247-7A7C-499D-8942-79F88F592B57}) (Version: 13.1.5 - TechSmith Corporation) Hidden
Spotify (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\Spotify) (Version: 1.0.88.353.g15c26ea1 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.7.64.0 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steinberg Cubase LE AI Elements 7 64bit (HKLM\...\{67E7C608-D0EA-4273-B374-50ABE42FBE08}) (Version: 7.0.80 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion 4 64bit (HKLM\...\{81B8B5A4-8CDE-4D85-8F1D-940FCCDCDF5C}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.6.3 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
TreeSize Free V3.4 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4 - JAM Software)
TrinusPSVR version 0.9.8 (HKLM-x32\...\{C529A614-8359-4B1C-9FC1-A2C4279971C3}_is1) (Version: 0.9.8 - Odd Sheep SL.)
Twitch (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Twitch Interactive, Inc.)
Twitch (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 7.0.0.0 - Twitch Interactive, Inc.)
Ulead PhotoImpact X3 (HKLM-x32\...\InstallShield_{15803703-25FA-4C01-A062-3F4A59937E87}) (Version: 13.0 - Corel)
VC_CRT_x64 (HKLM\...\{54F2237F-018C-483B-8884-9FC0D88840C3}) (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WD My Cloud (HKLM\...\{4B86F896-11DC-4711-BB60-81104832FA44}) (Version: 1.0.7.17 - Western Digital Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Canon Printer (10/21/2012 3.30.0.0) (HKLM\...\3CAF81BDBF7F51CACBC61C6F8E9406F3BF3583DE) (Version: 10/21/2012 3.30.0.0 - Canon)
Windows-Treiberpaket - Intel (MEIx64) System (03/13/2014 10.0.0.1204) (HKLM\...\4C4490E439E681929925768307BC0BACF6D17ADF) (Version: 03/13/2014 10.0.0.1204 - Intel)
Windows-Treiberpaket - Intel(R) Corporation (iusb3hub) USB (11/18/2013 2.5.3.34) (HKLM\...\4E8C8DBA8301D10ACF33789F431194584F21BED4) (Version: 11/18/2013 2.5.3.34 - Intel(R) Corporation)
Windows-Treiberpaket - Intel(R) Corporation (iusb3xhc) USB (11/18/2013 2.5.3.34) (HKLM\...\CC4AECFEEE20A41C35EC7484E7F0AF5D6412A77C) (Version: 11/18/2013 2.5.3.34 - Intel(R) Corporation)
Windows-Treiberpaket - Microsoft PS VR Control (Interface 5) (02/22/2013 6.1.7600.16385) (HKLM\...\7664041C62AE68D4B2EB4627167336BB2D4D7C46) (Version: 02/22/2013 6.1.7600.16385 - Microsoft)
Windows-Treiberpaket - NVIDIA (nvlddmkm) Display (02/05/2015 9.18.13.4752) (HKLM\...\063BF72F2B328FBB9E7493E1352029EEB3340D8F) (Version: 02/05/2015 9.18.13.4752 - NVIDIA)
Windows-Treiberpaket - NVIDIA (nvlddmkm) Display (02/05/2015 9.18.13.4752) (HKLM\...\C0CF9E1C366F3CBA736BFFBACB78A6C85A031B36) (Version: 02/05/2015 9.18.13.4752 - NVIDIA)
Windows-Treiberpaket - NVIDIA Corporation (NVHDA) MEDIA (10/09/2014 1.3.33.0) (HKLM\...\5CAC24061CB58B38D76A156A00100626DEABE8CC) (Version: 10/09/2014 1.3.33.0 - NVIDIA Corporation)
Windows-Treiberpaket - Realtek (RSUSBSTOR) USB (01/03/2014 6.3.9600.30174) (HKLM\...\9A1617D5AEFCCB6C90EDE2694757EE94A44992C7) (Version: 01/03/2014 6.3.9600.30174 - Realtek)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (10/21/2014 6.0.1.7368) (HKLM\...\279B2D715388F150AE808A92A703F1ACFF759160) (Version: 10/21/2014 6.0.1.7368 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Realtek Semiconductor Corp. HD Audio Driver (10/21/2014 6.0.1.7368) (HKLM\...\A889BD92A196BA7ABE6B752808DD50323C8C6D2A) (Version: 10/21/2014 6.0.1.7368 - Realtek Semiconductor Corp.)
Windows-Treiberpaket - Steinberg Media Technologies GmbH (synusb64) USB (06/26/2009 7.0.3.0) (HKLM\...\572D6DAF4BFEE144319668FC8891F59BD0E9305C) (Version: 06/26/2009 7.0.3.0 - Steinberg Media Technologies GmbH)
Windows-Treiberpaket - Synaptics (SmbDrv) System (10/01/2014 18.1.22.5) (HKLM\...\BE62DCFE5B7E28A74DDEE9BDD598B9DF4CC596F1) (Version: 10/01/2014 18.1.22.5 - Synaptics)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Zoom (HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\...\ZoomUMX) (Version: 4.1 - Zoom Video Communications, Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2215032524-1134360163-3996079730-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-04-23] (Google)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2014-11-18] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-29] (Florian Heidenreich)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => E:\Program Files (x86)\Snagit\DLLx64\SnagitShellExt64.dll [2017-11-03] (TechSmith Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-29] (Florian Heidenreich)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-04-23] (Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-05-29] (Florian Heidenreich)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => E:\Program Files (x86)\Snagit\DLLx64\SnagitShellExt64.dll [2017-11-03] (TechSmith Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-05] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2018-03-23] (Safer-Networking Ltd.)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-09-04] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-20] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2215032524-1134360163-3996079730-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers4_S-1-5-21-2215032524-1134360163-3996079730-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
ContextMenuHandlers5_S-1-5-21-2215032524-1134360163-3996079730-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Users\Chris\AppData\Roaming\Dropbox\bin\DropboxExt64.23.0.dll [2018-08-28] (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {205C23FC-6FAA-4BCC-A30D-5642AB60F989} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {3679BCA6-6DAF-45AB-BAC9-4D3AC1C905CE} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000Core => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {3B61EFF6-A54A-486B-998D-F492B008513C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {48B61C5A-3EC0-4861-8C33-00D4781D96EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-17] (Google Inc.)
Task: {7CBAA8B8-A801-4167-AACE-A2385E7711AC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {B37FF2B9-75CC-4A86-AE16-4364E409AF21} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000UA => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {BD0287A9-8C70-4022-B5D3-CEA1D69E23EB} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2018-09-04] (Avira Operations GmbH & Co. KG)
Task: {C009CA70-0F4B-417C-B898-BAAA0D5F8A6A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {CF27D3EF-164B-4323-ADD7-B85FCC9D5924} - System32\Tasks\AdobeAAMUpdater-1.0-INNERLICHELVIS-Chris => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {EAEBA43D-4C3E-4E2C-AA96-8BFF8396BD19} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2018-04-20] (Safer-Networking Ltd.)
Task: {F348E17A-E786-49C8-96B9-C1AF0F20610C} - System32\Tasks\AdobeGCInvoker-1.0-INNERLICHELVIS-Chris => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-05-11] (Adobe Systems, Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000Core.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2215032524-1134360163-3996079730-1000UA.job => C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-17 14:57 - 2015-02-05 21:07 - 000117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-04-11 09:26 - 2011-04-11 07:26 - 000034304 _____ () C:\Windows\System32\spe__l.dll
2016-01-22 14:55 - 2016-01-22 14:55 - 000553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2018-07-23 13:42 - 2018-07-23 13:42 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-05-22 22:08 - 2018-05-22 22:08 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-05-22 22:09 - 2018-05-22 22:09 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-08-10 00:16 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 00:16 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2015-03-17 14:25 - 2013-11-22 20:34 - 008266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2018-05-15 18:58 - 2018-05-15 18:58 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-05-15 18:59 - 2018-05-15 18:59 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2018-08-03 16:47 - 2018-08-22 04:04 - 014291536 _____ () C:\Program Files\Gramblr\gramblr.exe
2016-01-22 14:54 - 2016-01-22 14:54 - 031420080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2018-07-05 09:24 - 2018-06-22 12:27 - 000085296 _____ () C:\Program Files\Microvirt\MEmu\MemuService.exe
2015-03-17 14:25 - 2013-11-11 16:10 - 000307928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2018-09-11 13:26 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-09-11 13:26 - 2018-04-30 12:54 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-03-17 14:25 - 2013-11-01 18:31 - 000278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2016-01-28 13:32 - 2016-01-28 13:32 - 040523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2017-10-19 13:55 - 2017-10-19 13:55 - 001651200 _____ () E:\Program Files (x86)\Snagit\cairo.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 000205312 _____ () E:\Program Files (x86)\Snagit\libpng16.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 000074240 _____ () E:\Program Files (x86)\Snagit\zlib1.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 000657920 _____ () E:\Program Files (x86)\Snagit\fontconfig.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 001023488 _____ () E:\Program Files (x86)\Snagit\libxml2.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 000042496 _____ () E:\Program Files (x86)\Snagit\iconv.dll
2017-10-19 13:55 - 2017-10-19 13:55 - 000868864 _____ () E:\Program Files (x86)\Snagit\harfbuzz-vs14.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 000800768 _____ () E:\Program Files (x86)\Snagit\opencv_photo310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 020629504 _____ () E:\Program Files (x86)\Snagit\opencv_imgproc310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 008968192 _____ () E:\Program Files (x86)\Snagit\opencv_core310.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 008968192 _____ () E:\Program Files (x86)\Snagit\opencv_core300.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 020629504 _____ () E:\Program Files (x86)\Snagit\opencv_imgproc300.dll
2018-05-09 09:37 - 2007-08-02 21:07 - 000034064 _____ () C:\Program Files (x86)\Common Files\Ulead Systems\AutoDetector\DetMethod.dll
2018-08-29 19:49 - 2018-08-28 13:53 - 001111880 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2018-08-29 19:49 - 2018-08-28 13:53 - 002247496 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_crashpad.dll
2018-05-09 07:05 - 2018-08-28 13:58 - 000023888 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\tornado.speedups.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000025456 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000142824 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\_cffi_backend.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 001958760 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000025960 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:53 - 000118232 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pywintypes35.dll
2018-05-09 07:05 - 2018-08-28 13:53 - 000109024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32api.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000027616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32event.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000049128 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32process.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000074584 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000083784 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\fastpath.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:53 - 000418776 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\pythoncom35.dll
