Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Reinigung + komisches Akamai (https://www.trojaner-board.de/169315-reinigung-komisches-akamai.html)

Sumple 04.08.2015 08:55
Reinigung + komisches Akamai
 
Hallo,

Mein PC zeigt seit einigen Tagen ein BlueScreen an und er hängt sich oft auf.

Ich würde auch gerne mal Kontrollieren lassen, ob hier alles in Ordnung ist :)

Denn es hatte sich so ein komisches "Akamai Programm" im Hintergrund installiert und irgendetwas gearbeitet...

Alle geforderten Sachen sind im Anhang :)

MFG Sumple

schrauber 04.08.2015 08:57
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Sumple 04.08.2015 09:03
Okay, kein Problem:

Code:
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2015-08-04 01:24:05
-----------------------------
01:24:05.051    OS Version: Windows x64 6.1.7601 Service Pack 1
01:24:05.051    Number of processors: 8 586 0x3A09
01:24:05.052    ComputerName: ADMIN-PC  UserName: Admin
01:24:07.044    Initialize success
01:24:07.078    VM: initialized successfully
01:24:07.078    VM: Intel CPU supported
01:24:11.648    VM: supported disk I/O ataport.SYS
01:27:23.937    AVAST engine defs: 15080301
01:32:11.911    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP4T0L0-4
01:32:11.912    Disk 0 Vendor: SAMSUNG_HD103SI 1AG01118 Size: 953869MB BusType: 11
01:32:11.914    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-5
01:32:11.915    Disk 1 Vendor: SAMSUNG_HD154UI 1AG01118 Size: 1430799MB BusType: 11
01:32:12.065    VM: Disk 1 MBR read successfully
01:32:12.068    Disk 1 MBR scan
01:32:12.071    Disk 1 unknown MBR code
01:32:12.073    Disk 1 Partition 1 00    EE            GPT          2097151 MB offset 1
01:32:12.099    Disk 1 scanning C:\Windows\system32\drivers
01:32:18.893    Service scanning
01:32:33.692    Modules scanning
01:32:33.697    Disk 1 trace - called modules:
01:32:33.742    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStorF.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
01:32:33.746    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8007c91060]
01:32:33.749    3 CLASSPNP.SYS[fffff880011cb43f] -> nt!IofCallDriver -> [0xfffffa8007ac2860]
01:32:33.751    5 iaStorF.sys[fffff880018629a0] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP5T0L0-5[0xfffffa80079bc060]
01:32:36.405    AVAST engine scan C:\Windows
01:32:39.314    AVAST engine scan C:\Windows\system32
01:35:18.108    AVAST engine scan C:\Windows\system32\drivers
01:35:27.752    AVAST engine scan C:\Users\Admin
01:37:59.081    AVAST engine scan C:\ProgramData
01:38:43.424    Disk 1 statistics 5045534/0/5 @ 10,44 MB/s
01:38:43.428    Scan finished successfully
01:38:51.490    Disk 1 MBR has been saved successfully to "C:\Users\Admin\Desktop\MBR.dat"
01:38:51.493    The log file has been saved successfully to "C:\Users\Admin\Desktop\aswMBR.txt"
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 09:37 on 04/08/2015 (Admin)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-04 09:41:16
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP5T0L0-5 SAMSUNG_HD154UI rev.1AG01118 1397,27GB
Running: d3zrc5te.exe; Driver: C:\Users\Admin\AppData\Local\Temp\aglorpod.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!PeekMessageA                                                                                          0000000077ac3a18 14 bytes [68, 30, 43, 8C, FD, C7, 44, ...]
.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!GetMessageA                                                                                            0000000077ac6110 14 bytes [68, 30, 42, 8C, FD, C7, 44, ...]
.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!IsDialogMessageW                                                                                      0000000077ac66c0 14 bytes [68, F0, 41, 8C, FD, C7, 44, ...]
.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!PeekMessageW                                                                                          0000000077ac8fd0 14 bytes [68, D0, 43, 8C, FD, C7, 44, ...]
.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!GetMessageW                                                                                            0000000077ac9e74 14 bytes [68, B0, 42, 8C, FD, C7, 44, ...]
.text  C:\Windows\system32\winlogon.exe[912] C:\Windows\system32\USER32.dll!IsDialogMessage                                                                                        0000000077b03268 14 bytes [68, B0, 41, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!GetMessageW                                                        0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!GetMessageA                                                        0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                        0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                        0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                    0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                    0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                            0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                              0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                            0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                            0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                              0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                        0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                              0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                        0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                              0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                  0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                            0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                              0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                              0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                            0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                        0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe[600] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                        0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!GetMessageW                                    0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!GetMessageA                                    0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!PeekMessageW                                    0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!PeekMessageA                                    0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                        0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                          0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                        0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                        0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                          0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                    0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                          0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                    0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                          0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                              0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                        0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                          0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                            0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                          0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                        0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                    0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe[2084] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                    0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!GetMessageW                                                  0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!GetMessageA                                                  0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                              0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                            0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                    0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                      0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                    0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                    0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                        0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                        0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                      0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                            0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                    0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                      0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                          0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                      0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                    0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2172] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                0000000077462ab1 5 bytes JMP 0000000100b1f63e
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!GetMessageW                                                        0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!GetMessageA                                                        0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                      0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                      0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                    0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                  0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                          0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                            0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                          0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                          0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                              0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                      0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                              0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                      0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                            0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                  0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                          0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                            0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                            0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                          0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                      0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[2164] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                      0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                        0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                        0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                      0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                      0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                                    0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                                  0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                          0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                            0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                          0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460]

Sumple 04.08.2015 09:04
Code:
C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                          0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                              0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                      0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                              0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                      0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                            0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                  0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                          0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                            0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                            0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                          0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                      0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe[2460] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                      0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                                              0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                                              0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                                            0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                                            0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                                                          0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                                                        0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 4                                                                                  00000000747813b0 2 bytes JMP 765a5660 C:\Windows\syswow64\SHELL32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathW + 20                                                                                  00000000747813c0 2 bytes CALL 76329cee C:\Windows\syswow64\msvcrt.dll
.text  ...                                                                                                                                                                        * 20
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 22                                                                                  000000007478153e 2 bytes CALL 76637794 C:\Windows\syswow64\SHELL32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\SysWOW64\SHFOLDER.dll!SHGetFolderPathA + 43                                                                                  0000000074781553 2 bytes CALL 778510ff C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                  0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                    0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                            0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                    0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                            0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                  0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                        0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                  0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                      0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                  0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                            0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnat.exe[1052] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                            0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!GetMessageW                  0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!GetMessageA                  0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!PeekMessageW                  0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!PeekMessageA                  0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!IsDialogMessage              0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\USER32.dll!IsDialogMessageW              0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17        0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17        0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17            0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17          0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe[3184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                  0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                    0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                  0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                  0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                    0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                              0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                    0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                              0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                    0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                        0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                  0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                    0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                      0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                    0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                  0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                              0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe[3576] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                              0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\kernel32.dll!CreateThread + 28                                                  00000000778534a1 4 bytes {CALL 0xffffffff89a845b0}
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!GetMessageW                                                          0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!GetMessageA                                                          0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                        0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                        0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                      0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                    0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                            0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                              0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                            0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                            0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                        0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                        0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                              0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                    0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                            0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                              0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                  0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                              0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                            0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                        0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe[3584] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                        0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!GetMessageW                                                          0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!GetMessageA                                                          0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                          0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                          0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                      0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                      0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                              0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                              0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                              0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                          0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                          0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                    0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                              0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                  0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                              0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                          0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe[3600] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                          0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                                          0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                                          0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                                        0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                                        0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                                                      0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                                                    0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                            0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                              0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                            0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                            0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                        0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                        0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                              0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                    0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                            0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                              0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                  0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                              0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                            0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                        0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\vmnetdhcp.exe[3652] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                        0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                          0000000077bfde30 16 bytes [50, 48, B8, 34, 35, 69, F7, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!PeekMessageA                                                              0000000077ac3a18 14 bytes [68, 30, 43, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!GetMessageA                                                                0000000077ac6110 14 bytes [68, 30, 42, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!IsDialogMessageW                                                          0000000077ac66c0 14 bytes [68, F0, 41, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!PeekMessageW                                                              0000000077ac8fd0 14 bytes [68, D0, 43, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!GetMessageW                                                                0000000077ac9e74 14 bytes [68, B0, 42, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4172] C:\Windows\system32\USER32.dll!IsDialogMessage                                                            0000000077b03268 14 bytes [68, B0, 41, 8C, FD, C7, 44, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1272] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5248] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5272] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5280] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!GetMessageW                          0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!GetMessageA                          0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!PeekMessageW                        0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!PeekMessageA                        0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!IsDialogMessage                      0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                    0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17            0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17              0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17            0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42            0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17        0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17        0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17              0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                    0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17            0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17              0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                  0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17              0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17            0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20        0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe[6092] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31        0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!GetMessageW                                            0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!GetMessageA                                            0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!PeekMessageW                                            0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!PeekMessageA                                            0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                        0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                        0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                  0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                  0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                            0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                  0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                            0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                  0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                      0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                  0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                    0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                  0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                            0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe[5832] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                            0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!GetMessageW                                            0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!GetMessageA                                            0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!PeekMessageW                                            0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!PeekMessageA                                            0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                        0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                        0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                  0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                  0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                            0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                  0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                            0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                  0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                      0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                  0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                    0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                  0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                            0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe[3504] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                            0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                  0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                  0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                  0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                  0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                              0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                              0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                      0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                        0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                      0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                      0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                        0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                  0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                        0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                  0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                        0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                            0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                      0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                        0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                          0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                        0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                      0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                  0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[5212] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                  0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
?      C:\Windows\system32\mssprxy.dll [5212] entry point in ".rdata" section                                                                                                      0000000061ae71e6
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                  0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                  0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                  0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                  0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                              0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                              0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                      0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                        0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                      0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                      0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                        0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                  0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                        0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                  0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                        0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                            0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                      0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                        0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                          0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                        0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                      0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                  0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4632] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                  0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                  0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                  0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                  0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                  0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                              0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                              0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                      0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                        0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                      0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                      0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                        0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                  0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                        0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                  0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                        0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                            0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                      0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                        0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                          0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                        0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                      0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                  0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe[4040] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                  0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[3520] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7780] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476]
C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[4476] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[1860] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                      0000000077bfdc80 16 bytes [50, 48, B8, 4C, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadToken                                                          0000000077bfddf0 16 bytes [50, 48, B8, A4, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcess                                                              0000000077bfde10 48 bytes [50, 48, B8, 20, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtUnmapViewOfSection                                                        0000000077bfde50 16 bytes [50, 48, B8, 70, F0, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThreadTokenEx                                                        0000000077bfdea0 32 bytes [50, 48, B8, C8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenFile                                                                  0000000077bfdee0 16 bytes [50, 48, B8, B0, EE, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtQueryAttributesFile                                                      0000000077bfdf80 16 bytes [50, 48, B8, F8, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                                0000000077bfe100 16 bytes [50, 48, B8, 74, ED, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenProcessToken                                                          0000000077bfeb70 16 bytes [50, 48, B8, 44, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtOpenThread                                                                0000000077bfebc0 16 bytes [50, 48, B8, 80, EF, 57, 3F, ...]
.text  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe[7628] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  0000000077bfed10 16 bytes [50, 48, B8, 0C, F0, 57, 3F, ...]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!GetMessageW                                                                                      0000000075c578e2 6 bytes [68, E0, 40, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!GetMessageA                                                                                      0000000075c57bd3 6 bytes [68, 40, 40, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!PeekMessageW                                                                                    0000000075c605ba 6 bytes [68, 30, 42, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!PeekMessageA                                                                                    0000000075c65f74 6 bytes [68, 80, 41, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!IsDialogMessage                                                                                  0000000075c750ed 6 bytes [68, 40, 3F, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\USER32.dll!IsDialogMessageW                                                                                0000000075c7c701 6 bytes [68, C0, 3F, 5B, 75, C3]
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                        0000000075e51401 2 bytes JMP 7787b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                          0000000075e51419 2 bytes JMP 7787b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                        0000000075e51431 2 bytes JMP 778f8f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                        0000000075e5144a 2 bytes CALL 7785489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                                        * 9
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                            0000000075e514dd 2 bytes JMP 778f8822 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                    0000000075e514f5 2 bytes JMP 778f89f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                            0000000075e5150d 2 bytes JMP 778f8718 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                    0000000075e51525 2 bytes JMP 778f8ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                          0000000075e5153d 2 bytes JMP 7786fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                0000000075e51555 2 bytes JMP 778768ef C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                        0000000075e5156d 2 bytes JMP 778f8fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                          0000000075e51585 2 bytes JMP 778f8b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                              0000000075e5159d 2 bytes JMP 778f86dc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                          0000000075e515b5 2 bytes JMP 7786fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                        0000000075e515cd 2 bytes JMP 7787b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                    0000000075e516b2 2 bytes JMP 778f8ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Users\Admin\Downloads\d3zrc5te.exe[7936] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                    0000000075e516bd 2 bytes JMP 778f8671 C:\Windows\syswow64\kernel32.dll

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk1\DR1                                                                                                                                                      unknown MBR code

---- EOF - GMER 2.1 ----

Sumple 04.08.2015 09:05
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Admin (Administrator) auf ADMIN-PC (04-08-2015 09:42:07)
Gestartet von C:\Users\Admin\Downloads
Geladene Profile: Admin (Verfügbare Profile: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(NetEase) C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8205944 2014-12-30] (Zemana Ltd.)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] ()
HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KE1E1C~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(3).dll [94664 2014-12-30] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KE4A1D~1.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(3).dll [86400 2014-12-30] (Zemana Ltd.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKLM -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKLM-x32 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2368072704-2040548973-2426127649-1000 -> DefaultScope {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2368072704-2040548973-2426127649-1000 -> {59E9C8B1-74FD-4CB6-A815-9E96102F97BD} URL = hxxp://www.google.com/search?hl={language}&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: No Name -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} ->  Keine Datei
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3D882577-7FAA-4CDC-B2E1-872D89332C9E}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Extension: Wörterbuch Deutsch (de-DE), Hunspell-unterstützt - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default\Extensions\de_DE@dicts.j3e.de [2015-07-23]
FF Extension: Blur - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default\Extensions\donottrackplus@abine.com.xpi [2015-07-22]
FF Extension: Disable WebRTC - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default\Extensions\jid1-5Fs7iTLscUaZBgwr@jetpack.xpi [2015-07-22]
FF Extension: Adblock Plus - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-22]
FF Extension: Greasemonkey - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\u7s7ek8q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-07-23]

Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-23]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-23]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-23]
CHR Extension: (Google Sheets) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-23]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-23]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-23]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-23]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-23]
CHR Extension: (Google Search) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-23]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-23]
CHR Extension: (Gmail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-23]
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-23]
CHR Extension: (uBlock Origin) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-07-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-24]
CHR Extension: (Ghostery) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-07-26]
CHR Extension: (IP Domain Country Flag) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mlpapfcfoakknnhkfpencomejbcecdfp [2015-07-27]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (WebRTC Block) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nphkkbaidamjmhfanlpblblcadhfbkdm [2015-07-24]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-11-19] (Intel Corporation)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [76520 2014-12-30] (Zemana Ltd.)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31936 2015-05-31] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
U3 aglorpod; \??\C:\Users\Admin\AppData\Local\Temp\aglorpod.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 09:42 - 2015-08-04 09:42 - 00018073 _____ C:\Users\Admin\Downloads\FRST.txt
2015-08-04 09:41 - 2015-08-04 09:42 - 00000000 ____D C:\FRST
2015-08-04 09:41 - 2015-08-04 09:41 - 00135551 _____ C:\Users\Admin\Downloads\gmer.log
2015-08-04 09:39 - 2015-08-04 09:39 - 02169856 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-08-04 09:37 - 2015-08-04 09:37 - 00000472 _____ C:\Users\Admin\Downloads\defogger_disable.log
2015-08-04 09:37 - 2015-08-04 09:37 - 00000000 _____ C:\Users\Admin\defogger_reenable
2015-08-04 09:36 - 2015-08-04 09:36 - 00050477 _____ C:\Users\Admin\Downloads\Defogger.exe
2015-08-04 09:26 - 2015-08-04 09:25 - 158417712 _____ (AVAST Software) C:\Users\Admin\Desktop\avast2225_free_antivirus_setup.exe
2015-08-04 09:22 - 2015-08-04 09:25 - 158417712 _____ (AVAST Software) C:\Users\Admin\Downloads\avast2225_free_antivirus_setup.exe
2015-08-04 07:10 - 2015-08-04 07:10 - 00915128 _____ (Riverbed Technology, Inc.) C:\Users\Admin\Downloads\WinPcap_4_1_3.exe
2015-08-04 07:06 - 2015-08-04 07:06 - 00001066 _____ C:\Users\Admin\Desktop\PhotoFiltre 7.lnk
2015-08-04 07:06 - 2015-08-04 07:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-08-04 07:06 - 2015-08-04 07:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoFiltre 7
2015-08-04 07:06 - 2015-08-04 07:06 - 00000000 ____D C:\Program Files (x86)\PhotoFiltre 7
2015-08-04 07:03 - 2015-08-04 07:03 - 05239812 _____ C:\Users\Admin\Downloads\pf7-setup-en-7.2.1.exe
2015-08-04 05:32 - 2015-07-31 19:34 - 00000070 _____ C:\Users\Admin\Desktop\ss.txt - Kopie.exe
2015-08-04 04:55 - 2015-08-04 04:55 - 00892416 _____ C:\Users\Admin\Desktop\VT.exe
2015-08-04 03:58 - 2015-08-04 03:58 - 00000000 ____D C:\Users\Admin\Documents\NetBeansProjects
2015-08-04 03:57 - 2015-08-04 03:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NetBeans
2015-08-04 03:57 - 2015-08-04 03:57 - 00000000 ____D C:\Users\Admin\AppData\Local\NetBeans
2015-08-04 02:29 - 2015-08-04 02:30 - 00000000 ____D C:\Program Files\glassfish-4.1
2015-08-04 02:28 - 2015-08-04 03:57 - 00000000 ____D C:\Program Files\NetBeans 8.0.1
2015-08-04 02:28 - 2015-08-04 02:28 - 00002039 _____ C:\Users\Public\Desktop\NetBeans IDE 8.0.1.lnk
2015-08-04 02:28 - 2015-08-04 02:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2015-08-04 02:02 - 2015-08-04 02:02 - 00000000 ____D C:\Windows\Minidump
2015-08-04 01:49 - 2015-08-04 03:52 - 00000000 ____D C:\Users\Admin\.nbi
2015-08-04 01:47 - 2015-08-04 01:47 - 00000000 ____D C:\ProgramData\Sun
2015-08-04 01:46 - 2015-08-04 01:46 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-08-04 01:46 - 2015-08-04 01:46 - 00000000 ____D C:\ProgramData\Oracle
2015-08-04 01:46 - 2015-08-04 01:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-04 01:45 - 2015-08-04 01:46 - 00000000 ____D C:\Program Files\Java
2015-08-04 01:45 - 2015-08-04 01:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-08-04 01:38 - 2015-08-04 01:46 - 213774032 _____ C:\Users\Admin\Downloads\netbeans-8.0.1-windows.exe
2015-08-04 01:38 - 2015-08-04 01:38 - 00380416 _____ C:\Users\Admin\Downloads\d3zrc5te.exe
2015-08-04 01:38 - 2015-08-04 01:38 - 00002208 _____ C:\Users\Admin\Desktop\aswMBR.txt
2015-08-04 01:38 - 2015-08-04 01:38 - 00000512 _____ C:\Users\Admin\Desktop\MBR.dat
2015-08-04 01:37 - 2015-08-04 01:44 - 189276248 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jdk-8u51-windows-x64.exe
2015-08-04 01:28 - 2015-08-04 01:28 - 00221699 _____ C:\Users\Admin\Downloads\_SHARE.zip
2015-08-04 01:23 - 2015-08-04 01:23 - 05200384 _____ (AVAST Software) C:\Users\Admin\Downloads\aswmbr.exe
2015-08-04 01:10 - 2015-08-04 01:10 - 00225603 _____ C:\Users\Admin\Downloads\autoitc-code-f7953fa808fe0ddece92e9b0ce8cec3912f702b3.zip
2015-08-03 21:49 - 2015-08-03 21:49 - 00000000 ____D C:\Users\Admin\Tracing
2015-08-03 03:13 - 2015-08-04 09:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\vlc
2015-08-03 03:13 - 2015-08-03 03:13 - 00000871 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-03 03:13 - 2015-08-03 03:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-08-03 03:13 - 2015-08-03 03:13 - 00000000 ____D C:\Program Files\VideoLAN
2015-08-03 03:12 - 2015-08-03 03:13 - 29833438 _____ C:\Users\Admin\Downloads\vlc-2.2.1-win64.exe
2015-08-03 03:11 - 2015-08-03 03:11 - 00000891 _____ C:\Users\Admin\Downloads\listen.asx
2015-08-03 03:11 - 2015-08-03 03:11 - 00000891 _____ C:\Users\Admin\Desktop\listen.asx
2015-08-02 17:48 - 2015-08-02 17:48 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MinGW-W64 project
2015-08-02 17:46 - 2015-08-02 17:48 - 00000000 ____D C:\mingw-w64
2015-08-02 17:44 - 2015-08-02 17:44 - 00169949 _____ C:\Users\Admin\Downloads\mingw-w64-install.exe
2015-08-02 17:38 - 2015-08-02 17:38 - 01030034 _____ C:\Users\Admin\Downloads\falconcore-0.5.zip
2015-08-02 17:15 - 2015-08-02 17:15 - 01733751 _____ (isotousb.com ) C:\Users\Admin\Downloads\isotousb_14setup.exe
2015-08-02 17:15 - 2015-08-02 17:15 - 00001025 _____ C:\Users\Public\Desktop\ISO to USB.lnk
2015-08-02 17:15 - 2015-08-02 17:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ISO to USB
2015-08-02 17:15 - 2015-08-02 17:15 - 00000000 ____D C:\Program Files (x86)\ISO to USB
2015-08-02 15:03 - 2015-08-02 15:03 - 00000000 ____D C:\Users\Admin\AppData\Local\Aeria Games
2015-08-02 15:02 - 2015-08-02 15:02 - 00000000 ____D C:\ProgramData\Aeria Games
2015-08-02 14:58 - 2015-08-02 14:58 - 00001608 _____ C:\Users\Admin\Desktop\Echo of Soul.lnk
2015-08-02 14:58 - 2015-08-02 14:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-08-02 14:52 - 2015-08-02 14:52 - 00002028 _____ C:\Users\Public\Desktop\Aeria Ignite.lnk
2015-08-02 14:52 - 2015-08-02 14:52 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2015-08-02 14:52 - 2015-08-02 14:52 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Aeria Games & Entertainment
2015-08-02 14:52 - 2015-08-02 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AeriaGames
2015-08-02 14:52 - 2015-08-02 14:52 - 00000000 ____D C:\Program Files (x86)\Aeria Games
2015-08-02 09:44 - 2015-08-02 14:52 - 00000000 ____D C:\AeriaGames
2015-08-02 09:43 - 2015-08-02 09:43 - 00512536 _____ (Aeria Games & Entertainment) C:\Users\Admin\Downloads\echoofsoul_de_downloader2.exe
2015-08-02 09:33 - 2015-05-31 07:59 - 00066752 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmx86.sys
2015-08-02 09:33 - 2015-05-31 07:58 - 00033472 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMkbd.sys
2015-08-02 09:33 - 2015-05-31 07:58 - 00031936 _____ (VMware, Inc.) C:\Windows\system32\Drivers\VMparport.sys
2015-08-02 09:33 - 2015-05-21 17:36 - 00076480 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vsock.sys
2015-08-02 09:33 - 2015-05-21 17:35 - 00068288 _____ (VMware, Inc.) C:\Windows\system32\vsocklib.dll
2015-08-02 09:33 - 2015-05-21 17:35 - 00064192 _____ (VMware, Inc.) C:\Windows\SysWOW64\vsocklib.dll
2015-08-02 09:32 - 2015-08-04 02:03 - 00000000 ____D C:\ProgramData\VMware
2015-08-02 09:32 - 2015-08-02 09:32 - 00002120 _____ C:\Users\Public\Desktop\VMware Player.lnk
2015-08-02 09:32 - 2015-08-02 09:32 - 00000000 ____D C:\Program Files\Common Files\VMware
2015-08-02 09:32 - 2015-08-02 09:32 - 00000000 ____D C:\Program Files (x86)\VMware
2015-08-02 09:32 - 2015-05-31 07:59 - 00931520 _____ (VMware, Inc.) C:\Windows\system32\vnetlib64.dll
2015-08-02 09:32 - 2015-05-31 07:59 - 00359104 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
2015-08-02 09:32 - 2015-05-31 07:59 - 00026816 _____ (VMware, Inc.) C:\Windows\system32\Drivers\vmnetuserif.sys
2015-08-02 09:32 - 2015-05-31 07:58 - 00438464 _____ (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
2015-08-02 09:32 - 2015-05-22 08:03 - 00055488 _____ (VMware, Inc.) C:\Windows\system32\Drivers\hcmon.sys
2015-08-02 09:27 - 2015-08-02 09:28 - 80828040 _____ (VMware, Inc.) C:\Users\Admin\Downloads\VMware-player-7.1.2-2780323.exe
2015-08-02 09:07 - 2015-08-02 09:07 - 00000000 ____D C:\Users\Admin\Desktop\ragpicker_v0.05.2
2015-08-02 09:04 - 2015-08-02 09:04 - 00311110 _____ C:\Users\Admin\Downloads\ragpicker_v0.05.2.tar.gz
2015-08-01 19:16 - 2015-08-04 02:03 - 00001344 _____ C:\Windows\setupact.log
2015-08-01 19:16 - 2015-08-01 19:16 - 00267816 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-01 19:16 - 2015-08-01 19:16 - 00000000 _____ C:\Windows\setuperr.log
2015-07-31 19:34 - 2015-07-31 19:34 - 00000070 _____ C:\Users\Admin\Desktop\ss.txt.exe
2015-07-31 19:23 - 2015-07-31 19:23 - 00026692 _____ C:\Users\Admin\Desktop\22.txt
2015-07-31 18:30 - 2015-07-31 18:30 - 00511063 _____ C:\Users\Admin\Downloads\backup_4d601eeb358aMoZLXqFe55Swku6ZytUXzYVNzMSKVGz2VFk4axDv6BLmAsWNdCuB.sql.gz
2015-07-31 18:27 - 2015-07-31 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
2015-07-31 18:24 - 2015-08-04 08:48 - 00000000 ____D C:\xampp
2015-07-31 18:22 - 2015-07-31 18:23 - 111811208 _____ (Bitnami) C:\Users\Admin\Downloads\xampp-win32-5.5.27-0-VC11-installer.exe
2015-07-31 09:14 - 2015-07-31 09:14 - 00000220 _____ C:\Users\Admin\Desktop\Cossacks Art of War.url
2015-07-31 09:13 - 2015-07-31 09:13 - 00000222 _____ C:\Users\Admin\Desktop\Starbound.url
2015-07-31 07:51 - 2015-07-31 07:51 - 02870984 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2015-07-31 07:43 - 2015-07-31 07:43 - 00058016 _____ C:\Users\Admin\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-31 07:01 - 2015-07-31 08:12 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2015-07-31 05:34 - 2015-07-31 05:34 - 00000000 ____D C:\Users\Admin\Documents\WPA Files
2015-07-31 05:34 - 2015-07-31 05:34 - 00000000 ____D C:\Users\Admin\AppData\Local\Windows Performance Analyzer
2015-07-31 05:34 - 2015-07-31 05:34 - 00000000 ____D C:\SymCache
2015-07-31 05:23 - 2015-07-31 05:46 - 00000000 ____D C:\Users\Admin\Desktop\Neuer Ordner
2015-07-31 05:23 - 2015-07-31 05:23 - 01062299 _____ C:\Users\Admin\Downloads\koda_1.7.3.0.zip
2015-07-31 02:45 - 2015-07-31 02:45 - 01903054 _____ C:\Users\Admin\Downloads\HashTab_v5.2.0.14.zip
2015-07-31 01:35 - 2015-07-31 02:30 - 3374841856 _____ C:\Users\Admin\Downloads\Windows.iso
2015-07-30 22:51 - 2015-07-30 22:51 - 00001144 _____ C:\Users\Public\Desktop\AntiLogger Free.lnk
2015-07-30 22:51 - 2015-07-30 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
2015-07-30 22:51 - 2015-07-30 22:51 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2015-07-30 22:51 - 2014-12-30 13:18 - 00076520 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys
2015-07-30 22:50 - 2015-07-30 22:50 - 00000000 ____D C:\Users\Admin\AppData\Local\AntiLogger Free
2015-07-30 22:42 - 2015-07-30 22:42 - 00289276 _____ C:\Users\Admin\Downloads\ScreenLogger.zip
2015-07-30 22:42 - 2015-07-30 22:42 - 00000000 ____D C:\76cfb8c1e153521d3a5efbec84844e
2015-07-30 22:41 - 2015-07-30 22:42 - 03688000 _____ (Zemana Ltd. ) C:\Users\Admin\Downloads\AntiLoggerFree_Setup_1.8.2.198.exe
2015-07-30 22:40 - 2015-07-30 22:41 - 00000371 _____ C:\Users\Admin\Documents\Zemana AntiLogger Activation.url
2015-07-30 22:35 - 2015-07-30 22:53 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2015-07-30 22:35 - 2015-07-30 22:35 - 00000000 ____D C:\Users\Admin\AppData\Local\Zemana
2015-07-30 22:35 - 2014-12-30 13:31 - 07039960 _____ (Zemana Ltd.) C:\Windows\SysWOW64\ZALSDKCore.dll
2015-07-30 22:27 - 2015-07-30 22:28 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-30 22:26 - 2015-07-30 22:27 - 14739944 _____ (Zemana Ltd. ) C:\Users\Admin\Downloads\Zemana_AntiLogger_1.9.3.602.exe
2015-07-30 22:26 - 2015-07-30 22:26 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-30 22:26 - 2015-07-30 22:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-30 22:26 - 2015-07-30 22:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-30 22:26 - 2015-07-30 22:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-07-30 22:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-30 22:26 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-30 22:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-30 22:25 - 2015-07-30 22:25 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.8.1057.exe
2015-07-30 22:00 - 2015-07-30 23:52 - 00000000 ____D C:\Program Files (x86)\360
2015-07-30 21:59 - 2015-07-30 21:59 - 39273080 _____ C:\Users\Admin\Downloads\360TS_Setup.exe
2015-07-30 21:55 - 2015-07-30 21:55 - 01339000 _____ (QIHU 360 SOFTWARE CO. LIMITED) C:\Users\Admin\Downloads\360TS_Setup_Mini.exe
2015-07-30 20:00 - 2015-07-30 20:00 - 00000000 ___HD C:\$Windows.~WS
2015-07-30 19:59 - 2015-07-30 20:00 - 19646888 _____ (Microsoft Corporation) C:\Users\Admin\Downloads\MediaCreationToolx64.exe
2015-07-30 01:34 - 2015-07-23 02:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-30 01:32 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-30 01:32 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-30 01:32 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-29 21:46 - 2015-07-29 21:46 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_androidusb_01005.Wdf
2015-07-29 07:57 - 2015-08-02 09:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\FileZilla
2015-07-29 07:57 - 2015-07-29 07:57 - 00001793 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-29 07:57 - 2015-07-29 07:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-29 07:57 - 2015-07-29 07:57 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-07-28 10:12 - 2015-07-28 10:12 - 00000000 ____D C:\Users\Admin\.idlerc
2015-07-28 10:00 - 2015-07-28 10:00 - 00000000 ____D C:\Users\Admin\AppData\Local\AutoIt v3
2015-07-28 09:59 - 2015-07-28 10:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoIt v3
2015-07-28 09:59 - 2015-07-28 10:00 - 00000000 ____D C:\Program Files (x86)\AutoIt3
2015-07-28 09:48 - 2015-07-28 10:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\CodeBlocks
2015-07-28 08:14 - 2015-07-28 08:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft DirectX SDK (November 2008)
2015-07-28 08:14 - 2008-10-27 19:39 - 00484176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DXGI_beta.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00471888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10Level9_beta.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00360784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineA3_3.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00298832 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineA3_3.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00286032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XactEngineD3_3.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00283984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX11_40.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00234320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX11_40.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00233808 _____ (Microsoft Corporation) C:\Windows\system32\XactEngineD3_3.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00132432 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFXD1_2.dll
2015-07-28 08:14 - 2008-10-27 19:39 - 00123216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFXD1_2.dll
2015-07-28 08:14 - 2008-10-27 19:38 - 00054096 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudioD1_5.dll
2015-07-28 08:14 - 2008-10-27 19:38 - 00047440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudioD1_5.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 05691728 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9d_40.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 04831568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9d_33.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 04499280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3dx9d_40.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 03796816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9d_33.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 02884432 _____ (Microsoft Corporation) C:\Windows\system32\d3d9d.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 02651472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9d.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 01351504 _____ (Microsoft Corporation) C:\Windows\system32\D3D10WARP_beta.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00954192 _____ (Microsoft Corporation) C:\Windows\system32\xaudioD2_3.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00906576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xaudioD2_3.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00799056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D10WARP_beta.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00765776 _____ (Microsoft Corporation) C:\Windows\system32\D3D11_beta.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00629584 _____ (Microsoft Corporation) C:\Windows\system32\DXGI_beta.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00577360 _____ (Microsoft Corporation) C:\Windows\system32\D3DX10d_40.dll
2015-07-28 08:14 - 2008-10-27 19:37 - 00549200 _____ (Microsoft Corporation) C:\Windows\system32\D3D10Level9_beta.dll
2015-07-28 08:14 - 2008-10-27 19:36 - 00513360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3D11_beta.dll
2015-07-28 08:14 - 2008-10-27 19:36 - 00496464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX10d_40.dll
2015-07-28 08:11 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-07-28 08:10 - 2015-07-28 08:14 - 00000000 ____D C:\Program Files (x86)\Microsoft DirectX SDK (November 2008)
2015-07-28 08:10 - 2015-07-28 08:09 - 00119120 _____ (Microsoft Corporation) C:\Windows\dxsdkuninst.exe
2015-07-28 00:36 - 2015-07-28 00:36 - 00000000 ____D C:\Users\Admin\Desktop\ILSpy_Master_2.3.1.1855_Binaries
2015-07-28 00:36 - 2015-07-28 00:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ICSharpCode
2015-07-27 19:31 - 2015-07-27 19:31 - 00000000 __SHD C:\$360Section
2015-07-27 19:30 - 2015-07-27 19:30 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieUserList
2015-07-27 19:30 - 2015-07-27 19:30 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieSiteList
2015-07-27 19:30 - 2015-07-27 19:30 - 00000000 __SHD C:\Users\Admin\AppData\Local\EmieBrowserModeList
2015-07-27 18:01 - 2015-07-27 18:01 - 00000000 ____D C:\Users\Admin\Documents\Banished
2015-07-27 16:21 - 2015-07-27 17:00 - 00002069 _____ C:\Users\Admin\Desktop\55.txt
2015-07-27 16:14 - 2015-07-29 08:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2015-07-27 16:14 - 2015-07-27 16:14 - 00000000 ____D C:\Users\Admin\Documents\GTA San Andreas User Files
2015-07-27 16:14 - 2015-07-27 16:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2015-07-27 15:38 - 2015-07-27 16:14 - 00000000 ____D C:\Users\Admin\Desktop\FSX
2015-07-27 15:38 - 2015-07-27 15:38 - 00000000 ____D C:\Users\Admin\AppData\Roaming\WinRAR
2015-07-27 15:22 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-07-27 15:21 - 2015-07-27 15:21 - 00000000 ____D C:\e7168f8faac50d5d1ded759590cba074
2015-07-27 15:20 - 2013-12-25 01:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-07-27 15:20 - 2013-12-25 00:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-07-27 15:20 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-07-27 15:20 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-07-27 15:16 - 2015-07-27 15:16 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-27 15:16 - 2015-07-27 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-07-27 15:15 - 2015-07-27 15:16 - 00000000 ____D C:\Program Files\WinRAR
2015-07-27 15:05 - 2015-07-27 15:33 - 701897648 _____ C:\Users\Admin\Downloads\FSX.rar
2015-07-27 14:14 - 2015-07-27 14:14 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Adobe
2015-07-27 01:59 - 2015-07-27 01:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-27 01:59 - 2015-07-27 01:59 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-27 01:56 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-07-27 01:56 - 2015-01-09 01:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-07-27 01:53 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-07-27 01:48 - 2015-07-27 01:48 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-27 01:48 - 2015-07-27 01:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-27 01:48 - 2015-07-27 01:48 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-27 01:48 - 2015-07-27 01:48 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-27 01:48 - 2015-07-27 01:48 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-07-27 01:48 - 2015-07-27 01:48 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-07-27 01:48 - 2015-07-27 01:48 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-27 01:48 - 2015-07-27 01:48 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-27 01:48 - 2015-07-27 01:48 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-27 01:48 - 2015-07-27 01:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-27 01:48 - 2015-07-27 01:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-07-27 01:48 - 2015-07-27 01:48 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-07-27 01:48 - 2015-07-27 01:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-27 01:43 - 2015-07-27 01:43 - 00000222 _____ C:\Users\Admin\Desktop\Banished.url
2015-07-27 01:43 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-07-27 01:43 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-07-27 01:43 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-07-27 01:43 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-07-27 01:43 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-07-27 01:43 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-27 01:43 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-07-27 01:43 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-27 01:43 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-07-27 01:43 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-07-27 01:43 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-27 01:43 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-27 01:43 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-07-27 01:43 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-27 01:43 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-07-27 01:43 - 2013-10-01 22:57 - 06578176 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-27 01:43 - 2013-10-01 22:55 - 05698048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-27 01:38 - 2012-08-23 16:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-27 01:38 - 2012-08-23 16:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-27 01:38 - 2012-08-23 16:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-07-27 01:38 - 2012-08-23 15:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-27 01:38 - 2012-08-23 13:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-07-27 01:38 - 2012-08-23 12:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-07-27 01:38 - 2012-08-23 11:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-27 01:33 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-07-27 01:33 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-07-27 01:33 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-07-27 01:33 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-07-27 01:33 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-07-27 01:33 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-07-27 01:33 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-07-27 01:33 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-07-27 01:30 - 2013-01-13 23:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 23:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