2018-08-29 19:49 - 2018-08-28 13:53 - 000023520 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\mmapfile.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000131552 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32file.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000119272 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32security.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000401240 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32com.shell.shell.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000034664 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000026600 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32clipboard.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000182752 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32gui.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000027616 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32pipe.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000028640 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32job.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:55 - 000025944 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000053736 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32service.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000065504 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32evtlog.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:59 - 000059744 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winshell.compiled._winshell.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:59 - 000028520 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000068968 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000027488 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-08-01 21:25 - 2018-08-28 13:59 - 000033632 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winreindex.compiled._winreindex.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 003822416 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000090560 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\sip.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 001779024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 001929552 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000032736 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32ts.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000156504 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000519504 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000052056 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000044888 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000132944 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000218456 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000205656 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000061408 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32print.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:59 - 000051552 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000027624 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\win32profile.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000027496 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000025960 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:58 - 000025448 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:59 - 000024032 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000031600 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:53 - 000494048 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winxpgui.cp35-win32.pyd
2018-05-09 07:05 - 2018-08-28 13:59 - 000029040 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000029024 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:53 - 000036312 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\librsync.dll
2018-05-09 07:05 - 2018-08-28 13:58 - 000025960 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000441672 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2018-05-09 07:05 - 2018-08-28 13:58 - 000035680 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:56 - 000025920 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libEGL.DLL
2018-08-29 19:49 - 2018-08-28 13:56 - 001592128 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2018-05-09 07:05 - 2018-08-28 13:59 - 000029544 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000531280 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000354128 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.cp35-win32.pyd
2018-08-29 19:49 - 2018-08-28 13:57 - 000037200 _____ () C:\Users\Chris\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngine.cp35-win32.pyd
2016-01-28 13:32 - 2016-01-28 13:32 - 001365696 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2016-01-28 13:32 - 2016-01-28 13:32 - 000219328 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2018-08-10 08:11 - 2018-08-10 08:11 - 001204472 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\crypto-42.dll
2018-08-10 08:11 - 2018-08-10 08:11 - 000243352 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\ssl-44.dll
2018-07-05 09:24 - 2018-05-31 05:01 - 000128552 _____ () C:\Program Files\Microvirt\MEmu\libgcc_s_dw2-1.dll
2015-03-17 14:25 - 2013-10-30 20:06 - 000380928 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2016-01-21 01:22 - 2016-01-21 01:22 - 000124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2016-01-21 01:22 - 2016-01-21 01:22 - 000188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2016-01-21 01:23 - 2016-01-21 01:23 - 000121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2016-01-21 01:23 - 2016-01-21 01:23 - 000129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2016-02-12 11:24 - 2016-02-12 11:24 - 000089280 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin7.dll
2016-01-21 01:22 - 2016-01-21 01:22 - 000081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Chris\Desktop\Battery Presets:com.dropbox.attributes [168]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2215032524-1134360163-3996079730-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.44.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{3BABFB96-5E71-4E90-8499-62111D15398C}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{15ABA3C8-2C65-4204-BC4A-0D133A8138A5}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3D02EA72-E510-4BB1-95CE-DEAEE9E8EAFA}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{16F7BF35-C7D3-4B21-8D5C-A5B19FE949D2}] => (Allow) C:\Users\Chris\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9C85289E-49DB-4DEB-81B3-938A2AA5A2EE}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{EBDCF7F0-F16B-4678-83CD-6E26BC371399}C:\users\chris\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\chris\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{0A17EB77-50F1-4CE1-902F-B49895B67E44}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D70F6C70-CEE3-44CE-B668-41AC5417F3B0}C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\chris\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{BB2BA5D0-EC47-44EC-8238-31F8AE211F88}E:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) E:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [UDP Query User{B81823DA-0BFF-4B8E-BA92-3B2A0C962778}E:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe] => (Allow) E:\program files\steinberg\cubase le ai elements 7\cubase le ai elements 7.exe
FirewallRules: [TCP Query User{E64A121C-3698-4D8B-B58B-453FB77A1EF6}E:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) E:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{89A38EA5-CF6B-4F5F-9DB2-31F73125A330}E:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe] => (Allow) E:\program files\steinberg\cubase le ai elements 7\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{9B482E6B-AB96-4149-AF88-2D1A5ADA429C}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{961E6909-CBC8-4568-A0D4-B13CEAB4A821}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{FB5A6611-C8D9-466E-9650-3C1C638A7414}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7DF217BB-FFFF-4EF1-BAD9-19D50BB41B83}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9A00B2FA-57BE-4FA3-86A5-72F59B734F6E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{CCAD3827-29B6-4217-B835-74C1D6D24606}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{1A9869D9-3B4E-441D-ACE6-D9023D5831E3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{43DF03CB-72C0-4448-9EC2-BFC24EC122FA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{56CD8ED8-8134-4B45-96FB-08CC4C223A5F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B8CE3A5C-DA80-48B0-A78B-40F41E17DAE5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{164C2C5E-9CBC-4B8D-9DD5-7FD6157C77FB}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1FBFC033-927C-4A06-9A81-BF471B4ABA0D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5E0BA8BE-8FF7-4931-A993-873409BD7A06}] => (Allow) LPort=2869
FirewallRules: [{7647036D-C1C8-46F0-90E1-CF71AA5DCC8C}] => (Allow) LPort=1900
FirewallRules: [{8C53F39D-7C4B-4C5E-9593-CB01C8D985AB}] => (Allow) LPort=8318
FirewallRules: [{CBB1D561-0177-440B-936F-564A7E50F042}] => (Allow) LPort=8298
FirewallRules: [{AC1F128E-E73F-466E-AF39-29D091BC5929}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D81C890E-3F18-40B5-B0A1-E5B48CA4D0A2}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8C9B2CFB-98F9-4596-B686-9B0936731462}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{1F074818-135D-439F-8F01-070DD420902E}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{3BFA6779-62A6-4045-8D63-EBEA821A9B55}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\VoiceBot\VoiceBotLauncher.exe
FirewallRules: [{CF6D20D2-57C7-474E-82C0-C2B6C87CF09C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\VoiceBot\VoiceBotLauncher.exe
FirewallRules: [{35B7CC53-0879-4A64-9643-7FD033276547}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [{03E0FE0A-F29C-4259-86E2-53FECD4BB0D1}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\DisplayFusion\DisplayFusionLauncher.exe
FirewallRules: [TCP Query User{538C4E73-CD5C-4BCD-B02F-330DD382D732}C:\users\chris\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\chris\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{FD63B13F-5370-41A4-BBAE-FBECDF246BB3}C:\users\chris\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\chris\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{86B15579-D594-46AA-B90E-7A84D7EA71E7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{041B7870-F572-44AD-8323-6E17C3C47962}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{BAFB5136-BEBB-4669-B25F-BA1FD6EA994C}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\bin\win32\vrstartup.exe
FirewallRules: [{A17EA8E3-83EA-4E10-A6E0-12947B9FCF40}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{3E618037-FC60-4A29-8D7B-888B62A8D8CF}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtours.exe
FirewallRules: [{1A58D3CB-860F-46DF-A941-D5B9F086EEEE}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [{C74F1C9C-ECE1-4D62-902D-4EAF8CBB34B5}] => (Allow) E:\Program Files (x86)\Steam\steamapps\common\SteamVR\tools\steamvr_environments\game\bin\win64\steamtourscfg.exe
FirewallRules: [TCP Query User{34ABFFA7-4116-4676-A2F3-D2169224BD9D}E:\world of warcraft\world of warcraft\utils\wowvoiceproxy.exe] => (Block) E:\world of warcraft\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [UDP Query User{973A7755-5763-49C9-9C83-7DBD511DB787}E:\world of warcraft\world of warcraft\utils\wowvoiceproxy.exe] => (Block) E:\world of warcraft\world of warcraft\utils\wowvoiceproxy.exe
FirewallRules: [{1710F097-BE03-4F2C-AC32-10C34DE7AD8C}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{17F5AC0E-E627-4C29-9DFC-FFC1D2C0B66D}] => (Allow) E:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{3337452B-56A6-4E5D-9EE9-1D1A52F23BE5}C:\users\chris\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\chris\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{560C9986-AEA7-42A8-90C1-4F186A32F0B3}C:\users\chris\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\chris\appdata\local\amazon music\amazon music helper.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: NETGEAR WNA3100 N300 Wireless USB Adapter
Description: NETGEAR WNA3100 N300 Wireless USB Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Netgear
Service: BCMH43XX
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/11/2018 01:40:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/11/2018 01:32:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Ereignisfilter mit Abfrage "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
Error: (09/11/2018 12:46:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: HiJackThis_v2.8.0.4.exe, Version: 2.8.0.4, Zeitstempel: 0x5a78ace1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.24214, Zeitstempel: 0x5b626f7c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00032a53
ID des fehlerhaften Prozesses: 0x258c
Startzeit der fehlerhaften Anwendung: 0x01d449bcb6cb88f5