Sumple 04.08.2015 09:05
Code:
2015-07-27 01:30 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-07-27 01:30 - 2013-01-13 22:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-07-27 01:30 - 2013-01-13 22:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-07-27 01:30 - 2013-01-13 22:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-07-27 01:30 - 2013-01-13 21:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-07-27 01:30 - 2013-01-13 21:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-07-27 01:30 - 2013-01-13 21:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-07-27 01:30 - 2013-01-13 21:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-07-27 01:30 - 2013-01-13 21:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-07-27 01:30 - 2013-01-13 21:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-07-27 01:30 - 2013-01-13 21:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-07-27 01:30 - 2013-01-13 21:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-07-27 01:30 - 2013-01-13 21:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-07-27 01:30 - 2013-01-13 21:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-07-27 01:30 - 2013-01-13 21:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-07-27 01:30 - 2013-01-13 21:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-07-27 01:30 - 2013-01-13 21:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-07-27 01:30 - 2013-01-13 21:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-07-27 01:30 - 2013-01-13 21:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-07-27 01:30 - 2013-01-13 21:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-07-27 01:30 - 2013-01-13 21:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-07-27 01:30 - 2013-01-13 21:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-07-27 01:30 - 2013-01-13 20:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-07-27 01:30 - 2013-01-13 20:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-07-27 01:30 - 2013-01-13 20:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-07-27 01:30 - 2013-01-13 19:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-07-27 01:30 - 2013-01-13 19:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-07-27 01:30 - 2013-01-04 08:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-07-27 01:30 - 2013-01-04 08:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-07-27 01:26 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-27 01:26 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-27 01:26 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-27 01:26 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-27 01:26 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-27 01:26 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-27 01:26 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-27 01:26 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-27 01:26 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-27 01:26 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-27 01:26 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-27 01:26 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-27 01:26 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-27 01:26 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-27 01:26 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-27 01:26 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-27 01:26 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-27 01:26 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-27 01:26 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-27 01:26 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-27 01:26 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-27 01:26 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-27 01:26 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-27 01:26 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-27 01:26 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-27 01:26 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-07-27 01:26 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-07-27 01:26 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-07-27 01:26 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-07-27 01:26 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-07-27 01:26 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-07-27 01:26 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-07-27 01:26 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-07-27 01:26 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-07-27 01:26 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-07-27 01:26 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-07-27 01:26 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-07-27 01:26 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-07-27 01:26 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-07-27 01:26 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-07-27 01:26 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-07-27 01:26 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-07-27 01:26 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-07-27 01:26 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-07-27 01:26 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-07-27 01:26 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-07-27 01:26 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-07-27 01:26 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-07-27 01:26 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-07-27 01:26 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-07-27 01:26 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-07-27 01:26 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-07-27 01:26 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-07-27 01:26 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-07-27 01:26 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-07-27 01:26 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-07-27 01:26 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-07-27 01:26 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-07-27 01:26 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-07-27 01:26 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-07-27 01:26 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-07-27 01:26 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-07-27 01:26 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-27 01:26 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-27 01:26 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-27 01:26 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-27 01:26 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-27 01:26 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-07-27 01:26 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-27 01:26 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-27 01:26 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-07-27 01:26 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-27 01:26 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-27 01:26 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-27 01:26 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-27 01:26 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-07-27 01:26 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-07-27 01:26 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-27 01:26 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-27 01:26 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-07-27 01:25 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-07-27 01:25 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-07-27 01:25 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-07-27 01:25 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-07-27 01:25 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-07-27 01:25 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-07-27 01:25 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-07-27 01:25 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-07-27 01:25 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-07-27 01:25 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-07-27 01:25 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-07-27 01:25 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-07-27 01:25 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-07-27 01:25 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-07-27 01:25 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-07-27 01:25 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-07-27 01:25 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-07-27 01:25 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-07-27 01:25 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-07-27 01:25 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-07-27 01:25 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-07-27 01:25 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-07-27 01:25 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-07-27 01:25 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-27 01:25 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-07-27 01:25 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-07-27 01:25 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-07-27 01:25 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-07-27 01:25 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-27 01:25 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-07-27 01:25 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-27 01:25 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-07-27 01:25 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-07-27 01:25 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-07-27 01:25 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-07-27 01:25 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-07-27 01:25 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-07-27 01:25 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-07-27 01:25 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-07-27 01:25 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-07-27 01:25 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-07-27 01:25 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-07-27 01:25 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-07-27 01:25 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-07-27 01:25 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-07-27 01:25 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-07-27 01:25 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-07-27 01:25 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-07-27 01:25 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-07-27 01:25 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-07-27 01:25 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-07-27 01:25 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-07-27 01:25 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-07-27 01:25 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-07-27 01:25 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-07-27 01:25 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-07-27 01:24 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-27 01:24 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-27 01:24 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-27 01:24 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-27 01:24 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-27 01:24 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 01:24 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-27 01:24 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-27 01:24 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-27 01:24 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-27 01:24 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-27 01:24 - 2015-06-03 22:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-07-27 01:24 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-27 01:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-07-27 01:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-07-27 01:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-07-27 01:24 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-27 01:24 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-07-27 01:24 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-27 01:24 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-07-27 01:24 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-07-27 01:24 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-07-27 01:24 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-27 01:24 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-07-27 01:24 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-27 01:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-07-27 01:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-07-27 01:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-07-27 01:24 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-07-27 01:24 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-07-27 01:24 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-07-27 01:24 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-07-27 01:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-07-27 01:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-07-27 01:24 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-07-27 01:24 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-07-27 01:24 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-07-27 01:24 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-07-27 01:24 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-07-27 01:24 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-07-27 01:24 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-07-27 01:24 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-07-27 01:24 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-07-27 01:24 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-07-27 01:24 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-07-27 01:24 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-07-27 01:24 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-07-27 01:24 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-07-27 01:24 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-07-27 01:24 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-07-27 01:24 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-07-27 01:24 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-07-27 01:24 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-07-27 01:24 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-07-27 01:24 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-07-27 01:24 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-07-27 01:24 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-07-27 01:24 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-07-27 01:24 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-07-27 01:24 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-07-27 01:24 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-07-27 01:24 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-07-27 01:24 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-07-27 01:23 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-27 01:23 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-27 01:23 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-27 01:23 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-27 01:23 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-27 01:23 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-27 01:23 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-27 01:23 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-27 01:23 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-07-27 01:23 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-27 01:23 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-27 01:23 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-07-27 01:23 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-07-27 01:23 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-07-27 01:23 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-07-27 01:23 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-07-27 01:23 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-07-27 01:23 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-07-27 01:23 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-07-27 01:23 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-07-27 01:23 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-07-27 01:23 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-07-27 01:23 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-07-27 01:23 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-07-27 01:23 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-07-27 01:23 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-07-27 01:23 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-07-27 01:23 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-07-27 01:23 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-07-27 01:23 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-07-27 01:23 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-07-27 01:23 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-07-27 01:23 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-07-27 01:23 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-07-27 01:23 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-07-27 01:23 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-27 01:23 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-07-27 01:23 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-07-27 01:23 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-07-27 01:23 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-07-27 01:23 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-07-27 01:23 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-07-27 01:23 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-07-27 01:23 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-07-27 01:23 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-07-27 01:23 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-07-27 01:22 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-07-27 01:22 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-07-27 01:14 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-27 01:14 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-07-25 20:18 - 2015-07-25 20:18 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NuGet
2015-07-25 16:04 - 2015-07-25 16:04 - 00000000 ____D C:\Users\Admin\AppData\Roaming\NVIDIA
2015-07-25 15:21 - 2015-07-25 15:21 - 00050298 _____ C:\Users\Admin\Downloads\Strings.zip
2015-07-25 14:24 - 2015-07-25 14:24 - 00000000 ____D C:\Users\Admin\AppData\Local\Logitech
2015-07-25 14:24 - 2015-07-25 14:24 - 00000000 ____D C:\ProgramData\LogiShrd
2015-07-25 14:23 - 2015-07-25 14:24 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-07-25 14:23 - 2015-07-25 14:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-07-25 14:22 - 2015-07-25 14:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2015-07-25 14:22 - 2015-07-25 14:22 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2015-07-24 13:03 - 2015-07-24 13:03 - 00002749 _____ C:\Users\Public\Desktop\Mouse Editor.lnk
2015-07-24 13:03 - 2015-07-24 13:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mouse Software
2015-07-24 13:03 - 2015-07-24 13:03 - 00000000 ____D C:\Program Files (x86)\MOUSE Editor
2015-07-24 07:32 - 2015-08-04 00:10 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2015-07-24 07:32 - 2015-07-24 07:32 - 00002699 _____ C:\Users\Public\Desktop\Skype.lnk
2015-07-24 07:32 - 2015-07-24 07:32 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-24 07:32 - 2015-07-24 07:32 - 00000000 ____D C:\Users\Admin\AppData\Local\Skype
2015-07-24 07:32 - 2015-07-24 07:32 - 00000000 ____D C:\ProgramData\Skype
2015-07-24 07:32 - 2015-07-24 07:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-24 05:03 - 2015-08-02 09:00 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Notepad++
2015-07-24 05:03 - 2015-07-24 05:03 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-07-24 05:03 - 2015-07-24 05:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-07-24 05:03 - 2015-07-24 05:03 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-07-24 03:24 - 2015-08-03 03:10 - 00000000 ____D C:\Users\Admin\Documents\Visual Studio 2015
2015-07-24 03:21 - 2015-07-24 03:21 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-07-24 03:21 - 2015-07-24 03:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-24 03:20 - 2015-07-31 07:35 - 00000000 ____D C:\Users\Admin\AppData\Roaming\TS3Client
2015-07-24 03:20 - 2015-07-24 03:20 - 00000967 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-24 03:20 - 2015-07-24 03:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-24 03:20 - 2015-07-24 03:20 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-24 03:19 - 2015-07-24 03:19 - 00000000 ____D C:\ProgramData\Windows App Certification Kit
2015-07-24 03:19 - 2015-07-24 03:19 - 00000000 ____D C:\Program Files\Application Verifier
2015-07-24 03:19 - 2015-07-24 03:19 - 00000000 ____D C:\Program Files (x86)\Application Verifier
2015-07-24 03:13 - 2015-07-24 03:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-24 03:07 - 2015-07-24 03:07 - 00000000 ____D C:\ProgramData\PreEmptive Solutions
2015-07-24 03:07 - 2015-07-24 03:07 - 00000000 ____D C:\Program Files (x86)\ShellDir
2015-07-24 03:05 - 2015-07-24 03:05 - 00000000 ____D C:\Program Files (x86)\AppInsights
2015-07-24 03:04 - 2015-07-24 03:04 - 00000000 ____D C:\ProgramData\NuGet
2015-07-24 03:04 - 2015-07-24 03:04 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-07-24 03:04 - 2015-07-24 03:04 - 00000000 ____D C:\Program Files (x86)\Microsoft Office365 Tools
2015-07-24 03:03 - 2015-07-24 03:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Expression
2015-07-24 03:03 - 2015-07-24 03:03 - 00000000 ____D C:\Program Files (x86)\Microsoft WCF Data Services
2015-07-24 03:02 - 2015-07-24 03:02 - 00001534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk
2015-07-24 02:57 - 2015-07-24 02:57 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 12.0
2015-07-24 02:57 - 2015-07-24 02:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-07-24 02:57 - 2015-07-24 02:57 - 00000000 ____D C:\Program Files (x86)\HTML Help Workshop
2015-07-24 02:44 - 2015-07-24 02:44 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-07-24 02:44 - 2015-07-24 02:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-07-24 02:43 - 2015-07-24 03:22 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-24 02:43 - 2015-07-24 03:21 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-24 02:43 - 2015-07-24 03:21 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-24 02:43 - 2015-07-24 02:43 - 00000000 ____D C:\Windows\system32\1033
2015-07-24 02:43 - 2015-07-24 02:43 - 00000000 ____D C:\Windows\symbols
2015-07-24 02:43 - 2015-07-24 02:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-07-24 02:42 - 2015-07-24 02:42 - 00001535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk
2015-07-24 02:39 - 2015-07-24 03:24 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-07-24 02:39 - 2015-07-24 03:07 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-07-24 02:39 - 2015-07-24 02:39 - 00000000 ____D C:\Windows\system32\1031
2015-07-24 02:39 - 2015-07-24 02:39 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 14.0
2015-07-24 02:27 - 2015-06-07 01:13 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-07-24 02:27 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-07-24 02:25 - 2015-07-24 08:08 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 02:07 - 2015-07-24 02:07 - 00001268 _____ C:\Users\Admin\Desktop\Revo Uninstaller.lnk
2015-07-24 02:07 - 2015-07-24 02:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-07-24 01:36 - 2015-07-24 01:36 - 00000000 ____D C:\Users\Admin\Desktop\cce_2.5.242177.201_x64
2015-07-24 01:29 - 2015-07-24 01:30 - 00000000 ____D C:\Program Files\Unlocker
2015-07-24 01:29 - 2015-07-24 01:29 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-07-23 22:34 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-23 22:34 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-23 22:34 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-23 22:34 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-23 22:34 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-23 22:34 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-23 22:34 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-23 22:34 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-23 22:34 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-23 22:34 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-23 22:32 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-23 22:30 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-23 22:30 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-23 22:28 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-23 22:28 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-23 22:28 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-23 22:28 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-23 22:28 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-23 22:28 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-23 22:28 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-23 22:28 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-23 22:28 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-23 22:28 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-23 22:28 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-23 22:28 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-23 22:25 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-23 22:23 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-23 22:23 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-23 22:22 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-23 22:22 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-23 22:13 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-07-23 22:13 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-07-23 22:12 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-23 22:12 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-23 22:12 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-23 22:12 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-23 22:12 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-23 22:12 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-07-23 22:12 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-07-23 22:12 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-07-23 22:12 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-07-23 22:12 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-07-23 22:09 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-23 22:09 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-23 22:08 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-07-23 22:06 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 22:06 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-07-23 21:56 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-07-23 21:56 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-07-23 21:56 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-07-23 21:56 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-07-23 21:52 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-07-23 21:49 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-07-23 21:49 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-07-23 21:49 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-07-23 21:48 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-07-23 21:37 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-23 21:37 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-23 21:36 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-07-23 21:36 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-07-23 21:30 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-07-23 21:30 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-07-23 21:28 - 2015-01-07 05:15 - 00104896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mup.sys
2015-07-23 21:28 - 2015-01-07 05:10 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-07-23 21:28 - 2015-01-07 04:44 - 00079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2015-07-23 21:28 - 2015-01-07 03:49 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-07-23 21:28 - 2015-01-07 03:48 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-07-23 21:26 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-07-23 21:26 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-07-23 21:26 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-07-23 21:26 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-07-23 21:26 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-07-23 21:25 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-23 21:22 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-07-23 21:19 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-07-23 21:19 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-07-23 21:14 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-07-23 21:10 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-07-23 21:10 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-07-23 21:04 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-07-23 21:03 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-07-23 21:03 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-07-23 21:03 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-07-23 21:03 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-07-23 21:03 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-07-23 20:58 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-07-23 20:58 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-07-23 20:52 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-07-23 20:35 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-07-23 20:35 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-07-23 20:35 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-07-23 20:33 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-07-23 20:33 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-07-23 20:33 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-07-23 20:33 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-07-23 20:33 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-07-23 20:33 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-07-23 20:33 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-07-23 20:33 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-07-23 20:25 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-07-23 20:25 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-07-23 20:23 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-07-23 20:23 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-07-23 20:22 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-07-23 20:21 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-07-23 20:21 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-07-23 20:18 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-23 20:18 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-23 20:18 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-23 20:17 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-07-23 20:17 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-07-23 20:17 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-07-23 20:17 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-07-23 20:13 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-07-23 20:13 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-07-23 20:13 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-07-23 20:13 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-07-23 20:13 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-07-23 20:13 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-07-23 20:13 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-07-23 20:13 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-07-23 20:09 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-07-23 20:09 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-07-23 20:08 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-07-23 20:08 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-07-23 20:08 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-07-23 20:08 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-07-23 20:08 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-07-23 20:08 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-07-23 20:08 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-07-23 20:08 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-07-23 20:05 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-07-23 20:05 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-07-23 20:01 - 2015-07-29 21:06 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-07-23 20:01 - 2015-07-23 20:01 - 00000000 ____D C:\Users\Admin\AppData\Local\Google
2015-07-23 20:01 - 2015-07-23 20:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-23 19:59 - 2015-08-04 09:04 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-23 19:59 - 2015-08-04 02:02 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-23 19:59 - 2015-07-30 22:02 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-23 19:59 - 2015-07-30 22:02 - 00003862 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-23 19:59 - 2015-07-23 20:00 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-23 19:58 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-07-23 19:58 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-23 19:58 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-07-23 19:58 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-07-23 19:58 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-07-23 19:56 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-07-23 19:56 - 2013-07-12 12:40 - 00109824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys
2015-07-23 19:55 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-07-23 19:55 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-07-23 19:55 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-07-23 19:55 - 2012-11-29 00:56 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-07-23 19:53 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-07-23 19:53 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-07-23 19:41 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-07-23 19:41 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-07-23 19:39 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-23 19:39 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-07-23 19:38 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-07-23 19:38 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-07-23 19:38 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-07-23 19:38 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-07-23 19:34 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-23 19:23 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-07-23 19:23 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-07-23 19:15 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-07-23 19:15 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-07-23 19:14 - 2015-07-23 19:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-07-23 19:14 - 2015-07-23 19:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-07-23 19:14 - 2015-07-23 19:14 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-07-23 19:14 - 2015-07-23 19:14 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-07-23 19:14 - 2015-07-23 19:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-07-23 19:13 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-23 19:12 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-07-23 19:12 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-07-23 19:10 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-07-23 19:10 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-07-23 19:05 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-07-23 19:03 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-07-23 19:03 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-07-23 19:03 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-07-23 19:02 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-07-23 19:02 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-07-23 19:02 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-07-23 19:01 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-07-23 19:01 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-07-23 18:59 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-07-23 18:59 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-07-23 18:55 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-07-23 18:55 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-07-23 18:55 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-23 18:55 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-23 18:54 - 2015-07-23 18:54 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-07-23 18:54 - 2015-07-23 18:54 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-07-23 18:54 - 2015-07-23 18:54 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-07-23 18:54 - 2015-07-23 18:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-07-23 18:54 - 2015-07-23 18:54 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-07-23 18:54 - 2015-07-23 18:54 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-07-23 18:51 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-07-23 18:51 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-07-23 18:51 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-07-23 18:51 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-07-23 18:51 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-07-23 18:51 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-07-23 18:51 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-07-23 18:51 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-07-23 18:51 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-07-23 18:49 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-07-23 18:49 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-07-23 18:49 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-07-23 18:49 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-07-23 18:48 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-23 18:48 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-23 18:48 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-23 18:48 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-23 18:48 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-23 18:48 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-23 18:48 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-07-23 18:48 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-23 18:48 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-07-23 18:47 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-07-23 18:47 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-07-23 18:47 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-07-23 18:46 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-07-23 18:46 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-07-23 18:46 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-07-23 18:46 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-07-23 18:46 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-07-23 18:46 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-07-23 18:46 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-07-23 18:27 - 2015-07-23 18:27 - 00000000 ____D C:\Windows\Tasks\360Disabled
2015-07-23 17:18 - 2015-07-23 17:18 - 00000222 _____ C:\Users\Admin\Desktop\Cities Skylines.url
2015-07-23 17:17 - 2015-07-23 17:17 - 00000222 _____ C:\Users\Admin\Desktop\ARK Survival Evolved.url
2015-07-23 10:25 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-07-23 10:25 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-07-23 10:25 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-07-23 10:25 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-07-23 10:25 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-07-23 10:25 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-07-23 10:25 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-07-23 10:25 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-07-23 10:25 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-07-23 10:25 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-07-23 10:25 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-07-23 10:25 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-07-23 10:25 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-07-23 10:25 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-07-23 10:25 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-07-23 10:25 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-07-23 10:25 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-07-23 10:25 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-07-23 10:25 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-07-23 10:25 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-07-23 10:25 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-07-23 10:25 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-07-23 10:25 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-07-23 10:25 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-07-23 10:25 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-07-23 10:25 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-07-23 10:25 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-07-23 10:25 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-07-23 10:25 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-07-23 10:25 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-07-23 10:25 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-07-23 10:25 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-07-23 10:25 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-07-23 10:25 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-07-23 10:25 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-07-23 10:25 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-07-23 10:25 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-07-23 10:25 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-07-23 10:25 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-07-23 10:25 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-07-23 10:25 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-07-23 10:25 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-07-23 10:25 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-07-23 10:25 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-07-23 10:25 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-07-23 10:25 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-07-23 10:25 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-07-23 10:25 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-07-23 10:25 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-07-23 10:25 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-07-23 10:25 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-07-23 10:25 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-07-23 10:25 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-07-23 10:25 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-07-23 10:25 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-07-23 10:25 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-07-23 10:25 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-07-23 10:25 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-07-23 10:25 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-07-23 10:25 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-07-23 10:25 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-07-23 10:25 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-07-23 10:25 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-07-23 10:25 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-07-23 10:25 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-07-23 10:25 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-07-23 10:25 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-07-23 10:25 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-07-23 10:25 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-07-23 10:25 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-07-23 10:25 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-07-23 10:25 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-07-23 10:25 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-07-23 10:25 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-07-23 10:25 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-07-23 10:25 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-07-23 10:25 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-07-23 10:25 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-07-23 10:25 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-07-23 10:25 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-07-23 10:25 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-07-23 10:25 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-07-23 10:25 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-07-23 10:25 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-07-23 10:25 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-07-23 10:25 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-07-23 10:25 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-07-23 10:25 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-07-23 10:25 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-07-23 10:25 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-07-23 10:25 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-07-23 10:25 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-07-23 10:25 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-07-23 10:25 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-07-23 10:25 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-07-23 10:25 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-07-23 10:25 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-07-23 10:25 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-07-23 10:25 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-07-23 10:25 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-07-23 10:25 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-07-23 10:25 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-07-23 10:25 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-07-23 10:25 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-07-23 10:25 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-07-23 10:25 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-07-23 10:25 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-07-23 10:25 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-07-23 10:25 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-07-23 10:25 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-07-23 10:25 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-07-23 10:25 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-07-23 10:25 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-07-23 10:25 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-07-23 10:24 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-07-23 10:24 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-07-23 10:24 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-07-23 08:09 - 2015-07-23 08:09 - 00000219 _____ C:\Users\Admin\Desktop\Counter-Strike Global Offensive.url
2015-07-23 07:46 - 2015-07-23 07:46 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-23 07:46 - 2015-07-23 07:46 - 00000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-07-23 07:46 - 2015-07-23 07:46 - 00000000 ____D C:\Program Files\CCleaner
2015-07-23 07:16 - 2015-07-23 07:16 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Thunderbird
2015-07-23 07:16 - 2015-07-23 07:16 - 00000000 ____D C:\Users\Admin\AppData\Local\Thunderbird
2015-07-23 07:15 - 2015-07-23 07:15 - 00001201 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2015-07-23 07:15 - 2015-07-23 07:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-07-23 06:58 - 2015-07-30 20:02 - 00000000 ____D C:\Windows\Panther
2015-07-23 06:57 - 2015-08-04 02:09 - 00703176 _____ C:\Windows\system32\perfh007.dat
2015-07-23 06:57 - 2015-08-04 02:09 - 00151340 _____ C:\Windows\system32\perfc007.dat
2015-07-23 06:57 - 2015-07-23 06:57 - 00000000 ____D C:\Hotfix

Sumple 04.08.2015 12:03
Code:
2015-07-23 06:57 - 2015-07-23 06:56 - 00295922 _____ C:\Windows\system32\perfi007.dat
2015-07-23 06:57 - 2015-07-23 06:56 - 00038104 _____ C:\Windows\system32\perfd007.dat
2015-07-23 06:57 - 2011-02-16 04:16 - 00000029 ___RH C:\Windows\version
2015-07-23 06:57 - 2011-02-16 04:16 - 00000013 ____R C:\Windows\csup.txt
2015-07-23 06:56 - 2015-07-23 06:56 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-07-23 06:56 - 2015-07-23 06:56 - 00000000 ____D C:\Windows\SysWOW64\de
2015-07-23 06:56 - 2015-07-23 06:56 - 00000000 ____D C:\Windows\SysWOW64\0407
2015-07-23 06:56 - 2015-07-23 06:56 - 00000000 ____D C:\Windows\system32\de
2015-07-23 06:56 - 2015-07-23 06:56 - 00000000 ____D C:\Windows\system32\0407
2015-07-23 06:44 - 2015-07-31 19:54 - 00000600 _____ C:\Users\Admin\AppData\Local\PUTTY.RND
2015-07-23 06:42 - 2015-07-23 06:42 - 00524288 _____ (Simon Tatham) C:\Users\Admin\Downloads\putty_0.64.exe
2015-07-23 01:50 - 2015-07-25 19:49 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-07-22 23:44 - 2015-07-22 23:44 - 00000000 ____D C:\Users\Admin\AppData\Local\Steam
2015-07-22 23:44 - 2015-07-22 23:44 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2015-07-22 23:43 - 2015-07-22 23:43 - 00001169 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐.lnk
2015-07-22 23:43 - 2015-07-22 23:43 - 00000000 ____D C:\ProgramData\NetEaseWinDA
2015-07-22 23:43 - 2015-07-22 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\网易云音乐
2015-07-22 23:43 - 2015-07-22 23:43 - 00000000 ____D C:\Program Files (x86)\Netease
2015-07-22 23:42 - 2015-08-04 09:25 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-22 23:42 - 2015-07-22 23:42 - 00000967 _____ C:\Users\Public\Desktop\Steam.lnk
2015-07-22 23:42 - 2015-07-22 23:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Netease
2015-07-22 23:42 - 2015-07-22 23:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-07-22 23:11 - 2015-08-04 02:02 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-22 23:10 - 2015-07-23 06:06 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-22 23:10 - 2015-07-23 06:06 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-22 23:10 - 2015-07-23 06:06 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-22 23:10 - 2015-07-23 06:06 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-22 23:10 - 2015-07-23 06:06 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-22 23:10 - 2015-07-23 06:06 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-22 23:10 - 2015-07-23 03:31 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-22 23:10 - 2015-07-23 03:31 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-22 23:10 - 2015-07-23 03:31 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-22 23:10 - 2015-07-23 03:31 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-22 23:10 - 2015-07-23 03:31 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-22 23:10 - 2015-07-23 03:31 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 23:10 - 2015-07-22 23:10 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-22 23:10 - 2015-07-20 16:16 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-22 23:10 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-22 23:10 - 2015-06-17 11:10 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-07-22 23:10 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-22 23:10 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-22 23:10 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-22 23:10 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-22 23:10 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-22 23:04 - 2015-07-30 01:14 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-22 23:04 - 2015-07-22 23:14 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA Corporation
2015-07-22 23:04 - 2015-07-22 23:04 - 00000000 ____D C:\Users\Admin\AppData\Local\NVIDIA
2015-07-22 23:04 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-07-22 23:04 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-07-22 23:04 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-07-22 23:04 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-07-22 23:04 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-07-22 23:04 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-07-22 23:03 - 2015-07-30 06:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-22 23:03 - 2015-07-24 06:21 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-22 23:03 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-22 23:03 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-22 23:03 - 2015-07-24 06:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-22 23:00 - 2015-07-22 23:11 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-07-22 22:59 - 2015-07-30 01:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-22 22:59 - 2015-07-22 23:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-22 22:59 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-22 22:59 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-22 22:59 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-22 22:54 - 2015-07-23 18:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-22 22:54 - 2015-07-22 23:15 - 00000000 ____D C:\Users\Admin\AppData\Local\Mozilla
2015-07-22 22:54 - 2015-07-22 22:55 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mozilla
2015-07-22 22:54 - 2015-07-22 22:54 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-22 22:54 - 2015-07-22 22:54 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-22 22:54 - 2015-07-22 22:54 - 00000000 ____D C:\ProgramData\Mozilla
2015-07-22 22:54 - 2015-07-22 22:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-22 22:46 - 2015-07-22 22:48 - 00000000 ____D C:\Windows\system32\appmgmt
2015-07-22 22:46 - 2011-08-23 21:57 - 00565352 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-07-22 22:46 - 2011-08-23 21:57 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-07-22 22:46 - 2011-08-23 21:57 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2015-07-22 22:37 - 2015-07-22 22:37 - 00000000 _____ C:\Users\Admin\agent.log
2015-07-22 22:36 - 2015-07-22 22:36 - 00000000 _____ C:\Windows\SysWOW64\agent.log
2015-07-22 22:35 - 2012-07-18 06:57 - 00015168 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-07-22 22:34 - 2012-07-02 10:16 - 00062784 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-07-22 22:17 - 2015-07-22 22:49 - 00000000 ____D C:\Program Files\ASRock
2015-07-22 22:17 - 2015-07-22 22:17 - 00000003 _____ C:\Users\Admin\AppData\Local\user_data.ini
2015-07-22 22:17 - 2011-07-04 15:19 - 01632128 _____ (cFos Software GmbH) C:\Windows\system32\Drivers\cfosspeed6.sys
2015-07-22 22:00 - 2015-08-02 09:32 - 01652268 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-22 21:58 - 2015-07-22 21:58 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Intel Corporation
2015-07-22 21:54 - 2015-07-27 01:36 - 00000000 ____D C:\Program Files\Intel
2015-07-22 21:54 - 2015-07-22 22:52 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-07-22 21:54 - 2015-07-22 22:35 - 00000000 ____D C:\ProgramData\Intel
2015-07-22 21:54 - 2012-11-19 12:10 - 00652344 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-07-22 21:54 - 2012-11-19 12:10 - 00028216 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2015-07-22 21:25 - 2015-07-22 22:46 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-07-22 21:25 - 2015-07-22 21:26 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-07-22 21:25 - 2015-07-22 21:25 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-22 21:25 - 2015-07-22 21:25 - 00000000 ____D C:\Program Files\Realtek
2015-07-22 21:25 - 2012-01-31 19:14 - 04739304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-07-22 21:25 - 2012-01-31 17:32 - 02652264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-07-22 21:25 - 2012-01-31 17:02 - 00223608 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-22 21:25 - 2012-01-20 13:07 - 03845736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-07-22 21:25 - 2012-01-10 14:48 - 00958296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-07-22 21:25 - 2012-01-03 15:25 - 00626264 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-07-22 21:25 - 2012-01-03 15:25 - 00561752 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-07-22 21:25 - 2011-12-23 13:30 - 00823912 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-07-22 21:25 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-07-22 21:25 - 2011-12-18 17:58 - 02603864 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-07-22 21:25 - 2011-12-18 17:58 - 02131288 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-07-22 21:25 - 2011-12-16 14:57 - 00894040 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-07-22 21:25 - 2011-12-16 14:57 - 00750680 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-07-22 21:25 - 2011-12-15 12:39 - 00100968 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-07-22 21:25 - 2011-12-13 20:22 - 02528832 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-07-22 21:25 - 2011-12-13 16:58 - 01560168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-07-22 21:25 - 2011-12-13 11:01 - 01698408 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-07-22 21:25 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-07-22 21:25 - 2011-07-22 19:35 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-07-22 21:25 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-07-22 21:25 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-07-22 21:25 - 2010-10-15 19:20 - 02261764 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-07-22 21:25 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-07-22 21:25 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-07-22 21:25 - 2010-07-02 19:40 - 00080984 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-07-22 21:25 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-07-22 21:25 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-07-22 21:25 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-07-22 21:25 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-07-22 21:25 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2015-07-22 21:25 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-07-22 21:24 - 2015-07-24 13:03 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-22 21:24 - 2015-07-22 21:24 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_iusb3hcs_01009.Wdf
2015-07-22 21:24 - 2015-07-22 21:24 - 00000000 ____D C:\Users\Admin\AppData\Roaming\InstallShield
2015-07-22 21:24 - 2012-02-27 03:00 - 00041984 _____ (Intel Corporation) C:\Windows\system32\Drivers\USB3Ver.dll
2015-07-22 21:22 - 2015-07-27 01:36 - 00000000 ____D C:\Program Files (x86)\Intel
2015-07-22 21:22 - 2015-07-22 21:22 - 00000000 ____D C:\Intel
2015-07-22 21:22 - 2011-12-06 15:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-07-22 21:17 - 2015-07-22 21:17 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-07-22 21:07 - 2015-08-04 09:37 - 00000000 ____D C:\Users\Admin
2015-07-22 21:07 - 2015-08-04 03:44 - 01387415 _____ C:\Windows\WindowsUpdate.log
2015-07-22 21:07 - 2015-07-27 14:14 - 00001413 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-07-22 21:07 - 2015-07-22 23:12 - 00000000 ____D C:\Users\Admin\AppData\Local\VirtualStore
2015-07-22 21:07 - 2015-07-22 21:07 - 00000020 ___SH C:\Users\Admin\ntuser.ini
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Vorlagen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Startmenü
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Netzwerkumgebung
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Lokale Einstellungen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Eigene Dateien
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Druckumgebung
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Musik
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Documents\Eigene Bilder
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Verlauf
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\AppData\Local\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Users\Admin\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Programme
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-07-22 21:07 - 2015-07-22 21:07 - 00000000 __SHD C:\Recovery
2015-07-22 21:07 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-22 21:07 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-07-22 21:02 - 2015-07-22 21:02 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-07-22 21:02 - 2015-07-22 21:02 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-07-22 20:58 - 2015-08-04 02:02 - 00383802 ____N C:\Windows\Minidump\080415-25022-01.dmp
2015-07-07 00:51 - 2015-07-07 00:51 - 01824456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VsGraphicsHelper.dll
2015-07-07 00:51 - 2015-07-07 00:51 - 00320696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsjitdebugger.exe
2015-07-07 00:51 - 2015-07-07 00:51 - 00222376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSPerf140.dll
2015-07-07 00:51 - 2015-07-07 00:51 - 00180400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VSCover140.dll
2015-07-07 00:18 - 2015-07-07 00:18 - 03192000 _____ (Microsoft Corporation) C:\Windows\system32\VSGraphicsHelper.dll
2015-07-07 00:18 - 2015-07-07 00:18 - 00372920 _____ (Microsoft Corporation) C:\Windows\system32\vsjitdebugger.exe
2015-07-07 00:18 - 2015-07-07 00:18 - 00274600 _____ (Microsoft Corporation) C:\Windows\system32\VSPerf140.dll
2015-07-07 00:18 - 2015-07-07 00:18 - 00213680 _____ (Microsoft Corporation) C:\Windows\system32\VSCover140.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 09:35 - 2009-07-14 06:45 - 00020848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 09:35 - 2009-07-14 06:45 - 00020848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 02:09 - 2009-07-14 07:13 - 01632312 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 02:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 09:59 - 2010-11-21 09:17 - 00000000 ____D C:\Windows\ShellNew
2015-07-28 03:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-07-27 17:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-27 15:17 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-07-27 15:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-07-27 14:09 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-27 01:59 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-07-27 01:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-07-27 01:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-07-27 01:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-27 01:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-27 01:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-07-27 01:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-07-27 01:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-07-27 01:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-07-24 02:44 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-24 02:39 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-24 01:54 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-07-24 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-07-24 01:47 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-07-24 01:47 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-07-23 18:34 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-07-23 18:34 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-07-23 18:34 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-07-23 18:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-07-23 18:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-07-23 18:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-07-23 18:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-07-23 18:34 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-07-23 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-07-23 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-07-23 18:34 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\winrm
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\WCN
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\slmgr
2015-07-23 18:33 - 2010-11-21 09:06 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-07-23 18:33 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2015-07-23 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-07-23 06:58 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-07-23 06:58 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-07-23 06:57 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2015-07-23 06:57 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2015-07-23 06:56 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-07-23 06:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-07-22 23:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-07-22 22:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-22 21:18 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-07-22 21:07 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-22 21:07 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2015-07-22 20:59 - 2010-11-21 09:17 - 00000000 ____D C:\Windows\CSC

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-23 06:44 - 2015-07-31 19:54 - 0000600 _____ () C:\Users\Admin\AppData\Local\PUTTY.RND
2015-07-22 22:17 - 2015-07-22 22:17 - 0000003 _____ () C:\Users\Admin\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\2300be613b6c870245bc2211459b8f4d.dll
C:\Users\Admin\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-02 10:10