Pfad der fehlerhaften Anwendung: C:\Users\Chris\AppData\Local\Temp\DMR\Downloads\152e221a8bef8d2d13c58f995563a1a1\7b4e384f5b096b9656fee276ba88bb81\HiJackThis_v2.8.0.4.exe
Pfad des fehlerhaften Moduls: C:\Windows\SysWOW64\ntdll.dll
Berichtskennung: f8030535-b5af-11e8-bb57-d8cb8a12f818
Error: (09/11/2018 06:32:38 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Name des fehlerhaften Moduls: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000038c9e0
ID des fehlerhaften Prozesses: 0x2350
Startzeit der fehlerhaften Anwendung: 0x01d448f226a6a240
Pfad der fehlerhaften Anwendung: C:\Program Files\Gramblr\gramblr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Gramblr\gramblr.exe
Berichtskennung: b5e5d866-b57b-11e8-bb57-d8cb8a12f818
Error: (09/10/2018 12:36:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Name des fehlerhaften Moduls: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000038c9e0
ID des fehlerhaften Prozesses: 0x2dc8
Startzeit der fehlerhaften Anwendung: 0x01d448efe3e2a447
Pfad der fehlerhaften Anwendung: C:\Program Files\Gramblr\gramblr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Gramblr\gramblr.exe
Berichtskennung: 63f27dbe-b4e5-11e8-bb57-d8cb8a12f818
Error: (09/10/2018 12:20:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Name des fehlerhaften Moduls: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000038c9e0
ID des fehlerhaften Prozesses: 0x1644
Startzeit der fehlerhaften Anwendung: 0x01d448bf20eb78a2
Pfad der fehlerhaften Anwendung: C:\Program Files\Gramblr\gramblr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Gramblr\gramblr.exe
Berichtskennung: 212f4319-b4e3-11e8-bb57-d8cb8a12f818
Error: (09/10/2018 06:31:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Name des fehlerhaften Moduls: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000038c9e0
ID des fehlerhaften Prozesses: 0x2fcc
Startzeit der fehlerhaften Anwendung: 0x01d4467e3f1ba24e
Pfad der fehlerhaften Anwendung: C:\Program Files\Gramblr\gramblr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Gramblr\gramblr.exe
Berichtskennung: 5e302816-b4b2-11e8-bb57-d8cb8a12f818
Error: (09/07/2018 09:41:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Name des fehlerhaften Moduls: gramblr.exe, Version: 0.0.0.0, Zeitstempel: 0x5b7b9d07
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000038c9e0
ID des fehlerhaften Prozesses: 0x828
Startzeit der fehlerhaften Anwendung: 0x01d4467481f4b77f
Pfad der fehlerhaften Anwendung: C:\Program Files\Gramblr\gramblr.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Gramblr\gramblr.exe
Berichtskennung: 7c5de0b8-b271-11e8-bb57-d8cb8a12f818
Systemfehler:
=============
Error: (09/11/2018 01:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/11/2018 01:51:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/11/2018 01:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/11/2018 01:51:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/11/2018 01:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/11/2018 01:51:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/11/2018 01:51:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (09/11/2018 01:51:45 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Chris\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 16303.64 MB
Verfügbarer physikalischer RAM: 10665.08 MB
Summe virtueller Speicher: 32605.42 MB
Verfügbarer virtueller Speicher: 26131.38 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:53.85 GB) NTFS
Drive e: (Volume) (Fixed) (Total:926.51 GB) (Free:461.55 GB) NTFS
\\?\Volume{bd385c43-cc8d-11e4-963b-806e6f6e6963}\ (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 9559CD67)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 926.5 GB) (Disk ID: 8A8EF65E)
Partition 1: (Not Active) - (Size=926.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
11.09.2018, 14:18
| #3 |
| | Mails verschickt von eigenem Rechner - RAT? Hier ist noch ein TDSSKillerlog, das Programm fand allerdings nichts:
__________________Code:
ATTFilter 15:16:31.0988 0x26f0 TDSS rootkit removing tool 3.1.0.17 Apr 20 2018 12:12:17
15:16:47.0785 0x26f0 ============================================================
15:16:47.0785 0x26f0 Current date / time: 2018/09/11 15:16:47.0785
15:16:47.0785 0x26f0 SystemInfo:
15:16:47.0785 0x26f0
15:16:47.0785 0x26f0 OS Version: 6.1.7601 ServicePack: 1.0
15:16:47.0785 0x26f0 Product type: Workstation
15:16:47.0785 0x26f0 ComputerName: INNERLICHELVIS
15:16:47.0785 0x26f0 UserName: Chris
15:16:47.0785 0x26f0 Windows directory: C:\Windows
15:16:47.0785 0x26f0 System windows directory: C:\Windows
15:16:47.0785 0x26f0 Running under WOW64
15:16:47.0785 0x26f0 Processor architecture: Intel x64
15:16:47.0785 0x26f0 Number of processors: 8
15:16:47.0785 0x26f0 Page size: 0x1000
15:16:47.0785 0x26f0 Boot type: Normal boot
15:16:47.0785 0x26f0 CodeIntegrityOptions = 0x00000001
15:16:47.0785 0x26f0 ============================================================
15:16:47.0872 0x26f0 KLMD registered as C:\Windows\system32\drivers\39415951.sys
15:16:47.0872 0x26f0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.24214, osProperties = 0x1
15:16:48.0034 0x26f0 System UUID: {16DB2A50-1402-0946-BF90-A3925EBE854D}
15:16:48.0442 0x26f0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:48.0443 0x26f0 Drive \Device\Harddisk1\DR1 - Size: 0xE7A0C00000 ( 926.51 Gb ), SectorSize: 0x200, Cylinders: 0x1D874, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:16:48.0445 0x26f0 ============================================================
15:16:48.0445 0x26f0 \Device\Harddisk0\DR0:
15:16:48.0445 0x26f0 MBR partitions:
15:16:48.0445 0x26f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:16:48.0445 0x26f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
15:16:48.0445 0x26f0 \Device\Harddisk1\DR1:
15:16:48.0445 0x26f0 MBR partitions:
15:16:48.0445 0x26f0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x73D04800
15:16:48.0445 0x26f0 ============================================================
15:16:48.0446 0x26f0 C: <-> \Device\Harddisk0\DR0\Partition2
15:16:48.0479 0x26f0 E: <-> \Device\Harddisk1\DR1\Partition1
15:16:48.0479 0x26f0 ============================================================
15:16:48.0479 0x26f0 Initialize success
15:16:48.0479 0x26f0 ============================================================
15:16:50.0358 0x2f2c ============================================================
15:16:50.0358 0x2f2c Scan started
15:16:50.0358 0x2f2c Mode: Manual;
15:16:50.0358 0x2f2c ============================================================
15:16:50.0358 0x2f2c KSN ping started
15:16:50.0550 0x2f2c KSN ping finished: true
15:16:51.0924 0x2f2c ================ Scan system memory ========================
15:16:51.0924 0x2f2c System memory - ok
15:16:51.0924 0x2f2c ================ Scan services =============================
15:16:51.0958 0x2f2c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:16:51.0961 0x2f2c 1394ohci - ok
15:16:51.0975 0x2f2c [ DCA5495CA17AEB2F4FD8AC60812C3999, 20A3FC0349294584C340C76D674EE5CA37BA69C886DDA6886CBCCFA437A51BD8 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:16:51.0979 0x2f2c ACPI - ok
15:16:51.0981 0x2f2c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:16:51.0982 0x2f2c AcpiPmi - ok
15:16:51.0987 0x2f2c [ AE86FE2A70C377C0F1AD5B20E66F4C2F, EE5BABAA9AFF720DE6599A4F33A44A01D291F642F1FFBD428E273CB06CEABE50 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:16:51.0988 0x2f2c AdobeARMservice - ok
15:16:52.0000 0x2f2c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:16:52.0005 0x2f2c adp94xx - ok
15:16:52.0014 0x2f2c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:16:52.0018 0x2f2c adpahci - ok
15:16:52.0023 0x2f2c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:16:52.0025 0x2f2c adpu320 - ok
15:16:52.0029 0x2f2c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:16:52.0030 0x2f2c AeLookupSvc - ok
15:16:52.0039 0x2f2c [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD C:\Windows\system32\drivers\afd.sys
15:16:52.0044 0x2f2c AFD - ok
15:16:52.0082 0x2f2c [ 3D1BB871A893182B0058A4898D5AFE29, 77AAD5ADD3C0F6AE2056CD4891644CE7F12946B05A4BDBCC711A1BD3B2C650C2 ] AGMService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
15:16:52.0109 0x2f2c AGMService - ok
15:16:52.0113 0x2f2c [ 466BF4170DC41BB939F1F9AB8F97F8F5, 603BF9DA00AABF2CC9FA89865EBCF0CDAADB77D147D0B9FC30480DA7D8215C61 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:16:52.0114 0x2f2c agp440 - ok
15:16:52.0147 0x2f2c [ C20CA26CDE768CA950C622B866292FC2, 007B142A02B3676F320F9BBB92AAAE1589938FD19D20701655114CE84588526B ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
15:16:52.0170 0x2f2c AGSService - ok
15:16:52.0175 0x2f2c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
15:16:52.0176 0x2f2c ALG - ok
15:16:52.0178 0x2f2c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
15:16:52.0178 0x2f2c aliide - ok
15:16:52.0180 0x2f2c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
15:16:52.0181 0x2f2c amdide - ok
15:16:52.0183 0x2f2c [ 4089A96C781A2565D0BFB917A7DB5C9A, D156249841A3701CDD0EB7DB43ECF06B620F90A7EF693B66188D54F113E3BE20 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:16:52.0184 0x2f2c AmdK8 - ok
15:16:52.0187 0x2f2c [ 684B0DF6D6D119B5EE4B36101DFB0121, F60A1E9E1E7B1432FE42ECD9A8CC1E7C07E856ED666EF9ECE131F11B520E74CF ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:16:52.0188 0x2f2c AmdPPM - ok
15:16:52.0192 0x2f2c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:16:52.0193 0x2f2c amdsata - ok
15:16:52.0198 0x2f2c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:16:52.0200 0x2f2c amdsbs - ok
15:16:52.0202 0x2f2c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:16:52.0203 0x2f2c amdxata - ok
15:16:52.0226 0x2f2c [ 682B9997316AE9677F80F9ECF1BAE47C, A58278515A874132EF81BAEEDA1BFA0B0A863ADFBE6B75D4F9AE8318282EAC06 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:16:52.0237 0x2f2c AntiVirMailService - ok
15:16:52.0243 0x2f2c [ 6107C3F7BB0C2C2083DE13823A8A5A15, 92EAF155FE106BCAACCE304A755A5B0932F31B6A061F419261FB30736C4CEAB6 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:16:52.0247 0x2f2c AntiVirSchedulerService - ok
15:16:52.0252 0x2f2c [ 6107C3F7BB0C2C2083DE13823A8A5A15, 92EAF155FE106BCAACCE304A755A5B0932F31B6A061F419261FB30736C4CEAB6 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:16:52.0255 0x2f2c AntiVirService - ok
15:16:52.0274 0x2f2c [ 529380062E70CC0C77BD83BD0065B8F7, 8D33E63476F1A847B965A32624777F38AD3C57804F083AB67BA7AA9CD980868C ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:16:52.0288 0x2f2c AntiVirWebService - ok
15:16:52.0292 0x2f2c [ 285091CFD308A8952D027BAF0CDAF36E, 3E10EA877CF7B5D8D8280F4951ACBA5182DE804BE4842D9641B1835EF41290D8 ] AppID C:\Windows\system32\drivers\appid.sys
15:16:52.0293 0x2f2c AppID - ok
15:16:52.0295 0x2f2c [ DC999F2AC4758CA9D9DF2FDAC0B09600, 9274AE4697CCD45959380EBB1CB712765791AED6F997883AE9DABF513D457B6B ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:16:52.0296 0x2f2c AppIDSvc - ok
15:16:52.0298 0x2f2c [ 672F9F574E34C4E0E671CD8B6D529CC9, AEDFC5DC098CC1974771CD9F119CDDCCF2B6DFB11806D7CA27A2C751A4DBB159 ] Appinfo C:\Windows\System32\appinfo.dll
15:16:52.0299 0x2f2c Appinfo - ok
15:16:52.0303 0x2f2c [ D3B143E07D282D3FB88BCAB0C91D0BDB, 4B7E4C3AF44ED9B3807076FC63C4596AF4FF8647E8E84A681BBA94B6BC7246F6 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:16:52.0304 0x2f2c Apple Mobile Device Service - ok
15:16:52.0310 0x2f2c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
15:16:52.0312 0x2f2c AppMgmt - ok
15:16:52.0320 0x2f2c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
15:16:52.0321 0x2f2c arc - ok
15:16:52.0325 0x2f2c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:16:52.0326 0x2f2c arcsas - ok
15:16:52.0338 0x2f2c [ B29B39713E36AEDC517AEF58321B52D9, 016FFC93CB5BA15E6FA48B3334F69E8D80D0FC9B51B0477B4D4CEE0186303ABC ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:16:52.0339 0x2f2c aspnet_state - ok
15:16:52.0342 0x2f2c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:16:52.0342 0x2f2c AsyncMac - ok
15:16:52.0344 0x2f2c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
15:16:52.0345 0x2f2c atapi - ok
15:16:52.0357 0x2f2c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:16:52.0365 0x2f2c AudioEndpointBuilder - ok
15:16:52.0378 0x2f2c [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:16:52.0386 0x2f2c AudioSrv - ok