==================== Ende von log ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Admin (2015-08-04 09:42:42)
Gestartet von C:\Users\Admin\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Admin (S-1-5-21-2368072704-2040548973-2426127649-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-2368072704-2040548973-2426127649-500 - Administrator - Disabled)
Gast (S-1-5-21-2368072704-2040548973-2426127649-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AntiLogger Free version 1.8.2.198 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.198 - Zemana Ltd.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version:  - Studio Wildcard)
AutoIt v3.3.14.0 (HKLM-x32\...\AutoItv3) (Version: 3.3.14.0 - AutoIt Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
Cossacks: Art of War (HKLM-x32\...\Steam App 4870) (Version:  - GSC Game World)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Echo of Soul (HKLM-x32\...\Echo of Soul) (Version:  - )
FileZilla Client 3.12.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.12.0.2 - Tim Kosse)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GlassFish Server Open Source Edition 4.1 (HKLM\...\nbi-glassfish-mod-4.1.0.13.0) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version:  - isotousb.com)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft DirectX SDK (November 2008) (HKLM-x32\...\Microsoft DirectX SDK (November 2008)) (Version: 9.25.1476.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Ihr Firmenname)
MOUSE Editor (x32 Version: 12.08.0006 - Ihr Firmenname) Hidden
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.1.0 - Mozilla)
Mozilla Thunderbird 38.1.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.1.0 (x86 de)) (Version: 38.1.0 - Mozilla)
NetBeans IDE 8.0.1 (HKLM\...\nbi-nb-base-8.0.1.0.201408251540) (Version: 8.0.1 - NetBeans.org)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PhotoFiltre 7 (HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\...\PhotoFiltre 7) (Version:  - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SciTE4AutoIt3 15.725.1310.0 (HKLM-x32\...\SciTE4AutoIt3) (Version: 15.725.1310.0 - Jos van der Zande)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.1.2 - VMware, Inc)
VMware Player (Version: 7.1.2 - VMware, Inc.) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
x86_64-5.1.0-win32-seh-rt_v4-rev0 (HKLM-x32\...\x86_64-5.1.0-win32-seh-rt_v4-rev0) (Version:  - MinGW-W64)
XAMPP (HKLM-x32\...\xampp) (Version: 5.5.27-0 - Bitnami)
网易云音乐 (HKLM-x32\...\网易云音乐) (Version: 1.9.0.97138 - 网易公司)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-2368072704-2040548973-2426127649-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

31-07-2015 09:31:02 Windows Update
04-08-2015 01:45:09 Installed Java SE Development Kit 8 Update 51 (64-bit)
04-08-2015 03:48:22 Windows Defender Checkpoint
04-08-2015 07:12:33 Revo Uninstaller's restore point - WinPcap 4.1.3

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-07-31 06:31 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {09CB066E-E2C3-41CA-9871-2EEF50863933} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {5B63C5DB-6EE0-49C1-881F-AC4501F39881} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-23] (Google Inc.)
Task: {E7157B91-E120-4E27-BC52-2F52063BD917} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-07-22 23:10 - 2015-07-23 03:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-09 19:32 - 2015-07-09 19:32 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-08-16 05:11 - 2012-08-16 05:11 - 03333632 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2015-07-29 21:06 - 2015-07-25 17:31 - 01763144 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 21:06 - 2015-07-25 17:31 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00143891 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 02750483 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00618515 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00079379 _____ () C:\Program Files\VideoLAN\VLC\libgcc_s_seh-1.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00075795 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 02479123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00111123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00259603 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00083475 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00051731 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00066579 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00672275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00825363 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00132627 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00047635 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00142867 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01597459 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00341523 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01478163 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00060435 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00044051 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00229907 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00101395 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00101395 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00086547 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00032275 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 12272659 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00019987 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00086547 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00026131 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01060883 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00136723 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01420819 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00389651 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libogg_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00803347 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblive555_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00027155 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libsmf_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00527891 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libgme_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00029715 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libimage_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libxa_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libpva_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libvoc_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libau_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00126995 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00331795 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00837139 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00020499 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00088083 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00036883 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00078355 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00041491 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00022547 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00030739 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00030739 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_hevc_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 14624275 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00323091 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00345619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01513491 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00025107 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00048659 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00430099 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 01805331 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00418835 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00141331 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00188947 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 01507859 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00029203 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00052243 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_record_plugin.dll
2015-04-16 16:16 - 2015-04-16 16:16 - 00050195 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_out\libstream_out_standard_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00021523 _____ () C:\Program Files\VideoLAN\VLC\plugins\access_output\libaccess_output_file_plugin.dll
2015-04-16 16:15 - 2015-04-16 16:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\mux\libmux_dummy_plugin.dll
2015-07-22 23:03 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2010-12-02 11:56 - 2010-12-02 11:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2011-01-09 14:45 - 2011-01-09 14:45 - 00088064 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2012-06-14 09:59 - 2012-06-14 09:59 - 02414080 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2012-05-17 05:17 - 2012-05-17 05:17 - 01000448 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 08:18 - 2010-09-20 08:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2011-04-12 09:14 - 2011-04-12 09:14 - 00063488 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 14:16 - 2010-11-01 14:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 05:40 - 2012-04-27 05:40 - 00118272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2015-05-31 07:59 - 2015-05-31 07:59 - 01301696 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2015-07-22 22:34 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00182160 _____ () C:\Program Files (x86)\Netease\CloudMusic\ExceptionHandler.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 08792976 _____ () C:\Program Files (x86)\Netease\CloudMusic\cloudmusic.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 38804368 _____ () C:\Program Files (x86)\Netease\CloudMusic\libcef.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 02405264 _____ () C:\Program Files (x86)\Netease\CloudMusic\ffmpegsumo.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00246672 _____ () C:\Program Files (x86)\Netease\CloudMusic\swresample-0.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00587152 _____ () C:\Program Files (x86)\Netease\CloudMusic\avutil-52.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00112016 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC++_dynamic.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00262032 _____ () C:\Program Files (x86)\Netease\CloudMusic\libFLAC_dynamic.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00877968 _____ () C:\Program Files (x86)\Netease\CloudMusic\libglesv2.dll
2015-07-01 19:11 - 2015-07-01 19:11 - 00135056 _____ () C:\Program Files (x86)\Netease\CloudMusic\libegl.dll
Code:
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{31318ECB-AF74-4106-B0A2-2B3EDA789D6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B912A8A8-2FFC-46A9-BC90-8F2ADAF1FA04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DFE99456-02A3-4BD6-B869-48F3725960A5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E8A9F4FF-03C7-4324-A9FB-85AC1F064ABB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7650DD28-BD69-4E48-AFE1-8C23A44DCB00}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{088E6B56-AFCC-4EA5-B761-0010C42D7E16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{75CB67CD-A76A-4ADF-BD16-75449D719D7C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1D818F1A-6B2A-4577-B4ED-B0DCCF14AC83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4DC4B20C-C873-4E7B-82A4-030033F9BC23}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{455A9694-DAC0-4F59-BE9D-2B968FA62C09}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C4D6BD07-82A7-4F43-9018-2BF17DA02DB4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC2C5D7C-C7A0-4DE5-AF1E-E01C04618E5A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CFA53C8D-AA7B-4A8C-B612-850E7E400609}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{73C384E8-360B-4F4C-A8AE-6FDA3AF5DFC7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0445A054-7BA1-4C4B-8D14-DB2AC82ABE29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{EB373585-B486-4DCE-8FAC-4FAA0CCE7B0F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{7524E29D-4218-4024-A171-617E336F66C4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{AC4B3B52-BD0B-4AB7-AC7E-CABC84DF12FD}] => (Allow) F:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{3164D92F-AF94-4816-AF3B-A1D64B71202C}] => (Allow) F:\SteamLibrary\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{16D641E5-9497-447C-9760-4259A836894E}] => (Allow) F:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{4373B442-49BC-492D-992C-18A428F1C6F2}] => (Allow) F:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{211C7DF8-8E8A-4C18-9EB3-207F90112E6A}] => (Allow) F:\SteamLibrary\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{8429FF5F-347D-4835-9545-9E21E48F8816}] => (Allow) F:\SteamLibrary\steamapps\common\Banished\Application-steam-x64.exe
FirewallRules: [{3CC45C88-39B3-40F1-BF12-E9C9CD5FCAC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{AC17C5B6-5D80-4940-AAD8-D61E5586B2D1}] => (Allow) F:\SteamLibrary\steamapps\common\Cossacks Art of War\dmcr.exe
FirewallRules: [{D3F5852E-AD54-427C-95F0-9F0EDB5D9100}] => (Allow) F:\SteamLibrary\steamapps\common\Cossacks Art of War\dmcr.exe
FirewallRules: [{40B6F5EC-BF77-45F6-ADCB-A95737EB4D7B}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{5C3BA0F8-94E4-4D47-84D7-196EFCFE3CA2}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: BAPIDRV
Description: BAPIDRV
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BAPIDRV
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/04/2015 09:37:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/04/2015 03:48:15 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0801d79c-f2d4-43c6-ba46-ab0ef0811675}

Error: (08/04/2015 03:18:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/04/2015 02:04:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 12:27:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 12:16:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 07:37:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/03/2015 07:26:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 01:02:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (08/03/2015 01:01:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (08/04/2015 02:02:48 AM) (Source: BugCheck) (EventID: 1001) (User: )
Description: 0x00000109 (0xa3a039d899ba26dc, 0xb3b7465eec3868fa, 0xfffff880033226c0, 0x0000000000000002)C:\Windows\Minidump\080415-25022-01.dmp080415-25022-01

Error: (08/04/2015 02:02:47 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎08.‎2015 um 02:00:40 unerwartet heruntergefahren.

Error: (08/03/2015 03:10:42 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49164

Error: (08/03/2015 03:10:42 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49163

Error: (08/03/2015 03:10:42 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49162

Error: (08/03/2015 03:10:42 AM) (Source: HTTP) (EventID: 15005) (User: )
Description: \Device\Http\ReqQueue[::]:49161

Error: (07/31/2015 09:14:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (07/31/2015 09:14:53 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/31/2015 09:14:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (07/31/2015 09:14:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Admin\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office:
=========================
Error: (08/04/2015 09:37:55 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Admin\Downloads\esetsmartinstaller_deu.exe

Error: (08/04/2015 03:48:15 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {0801d79c-f2d4-43c6-ba46-ab0ef0811675}

Error: (08/04/2015 03:18:00 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\admin\downloads\esetsmartinstaller_deu.exe

Error: (08/04/2015 02:04:22 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 12:27:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/04/2015 12:16:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 07:37:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\admin\downloads\esetsmartinstaller_deu.exe

Error: (08/03/2015 07:26:11 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/03/2015 01:02:48 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestc:\users\admin\downloads\esetsmartinstaller_deu.exe

Error: (08/03/2015 01:01:38 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Build.Signing.wintrust.dll,version="0.0.0.0"C:\Program Files (x86)\Windows Kits\8.0\bin\x86\makecat.exe.Manifest


CodeIntegrity:
===================================
  Date: 2015-07-26 20:24:14.118
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 20:24:14.098
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 20:23:41.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 20:23:41.686
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:26:37.244
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:26:37.228
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:25:59.122
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:25:59.122
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:23:51.279
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-26 06:23:51.233
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume5\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 43%
Total physical RAM: 8077.2 MB
Available physical RAM: 4560.3 MB
Total Virtual: 16152.61 MB
Available Virtual: 12160.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:1397.04 GB) (Free:1303.27 GB) NTFS
Drive d: (MouseEditor_V13) (CDROM) (Total:0.07 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:65.83 GB) (Free:45.66 GB) NTFS
Drive f: (Daten) (Fixed) (Total:865.68 GB) (Free:813.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 841A2F25)
Partition 1: (Not Active) - (Size=865.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=65.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1397.3 GB) (Disk ID: 4ECBA760)

Partition: GPT Partition Type.

==================== Ende von log ============================
Das wars dann :)


Mein PC sendet Daten an die IP Adressen:

IP address 93.184.220.29
Location United States (US) flag
Registry ripe

123.58.180.78 IP address information
Geolocation
Country CN

ns1.edgecastcdn.net

was ist das?

Sind die Logs so gut? :)

schrauber 04.08.2015 15:38
hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.

Sumple 04.08.2015 20:16
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.08.04.04
  rootkit: v2015.08.04.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Admin :: ADMIN-PC [administrator]

04.08.2015 20:57:00
mbar-log-2015-08-04 (20-57-00).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 377770
Time elapsed: 10 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
21:12:53.0335 0x1550 Akamai NetSession Interface - ok
Das würde ich ganz gerne loswerden, aber es installiert sich immer wieder..