15:16:52.0390 0x2f2c [ 0174666BA4361AE37DD8212D229FA6C8, BC72281F84DAA5465C03EF0789FA470D55663CAAA8938AB6D64609687225EA44 ] avdevprot C:\Windows\system32\DRIVERS\avdevprot.sys
15:16:52.0391 0x2f2c avdevprot - ok
15:16:52.0396 0x2f2c [ F6456F69FE9E63DF2D365A3F5F643135, 63F6714CB231A4EE36EE50AF8845CC02FB8E000ED5DB6211F99FFB2042F1DFA5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:16:52.0398 0x2f2c avgntflt - ok
15:16:52.0402 0x2f2c [ 9FB497B1EA6638FF6751236BD15CCF7B, 724A6F8B1197BA23EF762638B66081F0DE0A9D243B98C0E2BD2C68FE0DDD9FAE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:16:52.0404 0x2f2c avipbb - ok
15:16:52.0414 0x2f2c [ 8E1960ED88843D85E3334BEFB4C50672, FFFF6980F289B3CB06DA80568F627919906DCF6147A3B29E4955FBA10707DCD4 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:16:52.0420 0x2f2c Avira.ServiceHost - ok
15:16:52.0424 0x2f2c [ 3E0AB8C453FA433B15A30BAA8BD4B275, 30453E68013DF1A3CD9197F28E8591A67BFA6CA784129666A6F7DF9D2E12440B ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:16:52.0425 0x2f2c avkmgr - ok
15:16:52.0427 0x2f2c [ 19B6F9073BD606B7ABEC03A0328FDC1B, 639E6A05BB0E52CDBDF887A3FA209B32F84253D274F2A9A89E1D96F1BE4C8143 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
15:16:52.0429 0x2f2c avnetflt - ok
15:16:52.0432 0x2f2c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:16:52.0434 0x2f2c AxInstSV - ok
15:16:52.0443 0x2f2c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:16:52.0448 0x2f2c b06bdrv - ok
15:16:52.0455 0x2f2c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:16:52.0458 0x2f2c b57nd60a - ok
15:16:52.0480 0x2f2c [ 44E6E51AEDBF3E0B38A6CD5432649E57, AB7F3EF0F5859B6C759BF1B9704C2F839166905C02300057997836C4B07A2221 ] BCMH43XX C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
15:16:52.0494 0x2f2c BCMH43XX - ok
15:16:52.0498 0x2f2c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
15:16:52.0500 0x2f2c BDESVC - ok
15:16:52.0502 0x2f2c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
15:16:52.0502 0x2f2c Beep - ok
15:16:52.0515 0x2f2c [ E3ED6C06462FDDE33100F7E45E8F5213, 71AA528F8912106FDAD83175A7529CF94B5B19093D2C63C25FAC198587286F87 ] BFE C:\Windows\System32\bfe.dll
15:16:52.0523 0x2f2c BFE - ok
15:16:52.0539 0x2f2c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
15:16:52.0549 0x2f2c BITS - ok
15:16:52.0553 0x2f2c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:16:52.0553 0x2f2c blbdrive - ok
15:16:52.0561 0x2f2c [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:16:52.0566 0x2f2c Bonjour Service - ok
15:16:52.0570 0x2f2c [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:16:52.0571 0x2f2c bowser - ok
15:16:52.0574 0x2f2c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:16:52.0574 0x2f2c BrFiltLo - ok
15:16:52.0576 0x2f2c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:16:52.0576 0x2f2c BrFiltUp - ok
15:16:52.0580 0x2f2c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
15:16:52.0582 0x2f2c Browser - ok
15:16:52.0588 0x2f2c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:16:52.0592 0x2f2c Brserid - ok
15:16:52.0595 0x2f2c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:16:52.0596 0x2f2c BrSerWdm - ok
15:16:52.0598 0x2f2c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:16:52.0598 0x2f2c BrUsbMdm - ok
15:16:52.0600 0x2f2c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:16:52.0601 0x2f2c BrUsbSer - ok
15:16:52.0603 0x2f2c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:16:52.0604 0x2f2c BTHMODEM - ok
15:16:52.0608 0x2f2c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
15:16:52.0610 0x2f2c bthserv - ok
15:16:52.0613 0x2f2c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:16:52.0614 0x2f2c cdfs - ok
15:16:52.0618 0x2f2c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:16:52.0620 0x2f2c cdrom - ok
15:16:52.0623 0x2f2c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
15:16:52.0624 0x2f2c CertPropSvc - ok
15:16:52.0627 0x2f2c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
15:16:52.0628 0x2f2c circlass - ok
15:16:52.0635 0x2f2c [ B5D7A0638CA817BA7D8A4DFD3499BA2A, B20EDC88A37C87456102EFFCA5EDD6DC9EFDA4B2E03DD9611C06693D1E4BC526 ] CLFS C:\Windows\system32\CLFS.sys
15:16:52.0640 0x2f2c CLFS - ok
15:16:52.0644 0x2f2c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:16:52.0645 0x2f2c clr_optimization_v2.0.50727_32 - ok
15:16:52.0650 0x2f2c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:16:52.0651 0x2f2c clr_optimization_v2.0.50727_64 - ok
15:16:52.0661 0x2f2c [ 7761FBD826C16A007D6386FBFB846241, 7E9DD121488C8652F33059EBCA648D2319B9D3328EEA3F2AEBA1BFB90C0805EB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:16:52.0662 0x2f2c clr_optimization_v4.0.30319_32 - ok
15:16:52.0666 0x2f2c [ 35F81FD0318AFABFB1956431CFA3EAE5, E4CDF2E9558A237B28194BCB1ADA5E798C484E7B0262DAF1AB94A69F326CC91E ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:16:52.0669 0x2f2c clr_optimization_v4.0.30319_64 - ok
15:16:52.0671 0x2f2c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:16:52.0672 0x2f2c CmBatt - ok
15:16:52.0674 0x2f2c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:16:52.0674 0x2f2c cmdide - ok
15:16:52.0682 0x2f2c [ 9DE8D00626F01DBD1879A6655D7A752D, 7624FEAEC4FBB2FAC484DA295FB748136BB331032FC58B426A45802F55F5C24D ] CNG C:\Windows\system32\Drivers\cng.sys
15:16:52.0688 0x2f2c CNG - ok
15:16:52.0691 0x2f2c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:16:52.0691 0x2f2c Compbatt - ok
15:16:52.0694 0x2f2c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:16:52.0695 0x2f2c CompositeBus - ok
15:16:52.0696 0x2f2c COMSysApp - ok
15:16:52.0699 0x2f2c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:16:52.0699 0x2f2c crcdisk - ok
15:16:52.0704 0x2f2c [ EC0550300E899BD69BDB5937E684D348, 982E5FB213F6DE07F061D4FE201CA69D99572398ED41C953E0B3358C3FD9EBF6 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:16:52.0707 0x2f2c CryptSvc - ok
15:16:52.0716 0x2f2c [ 80BC9D418607974E4940EBC42F69BC8D, 83F1C21DCBAC4CCD970DD820C169C31DE97BD8A42D3384454B0D9C9A6053A297 ] CSC C:\Windows\system32\drivers\csc.sys
15:16:52.0723 0x2f2c CSC - ok
15:16:52.0735 0x2f2c [ C593B028F399934C0A739AD7438B21BF, 8A288BD3F333ABBA9D96BD88E62B0BA782C7DF6027AC65DC2375800035655F9F ] CscService C:\Windows\System32\cscsvc.dll
15:16:52.0743 0x2f2c CscService - ok
15:16:52.0753 0x2f2c [ 43CCB07A71347064695B8852492DA126, 193438A7B60AC65C19BB3E1B6A1E2F7C870605712C6696FD4AD3544D48A72F51 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:16:52.0760 0x2f2c DcomLaunch - ok
15:16:52.0767 0x2f2c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
15:16:52.0771 0x2f2c defragsvc - ok
15:16:52.0775 0x2f2c [ 63705A08981F7EDD376241D6E0A9C2AC, 6965D64D164A4DBBC328D2611EE38A71D3FA66A6438AFC6E4830DC37ABC28729 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:16:52.0776 0x2f2c DfsC - ok
15:16:52.0782 0x2f2c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:16:52.0786 0x2f2c Dhcp - ok
15:16:52.0809 0x2f2c [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack C:\Windows\system32\diagtrack.dll
15:16:52.0826 0x2f2c DiagTrack - ok
15:16:52.0829 0x2f2c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
15:16:52.0830 0x2f2c discache - ok
15:16:52.0833 0x2f2c [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk C:\Windows\system32\drivers\disk.sys
15:16:52.0834 0x2f2c Disk - ok
15:16:52.0837 0x2f2c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:16:52.0838 0x2f2c dmvsc - ok
15:16:52.0842 0x2f2c [ EEEFC204476D5C44E4F6802F55697179, 0B67D193FF6389BE207F584F4D0C4C0B8BC9F4206851991AD270D894B95E314E ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:16:52.0844 0x2f2c Dnscache - ok
15:16:52.0852 0x2f2c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
15:16:52.0855 0x2f2c dot3svc - ok
15:16:52.0861 0x2f2c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
15:16:52.0863 0x2f2c DPS - ok
15:16:52.0865 0x2f2c [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:16:52.0865 0x2f2c drmkaud - ok
15:16:52.0882 0x2f2c [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:16:52.0894 0x2f2c DXGKrnl - ok
15:16:52.0904 0x2f2c [ 7433EB31A3EA46BBE4468F8A339477DA, A88B40DC6EBD6A7245C5E188A7CFFF5274B290575CE15F44764EDD99F06E2132 ] e1dexpress C:\Windows\system32\DRIVERS\e1d62x64.sys
15:16:52.0909 0x2f2c e1dexpress - ok
15:16:52.0913 0x2f2c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
15:16:52.0915 0x2f2c EapHost - ok
15:16:52.0974 0x2f2c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:16:53.0010 0x2f2c ebdrv - ok
15:16:53.0015 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] EFS C:\Windows\System32\lsass.exe
15:16:53.0016 0x2f2c EFS - ok
15:16:53.0031 0x2f2c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:16:53.0039 0x2f2c ehRecvr - ok
15:16:53.0043 0x2f2c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
15:16:53.0044 0x2f2c ehSched - ok
15:16:53.0055 0x2f2c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:16:53.0061 0x2f2c elxstor - ok
15:16:53.0066 0x2f2c [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe
15:16:53.0068 0x2f2c EpsonScanSvc - ok
15:16:53.0069 0x2f2c [ 9002EED07FD7FCFF6B8C5C06B454AC19, 0FCEF7D930316FF267841009DF83F29A7D9CD6ED710128F493EC15EC99D9ACD6 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:16:53.0070 0x2f2c ErrDev - ok
15:16:53.0075 0x2f2c [ 1E01F509048BEF78831AC89401B172BD, 34558F56D9AEA8527B84B2BE2A752D181A5D825622EB4B90D454F6D4F971BFED ] ESProtectionDriver C:\Windows\system32\drivers\mbae64.sys
15:16:53.0077 0x2f2c ESProtectionDriver - ok
15:16:53.0086 0x2f2c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
15:16:53.0091 0x2f2c EventSystem - ok
15:16:53.0096 0x2f2c [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat C:\Windows\system32\drivers\exfat.sys
15:16:53.0099 0x2f2c exfat - ok
15:16:53.0103 0x2f2c [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:16:53.0106 0x2f2c fastfat - ok
15:16:53.0120 0x2f2c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
15:16:53.0128 0x2f2c Fax - ok
15:16:53.0130 0x2f2c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
15:16:53.0131 0x2f2c fdc - ok
15:16:53.0133 0x2f2c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
15:16:53.0134 0x2f2c fdPHost - ok
15:16:53.0136 0x2f2c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
15:16:53.0137 0x2f2c FDResPub - ok
15:16:53.0140 0x2f2c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:16:53.0141 0x2f2c FileInfo - ok
15:16:53.0143 0x2f2c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:16:53.0144 0x2f2c Filetrace - ok
15:16:53.0145 0x2f2c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:16:53.0146 0x2f2c flpydisk - ok
15:16:53.0152 0x2f2c [ DC591A7A196E99EFB5A48D708CB989FD, 1C34C0A4AEEE977D290EF5E79C3B13B1F1F18E051F49815013D360F62458D82A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:16:53.0155 0x2f2c FltMgr - ok
15:16:53.0176 0x2f2c [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache C:\Windows\system32\FntCache.dll
15:16:53.0189 0x2f2c FontCache - ok
15:16:53.0192 0x2f2c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:16:53.0193 0x2f2c FontCache3.0.0.0 - ok
15:16:53.0198 0x2f2c [ 6227D8C06F94D4C59623AC661947CCD1, FA77454EB08BD568A9A6C2986F3EBBD1B6F728E01819DA6C866E77D5DEC47FF2 ] FoxitCloudUpdateService C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
15:16:53.0201 0x2f2c FoxitCloudUpdateService - ok
15:16:53.0204 0x2f2c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:16:53.0205 0x2f2c FsDepends - ok
15:16:53.0207 0x2f2c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:16:53.0208 0x2f2c Fs_Rec - ok
15:16:53.0213 0x2f2c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:16:53.0215 0x2f2c fvevol - ok
15:16:53.0219 0x2f2c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:16:53.0220 0x2f2c gagp30kx - ok
15:16:53.0233 0x2f2c [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc C:\Windows\System32\gpsvc.dll
15:16:53.0242 0x2f2c gpsvc - ok
15:16:53.0457 0x2f2c [ 7AE595E3D4AFFF42434E271EF310900C, 4417DD73DB6CBF13AE9913FE8F543B6B045F082DC077E4EBA9891865ED3B26A9 ] gramblrclient C:\Program Files\Gramblr\gramblr.exe
15:16:53.0612 0x2f2c gramblrclient - ok
15:16:53.0626 0x2f2c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:53.0628 0x2f2c gupdate - ok
15:16:53.0631 0x2f2c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:16:53.0632 0x2f2c gupdatem - ok
15:16:53.0635 0x2f2c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:16:53.0636 0x2f2c hcw85cir - ok