Code:
21:11:22.0291 0x1e28  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
21:11:22.0291 0x1e28  UEFI system
21:11:41.0811 0x1e28  ============================================================
21:11:41.0811 0x1e28  Current date / time: 2015/08/04 21:11:41.0811
21:11:41.0811 0x1e28  SystemInfo:
21:11:41.0811 0x1e28 
21:11:41.0811 0x1e28  OS Version: 6.1.7601 ServicePack: 1.0
21:11:41.0811 0x1e28  Product type: Workstation
21:11:41.0811 0x1e28  ComputerName: ADMIN-PC
21:11:41.0811 0x1e28  UserName: Admin
21:11:41.0811 0x1e28  Windows directory: C:\Windows
21:11:41.0811 0x1e28  System windows directory: C:\Windows
21:11:41.0811 0x1e28  Running under WOW64
21:11:41.0811 0x1e28  Processor architecture: Intel x64
21:11:41.0811 0x1e28  Number of processors: 8
21:11:41.0811 0x1e28  Page size: 0x1000
21:11:41.0811 0x1e28  Boot type: Normal boot
21:11:41.0811 0x1e28  ============================================================
21:11:45.0646 0x1e28  KLMD registered as C:\Windows\system32\drivers\64891745.sys
21:11:46.0091 0x1e28  System UUID: {B02CF22F-B4FA-F8B2-278F-E0EA95AED767}
21:11:46.0827 0x1e28  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:46.0835 0x1e28  Drive \Device\Harddisk1\DR1 - Size: 0x15D50F66000 ( 1397.27 Gb ), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:11:46.0840 0x1e28  ============================================================
21:11:46.0840 0x1e28  \Device\Harddisk0\DR0:
21:11:46.0840 0x1e28  MBR partitions:
21:11:46.0840 0x1e28  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x6C35A6AF
21:11:46.0840 0x1e28  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x6C35E800, BlocksNum 0x83A7800
21:11:46.0840 0x1e28  \Device\Harddisk1\DR1:
21:11:46.0840 0x1e28  GPT partitions:
21:11:46.0841 0x1e28  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {952CED50-5EB8-4E2C-A6ED-BD79E612CBA6}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
21:11:46.0841 0x1e28  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D8996A41-AE6D-4456-B510-10B1EBA2F524}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
21:11:46.0841 0x1e28  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D7DC2EFA-09D6-47BD-8F68-AED9C4851AE3}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xAEA15000
21:11:46.0841 0x1e28  MBR partitions:
21:11:46.0841 0x1e28  ============================================================
21:11:46.0872 0x1e28  C: <-> \Device\Harddisk1\DR1\Partition3
21:11:46.0913 0x1e28  E: <-> \Device\Harddisk0\DR0\Partition2
21:11:46.0943 0x1e28  F: <-> \Device\Harddisk0\DR0\Partition1
21:11:46.0943 0x1e28  ============================================================
21:11:46.0944 0x1e28  Initialize success
21:11:46.0944 0x1e28  ============================================================
21:12:10.0847 0x1550  ============================================================
21:12:10.0847 0x1550  Scan started
21:12:10.0847 0x1550  Mode: Manual; SigCheck;
21:12:10.0847 0x1550  ============================================================
21:12:10.0847 0x1550  KSN ping started
21:12:13.0616 0x1550  KSN ping finished: true
21:12:14.0524 0x1550  ================ Scan system memory ========================
21:12:14.0524 0x1550  System memory - ok
21:12:14.0524 0x1550  ================ Scan services =============================
21:12:14.0693 0x1550  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:12:14.0791 0x1550  1394ohci - ok
21:12:14.0816 0x1550  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:12:14.0833 0x1550  ACPI - ok
21:12:14.0843 0x1550  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
21:12:14.0869 0x1550  AcpiPmi - ok
21:12:14.0880 0x1550  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
21:12:14.0898 0x1550  adp94xx - ok
21:12:14.0906 0x1550  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
21:12:14.0922 0x1550  adpahci - ok
21:12:14.0928 0x1550  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
21:12:14.0941 0x1550  adpu320 - ok
21:12:14.0970 0x1550  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
21:12:14.0997 0x1550  AeLookupSvc - ok
21:12:15.0042 0x1550  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
21:12:15.0086 0x1550  AFD - ok
21:12:15.0101 0x1550  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:12:15.0113 0x1550  agp440 - ok
21:12:15.0131 0x1550  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
21:12:15.0162 0x1550  ALG - ok
21:12:15.0188 0x1550  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:12:15.0199 0x1550  aliide - ok
21:12:15.0207 0x1550  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:12:15.0217 0x1550  amdide - ok
21:12:15.0224 0x1550  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
21:12:15.0238 0x1550  AmdK8 - ok
21:12:15.0241 0x1550  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:12:15.0263 0x1550  AmdPPM - ok
21:12:15.0267 0x1550  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
21:12:15.0279 0x1550  amdsata - ok
21:12:15.0285 0x1550  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:12:15.0299 0x1550  amdsbs - ok
21:12:15.0346 0x1550  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
21:12:15.0357 0x1550  amdxata - ok
21:12:15.0398 0x1550  [ FAD35699987BAA96E22E13B24FF44769, 2320DA30E04BCE7E39570AF56BD1E7846D5A9E1043B1DBF3DA962C4AC9D822CE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
21:12:15.0415 0x1550  androidusb - ok
21:12:15.0427 0x1550  AntiLog32 - ok
21:12:15.0459 0x1550  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
21:12:15.0472 0x1550  AppID - ok
21:12:15.0475 0x1550  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:12:15.0488 0x1550  AppIDSvc - ok
21:12:15.0520 0x1550  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo        C:\Windows\System32\appinfo.dll
21:12:15.0533 0x1550  Appinfo - ok
21:12:15.0570 0x1550  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
21:12:15.0594 0x1550  AppMgmt - ok
21:12:15.0598 0x1550  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
21:12:15.0610 0x1550  arc - ok
21:12:15.0613 0x1550  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:12:15.0625 0x1550  arcsas - ok
21:12:15.0672 0x1550  [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
21:12:15.0683 0x1550  asahci64 - ok
21:12:15.0791 0x1550  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:12:15.0803 0x1550  aspnet_state - ok
21:12:15.0832 0x1550  [ 525F5989C095F5757414E1F4B39175B2, 0CA28553AE4BF07C3952A6E2355FAB2B0CB862CFD88DEFD7232FD48ABA99CFCB ] aswHwid        C:\Windows\system32\drivers\aswHwid.sys
21:12:15.0844 0x1550  aswHwid - ok
21:12:15.0857 0x1550  [ 76D585093398DB973470BB83FCF0CE52, F7135232E7F50270A253C9F04574F22B827A42B2BE42DE6E391CE3A56B2EA51F ] aswMonFlt      C:\Windows\system32\drivers\aswMonFlt.sys
21:12:15.0868 0x1550  aswMonFlt - ok
21:12:15.0888 0x1550  [ 719FF5568B5E71832541636E2A7DFE27, C49ADB31B5DE6FCFB252290D5B831A90E555F86058500538BBD288B10CDCC46F ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
21:12:15.0899 0x1550  aswRdr - ok
21:12:15.0915 0x1550  [ 21C13E3C9B801C8AE172FABBD235221E, 0AE02CB0F4A87C6065159B68545DD536C4E98C8C23E954ED3392A7CE5F28868C ] aswRvrt        C:\Windows\system32\drivers\aswRvrt.sys
21:12:15.0928 0x1550  aswRvrt - ok
21:12:15.0972 0x1550  [ 5B6A864A2CE292992040CEBAFC8F746A, 3AC0D60B3530AA55266C6547686E4488FE3C5CDD19223ECAF6E5C5A4109EF0C1 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:12:16.0002 0x1550  aswSnx - ok
21:12:16.0057 0x1550  [ C43A0929DE32035499D6BB39A7F44439, 6269380D25D6BFFB7C234758114B700A75BD55D654B6D93ED44D50660A86FCA7 ] aswSP          C:\Windows\system32\drivers\aswSP.sys
21:12:16.0076 0x1550  aswSP - ok
21:12:16.0080 0x1550  [ 763C27EA21875F54615A0174EEC78FC4, 4EE48D475B183DD2066781137F46A4BEE2E510B3A085B9B1385F8C0043A5BE08 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
21:12:16.0093 0x1550  aswStm - ok
21:12:16.0109 0x1550  [ C85B35201A253B99199C0A9F5B98FC18, 18FF49D52035C79AD70A96FBD4663C41A58830D432DD4B9EDA6E7FCDFD12C18F ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:12:16.0124 0x1550  aswVmm - ok
21:12:16.0144 0x1550  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:12:16.0215 0x1550  AsyncMac - ok
21:12:16.0241 0x1550  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
21:12:16.0251 0x1550  atapi - ok
21:12:16.0295 0x1550  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:12:16.0329 0x1550  AudioEndpointBuilder - ok
21:12:16.0342 0x1550  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:12:16.0363 0x1550  AudioSrv - ok
21:12:16.0515 0x1550  [ 4956380A54B1C9E6BFDF3D80DACB9698, 0B0F9807EEF0F3BFE4F862876633D241DBA8F72A1373445976FF388678C4734C ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:12:16.0527 0x1550  avast! Antivirus - ok
21:12:16.0688 0x1550  [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
21:12:16.0757 0x1550  AvastVBoxSvc - ok
21:12:16.0791 0x1550  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:12:16.0838 0x1550  AxInstSV - ok
21:12:16.0870 0x1550  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
21:12:16.0895 0x1550  b06bdrv - ok
21:12:16.0923 0x1550  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:12:16.0966 0x1550  b57nd60a - ok
21:12:16.0968 0x1550  BAPIDRV - ok
21:12:16.0990 0x1550  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:12:17.0005 0x1550  BDESVC - ok
21:12:17.0016 0x1550  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:12:17.0048 0x1550  Beep - ok
21:12:17.0087 0x1550  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
21:12:17.0127 0x1550  BFE - ok
21:12:17.0171 0x1550  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:12:17.0214 0x1550  BITS - ok
21:12:17.0232 0x1550  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:12:17.0245 0x1550  blbdrive - ok
21:12:17.0276 0x1550  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:12:17.0289 0x1550  bowser - ok
21:12:17.0301 0x1550  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:12:17.0330 0x1550  BrFiltLo - ok
21:12:17.0332 0x1550  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:12:17.0346 0x1550  BrFiltUp - ok
21:12:17.0377 0x1550  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
21:12:17.0391 0x1550  Browser - ok
21:12:17.0520 0x1550  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
21:12:17.0593 0x1550  Brserid - ok
21:12:17.0607 0x1550  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:12:17.0621 0x1550  BrSerWdm - ok
21:12:17.0624 0x1550  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:12:17.0638 0x1550  BrUsbMdm - ok
21:12:17.0652 0x1550  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:12:17.0676 0x1550  BrUsbSer - ok
21:12:17.0680 0x1550  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:12:17.0703 0x1550  BTHMODEM - ok
21:12:17.0730 0x1550  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
21:12:17.0756 0x1550  bthserv - ok
21:12:17.0772 0x1550  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:12:17.0798 0x1550  cdfs - ok
21:12:17.0816 0x1550  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
21:12:17.0831 0x1550  cdrom - ok
21:12:17.0850 0x1550  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
21:12:17.0876 0x1550  CertPropSvc - ok
21:12:17.0890 0x1550  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:12:17.0904 0x1550  circlass - ok
21:12:17.0942 0x1550  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
21:12:17.0958 0x1550  CLFS - ok
21:12:18.0031 0x1550  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:12:18.0043 0x1550  clr_optimization_v2.0.50727_32 - ok
21:12:18.0082 0x1550  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:12:18.0094 0x1550  clr_optimization_v2.0.50727_64 - ok
21:12:18.0147 0x1550  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:12:18.0160 0x1550  clr_optimization_v4.0.30319_32 - ok
21:12:18.0180 0x1550  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:12:18.0193 0x1550  clr_optimization_v4.0.30319_64 - ok
21:12:18.0195 0x1550  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:12:18.0208 0x1550  CmBatt - ok
21:12:18.0480 0x1550  [ 4C3362A4241BD0884370569AB2884443, E947BCFCF401EF200E79AC4C0F0EA38D7891B0B7E4A0535362E5F597A6E2E2DE ] CmdAgent        C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
21:12:18.0575 0x1550  CmdAgent - ok
21:12:18.0613 0x1550  [ 41208E1CD85966F21E212E21CDF40F9F, 532B500154D4FFECC3A55D845EEDAA471C27481284EC22ECF406658DC4A33666 ] cmderd          C:\Windows\system32\DRIVERS\cmderd.sys
21:12:18.0625 0x1550  cmderd - ok
21:12:18.0665 0x1550  [ CE5026119307AD5A553432069831FA5C, EF92785FE83646E7631CA8A7904CF0A68EF9BE3E77897EDAB785C64CF7138151 ] cmdGuard        C:\Windows\system32\DRIVERS\cmdguard.sys
21:12:18.0690 0x1550  cmdGuard - ok
21:12:18.0711 0x1550  [ 6AF42EF185D51E4C381BFDBD74BB21D4, 80325FC848F521A12504371C922944023A5849B7DB79040EA3D5F291C65AA0E9 ] cmdHlp          C:\Windows\system32\DRIVERS\cmdhlp.sys
21:12:18.0722 0x1550  cmdHlp - ok
21:12:18.0749 0x1550  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:12:18.0760 0x1550  cmdide - ok
21:12:18.0836 0x1550  [ 912C48CA19264393306312D0B08E4F58, 9D676843AABFC5C47B9F13E217B82AE5E3973C0617F147B566B5224F5430F49B ] cmdvirth        C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
21:12:18.0889 0x1550  cmdvirth - ok
21:12:18.0946 0x1550  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
21:12:18.0968 0x1550  CNG - ok
21:12:18.0982 0x1550  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:12:18.0994 0x1550  Compbatt - ok
21:12:19.0014 0x1550  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:12:19.0041 0x1550  CompositeBus - ok
21:12:19.0043 0x1550  COMSysApp - ok
21:12:19.0158 0x1550  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:12:19.0184 0x1550  cphs - ok
21:12:19.0187 0x1550  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
21:12:19.0198 0x1550  crcdisk - ok
21:12:19.0231 0x1550  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:12:19.0267 0x1550  CryptSvc - ok
21:12:19.0303 0x1550  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
21:12:19.0341 0x1550  CSC - ok
21:12:19.0385 0x1550  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:12:19.0410 0x1550  CscService - ok
21:12:19.0446 0x1550  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:12:19.0514 0x1550  DcomLaunch - ok
21:12:19.0563 0x1550  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
21:12:19.0594 0x1550  defragsvc - ok
21:12:19.0637 0x1550  [ CF1F6326AC44C42F4615D4BD53188AC5, 28DC32F1957918C3D5DE72415CC32A51C6885CAA38119FE475D2631269D3B9B3 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:12:19.0665 0x1550  DfsC - ok
21:12:19.0694 0x1550  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:12:19.0730 0x1550  Dhcp - ok
21:12:19.0816 0x1550  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack      C:\Windows\system32\diagtrack.dll
21:12:19.0864 0x1550  DiagTrack - ok
21:12:19.0891 0x1550  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:12:19.0924 0x1550  discache - ok
21:12:19.0968 0x1550  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
21:12:19.0982 0x1550  Disk - ok
21:12:20.0012 0x1550  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
21:12:20.0028 0x1550  dmvsc - ok
21:12:20.0054 0x1550  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:12:20.0075 0x1550  Dnscache - ok
21:12:20.0105 0x1550  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
21:12:20.0151 0x1550  dot3svc - ok
21:12:20.0167 0x1550  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
21:12:20.0199 0x1550  DPS - ok
21:12:20.0219 0x1550  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
21:12:20.0232 0x1550  drmkaud - ok
21:12:20.0280 0x1550  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
21:12:20.0310 0x1550  DXGKrnl - ok
21:12:20.0327 0x1550  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
21:12:20.0357 0x1550  EapHost - ok
21:12:20.0434 0x1550  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
21:12:20.0515 0x1550  ebdrv - ok
21:12:20.0538 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS            C:\Windows\System32\lsass.exe
21:12:20.0551 0x1550  EFS - ok
21:12:20.0605 0x1550  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
21:12:20.0641 0x1550  ehRecvr - ok
21:12:20.0645 0x1550  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
21:12:20.0659 0x1550  ehSched - ok
21:12:20.0675 0x1550  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
21:12:20.0697 0x1550  elxstor - ok
21:12:20.0701 0x1550  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:12:20.0726 0x1550  ErrDev - ok
21:12:20.0750 0x1550  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
21:12:20.0784 0x1550  EventSystem - ok
21:12:20.0796 0x1550  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
21:12:20.0828 0x1550  exfat - ok
21:12:20.0847 0x1550  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
21:12:20.0887 0x1550  fastfat - ok
21:12:20.0917 0x1550  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
21:12:20.0944 0x1550  Fax - ok
21:12:20.0947 0x1550  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
21:12:20.0970 0x1550  fdc - ok
21:12:20.0981 0x1550  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
21:12:21.0011 0x1550  fdPHost - ok
21:12:21.0017 0x1550  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:12:21.0046 0x1550  FDResPub - ok
21:12:21.0059 0x1550  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:12:21.0073 0x1550  FileInfo - ok
21:12:21.0083 0x1550  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
21:12:21.0111 0x1550  Filetrace - ok
21:12:21.0114 0x1550  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:12:21.0139 0x1550  flpydisk - ok
21:12:21.0164 0x1550  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:12:21.0180 0x1550  FltMgr - ok
21:12:21.0226 0x1550  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
21:12:21.0262 0x1550  FontCache - ok
21:12:21.0300 0x1550  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:12:21.0312 0x1550  FontCache3.0.0.0 - ok
21:12:21.0329 0x1550  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
21:12:21.0341 0x1550  FsDepends - ok
21:12:21.0363 0x1550  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:12:21.0375 0x1550  Fs_Rec - ok
21:12:21.0520 0x1550  [ 38F3CF15321DC2B47C7907EB222B637A, C2CE4F62BD7C93566C36B7290DA3E804FB79A18A18E2544E2B6404B473483D4E ] fussvc          C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe
21:12:21.0527 0x1550  fussvc - detected UnsignedFile.Multi.Generic ( 1 )
21:12:23.0949 0x1550  Detect skipped due to KSN trusted
21:12:23.0949 0x1550  fussvc - ok
21:12:23.0983 0x1550  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:12:23.0998 0x1550  fvevol - ok
21:12:24.0025 0x1550  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:12:24.0036 0x1550  gagp30kx - ok
21:12:24.0120 0x1550  [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:12:24.0145 0x1550  GfExperienceService - ok
21:12:24.0190 0x1550  [ FE91DC3D9A696CCDDB9F51C25ACBC53A, 4E1A7BB3AC57530A1DF8AB7E981087275E89E6AC629F881C98E40F13150ED532 ] gpsvc          C:\Windows\System32\gpsvc.dll
21:12:24.0230 0x1550  gpsvc - ok
21:12:24.0288 0x1550  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:12:24.0298 0x1550  gupdate - ok
21:12:24.0302 0x1550  [ C6FF00DA1605982E616C03BE809FFE2D, 4D9C86B9FF2FA291DC320677D28DF00C26834409F7AD94D6C07D2233ED746B19 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:12:24.0313 0x1550  gupdatem - ok
21:12:24.0356 0x1550  [ 3F95931AEEA6DEF9FC02C565D2EFC145, A77CE97B0143A035D7C2655C2BF31008D4D555EF63CCF188EC58D5611782E635 ] hcmon          C:\Windows\system32\drivers\hcmon.sys
21:12:24.0367 0x1550  hcmon - ok
21:12:24.0375 0x1550  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:12:24.0394 0x1550  hcw85cir - ok
21:12:24.0430 0x1550  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:12:24.0449 0x1550  HdAudAddService - ok
21:12:24.0470 0x1550  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:12:24.0486 0x1550  HDAudBus - ok
21:12:24.0488 0x1550  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
21:12:24.0512 0x1550  HidBatt - ok
21:12:24.0516 0x1550  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:12:24.0538 0x1550  HidBth - ok
21:12:24.0560 0x1550  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
21:12:24.0580 0x1550  HidIr - ok
21:12:24.0608 0x1550  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
21:12:24.0633 0x1550  hidserv - ok
21:12:24.0648 0x1550  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:12:24.0669 0x1550  HidUsb - ok
21:12:24.0713 0x1550  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:12:24.0790 0x1550  hkmsvc - ok
21:12:24.0871 0x1550  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:12:24.0888 0x1550  HomeGroupListener - ok
21:12:24.0916 0x1550  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:12:24.0933 0x1550  HomeGroupProvider - ok
21:12:24.0950 0x1550  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:12:24.0961 0x1550  HpSAMD - ok
21:12:25.0012 0x1550  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:12:25.0050 0x1550  HTTP - ok
21:12:25.0077 0x1550  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:12:25.0088 0x1550  hwpolicy - ok
21:12:25.0136 0x1550  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:12:25.0150 0x1550  i8042prt - ok
21:12:25.0225 0x1550  [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA        C:\Windows\system32\DRIVERS\iaStorA.sys
21:12:25.0247 0x1550  iaStorA - ok
21:12:25.0272 0x1550  [ 711241EA1BA9DB44F34D03D2AD00ED08, D23AA8D0495F2783E0395F0E1266A9781BED3FD0504712F9B9D30B88411514B5 ] iaStorF        C:\Windows\system32\DRIVERS\iaStorF.sys
21:12:25.0282 0x1550  iaStorF - ok
21:12:25.0300 0x1550  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
21:12:25.0318 0x1550  iaStorV - ok
21:12:25.0372 0x1550  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:12:25.0397 0x1550  idsvc - ok
21:12:25.0400 0x1550  IEEtwCollectorService - ok
21:12:25.0508 0x1550  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:12:25.0604 0x1550  igfx - ok
21:12:25.0660 0x1550  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:12:25.0676 0x1550  igfxCUIService1.0.0.0 - ok
21:12:25.0692 0x1550  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
21:12:25.0703 0x1550  iirsp - ok
21:12:25.0736 0x1550  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