15:16:53.0643 0x2f2c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:16:53.0647 0x2f2c HdAudAddService - ok
15:16:53.0650 0x2f2c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:16:53.0652 0x2f2c HDAudBus - ok
15:16:53.0654 0x2f2c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:16:53.0655 0x2f2c HidBatt - ok
15:16:53.0658 0x2f2c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:16:53.0659 0x2f2c HidBth - ok
15:16:53.0662 0x2f2c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
15:16:53.0663 0x2f2c HidIr - ok
15:16:53.0665 0x2f2c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
15:16:53.0666 0x2f2c hidserv - ok
15:16:53.0669 0x2f2c [ 90D91013D16A15B22A4B4EB6D4140A5B, A13B013AB5F1839304699A8130A5DF8B4F76657E4132BF7EAFAEADBFFE3AB490 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:16:53.0669 0x2f2c HidUsb - ok
15:16:53.0672 0x2f2c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:16:53.0674 0x2f2c hkmsvc - ok
15:16:53.0680 0x2f2c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:16:53.0683 0x2f2c HomeGroupListener - ok
15:16:53.0688 0x2f2c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:16:53.0690 0x2f2c HomeGroupProvider - ok
15:16:53.0693 0x2f2c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:16:53.0694 0x2f2c HpSAMD - ok
15:16:53.0707 0x2f2c [ 93C367EA831FB39DEE3BA96539A187FB, 8B912152CA8B89B4429278F93163481BAA07E2D940EE61CE1B7AD178AB13E105 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:16:53.0715 0x2f2c HTTP - ok
15:16:53.0718 0x2f2c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:16:53.0719 0x2f2c hwpolicy - ok
15:16:53.0722 0x2f2c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
15:16:53.0723 0x2f2c i8042prt - ok
15:16:53.0732 0x2f2c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:16:53.0737 0x2f2c iaStorV - ok
15:16:53.0751 0x2f2c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:16:53.0761 0x2f2c idsvc - ok
15:16:53.0763 0x2f2c IEEtwCollectorService - ok
15:16:53.0766 0x2f2c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:16:53.0766 0x2f2c iirsp - ok
15:16:53.0781 0x2f2c [ 25AF7D5C819F19D7C97F4A9607F2609A, 70142B97F1087E20758AFECF5A7AB2EC1FDBBF68019A3BEC6C49F168650FEFC8 ] IKEEXT C:\Windows\System32\ikeext.dll
15:16:53.0790 0x2f2c IKEEXT - ok
15:16:53.0855 0x2f2c [ A9D85C6358F79BAB564806CFA77B2F75, 83B32B791FDC37926C1CC5C0657DFCA81AC0E5E564E62680982BF44553BAF51C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:16:53.0901 0x2f2c IntcAzAudAddService - ok
15:16:53.0908 0x2f2c [ EA83415296F905D11651B9AF26FB7EBD, 0A37449E8EF0190A088720EE727EA46B7E8BE376801C4EBC8173A012B2A476FD ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
15:16:53.0911 0x2f2c Intel(R) PROSet Monitoring Service - ok
15:16:53.0913 0x2f2c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
15:16:53.0913 0x2f2c intelide - ok
15:16:53.0915 0x2f2c [ 9D2FF76E43148281EEBED03E6C092522, F7A1127E52238F66EA9F72703748170F56BD2E896D2F83C15D981A746E2F5C64 ] intelppm C:\Windows\system32\drivers\intelppm.sys
15:16:53.0916 0x2f2c intelppm - ok
15:16:53.0919 0x2f2c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:16:53.0921 0x2f2c IPBusEnum - ok
15:16:53.0924 0x2f2c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:16:53.0925 0x2f2c IpFilterDriver - ok
15:16:53.0935 0x2f2c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:16:53.0942 0x2f2c iphlpsvc - ok
15:16:53.0945 0x2f2c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:16:53.0946 0x2f2c IPMIDRV - ok
15:16:53.0949 0x2f2c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:16:53.0951 0x2f2c IPNAT - ok
15:16:53.0962 0x2f2c [ 1D91D4B53167405C0595A66662D21E04, 79BBCC69088A3D2573A7AE2F68E29BC5D6A070C30AC825E442611FD3AFBFC52B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:16:53.0970 0x2f2c iPod Service - ok
15:16:53.0972 0x2f2c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:16:53.0973 0x2f2c IRENUM - ok
15:16:53.0975 0x2f2c [ 905E9D664F38B93B53FA05422165F5B5, 5B0D8869C73836378C234FAA407DE047F5F638D3E872B246A1AC74BE44BBD7DD ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:16:53.0975 0x2f2c isapnp - ok
15:16:53.0982 0x2f2c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:16:53.0985 0x2f2c iScsiPrt - ok
15:16:53.0992 0x2f2c [ B347865F3111539C7B3F077EE7C22DBF, 304321780DD360DB2AB28A1A05101187DA0E187CE6521F59C6FB558AC482EF03 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
15:16:53.0996 0x2f2c iusb3hub - ok
15:16:54.0010 0x2f2c [ 8B7014DBD81836817293E07A6BBAF847, 706F62F04DDF4F02DF1DE21E5E480B3C9C06E89FCC6918F9DFA2BFE87A35C088 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
15:16:54.0018 0x2f2c iusb3xhc - ok
15:16:54.0022 0x2f2c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:16:54.0023 0x2f2c kbdclass - ok
15:16:54.0025 0x2f2c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:16:54.0026 0x2f2c kbdhid - ok
15:16:54.0028 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] KeyIso C:\Windows\system32\lsass.exe
15:16:54.0029 0x2f2c KeyIso - ok
15:16:54.0032 0x2f2c [ AA4DAC439EFF380F3C7BF7BDFB5776E9, 887501865BFFCA995FCCA324F7412162AB523629E8E2D702D1BBF0339B7F2B7A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:16:54.0033 0x2f2c KSecDD - ok
15:16:54.0037 0x2f2c [ AA69C35B718ACC7902169801BCE9EE3F, AD95049E0B4F2848858105CFA1D72956D5E5C5E624290D5C747D965B5591B847 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:16:54.0039 0x2f2c KSecPkg - ok
15:16:54.0041 0x2f2c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:16:54.0041 0x2f2c ksthunk - ok
15:16:54.0049 0x2f2c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
15:16:54.0054 0x2f2c KtmRm - ok
15:16:54.0059 0x2f2c [ E65118228501478C4630BC96F2E1C876, FF2346ED4B097D9D58D558F4A8A854597E457F37C12984160D22E0F5B2F31720 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:16:54.0062 0x2f2c LanmanServer - ok
15:16:54.0066 0x2f2c [ 01C95A8CAE16CCF1EA1181395C872B9F, 0BB846AFC7335BB0CD52735AE32E0BCD5075865900C356493DC159795E8C8181 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:16:54.0068 0x2f2c LanmanWorkstation - ok
15:16:54.0072 0x2f2c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:16:54.0072 0x2f2c lltdio - ok
15:16:54.0079 0x2f2c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:16:54.0083 0x2f2c lltdsvc - ok
15:16:54.0085 0x2f2c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:16:54.0086 0x2f2c lmhosts - ok
15:16:54.0090 0x2f2c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:16:54.0092 0x2f2c LSI_FC - ok
15:16:54.0095 0x2f2c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:16:54.0097 0x2f2c LSI_SAS - ok
15:16:54.0099 0x2f2c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:16:54.0100 0x2f2c LSI_SAS2 - ok
15:16:54.0104 0x2f2c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:16:54.0105 0x2f2c LSI_SCSI - ok
15:16:54.0109 0x2f2c [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv C:\Windows\system32\drivers\luafv.sys
15:16:54.0110 0x2f2c luafv - ok
15:16:54.0114 0x2f2c [ 0B4A62420642B842DF8656DBFF663B0C, ACB7961ECA32A50FCBD51B194488DDF40E610C2384EDFD06235AE427BCB80C96 ] MBAMChameleon C:\Windows\System32\Drivers\MbamChameleon.sys
15:16:54.0117 0x2f2c MBAMChameleon - ok
15:16:54.0121 0x2f2c [ 30531264292DBC7507AA1FF4123F1F39, AD27317BFAB1D5C1B332000DF51336424B4B80AF725392EB4A0FE53DC0695C41 ] MBAMFarflt C:\Windows\system32\DRIVERS\farflt.sys
15:16:54.0123 0x2f2c MBAMFarflt - ok
15:16:54.0125 0x2f2c [ 0987B4BB03FA1F3C0C7D37347B707D4E, EDEA667695A680B955F42024AD349A9B795A2365C59312EDCC3FE5BF362F59E6 ] MBAMProtection C:\Windows\system32\DRIVERS\mbam.sys
15:16:54.0126 0x2f2c MBAMProtection - ok
15:16:54.0224 0x2f2c [ F7265B7490428499F2FE409FA9247866, 43A406C74689B72020E4669B45F19D377A5FF3EFE79B03AF58C2679D14405E9D ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
15:16:54.0293 0x2f2c MBAMService - ok
15:16:54.0304 0x2f2c [ 351BF8F77B0A15A7B5A2AE098C52A387, A84330DF5C4F0E5D6251D311B5DC78722D7724E87DAF5DE5A11EB73BB3502E26 ] MBAMSwissArmy C:\Windows\system32\Drivers\mbamswissarmy.sys
15:16:54.0307 0x2f2c MBAMSwissArmy - ok
15:16:54.0311 0x2f2c [ BB59E29ADA772551DAE87B980DC1425C, BBC24338AF20AC0DC0AAC87F96E1BE8E8CDB1DD8E2F43108C3DD4D915FB8E6CB ] MBAMWebProtection C:\Windows\system32\DRIVERS\mwac.sys
15:16:54.0312 0x2f2c MBAMWebProtection - ok
15:16:54.0314 0x2f2c [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
15:16:54.0315 0x2f2c MBfilt - ok
15:16:54.0318 0x2f2c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:16:54.0320 0x2f2c Mcx2Svc - ok
15:16:54.0322 0x2f2c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
15:16:54.0323 0x2f2c megasas - ok
15:16:54.0329 0x2f2c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:16:54.0332 0x2f2c MegaSR - ok
15:16:54.0337 0x2f2c [ 8751062F2F7EC78DE92D778A08099DDE, F10BE771FF9E02A51CF3A167BB967167DE4F66647D7F1508CB27D8FDD8623700 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys
15:16:54.0338 0x2f2c MEIx64 - ok
15:16:54.0347 0x2f2c [ 887FAB9233D476455814F52A52138F7F, F839DB47F35A20C69D1FC7E9954F3ADBCB5CD1727B67594A8FFAFE4AA472613E ] memudrv C:\Program Files\Microvirt\MEmuHyperv\MEmuDrv.sys
15:16:54.0351 0x2f2c memudrv - ok
15:16:54.0356 0x2f2c [ 157DCBD5E22D9C42E14FD74BA15B7C09, 0EB144C5D1137F823B1FF313D8D42FA3D333B43D7EECEE1187A95BB0390F23A6 ] MEmusvc C:\Program Files\Microvirt\MEmu\MemuService.exe
15:16:54.0357 0x2f2c MEmusvc - ok
15:16:54.0360 0x2f2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
15:16:54.0361 0x2f2c MMCSS - ok
15:16:54.0363 0x2f2c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
15:16:54.0364 0x2f2c Modem - ok
15:16:54.0366 0x2f2c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:16:54.0366 0x2f2c monitor - ok
15:16:54.0369 0x2f2c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:16:54.0370 0x2f2c mouclass - ok
15:16:54.0373 0x2f2c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:16:54.0373 0x2f2c mouhid - ok
15:16:54.0376 0x2f2c [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:16:54.0378 0x2f2c mountmgr - ok
15:16:54.0382 0x2f2c [ 2EDD920BD669C571E3EEFCAAE4FD4C37, D029269D17BC2D2D4B98F331D9F69A973813FBBEF433E260858309D43C09AC09 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:16:54.0384 0x2f2c MozillaMaintenance - ok
15:16:54.0389 0x2f2c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
15:16:54.0391 0x2f2c mpio - ok
15:16:54.0393 0x2f2c [ 94FE5C648F51D093630AE1CD33284C23, 80732E873C26909952DFBC4B6FA965C25D11C7BF594B11591F5E8D8645D760EA ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:16:54.0394 0x2f2c mpsdrv - ok
15:16:54.0408 0x2f2c [ 3FA0F2D5BCF878BBBCBF1D80E698552B, 839F1BA184F7949ECF2C2530436ED888D6F9DDB425D08974D16E2BC0E8298DAA ] MpsSvc C:\Windows\system32\mpssvc.dll
15:16:54.0418 0x2f2c MpsSvc - ok
15:16:54.0422 0x2f2c [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:16:54.0424 0x2f2c MRxDAV - ok
15:16:54.0428 0x2f2c [ 47A475B386FC0EDE0545C5764D6E08D2, 2B611F7F05CB375C405202AFC8493FCEDE7DC184877476FC25A126B421DA85B1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:16:54.0430 0x2f2c mrxsmb - ok
15:16:54.0436 0x2f2c [ 710B3E5EC2C6E3412FB592406C738CE0, 484B024CA23198B2D9870927613555B79D3786D456A578D817EB211883DA8BB1 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:16:54.0440 0x2f2c mrxsmb10 - ok
15:16:54.0443 0x2f2c [ 8A6BD69F08E872674CA0C83CEEF4AEFB, 4E86FD43F99B66EF2D8F7AB1CFFE074067A80990DB907B02B0DC4FD441294695 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:16:54.0445 0x2f2c mrxsmb20 - ok
15:16:54.0447 0x2f2c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
15:16:54.0448 0x2f2c msahci - ok
15:16:54.0451 0x2f2c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:16:54.0453 0x2f2c msdsm - ok
15:16:54.0457 0x2f2c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
15:16:54.0459 0x2f2c MSDTC - ok
15:16:54.0462 0x2f2c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:16:54.0463 0x2f2c Msfs - ok
15:16:54.0466 0x2f2c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:16:54.0466 0x2f2c mshidkmdf - ok
15:16:54.0468 0x2f2c [ 6FE3DBEEA730A857CA3DF603B7DEADA2, CFB2F88799BD8D4D6B435C88B0B12D6E3EE83428B8EBE4C9DAACE25F03E7EABB ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:16:54.0469 0x2f2c msisadrv - ok
15:16:54.0473 0x2f2c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:16:54.0475 0x2f2c MSiSCSI - ok
15:16:54.0476 0x2f2c msiserver - ok
15:16:54.0478 0x2f2c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:16:54.0479 0x2f2c MSKSSRV - ok