21:12:25.0746 0x1550  ikbevent - ok
21:12:25.0790 0x1550  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:12:25.0829 0x1550  IKEEXT - ok
21:12:25.0832 0x1550  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
21:12:25.0842 0x1550  imsevent - ok
21:12:25.0912 0x1550  [ A873942D6F7FC279D1EB9EBB44FF4E2B, 7836F092E679FC6A207B92CD86C44428FE73E8F78C5398DBD172BCB5DCB32BBD ] inspect        C:\Windows\system32\DRIVERS\inspect.sys
21:12:25.0925 0x1550  inspect - ok
21:12:26.0060 0x1550  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:12:26.0151 0x1550  IntcAzAudAddService - ok
21:12:26.0219 0x1550  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:12:26.0237 0x1550  Intel(R) Capability Licensing Service Interface - ok
21:12:26.0302 0x1550  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:12:26.0313 0x1550  Intel(R) ME Service - ok
21:12:26.0341 0x1550  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:12:26.0352 0x1550  intelide - ok
21:12:26.0393 0x1550  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:12:26.0407 0x1550  intelppm - ok
21:12:26.0430 0x1550  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
21:12:26.0458 0x1550  IPBusEnum - ok
21:12:26.0472 0x1550  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:12:26.0508 0x1550  IpFilterDriver - ok
21:12:26.0550 0x1550  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:12:26.0583 0x1550  iphlpsvc - ok
21:12:26.0587 0x1550  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
21:12:26.0604 0x1550  IPMIDRV - ok
21:12:26.0608 0x1550  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
21:12:26.0646 0x1550  IPNAT - ok
21:12:26.0658 0x1550  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:12:26.0682 0x1550  IRENUM - ok
21:12:26.0701 0x1550  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:12:26.0712 0x1550  isapnp - ok
21:12:26.0731 0x1550  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:12:26.0746 0x1550  iScsiPrt - ok
21:12:26.0788 0x1550  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
21:12:26.0798 0x1550  ISCT - ok
21:12:26.0844 0x1550  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:12:26.0854 0x1550  iusb3hcs - ok
21:12:26.0882 0x1550  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:12:26.0899 0x1550  iusb3hub - ok
21:12:26.0915 0x1550  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:12:26.0938 0x1550  iusb3xhc - ok
21:12:26.0954 0x1550  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:12:26.0966 0x1550  jhi_service - ok
21:12:26.0979 0x1550  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:12:26.0990 0x1550  kbdclass - ok
21:12:26.0998 0x1550  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:12:27.0026 0x1550  kbdhid - ok
21:12:27.0065 0x1550  [ 249B4AB4EA96E333AA0F01BF67209817, EEA976B7BAC3B49B52D2E1A3D308D9C5EF81DA4483DEC29CC4056319FA08E5DC ] keycrypt        C:\Windows\system32\DRIVERS\KeyCrypt64.sys
21:12:27.0077 0x1550  keycrypt - ok
21:12:27.0085 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
21:12:27.0098 0x1550  KeyIso - ok
21:12:27.0120 0x1550  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:12:27.0132 0x1550  KSecDD - ok
21:12:27.0163 0x1550  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
21:12:27.0177 0x1550  KSecPkg - ok
21:12:27.0184 0x1550  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
21:12:27.0208 0x1550  ksthunk - ok
21:12:27.0235 0x1550  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
21:12:27.0267 0x1550  KtmRm - ok
21:12:27.0301 0x1550  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:12:27.0331 0x1550  LanmanServer - ok
21:12:27.0360 0x1550  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:12:27.0388 0x1550  LanmanWorkstation - ok
21:12:27.0486 0x1550  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
21:12:27.0568 0x1550  LGBusEnum - ok
21:12:27.0663 0x1550  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
21:12:27.0676 0x1550  LGCoreTemp - ok
21:12:27.0679 0x1550  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore    C:\Windows\system32\drivers\LGJoyXlCore.sys
21:12:27.0695 0x1550  LGJoyXlCore - ok
21:12:27.0728 0x1550  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:12:27.0742 0x1550  LGVirHid - ok
21:12:27.0854 0x1550  [ 337FA50FFDED5E2BC94B36BF625AB681, BC77CCED8F2B52D26C7A2D7960FB5C1690F5D7E41013644C9226A85C9FF4FA2C ] LiveUpdateSvc  C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
21:12:27.0928 0x1550  LiveUpdateSvc - ok
21:12:27.0968 0x1550  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:12:28.0004 0x1550  lltdio - ok
21:12:28.0021 0x1550  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
21:12:28.0066 0x1550  lltdsvc - ok
21:12:28.0081 0x1550  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
21:12:28.0108 0x1550  lmhosts - ok
21:12:28.0147 0x1550  [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:12:28.0160 0x1550  LMS - ok
21:12:28.0183 0x1550  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:12:28.0195 0x1550  LSI_FC - ok
21:12:28.0199 0x1550  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
21:12:28.0211 0x1550  LSI_SAS - ok
21:12:28.0214 0x1550  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:12:28.0225 0x1550  LSI_SAS2 - ok
21:12:28.0229 0x1550  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:12:28.0241 0x1550  LSI_SCSI - ok
21:12:28.0274 0x1550  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
21:12:28.0300 0x1550  luafv - ok
21:12:28.0325 0x1550  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
21:12:28.0336 0x1550  MBAMProtector - ok
21:12:28.0417 0x1550  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
21:12:28.0446 0x1550  MBAMService - ok
21:12:28.0465 0x1550  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
21:12:28.0476 0x1550  MBAMWebAccessControl - ok
21:12:28.0523 0x1550  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
21:12:28.0533 0x1550  MBfilt - ok
21:12:28.0557 0x1550  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
21:12:28.0572 0x1550  Mcx2Svc - ok
21:12:28.0587 0x1550  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
21:12:28.0598 0x1550  megasas - ok
21:12:28.0605 0x1550  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:12:28.0620 0x1550  MegaSR - ok
21:12:28.0646 0x1550  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:12:28.0656 0x1550  MEIx64 - ok
21:12:28.0667 0x1550  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
21:12:28.0693 0x1550  MMCSS - ok
21:12:28.0696 0x1550  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
21:12:28.0720 0x1550  Modem - ok
21:12:28.0754 0x1550  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
21:12:28.0767 0x1550  monitor - ok
21:12:28.0785 0x1550  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:12:28.0795 0x1550  mouclass - ok
21:12:28.0806 0x1550  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:12:28.0836 0x1550  mouhid - ok
21:12:28.0871 0x1550  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:12:28.0882 0x1550  mountmgr - ok
21:12:28.0948 0x1550  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:12:28.0960 0x1550  MozillaMaintenance - ok
21:12:28.0965 0x1550  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:12:28.0978 0x1550  mpio - ok
21:12:28.0995 0x1550  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:12:29.0020 0x1550  mpsdrv - ok
21:12:29.0046 0x1550  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:12:29.0097 0x1550  MpsSvc - ok
21:12:29.0126 0x1550  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:12:29.0156 0x1550  MRxDAV - ok
21:12:29.0190 0x1550  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:12:29.0215 0x1550  mrxsmb - ok
21:12:29.0238 0x1550  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:12:29.0255 0x1550  mrxsmb10 - ok
21:12:29.0265 0x1550  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:12:29.0291 0x1550  mrxsmb20 - ok
21:12:29.0325 0x1550  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:12:29.0336 0x1550  msahci - ok
21:12:29.0377 0x1550  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
21:12:29.0389 0x1550  msdsm - ok
21:12:29.0424 0x1550  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
21:12:29.0473 0x1550  MSDTC - ok
21:12:29.0517 0x1550  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:12:29.0547 0x1550  Msfs - ok
21:12:29.0565 0x1550  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
21:12:29.0596 0x1550  mshidkmdf - ok
21:12:29.0605 0x1550  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:12:29.0615 0x1550  msisadrv - ok
21:12:29.0643 0x1550  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
21:12:29.0673 0x1550  MSiSCSI - ok
21:12:29.0675 0x1550  msiserver - ok
21:12:29.0684 0x1550  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
21:12:29.0708 0x1550  MSKSSRV - ok
21:12:29.0717 0x1550  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:12:29.0755 0x1550  MSPCLOCK - ok
21:12:29.0758 0x1550  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
21:12:29.0795 0x1550  MSPQM - ok
21:12:29.0818 0x1550  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
21:12:29.0835 0x1550  MsRPC - ok
21:12:29.0848 0x1550  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:12:29.0859 0x1550  mssmbios - ok
21:12:29.0876 0x1550  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
21:12:29.0915 0x1550  MSTEE - ok
21:12:29.0917 0x1550  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:12:29.0930 0x1550  MTConfig - ok
21:12:29.0958 0x1550  [ AA0C2BA3782E92BD85E2264BE418E67C, 8B0953926E83274DF16670F1EF6F4E302F7EE17418F486975C353A406850298C ] Mup            C:\Windows\system32\Drivers\mup.sys
21:12:29.0969 0x1550  Mup - ok
21:12:29.0999 0x1550  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:12:30.0043 0x1550  napagent - ok
21:12:30.0080 0x1550  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
21:12:30.0100 0x1550  NativeWifiP - ok
21:12:30.0155 0x1550  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:12:30.0182 0x1550  NDIS - ok
21:12:30.0195 0x1550  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
21:12:30.0232 0x1550  NdisCap - ok
21:12:30.0250 0x1550  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:12:30.0275 0x1550  NdisTapi - ok
21:12:30.0278 0x1550  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
21:12:30.0302 0x1550  Ndisuio - ok
21:12:30.0317 0x1550  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
21:12:30.0344 0x1550  NdisWan - ok
21:12:30.0354 0x1550  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
21:12:30.0378 0x1550  NDProxy - ok
21:12:30.0389 0x1550  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
21:12:30.0415 0x1550  NetBIOS - ok
21:12:30.0429 0x1550  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
21:12:30.0456 0x1550  NetBT - ok
21:12:30.0469 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
21:12:30.0481 0x1550  Netlogon - ok
21:12:30.0516 0x1550  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:12:30.0547 0x1550  Netman - ok
21:12:30.0599 0x1550  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:30.0611 0x1550  NetMsmqActivator - ok
21:12:30.0615 0x1550  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:30.0627 0x1550  NetPipeActivator - ok
21:12:30.0643 0x1550  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:12:30.0695 0x1550  netprofm - ok
21:12:30.0699 0x1550  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:30.0711 0x1550  NetTcpActivator - ok
21:12:30.0714 0x1550  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:12:30.0726 0x1550  NetTcpPortSharing - ok
21:12:30.0754 0x1550  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
21:12:30.0765 0x1550  nfrd960 - ok
21:12:30.0801 0x1550  [ C88EB6EA6819740B97DECE3E6FD1C7BA, E37E3E07F9D0778913DDABAA8957626DFA81D8370DFA931D48AB53B1838B0D7B ] ngvss          C:\Windows\system32\drivers\ngvss.sys
21:12:30.0813 0x1550  ngvss - ok
21:12:30.0852 0x1550  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:12:30.0880 0x1550  NlaSvc - ok
21:12:30.0893 0x1550  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:12:30.0919 0x1550  Npfs - ok
21:12:30.0931 0x1550  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
21:12:30.0969 0x1550  nsi - ok
21:12:30.0982 0x1550  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:12:31.0019 0x1550  nsiproxy - ok
21:12:31.0084 0x1550  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:12:31.0125 0x1550  Ntfs - ok
21:12:31.0140 0x1550  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:12:31.0173 0x1550  Null - ok
21:12:31.0203 0x1550  [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub        C:\Windows\system32\drivers\nusb3hub.sys
21:12:31.0225 0x1550  nusb3hub - ok
21:12:31.0249 0x1550  [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc        C:\Windows\system32\drivers\nusb3xhc.sys
21:12:31.0279 0x1550  nusb3xhc - ok
21:12:31.0297 0x1550  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
21:12:31.0311 0x1550  NVHDA - ok
21:12:31.0577 0x1550  [ 45F83C99EDF3253D047F692A42C1A51A, 08EC3CE5F00C9B70F52577FAD0561A8ECCD6C04F96468DBA67B4D4C82C77FA6D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:12:31.0792 0x1550  nvlddmkm - ok
21:12:31.0890 0x1550  [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:12:31.0925 0x1550  NvNetworkService - ok
21:12:31.0963 0x1550  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:12:31.0976 0x1550  nvraid - ok
21:12:31.0981 0x1550  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:12:31.0994 0x1550  nvstor - ok
21:12:32.0047 0x1550  [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:12:32.0056 0x1550  NvStreamKms - ok
21:12:32.0194 0x1550  [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
21:12:32.0277 0x1550  NvStreamSvc - ok
21:12:32.0320 0x1550  [ 92C7B8287C185022F12253026FA33401, 96E466D17347DB3E789DD6DBF3604E51D4B86D3E49592B0EF6622BD278369F6C ] nvsvc          C:\Windows\system32\nvvsvc.exe
21:12:32.0343 0x1550  nvsvc - ok
21:12:32.0364 0x1550  [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:12:32.0376 0x1550  nvvad_WaveExtensible - ok
21:12:32.0380 0x1550  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:12:32.0392 0x1550  nv_agp - ok
21:12:32.0395 0x1550  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:12:32.0438 0x1550  ohci1394 - ok
21:12:32.0476 0x1550  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:12:32.0552 0x1550  p2pimsvc - ok
21:12:32.0568 0x1550  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:12:32.0599 0x1550  p2psvc - ok
21:12:32.0624 0x1550  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
21:12:32.0652 0x1550  Parport - ok
21:12:32.0680 0x1550  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
21:12:32.0691 0x1550  partmgr - ok
21:12:32.0726 0x1550  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:12:32.0755 0x1550  PcaSvc - ok
21:12:32.0775 0x1550  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
21:12:32.0788 0x1550  pci - ok
21:12:32.0827 0x1550  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:12:32.0837 0x1550  pciide - ok
21:12:32.0859 0x1550  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:12:32.0873 0x1550  pcmcia - ok
21:12:32.0892 0x1550  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
21:12:32.0903 0x1550  pcw - ok
21:12:32.0938 0x1550  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:12:32.0962 0x1550  PEAUTH - ok
21:12:33.0006 0x1550  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
21:12:33.0055 0x1550  PeerDistSvc - ok
21:12:33.0140 0x1550  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:12:33.0169 0x1550  PerfHost - ok
21:12:33.0215 0x1550  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
21:12:33.0264 0x1550  pla - ok
21:12:33.0324 0x1550  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:12:33.0345 0x1550  PlugPlay - ok
21:12:33.0371 0x1550  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
21:12:33.0420 0x1550  PNRPAutoReg - ok
21:12:33.0427 0x1550  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
21:12:33.0444 0x1550  PNRPsvc - ok
21:12:33.0492 0x1550  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
21:12:33.0526 0x1550  PolicyAgent - ok
21:12:33.0562 0x1550  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
21:12:33.0591 0x1550  Power - ok
21:12:33.0617 0x1550  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:12:33.0652 0x1550  PptpMiniport - ok
21:12:33.0663 0x1550  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
21:12:33.0676 0x1550  Processor - ok
21:12:33.0704 0x1550  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
21:12:33.0721 0x1550  ProfSvc - ok
21:12:33.0732 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
21:12:33.0745 0x1550  ProtectedStorage - ok
21:12:33.0764 0x1550  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:12:33.0795 0x1550  Psched - ok
21:12:33.0837 0x1550  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:12:33.0874 0x1550  ql2300 - ok
21:12:33.0880 0x1550  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:12:33.0892 0x1550  ql40xx - ok
21:12:33.0925 0x1550  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
21:12:33.0945 0x1550  QWAVE - ok
21:12:33.0953 0x1550  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:12:33.0980 0x1550  QWAVEdrv - ok
21:12:33.0983 0x1550  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:12:34.0017 0x1550  RasAcd - ok
21:12:34.0036 0x1550  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
21:12:34.0073 0x1550  RasAgileVpn - ok
21:12:34.0086 0x1550  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
21:12:34.0113 0x1550  RasAuto - ok
21:12:34.0118 0x1550  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
21:12:34.0144 0x1550  Rasl2tp - ok
21:12:34.0164 0x1550  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:12:34.0195 0x1550  RasMan - ok
21:12:34.0204 0x1550  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:12:34.0241 0x1550  RasPppoe - ok
21:12:34.0245 0x1550  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
21:12:34.0271 0x1550  RasSstp - ok
21:12:34.0297 0x1550  [ 71B6F78D6444CCE6F77BC42917A4E8F7, 34927A2C1CA349D251A327ED1F30018B065A8E6B886D9B5080A8AE2F6A8C0914 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
21:12:34.0315 0x1550  rdbss - ok
21:12:34.0326 0x1550  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:12:34.0340 0x1550  rdpbus - ok
21:12:34.0349 0x1550  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:12:34.0373 0x1550  RDPCDD - ok
21:12:34.0398 0x1550  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
21:12:34.0418 0x1550  RDPDR - ok
21:12:34.0434 0x1550  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:12:34.0472 0x1550  RDPENCDD - ok
21:12:34.0492 0x1550  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:12:34.0516 0x1550  RDPREFMP - ok
21:12:34.0566 0x1550  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:12:34.0578 0x1550  RdpVideoMiniport - ok
21:12:34.0605 0x1550  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
21:12:34.0621 0x1550  RDPWD - ok
21:12:34.0638 0x1550  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:12:34.0652 0x1550  rdyboost - ok
21:12:34.0674 0x1550  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:12:34.0709 0x1550  RemoteAccess - ok
21:12:34.0739 0x1550  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:12:34.0775 0x1550  RemoteRegistry - ok
21:12:34.0796 0x1550  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:12:34.0822 0x1550  RpcEptMapper - ok
21:12:34.0837 0x1550  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:12:34.0851 0x1550  RpcLocator - ok
21:12:34.0874 0x1550  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
21:12:34.0909 0x1550  RpcSs - ok
21:12:34.0914 0x1550  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:12:34.0955 0x1550  rspndr - ok
21:12:34.0995 0x1550  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
21:12:35.0015 0x1550  RTL8167 - ok
21:12:35.0038 0x1550  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
21:12:35.0063 0x1550  s3cap - ok
21:12:35.0071 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs          C:\Windows\system32\lsass.exe
21:12:35.0083 0x1550  SamSs - ok
21:12:35.0093 0x1550  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:12:35.0105 0x1550  sbp2port - ok
21:12:35.0125 0x1550  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:12:35.0154 0x1550  SCardSvr - ok
21:12:35.0171 0x1550  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:12:35.0195 0x1550  scfilter - ok
21:12:35.0228 0x1550  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:12:35.0272 0x1550  Schedule - ok
21:12:35.0302 0x1550  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
21:12:35.0352 0x1550  SCPolicySvc - ok
21:12:35.0394 0x1550  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:12:35.0425 0x1550  SDRSVC - ok
21:12:35.0453 0x1550  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:12:35.0484 0x1550  secdrv - ok
21:12:35.0506 0x1550  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:12:35.0537 0x1550  seclogon - ok
21:12:35.0576 0x1550  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:12:35.0603 0x1550  SENS - ok
21:12:35.0620 0x1550  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:12:35.0634 0x1550  SensrSvc - ok
21:12:35.0665 0x1550  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
21:12:35.0683 0x1550  Serenum - ok
21:12:35.0687 0x1550  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:12:35.0700 0x1550  Serial - ok
21:12:35.0725 0x1550  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:12:35.0737 0x1550  sermouse - ok
21:12:35.0776 0x1550  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:12:35.0804 0x1550  SessionEnv - ok
21:12:35.0806 0x1550  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
21:12:35.0820 0x1550  sffdisk - ok
21:12:35.0823 0x1550  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:12:35.0836 0x1550  sffp_mmc - ok
21:12:35.0839 0x1550  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
21:12:35.0852 0x1550  sffp_sd - ok
21:12:35.0855 0x1550  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
21:12:35.0867 0x1550  sfloppy - ok
21:12:35.0906 0x1550  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:12:35.0937 0x1550  SharedAccess - ok
21:12:35.0967 0x1550  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:12:35.0998 0x1550  ShellHWDetection - ok