15:16:54.0481 0x2f2c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:16:54.0481 0x2f2c MSPCLOCK - ok
15:16:54.0483 0x2f2c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:16:54.0483 0x2f2c MSPQM - ok
15:16:54.0490 0x2f2c [ 94275393BB85D1E2B74BFEFEC386B4A0, D1E8B2AFB5B0E0B4670887F15A4EDFF88B1C91AF052B2C687590AF05AC560C18 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:16:54.0494 0x2f2c MsRPC - ok
15:16:54.0497 0x2f2c [ 1FC0BF25FFCB9F751BCBC6C6AC577078, D48313C4A3E711F3E2AFEC87E3C78B9230A96438CEC92857F8B454E2D1602E84 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
15:16:54.0498 0x2f2c mssmbios - ok
15:16:54.0500 0x2f2c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:16:54.0500 0x2f2c MSTEE - ok
15:16:54.0502 0x2f2c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:16:54.0502 0x2f2c MTConfig - ok
15:16:54.0505 0x2f2c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
15:16:54.0506 0x2f2c Mup - ok
15:16:54.0515 0x2f2c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
15:16:54.0521 0x2f2c napagent - ok
15:16:54.0528 0x2f2c [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:16:54.0532 0x2f2c NativeWifiP - ok
15:16:54.0548 0x2f2c [ CBE5C2A3353A367734989E335D6AF194, E8927AD1202AC5E523717AC4ADB2345D31A00B304FA56056B27043792237CFEC ] NDIS C:\Windows\system32\drivers\ndis.sys
15:16:54.0558 0x2f2c NDIS - ok
15:16:54.0562 0x2f2c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:16:54.0562 0x2f2c NdisCap - ok
15:16:54.0564 0x2f2c [ 3F217F77899654833B650ED6A1372BE4, BB351A685D8F05E8066716F7346D28F950FB263D6C4F6957D908EA602FFF0681 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:16:54.0565 0x2f2c NdisTapi - ok
15:16:54.0567 0x2f2c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:16:54.0568 0x2f2c Ndisuio - ok
15:16:54.0573 0x2f2c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:16:54.0575 0x2f2c NdisWan - ok
15:16:54.0578 0x2f2c [ E46AF308E96F7730F59B0F250A884CD6, F5D00B950AAE1F38E295385C934FDC6C24608E65A8357317AE889947A2FE2BDC ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:16:54.0579 0x2f2c NDProxy - ok
15:16:54.0581 0x2f2c [ 2E19EB10185992AB08BC3688AACA4CE2, D9E3A5CFE8887B7F66239000116723FAA119107870A6FB65FD6F108CE5C9D9EB ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:16:54.0582 0x2f2c NetBIOS - ok
15:16:54.0587 0x2f2c [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:16:54.0591 0x2f2c NetBT - ok
15:16:54.0593 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] Netlogon C:\Windows\system32\lsass.exe
15:16:54.0594 0x2f2c Netlogon - ok
15:16:54.0602 0x2f2c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
15:16:54.0607 0x2f2c Netman - ok
15:16:54.0611 0x2f2c [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:54.0613 0x2f2c NetMsmqActivator - ok
15:16:54.0616 0x2f2c [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:54.0618 0x2f2c NetPipeActivator - ok
15:16:54.0626 0x2f2c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
15:16:54.0632 0x2f2c netprofm - ok
15:16:54.0636 0x2f2c [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:54.0637 0x2f2c NetTcpActivator - ok
15:16:54.0641 0x2f2c [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:16:54.0642 0x2f2c NetTcpPortSharing - ok
15:16:54.0645 0x2f2c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:16:54.0646 0x2f2c nfrd960 - ok
15:16:54.0652 0x2f2c [ 93DEDBE8E24F31962755E6AA4AC2D7B0, 368B3F48F230514F496CE24339EC8943A87A6BB9815912AE192B73837AB3E3B7 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:16:54.0656 0x2f2c NlaSvc - ok
15:16:54.0659 0x2f2c [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF C:\Windows\system32\DRIVERS\npf.sys
15:16:54.0660 0x2f2c NPF - ok
15:16:54.0662 0x2f2c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:16:54.0663 0x2f2c Npfs - ok
15:16:54.0665 0x2f2c [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi C:\Windows\system32\nsisvc.dll
15:16:54.0666 0x2f2c nsi - ok
15:16:54.0668 0x2f2c [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:16:54.0669 0x2f2c nsiproxy - ok
15:16:54.0695 0x2f2c [ 8422AFBD1C2D30FFC913309D7F1A366D, 1CE5A7945C412BC1F38852DECD7C57FE244EF0D525B9A4F5DD29C1073713B8C6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:16:54.0720 0x2f2c Ntfs - ok
15:16:54.0723 0x2f2c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
15:16:54.0724 0x2f2c Null - ok
15:16:54.0726 0x2f2c [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
15:16:54.0727 0x2f2c nusb3hub - ok
15:16:54.0731 0x2f2c [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
15:16:54.0734 0x2f2c nusb3xhc - ok
15:16:54.0739 0x2f2c [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
15:16:54.0741 0x2f2c NVHDA - ok
15:16:54.0911 0x2f2c [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:16:55.0024 0x2f2c nvlddmkm - ok
15:16:55.0038 0x2f2c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:16:55.0040 0x2f2c nvraid - ok
15:16:55.0045 0x2f2c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:16:55.0047 0x2f2c nvstor - ok
15:16:55.0065 0x2f2c [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
15:16:55.0076 0x2f2c nvsvc - ok
15:16:55.0081 0x2f2c [ 7425A6B64F5D37D0565F2581B886E5E3, 877095624C4EAE13A5814117EEEF515842FFF77C9823DA83BC01FA6B8D9E8A6B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:16:55.0082 0x2f2c nv_agp - ok
15:16:55.0085 0x2f2c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:16:55.0086 0x2f2c ohci1394 - ok
15:16:55.0093 0x2f2c [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:16:55.0098 0x2f2c p2pimsvc - ok
15:16:55.0106 0x2f2c [ 79DB2B358BF0B152F15D1C5A525233BD, 374D9E8D7FBBC3EB14BDC651378120FCB075A36404F1E76A3F291F89CD5C3362 ] p2psvc C:\Windows\system32\p2psvc.dll
15:16:55.0112 0x2f2c p2psvc - ok
15:16:55.0115 0x2f2c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
15:16:55.0116 0x2f2c Parport - ok
15:16:55.0119 0x2f2c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:16:55.0120 0x2f2c partmgr - ok
15:16:55.0125 0x2f2c [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc C:\Windows\System32\pcasvc.dll
15:16:55.0128 0x2f2c PcaSvc - ok
15:16:55.0132 0x2f2c [ 481DADB90C1D4E9F19328079C7A9E63D, DA8946D89F0D59F2A17512B9029EB17B2909CF99B70CF4BA7258012E95008ABD ] pci C:\Windows\system32\drivers\pci.sys
15:16:55.0135 0x2f2c pci - ok
15:16:55.0137 0x2f2c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
15:16:55.0137 0x2f2c pciide - ok
15:16:55.0142 0x2f2c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:16:55.0145 0x2f2c pcmcia - ok
15:16:55.0147 0x2f2c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
15:16:55.0148 0x2f2c pcw - ok
15:16:55.0160 0x2f2c [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:16:55.0167 0x2f2c PEAUTH - ok
15:16:55.0191 0x2f2c [ C59E17D5E30972ECA28A72004795AEA7, 24CE4698F578BB6BE51101BA083C5E4A6A1AA449439C125BA3E5793E54260525 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:16:55.0207 0x2f2c PeerDistSvc - ok
15:16:55.0235 0x2f2c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:16:55.0236 0x2f2c PerfHost - ok
15:16:55.0260 0x2f2c [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla C:\Windows\system32\pla.dll
15:16:55.0276 0x2f2c pla - ok
15:16:55.0285 0x2f2c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:16:55.0291 0x2f2c PlugPlay - ok
15:16:55.0293 0x2f2c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:16:55.0294 0x2f2c PNRPAutoReg - ok
15:16:55.0300 0x2f2c [ 64FB16C5849444F0CFD403C83D9579A1, CDF3730453C9D469140F88BAC41181DD8AA2C7B2432961826E2379F2535F5293 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:16:55.0305 0x2f2c PNRPsvc - ok
15:16:55.0314 0x2f2c [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:16:55.0320 0x2f2c PolicyAgent - ok
15:16:55.0327 0x2f2c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
15:16:55.0329 0x2f2c Power - ok
15:16:55.0333 0x2f2c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:16:55.0334 0x2f2c PptpMiniport - ok
15:16:55.0337 0x2f2c [ 1CE012CE1A25BD9B131FE884749CB67B, 915CAF425A3EB65D8F84CDB69D5564E04B888C2F7965574AFD2D77046C684E35 ] Processor C:\Windows\system32\drivers\processr.sys
15:16:55.0338 0x2f2c Processor - ok
15:16:55.0343 0x2f2c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
15:16:55.0346 0x2f2c ProfSvc - ok
15:16:55.0349 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:16:55.0350 0x2f2c ProtectedStorage - ok
15:16:55.0354 0x2f2c [ 4CE827A5433451551E99C2C1D20E4A43, B2E0806BB5C32A9126584941EE92526BFD45BB9EE18D7E598A2FFE7AAB495930 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:16:55.0356 0x2f2c Psched - ok
15:16:55.0380 0x2f2c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:16:55.0397 0x2f2c ql2300 - ok
15:16:55.0402 0x2f2c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:16:55.0403 0x2f2c ql40xx - ok
15:16:55.0409 0x2f2c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
15:16:55.0412 0x2f2c QWAVE - ok
15:16:55.0418 0x2f2c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:16:55.0419 0x2f2c QWAVEdrv - ok
15:16:55.0421 0x2f2c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:16:55.0422 0x2f2c RasAcd - ok
15:16:55.0425 0x2f2c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:16:55.0425 0x2f2c RasAgileVpn - ok
15:16:55.0429 0x2f2c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
15:16:55.0431 0x2f2c RasAuto - ok
15:16:55.0435 0x2f2c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:16:55.0437 0x2f2c Rasl2tp - ok
15:16:55.0444 0x2f2c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
15:16:55.0448 0x2f2c RasMan - ok
15:16:55.0452 0x2f2c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:16:55.0453 0x2f2c RasPppoe - ok
15:16:55.0456 0x2f2c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:16:55.0457 0x2f2c RasSstp - ok
15:16:55.0464 0x2f2c [ FB45727105E27756B3252572A138FA19, B11A375C7377C2DD02175921F5A3BBD23191207DE76DB220ACF72BD5CF74E09A ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:16:55.0468 0x2f2c rdbss - ok
15:16:55.0470 0x2f2c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:16:55.0471 0x2f2c rdpbus - ok
15:16:55.0473 0x2f2c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:16:55.0473 0x2f2c RDPCDD - ok
15:16:55.0479 0x2f2c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:16:55.0481 0x2f2c RDPDR - ok
15:16:55.0483 0x2f2c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:16:55.0484 0x2f2c RDPENCDD - ok
15:16:55.0486 0x2f2c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:16:55.0487 0x2f2c RDPREFMP - ok
15:16:55.0492 0x2f2c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:16:55.0494 0x2f2c RDPWD - ok
15:16:55.0499 0x2f2c [ F4287A980C0AA41DE3073F053E5EA73C, 04A386884DE32C6813486FD2D8FD9B9B275758CE5354459D8862A60E7F134833 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:16:55.0502 0x2f2c rdyboost - ok
15:16:55.0505 0x2f2c [ 0301EEE83B03229F555C6F8025FB5540, 3ABBA482E59FF9FC831A0FEA75A8C937BAE5077108A0EB3F89205C72FEDC2CD9 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:16:55.0507 0x2f2c RemoteAccess - ok
15:16:55.0511 0x2f2c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:16:55.0514 0x2f2c RemoteRegistry - ok
15:16:55.0516 0x2f2c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:16:55.0518 0x2f2c RpcEptMapper - ok
15:16:55.0521 0x2f2c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
15:16:55.0522 0x2f2c RpcLocator - ok
15:16:55.0531 0x2f2c [ 43CCB07A71347064695B8852492DA126, 193438A7B60AC65C19BB3E1B6A1E2F7C870605712C6696FD4AD3544D48A72F51 ] RpcSs C:\Windows\system32\rpcss.dll
15:16:55.0537 0x2f2c RpcSs - ok
15:16:55.0541 0x2f2c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:16:55.0542 0x2f2c rspndr - ok
15:16:55.0547 0x2f2c [ 14182642967B8751F3717E94FC90DF48, 0EEF109D51E7D8AE89DFF4C94AD42764682953DEBA2C4C62B6062F3753164A4F ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
15:16:55.0550 0x2f2c RSUSBSTOR - ok
15:16:55.0553 0x2f2c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:16:55.0553 0x2f2c s3cap - ok
15:16:55.0555 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] SamSs C:\Windows\system32\lsass.exe
15:16:55.0556 0x2f2c SamSs - ok
15:16:55.0559 0x2f2c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:16:55.0561 0x2f2c sbp2port - ok
15:16:55.0566 0x2f2c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:16:55.0569 0x2f2c SCardSvr - ok
15:16:55.0571 0x2f2c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:16:55.0572 0x2f2c scfilter - ok
15:16:55.0590 0x2f2c [ E5A1E7B40B5086E643705B2D85A139C4, 0B298C16689C8AA475396C9BEAF1032A156A0D7986931337D47FE3AF72228026 ] Schedule C:\Windows\system32\schedsvc.dll
15:16:55.0603 0x2f2c Schedule - ok
15:16:55.0608 0x2f2c [ 2A50BE713FAF033420466C25979C028E, 46EAF744B8EB23F5D134D63C4600EE46662FAB28282CD762945DFB448D2463B3 ] SCMNdisP C:\Windows\system32\DRIVERS\scmndisp.sys
15:16:55.0608 0x2f2c SCMNdisP - ok
15:16:55.0611 0x2f2c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:16:55.0613 0x2f2c SCPolicySvc - ok
15:16:55.0617 0x2f2c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:16:55.0620 0x2f2c SDRSVC - ok
15:16:55.0679 0x2f2c [ 12F69E16F318A07F594F4EBCB890884F, F7519B9EBF7AFD88D67CBAD340C562274C6C7BAC4AC98EAAF98DA3FA6B376C6E ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
15:16:55.0722 0x2f2c SDScannerService - ok
15:16:55.0783 0x2f2c [ D3D9ABBFA7126667AC8705B6BA6BF80B, 133F59824DD61683C93AC86A36F9C94806D49331D62A4C21F527858C87774AAD ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
15:16:55.0825 0x2f2c SDUpdateService - ok
15:16:55.0833 0x2f2c [ F55393115C4FC202C0B522D4E2F5EE27, 3286992FB5375FC4571374EEF07046DC8B092F47251D0528AD6256244918650E ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
15:16:55.0836 0x2f2c SDWSCService - ok
15:16:55.0839 0x2f2c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:16:55.0839 0x2f2c secdrv - ok
15:16:55.0842 0x2f2c [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon C:\Windows\system32\seclogon.dll
15:16:55.0843 0x2f2c seclogon - ok
15:16:55.0846 0x2f2c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
15:16:55.0847 0x2f2c SENS - ok
15:16:55.0849 0x2f2c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:16:55.0851 0x2f2c SensrSvc - ok
15:16:55.0853 0x2f2c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
15:16:55.0853 0x2f2c Serenum - ok
15:16:55.0856 0x2f2c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
15:16:55.0858 0x2f2c Serial - ok
15:16:55.0860 0x2f2c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:16:55.0861 0x2f2c sermouse - ok
15:16:55.0866 0x2f2c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
15:16:55.0869 0x2f2c SessionEnv - ok
15:16:55.0871 0x2f2c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:16:55.0871 0x2f2c sffdisk - ok
15:16:55.0873 0x2f2c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:16:55.0873 0x2f2c sffp_mmc - ok
15:16:55.0876 0x2f2c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:16:55.0876 0x2f2c sffp_sd - ok
15:16:55.0878 0x2f2c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:16:55.0879 0x2f2c sfloppy - ok
15:16:55.0886 0x2f2c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:16:55.0890 0x2f2c SharedAccess - ok
15:16:55.0898 0x2f2c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:16:55.0903 0x2f2c ShellHWDetection - ok
15:16:55.0906 0x2f2c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:16:55.0907 0x2f2c SiSRaid2 - ok
15:16:55.0909 0x2f2c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:16:55.0910 0x2f2c SiSRaid4 - ok
15:16:55.0917 0x2f2c [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:16:55.0921 0x2f2c SkypeUpdate - ok
15:16:55.0925 0x2f2c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:16:55.0926 0x2f2c Smb - ok
15:16:55.0929 0x2f2c [ 7CBB6D0EFB3624C49FAE7012F216AFFD, 9A230A945B9E889ACFF74F21D68617604F2C762BF1C313475BCFABAFC81FE74F ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
15:16:55.0929 0x2f2c SmbDrvI - ok
15:16:55.0934 0x2f2c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:16:55.0935 0x2f2c SNMPTRAP - ok
15:16:55.0937 0x2f2c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
15:16:55.0937 0x2f2c spldr - ok
15:16:55.0948 0x2f2c [ 8003D39B386EDCCFB08DC21AACC0683A, 99D6A4DBE810335A69AE3053DC4B6AAC267639AD7F9C568431FA0714F6E71F30 ] Spooler C:\Windows\System32\spoolsv.exe
15:16:55.0955 0x2f2c Spooler - ok
15:16:56.0017 0x2f2c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
15:16:56.0055 0x2f2c sppsvc - ok
15:16:56.0061 0x2f2c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:16:56.0062 0x2f2c sppuinotify - ok
15:16:56.0071 0x2f2c [ 1145EC013B72D4E6C60497707BB1A4B6, 1062AE3C61A5ACB25A1899E354DC9AA750658E23B22F2A97E9B181B65A50AA46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:16:56.0077 0x2f2c srv - ok
15:16:56.0085 0x2f2c [ 2D8FFA3B636368130F909E0CD935B555, 0C0BC56D5F6B1931D9159D98D3C8F4F1C4F4C3674C48430DFAC79926AB355601 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:16:56.0090 0x2f2c srv2 - ok
15:16:56.0098 0x2f2c [ 4B1C343E11065819F687EAC68A5E13F3, 4A850E37ECA4293A12E9C12B96999C4AA84A44177D31DFEF316E52050B1EDDA3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:16:56.0100 0x2f2c srvnet - ok
15:16:56.0107 0x2f2c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:16:56.0110 0x2f2c SSDPSRV - ok
15:16:56.0113 0x2f2c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:16:56.0115 0x2f2c SstpSvc - ok
15:16:56.0142 0x2f2c [ 3BCC3C334DF59EE4765B31730D7EA04C, BA193D484666BF5FFEEF715A74501F068E13F0330E5EFD4A9864175E313EAB63 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:16:56.0161 0x2f2c Steam Client Service - ok
15:16:56.0172 0x2f2c [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:16:56.0177 0x2f2c Stereo Service - ok
15:16:56.0180 0x2f2c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:16:56.0180 0x2f2c stexstor - ok
15:16:56.0192 0x2f2c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
15:16:56.0199 0x2f2c stisvc - ok
15:16:56.0203 0x2f2c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:16:56.0204 0x2f2c storflt - ok
15:16:56.0207 0x2f2c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
15:16:56.0208 0x2f2c StorSvc - ok
15:16:56.0211 0x2f2c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:16:56.0211 0x2f2c storvsc - ok
15:16:56.0213 0x2f2c [ 10DCD3BDFA785E1482EC02304A7E9B96, DBD348388F5B17F2620A9D40D1191A51BA6CDAF15E37503630D859FB144486A1 ] swenum C:\Windows\system32\drivers\swenum.sys
15:16:56.0214 0x2f2c swenum - ok
15:16:56.0224 0x2f2c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
15:16:56.0231 0x2f2c swprv - ok
15:16:56.0234 0x2f2c [ BCB6AA197267D3506BE2535342FC40E0, 562154EEFEB433680C19CE07A1D0E1058977A25367775061544F2A66439F4400 ] synusb64 C:\Windows\system32\DRIVERS\synusb64.sys
15:16:56.0234 0x2f2c synusb64 - ok
15:16:56.0262 0x2f2c [ 15CF7B24AA64FE958CAEA00274838B1C, 820F7CF1CCD036A1871D728C1CC80D9E9BB5E3BD5D9C7BC822B1711D8DB79707 ] SysMain C:\Windows\system32\sysmain.dll
15:16:56.0282 0x2f2c SysMain - ok
15:16:56.0287 0x2f2c [ AD359C53941A6AC57FB935E7E9F1D16E, 6D53065ECE8E928CC045E16B7618D866C121EBA6C6CBDADC97C2B0DC8D8CF9FC ] TabletInputService C:\Windows\System32\TabSvc.dll
15:16:56.0289 0x2f2c TabletInputService - ok
15:16:56.0296 0x2f2c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
15:16:56.0300 0x2f2c TapiSrv - ok
15:16:56.0332 0x2f2c [ 34BF33A8E67353FE0F7135DC9EA6686B, 6C31FB0CD1685E8095DE384279E37DD24AC1DD48924BA6B8D024B165A6C490FC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:16:56.0356 0x2f2c Tcpip - ok
15:16:56.0387 0x2f2c [ 34BF33A8E67353FE0F7135DC9EA6686B, 6C31FB0CD1685E8095DE384279E37DD24AC1DD48924BA6B8D024B165A6C490FC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:16:56.0407 0x2f2c TCPIP6 - ok
15:16:56.0413 0x2f2c [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:16:56.0413 0x2f2c tcpipreg - ok
15:16:56.0416 0x2f2c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:16:56.0417 0x2f2c TDPIPE - ok
15:16:56.0419 0x2f2c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:16:56.0420 0x2f2c TDTCP - ok
15:16:56.0423 0x2f2c [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:16:56.0425 0x2f2c tdx - ok
15:16:56.0481 0x2f2c [ 8B39960C4C57301E39C5B8BBABBB8C88, 48C1175B8A0BF45A873FA0BD5F3A21B3A12E516B7D80FF87C158DCD8078418A1 ] TechSmith Uploader Service C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
15:16:56.0521 0x2f2c TechSmith Uploader Service - ok
15:16:56.0527 0x2f2c [ AC24D7A7D9EEDE11E2926F9001BEAFB5, 04F8FEC125B70A292DF4748925064CBDDF6D8FFF596ACD1EB063425E22505472 ] TermDD C:\Windows\system32\drivers\termdd.sys
15:16:56.0528 0x2f2c TermDD - ok
15:16:56.0540 0x2f2c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
15:16:56.0548 0x2f2c TermService - ok
15:16:56.0551 0x2f2c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
15:16:56.0553 0x2f2c Themes - ok
15:16:56.0556 0x2f2c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
15:16:56.0557 0x2f2c THREADORDER - ok
15:16:56.0562 0x2f2c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
15:16:56.0564 0x2f2c TrkWks - ok
15:16:56.0569 0x2f2c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:16:56.0571 0x2f2c TrustedInstaller - ok
15:16:56.0574 0x2f2c [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:16:56.0575 0x2f2c tssecsrv - ok
15:16:56.0578 0x2f2c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:16:56.0579 0x2f2c TsUsbFlt - ok
15:16:56.0581 0x2f2c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:16:56.0582 0x2f2c TsUsbGD - ok
15:16:56.0586 0x2f2c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:16:56.0588 0x2f2c tunnel - ok
15:16:56.0590 0x2f2c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:16:56.0591 0x2f2c uagp35 - ok
15:16:56.0599 0x2f2c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:16:56.0603 0x2f2c udfs - ok
15:16:56.0608 0x2f2c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:16:56.0609 0x2f2c UI0Detect - ok
15:16:56.0612 0x2f2c [ B70E26A57F35ECA5199E6D6B9592A67C, 8ECCEEA69A69FBDC4AFEB2EC306FCEE6B569370F599D76F4CFDEAF77A0CD018C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:16:56.0613 0x2f2c uliagpkx - ok
15:16:56.0616 0x2f2c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:16:56.0617 0x2f2c umbus - ok
15:16:56.0619 0x2f2c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
15:16:56.0619 0x2f2c UmPass - ok
15:16:56.0624 0x2f2c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
15:16:56.0627 0x2f2c UmRdpService - ok
15:16:56.0635 0x2f2c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
15:16:56.0640 0x2f2c upnphost - ok
15:16:56.0644 0x2f2c [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:16:56.0646 0x2f2c usbaudio - ok
15:16:56.0649 0x2f2c [ E6DFE1F33B1250A6E26EA6F6CE10B09C, BCA9E05BDBFC8D5B7095DE2F5CCE4C40E2CA5BA8D983039500A8D016723CA763 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:16:56.0651 0x2f2c usbccgp - ok
15:16:56.0654 0x2f2c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:16:56.0655 0x2f2c usbcir - ok
15:16:56.0659 0x2f2c [ 234F9E56606CE5D1549DE7D4CCA4DE0C, 6BC996A27AEA91DD82B3E9492889D38E3A5B98404AD0C018DA091E1450998AA7 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:16:56.0660 0x2f2c usbehci - ok
15:16:56.0667 0x2f2c [ 0A33C9EC6822B24E26687F1EC6346922, 44295855AC7DCD098EA4A2379B9896F347147FCB02E2DCC82F2064FB31D2E7A5 ] usbhub C:\Windows\system32\drivers\usbhub.sys
15:16:56.0671 0x2f2c usbhub - ok
15:16:56.0673 0x2f2c [ 9C456BFD0FF50CB5B7ECDA7B7529F63B, 70AADB0702BEB00243CA315D7898F484898A58E58A6935185FBF091A78B2218E ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:16:56.0674 0x2f2c usbohci - ok
15:16:56.0677 0x2f2c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:16:56.0677 0x2f2c usbprint - ok
15:16:56.0681 0x2f2c [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:16:56.0682 0x2f2c USBSTOR - ok
15:16:56.0684 0x2f2c [ 3C1D50EBDC6F531C0AA905D71956E106, E32EB5DAD87235E40568DB1BD80EAE16C9AF55606BEF5FAB25B0EF503369493E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:16:56.0685 0x2f2c usbuhci - ok
15:16:56.0687 0x2f2c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
15:16:56.0689 0x2f2c UxSms - ok
15:16:56.0691 0x2f2c [ 7645DA586C40CF349A4E1BA1903F4FFE, 1115EEA3F472E618C82F208DC308F56C711188DEB6213EB237516D64A13BE7A6 ] VaultSvc C:\Windows\system32\lsass.exe
15:16:56.0692 0x2f2c VaultSvc - ok
15:16:56.0694 0x2f2c [ 7BDCE021786C3DCCFD2C22EBF643EE36, 92842E529EBDE9A9A9408287182BF1ECD8737C1DA39AF20570528CBD37D43228 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:16:56.0695 0x2f2c vdrvroot - ok
15:16:56.0706 0x2f2c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
15:16:56.0712 0x2f2c vds - ok
15:16:56.0716 0x2f2c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:16:56.0716 0x2f2c vga - ok
15:16:56.0718 0x2f2c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:16:56.0719 0x2f2c VgaSave - ok
15:16:56.0725 0x2f2c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:16:56.0727 0x2f2c vhdmp - ok