21:12:36.0025 0x1550  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:12:36.0036 0x1550  SiSRaid2 - ok
21:12:36.0040 0x1550  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:12:36.0051 0x1550  SiSRaid4 - ok
21:12:36.0102 0x1550  [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
21:12:36.0117 0x1550  SkypeUpdate - ok
21:12:36.0130 0x1550  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
21:12:36.0156 0x1550  Smb - ok
21:12:36.0173 0x1550  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:12:36.0187 0x1550  SNMPTRAP - ok
21:12:36.0195 0x1550  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
21:12:36.0205 0x1550  spldr - ok
21:12:36.0225 0x1550  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler        C:\Windows\System32\spoolsv.exe
21:12:36.0260 0x1550  Spooler - ok
21:12:36.0338 0x1550  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:12:36.0427 0x1550  sppsvc - ok
21:12:36.0455 0x1550  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
21:12:36.0483 0x1550  sppuinotify - ok
21:12:36.0514 0x1550  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
21:12:36.0545 0x1550  srv - ok
21:12:36.0580 0x1550  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:12:36.0614 0x1550  srv2 - ok
21:12:36.0646 0x1550  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:12:36.0665 0x1550  srvnet - ok
21:12:36.0705 0x1550  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
21:12:36.0736 0x1550  SSDPSRV - ok
21:12:36.0753 0x1550  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
21:12:36.0781 0x1550  SstpSvc - ok
21:12:36.0877 0x1550  [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:12:36.0900 0x1550  Steam Client Service - ok
21:12:36.0952 0x1550  [ 601F0449030798FDFB2932F902C24C98, 95D5BEFF5E909513C6823FC115259FF7C5AD695C5992874B612248D9616F5DA5 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:12:36.0967 0x1550  Stereo Service - ok
21:12:36.0985 0x1550  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:12:36.0996 0x1550  stexstor - ok
21:12:37.0035 0x1550  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:12:37.0070 0x1550  stisvc - ok
21:12:37.0095 0x1550  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
21:12:37.0107 0x1550  storflt - ok
21:12:37.0134 0x1550  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc        C:\Windows\system32\storsvc.dll
21:12:37.0158 0x1550  StorSvc - ok
21:12:37.0182 0x1550  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
21:12:37.0193 0x1550  storvsc - ok
21:12:37.0209 0x1550  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:12:37.0219 0x1550  swenum - ok
21:12:37.0238 0x1550  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
21:12:37.0273 0x1550  swprv - ok
21:12:37.0340 0x1550  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
21:12:37.0395 0x1550  SysMain - ok
21:12:37.0438 0x1550  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:12:37.0479 0x1550  TabletInputService - ok
21:12:37.0512 0x1550  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
21:12:37.0563 0x1550  TapiSrv - ok
21:12:37.0582 0x1550  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
21:12:37.0608 0x1550  TBS - ok
21:12:37.0677 0x1550  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
21:12:37.0721 0x1550  Tcpip - ok
21:12:37.0760 0x1550  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:12:37.0795 0x1550  TCPIP6 - ok
21:12:37.0827 0x1550  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:12:37.0851 0x1550  tcpipreg - ok
21:12:37.0864 0x1550  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:12:37.0877 0x1550  TDPIPE - ok
21:12:37.0904 0x1550  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
21:12:37.0918 0x1550  TDTCP - ok
21:12:37.0956 0x1550  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
21:12:37.0970 0x1550  tdx - ok
21:12:38.0033 0x1550  [ 950AD1AE7498A492126FB9F9B2E27DB5, C4C9A972015F567FC87A4094C86835B2DD3476426AB8B40CD4872A725CA89CFC ] Te.Service      C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe
21:12:38.0051 0x1550  Te.Service - detected UnsignedFile.Multi.Generic ( 1 )
21:12:40.0470 0x1550  Detect skipped due to KSN trusted
21:12:40.0471 0x1550  Te.Service - ok
21:12:40.0485 0x1550  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:12:40.0496 0x1550  TermDD - ok
21:12:40.0535 0x1550  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
21:12:40.0575 0x1550  TermService - ok
21:12:40.0590 0x1550  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:12:40.0620 0x1550  Themes - ok
21:12:40.0645 0x1550  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
21:12:40.0672 0x1550  THREADORDER - ok
21:12:40.0689 0x1550  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:12:40.0730 0x1550  TrkWks - ok
21:12:40.0760 0x1550  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:12:40.0786 0x1550  TrustedInstaller - ok
21:12:40.0809 0x1550  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:12:40.0831 0x1550  tssecsrv - ok
21:12:40.0859 0x1550  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:12:40.0872 0x1550  TsUsbFlt - ok
21:12:40.0903 0x1550  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
21:12:40.0916 0x1550  TsUsbGD - ok
21:12:40.0936 0x1550  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:12:40.0962 0x1550  tunnel - ok
21:12:40.0971 0x1550  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:12:40.0982 0x1550  uagp35 - ok
21:12:40.0990 0x1550  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:12:41.0019 0x1550  udfs - ok
21:12:41.0036 0x1550  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
21:12:41.0051 0x1550  UI0Detect - ok
21:12:41.0065 0x1550  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:12:41.0077 0x1550  uliagpkx - ok
21:12:41.0090 0x1550  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
21:12:41.0108 0x1550  umbus - ok
21:12:41.0116 0x1550  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:12:41.0139 0x1550  UmPass - ok
21:12:41.0157 0x1550  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:12:41.0187 0x1550  UmRdpService - ok
21:12:41.0248 0x1550  [ FC8F4E551AA0CB61375698DC2246455C, 0FA7C3A3BD6B8CD1D3041A0124417DCDAC00647C582950CD47CB88C312BF94A0 ] Unchecky        C:\Program Files (x86)\Unchecky\bin\Unchecky_svc.exe
21:12:41.0259 0x1550  Unchecky - ok
21:12:41.0329 0x1550  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
21:12:41.0339 0x1550  UnlockerDriver5 - ok
21:12:41.0409 0x1550  [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:12:41.0427 0x1550  UNS - ok
21:12:41.0440 0x1550  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:12:41.0474 0x1550  upnphost - ok
21:12:41.0501 0x1550  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:12:41.0515 0x1550  usbaudio - ok
21:12:41.0528 0x1550  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
21:12:41.0555 0x1550  usbccgp - ok
21:12:41.0571 0x1550  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:12:41.0586 0x1550  usbcir - ok
21:12:41.0607 0x1550  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\drivers\usbehci.sys
21:12:41.0621 0x1550  usbehci - ok
21:12:41.0639 0x1550  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:12:41.0659 0x1550  usbhub - ok
21:12:41.0689 0x1550  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci        C:\Windows\system32\drivers\usbohci.sys
21:12:41.0711 0x1550  usbohci - ok
21:12:41.0718 0x1550  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
21:12:41.0732 0x1550  usbprint - ok
21:12:41.0749 0x1550  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:12:41.0764 0x1550  USBSTOR - ok
21:12:41.0767 0x1550  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
21:12:41.0789 0x1550  usbuhci - ok
21:12:41.0803 0x1550  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
21:12:41.0829 0x1550  UxSms - ok
21:12:41.0839 0x1550  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
21:12:41.0860 0x1550  VaultSvc - ok
21:12:42.0064 0x1550  [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
21:12:42.0078 0x1550  VBoxAswDrv - ok
21:12:42.0101 0x1550  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:12:42.0111 0x1550  vdrvroot - ok
21:12:42.0126 0x1550  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
21:12:42.0161 0x1550  vds - ok
21:12:42.0177 0x1550  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
21:12:42.0191 0x1550  vga - ok
21:12:42.0198 0x1550  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
21:12:42.0238 0x1550  VgaSave - ok
21:12:42.0260 0x1550  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
21:12:42.0274 0x1550  vhdmp - ok
21:12:42.0291 0x1550  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:12:42.0301 0x1550  viaide - ok
21:12:42.0390 0x1550  [ 225E1E03B2AABE2D493FCDB459303701, 6123280A48E973AC9696954879CF5F791E6D52CBE0BD07F291437D1A82413891 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:12:42.0401 0x1550  VMAuthdService - ok
21:12:42.0500 0x1550  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
21:12:42.0546 0x1550  vmbus - ok
21:12:42.0582 0x1550  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:12:42.0594 0x1550  VMBusHID - ok
21:12:42.0621 0x1550  [ BE8E5E5D53ACF71D4E8E686B68C99B04, 4F30A360095FCB2627068FA6A65A951688058E8FDDF5CE895E2AE39500A413B1 ] vmci            C:\Windows\system32\DRIVERS\vmci.sys
21:12:42.0633 0x1550  vmci - ok
21:12:42.0643 0x1550  [ B6DE5224D881BF17ADDE4C88AE553423, AC9C113080313855BC93E99BEFAC4B942E93D8E4CF024607F596CA9D7F8F8A14 ] vmkbd          C:\Windows\system32\drivers\VMkbd.sys
21:12:42.0653 0x1550  vmkbd - ok
21:12:42.0673 0x1550  [ A3412EC3FF7A5AC2CA3A3951476BFA9C, 8A3D241168205B6B5348F44DF89875067CDD5B29BE8CF14ADA8403225AE2A379 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:12:42.0683 0x1550  VMnetAdapter - ok
21:12:42.0694 0x1550  [ F76AD463DBE8D30CB715A09DF9FF2BE9, 5B2184582496ED0EE8582C6AD3BCF49674690C585439B6F57B43ADC12DF941F6 ] VMnetBridge    C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:12:42.0704 0x1550  VMnetBridge - ok
21:12:42.0773 0x1550  [ 98E73D79FCD3D48E31EE999B5DF1B0ED, FBDC884BD9376C7E8727BACCF6482207166634F4B2644C8C794295094B29426E ] VMnetDHCP      C:\Windows\SysWOW64\vmnetdhcp.exe
21:12:42.0788 0x1550  VMnetDHCP - ok
21:12:42.0804 0x1550  [ B564A598B9B31E9358B2D6C9BC96D710, 19A9EFC08AE11A31169F712C577EBAFFF0A37311271FD46F02873286C8281DB7 ] VMnetuserif    C:\Windows\system32\drivers\vmnetuserif.sys
21:12:42.0815 0x1550  VMnetuserif - ok
21:12:42.0823 0x1550  [ 1507AD521DA518B289DF349791EB702C, 601DA4133A9F6AB7C9CD3EC48544D4A14F0CCAD4C867DED4C368A353D7F079B7 ] VMparport      C:\Windows\system32\drivers\VMparport.sys
21:12:42.0833 0x1550  VMparport - ok
21:12:42.0869 0x1550  [ 15D702F235BD1077007A180EEFB9DBB8, 610794EB9AF68789F46D193EF11B406D190096DF9EC557563798D625806D5704 ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:12:42.0890 0x1550  VMUSBArbService - ok
21:12:42.0918 0x1550  [ 0769FDF4C15D9EDD3CAAC148A8EDC2E5, 65E5CA9461C47491E83EBD755C10AE1665E71D2B73F2CE97A59B9E7380D42E8D ] VMware NAT Service C:\Windows\SysWOW64\vmnat.exe
21:12:42.0935 0x1550  VMware NAT Service - ok
21:12:42.0961 0x1550  [ 8FCCBE30DC217C244CE38DD7F9B673C3, C1E6E65A435D764695C4B9411ED623D626D8A744E3E09752FBB66260D9ACE8D6 ] vmx86          C:\Windows\system32\drivers\vmx86.sys
21:12:42.0972 0x1550  vmx86 - ok
21:12:42.0989 0x1550  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:12:43.0000 0x1550  volmgr - ok
21:12:43.0017 0x1550  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
21:12:43.0033 0x1550  volmgrx - ok
21:12:43.0053 0x1550  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
21:12:43.0069 0x1550  volsnap - ok
21:12:43.0096 0x1550  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
21:12:43.0109 0x1550  vsmraid - ok
21:12:43.0113 0x1550  [ 1C7DC94FDCABD06D24C3A532DC33FB34, 5403724E70ABBE1070958CA58496DB2237F35CAB37296E1ECB64D4A0FE432AC1 ] vsock          C:\Windows\system32\drivers\vsock.sys
21:12:43.0124 0x1550  vsock - ok
21:12:43.0180 0x1550  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
21:12:43.0240 0x1550  VSS - ok
21:12:43.0326 0x1550  [ 19D2D8B9F506193A191A8CFD14435ED1, 3359D167B314E14D6E99CA5C79BB5A1C2CEE88823346DD96C4F1B7CD4A2A5D2E ] VSStandardCollectorService140 C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe
21:12:43.0338 0x1550  VSStandardCollectorService140 - ok
21:12:43.0353 0x1550  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:12:43.0386 0x1550  vwifibus - ok
21:12:43.0410 0x1550  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
21:12:43.0444 0x1550  W32Time - ok
21:12:43.0449 0x1550  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:12:43.0463 0x1550  WacomPen - ok
21:12:43.0494 0x1550  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:12:43.0521 0x1550  WANARP - ok
21:12:43.0525 0x1550  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:12:43.0549 0x1550  Wanarpv6 - ok
21:12:43.0588 0x1550  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:12:43.0631 0x1550  wbengine - ok
21:12:43.0639 0x1550  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:12:43.0672 0x1550  WbioSrvc - ok
21:12:43.0680 0x1550  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
21:12:43.0704 0x1550  wcncsvc - ok
21:12:43.0720 0x1550  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:12:43.0749 0x1550  WcsPlugInService - ok
21:12:43.0753 0x1550  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:12:43.0765 0x1550  Wd - ok
21:12:43.0812 0x1550  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:12:43.0839 0x1550  Wdf01000 - ok
21:12:43.0851 0x1550  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:12:43.0869 0x1550  WdiServiceHost - ok
21:12:43.0874 0x1550  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
21:12:43.0891 0x1550  WdiSystemHost - ok
21:12:43.0923 0x1550  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
21:12:43.0955 0x1550  WebClient - ok
21:12:43.0962 0x1550  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:12:43.0993 0x1550  Wecsvc - ok
21:12:43.0998 0x1550  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
21:12:44.0029 0x1550  wercplsupport - ok
21:12:44.0051 0x1550  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:12:44.0079 0x1550  WerSvc - ok
21:12:44.0099 0x1550  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:12:44.0124 0x1550  WfpLwf - ok
21:12:44.0134 0x1550  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:12:44.0145 0x1550  WIMMount - ok
21:12:44.0170 0x1550  WinDefend - ok
21:12:44.0176 0x1550  WinHttpAutoProxySvc - ok
21:12:44.0235 0x1550  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
21:12:44.0264 0x1550  Winmgmt - ok
21:12:44.0340 0x1550  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
21:12:44.0399 0x1550  WinRM - ok
21:12:44.0460 0x1550  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
21:12:44.0493 0x1550  Wlansvc - ok
21:12:44.0506 0x1550  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
21:12:44.0526 0x1550  WmiAcpi - ok
21:12:44.0552 0x1550  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:12:44.0569 0x1550  wmiApSrv - ok
21:12:44.0586 0x1550  WMPNetworkSvc - ok
21:12:44.0595 0x1550  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:12:44.0629 0x1550  WPCSvc - ok
21:12:44.0649 0x1550  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:12:44.0666 0x1550  WPDBusEnum - ok
21:12:44.0684 0x1550  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
21:12:44.0723 0x1550  ws2ifsl - ok
21:12:44.0744 0x1550  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:12:44.0764 0x1550  wscsvc - ok
21:12:44.0767 0x1550  WSearch - ok
21:12:44.0848 0x1550  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:12:44.0914 0x1550  wuauserv - ok
21:12:44.0952 0x1550  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:12:44.0965 0x1550  WudfPf - ok
21:12:44.0997 0x1550  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:12:45.0013 0x1550  WUDFRd - ok
21:12:45.0017 0x1550  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
21:12:45.0032 0x1550  wudfsvc - ok
21:12:45.0071 0x1550  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
21:12:45.0089 0x1550  WwanSvc - ok
21:12:45.0093 0x1550  xhunter1 - ok
21:12:45.0123 0x1550  ================ Scan global ===============================
21:12:45.0148 0x1550  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:12:45.0180 0x1550  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
21:12:45.0191 0x1550  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
21:12:45.0255 0x1550  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:12:45.0354 0x1550  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:12:45.0392 0x1550  [ Global ] - ok
21:12:45.0392 0x1550  ================ Scan MBR ==================================
21:12:45.0394 0x1550  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
21:12:45.0399 0x1550  \Device\Harddisk0\DR0 - ok
21:12:45.0440 0x1550  [ E9206C0E7EA707CBA09A6159C46B50A8 ] \Device\Harddisk1\DR1
21:12:45.0463 0x1550  \Device\Harddisk1\DR1 - ok
21:12:45.0463 0x1550  ================ Scan VBR ==================================
21:12:45.0465 0x1550  [ 77482732ADA9E24ECEFC7A50884605C8 ] \Device\Harddisk0\DR0\Partition1
21:12:45.0519 0x1550  \Device\Harddisk0\DR0\Partition1 - ok
21:12:45.0521 0x1550  [ 24B3C083DC5D4F6C8E01E9D4914A5517 ] \Device\Harddisk0\DR0\Partition2
21:12:45.0522 0x1550  \Device\Harddisk0\DR0\Partition2 - ok
21:12:45.0525 0x1550  [ 93D035280DCB36557C9CA776AA7D6E0F ] \Device\Harddisk1\DR1\Partition1
21:12:45.0589 0x1550  \Device\Harddisk1\DR1\Partition1 - ok
21:12:45.0617 0x1550  [ 842F37348D0B1371057F532281B04079 ] \Device\Harddisk1\DR1\Partition2
21:12:45.0618 0x1550  \Device\Harddisk1\DR1\Partition2 - ok
21:12:45.0627 0x1550  [ 922966A68E7BC68197ADE13E9E0FAFBD ] \Device\Harddisk1\DR1\Partition3
21:12:45.0705 0x1550  \Device\Harddisk1\DR1\Partition3 - ok
21:12:45.0705 0x1550  ================ Scan generic autorun ======================
21:12:45.0991 0x1550  [ 160B5E0566713EB5CAB2EC12C36ACF52, 3B9FC94989CED565C339A0A5E79CE61B180BA14D46759A1F27DC3561E3384E31 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:12:46.0166 0x1550  RTHDVCPL - ok
21:12:46.0278 0x1550  [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:12:46.0324 0x1550  NvBackend - ok
21:12:46.0349 0x1550  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:12:46.0364 0x1550  ShadowPlay - ok
21:12:46.0707 0x1550  [ 4914D5FCBE8C478DCCDCB58945EEFAFC, A59B49114429A4DB8789AD7DE35C44B8EED0BF5B39A1814512DD91DB2F94FCCB ] C:\Program Files\Logitech Gaming Software\LCore.exe
21:12:46.0917 0x1550  Launch LCore - ok
21:12:47.0033 0x1550  [ 5311315E20754D2BCDEB635777BB21A0, 86F0EAB7A7965358B43C5E1C9414C127CF780E27B4EBD9C43A25B2D293FD8632 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
21:12:47.0061 0x1550  COMODO Internet Security - ok
21:12:47.0130 0x1550  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:12:47.0143 0x1550  USB3MON - ok
21:12:47.0361 0x1550  [ 8D71BB209D84BE4DD6DB335D19A845CB, A7D104DDC14534ADBD5BC11E29E836B23493CB98AB947DF92789CAB2CD69305E ] C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe
21:12:47.0486 0x1550  ZALFree - ok
21:12:47.0587 0x1550  [ 80086ED442941DE2CA18CB6DAE8C1422, F7BE958F2E8E17970C238E3806F4A742B12DA09EB21093BD6371CF4B580C5BE4 ] C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe
21:12:47.0623 0x1550  Aeria Ignite - ok
21:12:47.0675 0x1550  [ 4E574FEBE7CD85BB0A086ABEF602F910, 24A950E3F8DEA6E5D611229EC0B0C9007C416C2C88577E85B69D7F86187E806A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:12:47.0689 0x1550  SunJavaUpdateSched - ok
21:12:47.0930 0x1550  [ D6FE9E0F705794A86F87A01B222290EF, 92EE74775E39B6CC83C5B8D80239D7C475825057E31CC3A8D85D152FD77F7F8A ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:12:48.0025 0x1550  AvastUI.exe - ok
21:12:48.0106 0x1550  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:12:48.0155 0x1550  Sidebar - ok
21:12:48.0175 0x1550  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:12:48.0197 0x1550  mctadmin - ok
21:12:48.0217 0x1550  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:12:48.0249 0x1550  Sidebar - ok
21:12:48.0254 0x1550  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:12:48.0271 0x1550  mctadmin - ok
21:12:48.0367 0x1550  [ F9BEBBB6A409B78B435A72B5F4319D81, 2A424EF6F6134C635E5693325054907F3043C42081FB4250BBEB736113B3CC1C ] C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
21:12:48.0417 0x1550  OscarEditor - detected UnsignedFile.Multi.Generic ( 1 )
21:12:50.0896 0x1550  OscarEditor ( UnsignedFile.Multi.Generic ) - warning
21:12:53.0335 0x1550  Akamai NetSession Interface - ok
21:12:53.0395 0x1550  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2225.1172 ), 0x41000 ( enabled : updated )
21:12:53.0396 0x1550  FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 8.2.0.4591 ), 0x60010 ( disabled )
21:12:53.0400 0x1550  Win FW state via NFP2: disabled ( trusted )
21:12:55.0750 0x1550  ============================================================
21:12:55.0750 0x1550  Scan finished
21:12:55.0750 0x1550  ============================================================
21:12:55.0756 0x0cfc  Detected object count: 1
21:12:55.0756 0x0cfc  Actual detected object count: 1
21:13:06.0622 0x0cfc  OscarEditor ( UnsignedFile.Multi.Generic ) - skipped by user
21:13:06.0622 0x0cfc  OscarEditor ( UnsignedFile.Multi.Generic ) - User select action: Skip
21:13:11.0429 0x0c7c  Deinitialize success

schrauber 05.08.2015 12:41
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Admin\AppData\Local\Akamai

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Sumple 06.08.2015 08:25
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Admin (2015-08-06 09:23:51) Run:1
Gestartet von C:\Users\Admin\Downloads
Geladene Profile: Admin (Verfügbare Profile: Admin)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Admin\AppData\Local\Akamai\netsession_win.exe"
C:\Users\Admin\AppData\Local\Akamai
*****************

HKU\S-1-5-21-2368072704-2040548973-2426127649-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface => Wert nicht gefunden.
"C:\Users\Admin\AppData\Local\Akamai" => Datei/Ordner nicht gefunden.

==== Ende von Fixlog 09:23:51 ====

schrauber 07.08.2015 07:08
Noch Probleme?


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:09 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131