15:16:56.0730 0x2f2c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
15:16:56.0730 0x2f2c viaide - ok
15:16:56.0735 0x2f2c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:16:56.0738 0x2f2c vmbus - ok
15:16:56.0740 0x2f2c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:16:56.0741 0x2f2c VMBusHID - ok
15:16:56.0743 0x2f2c [ 8EDE91FBAC7BF7605323C517C717A253, 8441DBE652E8922B888649FF8F37D5593FD8938E3AFFB69323184DE8E4A5EBDB ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:16:56.0744 0x2f2c volmgr - ok
15:16:56.0751 0x2f2c [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:16:56.0756 0x2f2c volmgrx - ok
15:16:56.0763 0x2f2c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:16:56.0766 0x2f2c volsnap - ok
15:16:56.0771 0x2f2c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:16:56.0773 0x2f2c vsmraid - ok
15:16:56.0803 0x2f2c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
15:16:56.0821 0x2f2c VSS - ok
15:16:56.0824 0x2f2c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:16:56.0825 0x2f2c vwifibus - ok
15:16:56.0828 0x2f2c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:16:56.0829 0x2f2c vwififlt - ok
15:16:56.0838 0x2f2c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
15:16:56.0843 0x2f2c W32Time - ok
15:16:56.0847 0x2f2c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:16:56.0847 0x2f2c WacomPen - ok
15:16:56.0851 0x2f2c [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:16:56.0852 0x2f2c WANARP - ok
15:16:56.0855 0x2f2c [ DC4CB3626E7423B9D83CF1B4857FDF15, 36BC894AC01A2A493D408F9F6B65064E901882F038A8A74CA4F21735D283E46F ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:16:56.0856 0x2f2c Wanarpv6 - ok
15:16:56.0884 0x2f2c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
15:16:56.0900 0x2f2c wbengine - ok
15:16:56.0907 0x2f2c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:16:56.0910 0x2f2c WbioSrvc - ok
15:16:56.0917 0x2f2c [ 79E3903FD75A22386326B542F17A2563, 3CCCE0BCDE12240BE7E108A8C0A959A33C8462A0DE8510F28FA0107C4A9A1F05 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:16:56.0922 0x2f2c wcncsvc - ok
15:16:56.0925 0x2f2c [ 35050F01D00E7E72A2449EB6F9ABF8B4, CF45943E14D2418E83CF4DC836D3AFE4ED61186B6B9DA25EF745DC6FBB07FAC5 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:16:56.0926 0x2f2c WcsPlugInService - ok
15:16:56.0929 0x2f2c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
15:16:56.0929 0x2f2c Wd - ok
15:16:56.0943 0x2f2c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:16:56.0951 0x2f2c Wdf01000 - ok
15:16:56.0955 0x2f2c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:16:56.0958 0x2f2c WdiServiceHost - ok
15:16:56.0960 0x2f2c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:16:56.0962 0x2f2c WdiSystemHost - ok
15:16:56.0968 0x2f2c [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient C:\Windows\System32\webclnt.dll
15:16:56.0972 0x2f2c WebClient - ok
15:16:56.0978 0x2f2c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:16:56.0981 0x2f2c Wecsvc - ok
15:16:56.0985 0x2f2c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:16:56.0987 0x2f2c wercplsupport - ok
15:16:56.0990 0x2f2c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
15:16:56.0992 0x2f2c WerSvc - ok
15:16:56.0995 0x2f2c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:16:56.0995 0x2f2c WfpLwf - ok
15:16:56.0997 0x2f2c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:16:56.0998 0x2f2c WIMMount - ok
15:16:56.0999 0x2f2c WinDefend - ok
15:16:57.0003 0x2f2c WinHttpAutoProxySvc - ok
15:16:57.0011 0x2f2c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:16:57.0014 0x2f2c Winmgmt - ok
15:16:57.0047 0x2f2c [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM C:\Windows\system32\WsmSvc.dll
15:16:57.0070 0x2f2c WinRM - ok
15:16:57.0077 0x2f2c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUSB.sys
15:16:57.0078 0x2f2c WinUsb - ok
15:16:57.0093 0x2f2c [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:16:57.0105 0x2f2c Wlansvc - ok
15:16:57.0142 0x2f2c [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:16:57.0168 0x2f2c wlidsvc - ok
15:16:57.0173 0x2f2c [ 43471A750D4F3918AC92F5131AE252D3, E843AA1555262F521B924BBB1505474757E1BB9540FCCF93BC0BE2059F497C87 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:16:57.0173 0x2f2c WmiAcpi - ok
15:16:57.0179 0x2f2c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:16:57.0181 0x2f2c wmiApSrv - ok
15:16:57.0183 0x2f2c WMPNetworkSvc - ok
15:16:57.0186 0x2f2c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:16:57.0187 0x2f2c WPCSvc - ok
15:16:57.0191 0x2f2c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:16:57.0193 0x2f2c WPDBusEnum - ok
15:16:57.0196 0x2f2c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:16:57.0196 0x2f2c ws2ifsl - ok
15:16:57.0200 0x2f2c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
15:16:57.0202 0x2f2c wscsvc - ok
15:16:57.0205 0x2f2c [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:16:57.0206 0x2f2c WSDPrintDevice - ok
15:16:57.0208 0x2f2c [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:16:57.0209 0x2f2c WSDScan - ok
15:16:57.0210 0x2f2c WSearch - ok
15:16:57.0219 0x2f2c [ E1C281225E6ECB16BC675D0687077E40, 79CD615FB6A05F791A554FC83717D2805829D07E16E96C2A9B41FF50847B5504 ] WSWNA3100 C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
15:16:57.0222 0x2f2c WSWNA3100 - ok
15:16:57.0264 0x2f2c [ 0A2E5059B5775E7DBBE05B8156ECE0C6, 75584C0E9EACB26585795C24A0DE19709A6842D286B5DD99036880D66DD20CDD ] wuauserv C:\Windows\system32\wuaueng.dll
15:16:57.0296 0x2f2c wuauserv - ok
15:16:57.0301 0x2f2c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:16:57.0302 0x2f2c WudfPf - ok
15:16:57.0307 0x2f2c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:16:57.0310 0x2f2c WUDFRd - ok
15:16:57.0313 0x2f2c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:16:57.0315 0x2f2c wudfsvc - ok
15:16:57.0320 0x2f2c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:16:57.0324 0x2f2c WwanSvc - ok
15:16:57.0327 0x2f2c ================ Scan global ===============================
15:16:57.0329 0x2f2c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:16:57.0335 0x2f2c [ 621ED03681A4FCE8542A4C9A380C3DE8, 9E17D90199B5931C34C5998231CBCBF9FC1A4410BAD4342CFF559713139CF79D ] C:\Windows\system32\winsrv.dll
15:16:57.0343 0x2f2c [ 621ED03681A4FCE8542A4C9A380C3DE8, 9E17D90199B5931C34C5998231CBCBF9FC1A4410BAD4342CFF559713139CF79D ] C:\Windows\system32\winsrv.dll
15:16:57.0348 0x2f2c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:16:57.0355 0x2f2c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:16:57.0359 0x2f2c [ Global ] - ok
15:16:57.0360 0x2f2c ================ Scan MBR ==================================
15:16:57.0361 0x2f2c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:16:57.0475 0x2f2c \Device\Harddisk0\DR0 - ok
15:16:57.0500 0x2f2c [ 489C86DEFBF26ED7E9E984BCAAB1D64C ] \Device\Harddisk1\DR1
15:16:57.0770 0x2f2c \Device\Harddisk1\DR1 - ok
15:16:57.0770 0x2f2c ================ Scan VBR ==================================
15:16:57.0772 0x2f2c [ 301745DE0E2320A95CD6269A4AD17ED7 ] \Device\Harddisk0\DR0\Partition1
15:16:57.0773 0x2f2c \Device\Harddisk0\DR0\Partition1 - ok
15:16:57.0774 0x2f2c [ DCA9A3B76DAEFECEEEB7C48B347456CA ] \Device\Harddisk0\DR0\Partition2
15:16:57.0775 0x2f2c \Device\Harddisk0\DR0\Partition2 - ok
15:16:57.0776 0x2f2c [ BA5E50E6649D3A47CD1AE40577EF37A6 ] \Device\Harddisk1\DR1\Partition1
15:16:57.0777 0x2f2c \Device\Harddisk1\DR1\Partition1 - ok
15:16:57.0777 0x2f2c ================ Scan generic autorun ======================
15:16:57.0983 0x2f2c [ 64E5F0B28CB41B44C30D90930D6E5F3A, D58A709FE89C16FAD7F282783E6DE48376A49D0A79EF068D0B43E4ED684C23A7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:16:58.0123 0x2f2c RTHDVCPL - ok
15:16:58.0141 0x2f2c [ 48515EEA1608ECD83FE26C7490460F59, C7C552D13ED12B4165FDE45F69E170D4F18B746D84B3B08E7254AAF8D9671D0C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
15:16:58.0147 0x2f2c AdobeAAMUpdater-1.0 - ok
15:16:58.0153 0x2f2c [ 7DC06D017872420EAFBD512225F8F4E2, FF47A89958AB9995DC8CAE1848528C326B9306E88E19ACC25ED23D64EFA0DF66 ] C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe
15:16:58.0157 0x2f2c AdobeGCInvoker-1.0 - ok
15:16:58.0163 0x2f2c [ 2F4FE254B5E7FC16A6C6545838EC2DE9, 7E3147B639E31B403C56DEA747B7104AFB3180A3B0803CC22D9E8A036CABBFC1 ] C:\Program Files\iTunes\iTunesHelper.exe
15:16:58.0167 0x2f2c iTunesHelper - ok
15:16:58.0204 0x2f2c [ 50E68F8313263B1A12A767341A25663B, FE7785CB59EC46CD625312D3ACC825FF3533C120FB1801AD0F281FD443B0F3BE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
15:16:58.0228 0x2f2c Adobe Creative Cloud - ok
15:16:58.0233 0x2f2c [ 21972992ACE66962572F42C58D8E04D0, 33951B2D03A172BE8A06D1824A8E376D6BECDA4167957FD2FBE8D1B1C5FD3A71 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:16:58.0234 0x2f2c APSDaemon - ok
15:16:58.0241 0x2f2c [ 271B0D188430670509CB9943D5229205, 74CB5A9D8B5988AE08C0F65C601FC54F8745BAB6825B6FEEFBA8F068D656D8D7 ] C:\Program Files (x86)\QuickTime\QTTask.exe
15:16:58.0246 0x2f2c QuickTime Task - ok
15:16:58.0276 0x2f2c [ FE850A0449C93166B64A4761F79E430F, C6C0F256622AC02995B2F59453ABC11AD077FA38BC5DA74B56EF634BDC07797E ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe
15:16:58.0296 0x2f2c Acrobat Assistant 8.0 - ok
15:16:58.0315 0x2f2c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:16:58.0328 0x2f2c Sidebar - ok
15:16:58.0331 0x2f2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:16:58.0333 0x2f2c mctadmin - ok
15:16:58.0351 0x2f2c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:16:58.0363 0x2f2c Sidebar - ok
15:16:58.0367 0x2f2c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:16:58.0369 0x2f2c mctadmin - ok
15:16:58.0393 0x2f2c [ 67590595FC7F03C0BC697AB409621A36, 7039477ED1C7C9A2DF0D7779D63AC8595D2A612C70B861342940D2F2093667E4 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
15:16:58.0409 0x2f2c GoogleChromeAutoLaunch_4E6299B33FA0592A57BB7C6E94F010D2 - ok
15:16:58.0415 0x2f2c [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] C:\Users\Chris\AppData\Local\Dropbox\Update\DropboxUpdate.exe
15:16:58.0417 0x2f2c Dropbox Update - ok
15:16:58.0557 0x2f2c [ 036D82DD70A5D8B7A29BCDDF3E5C243D, E54A465BF2D70C93B440B05612C8F11B7CA8C8AEECB822E65E518DD862A00700 ] E:\Program Files (x86)\Steam\steam.exe
15:16:58.0590 0x2f2c Steam - ok
15:16:58.0641 0x2f2c [ DE985461BC45B70315E9E9C7D99291AF, 9B38421D63BF218B5A44AD88DA8F4D887E0CF2701F75484392E0B14CC6D7351E ] C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music Helper.exe
15:16:58.0671 0x2f2c Amazon Music Helper - ok
15:16:58.0975 0x2f2c [ ACEDDBE573FCD2B8E1AD3E580E7EC20C, 6B2651DC3371E4C4F33D5F050F65524F34795034A2C40B5DA7259D26F64530D0 ] C:\Users\Chris\AppData\Local\Amazon Music\Amazon Music.exe
15:16:59.0181 0x2f2c Amazon Music - ok
15:16:59.0195 0x2f2c Waiting for KSN requests completion. In queue: 120
15:17:00.0217 0x2f2c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\AviraSecurityCenterAgent.exe ( 15.0.40.2 ), 0x41000 ( enabled : updated )
15:17:00.0341 0x2f2c AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.167 ), 0x61000 ( enabled : updated )
15:17:00.0353 0x2f2c Win FW state via NFP2: enabled ( trusted )
15:17:00.0427 0x2f2c ============================================================
15:17:00.0427 0x2f2c Scan finished
15:17:00.0427 0x2f2c ============================================================
15:17:00.0432 0x0ee0 Detected object count: 0
15:17:00.0432 0x0ee0 Actual detected object count: 0
|
|
17.09.2018, 19:44
| #4 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™   | Mails verschickt von eigenem Rechner - RAT?Zitat:
Zitat:
"Irgendwas" hilft hier niemandem weiter. Wenn musst du schon den genauen Wortlaut kopieren. Und ob überhaupt von deinem Account gespamt wurde. Nur weil eine Mail scheinbar von deine Absendeadresse kommt, heißt das noch lange nicht, dass auch dein ccount gehackt wurde. Siehe https://de.wikipedia.org/wiki/Mail-Spoofing
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
| Themen zu Mails verschickt von eigenem Rechner - RAT? |
| account, aktiv, antivir, ausgang, avdevprot, bereits, canon, domain, eigenem, eigener, freund, google, heute, installier, installiert, konnte, mail, mails, postausgang, posts, rechner, schonmal, uhrzeit, verschickt, weiterhelfen, wirklich, zugriff |
Linear-Darstellung
