Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Log mit OTL (https://www.trojaner-board.de/191367-log-otl.html)

Jan10001 15.06.2018 06:59
Log mit OTL
 
edit
Themen zusammengführt +code tags
//cosinus

Code:
OTL logfile created on: 15.06.2018 07:24:54 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\jan\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,92 Gb Total Physical Memory | 14,67 Gb Available Physical Memory | 92,14% Memory free
18,80 Gb Paging File | 17,70 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,21 Gb Total Space | 442,79 Gb Free Space | 95,18% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-MPKLAP2 | User Name: jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found --
PRC - [2018.06.15 07:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jan\Desktop\OTL.exe
PRC - [2018.06.15 07:17:46 | 000,382,144 | ---- | M] (Microsoft Corporation) -- C:\Users\jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015.07.10 18:43:51 | 007,496,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2015.07.10 13:00:23 | 000,412,672 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2015.07.10 13:00:15 | 004,528,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015.07.10 18:43:48 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2015.07.10 13:01:10 | 000,956,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2015.07.10 13:01:10 | 000,621,056 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2015.07.10 13:01:10 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2015.07.10 13:01:10 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2015.07.10 13:00:41 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2015.07.10 13:00:38 | 001,844,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2015.07.10 13:00:36 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.07.10 13:00:21 | 001,031,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2015.07.10 13:00:20 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015.07.10 13:00:16 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015.07.10 13:00:10 | 000,228,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2015.07.10 13:00:10 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 001,643,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.07.10 13:00:09 | 001,420,288 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 001,202,176 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,526,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2015.07.10 13:00:09 | 000,504,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,337,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2015.07.10 13:00:09 | 000,289,280 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2015.07.10 13:00:09 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2015.07.10 13:00:09 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2015.07.10 13:00:07 | 002,674,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2015.07.10 13:00:07 | 001,149,440 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2015.07.10 13:00:07 | 001,019,392 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,512,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2015.07.10 13:00:07 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2015.07.10 13:00:07 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2015.07.10 13:00:06 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2015.07.10 13:00:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2015.07.10 13:00:05 | 000,808,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2015.07.10 13:00:04 | 000,279,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2015.07.10 13:00:03 | 003,467,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2015.07.10 13:00:03 | 001,169,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,918,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2015.07.10 13:00:02 | 000,836,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2015.07.10 13:00:02 | 000,658,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2015.07.10 13:00:02 | 000,343,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,322,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2015.07.10 13:00:01 | 002,093,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2015.07.10 13:00:01 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2015.07.10 13:00:01 | 000,027,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2015.07.10 13:00:00 | 000,717,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2015.07.10 13:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2015.07.10 12:59:59 | 000,296,960 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2015.07.10 12:59:59 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2015.07.10 12:59:59 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2015.07.10 12:59:58 | 000,143,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:57 | 000,405,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2015.07.10 12:59:57 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2015.07.10 12:59:56 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2015.07.10 12:59:55 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2015.07.10 12:59:55 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2015.07.10 12:59:54 | 002,178,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2015.07.10 12:59:54 | 000,275,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2015.07.10 12:59:53 | 000,267,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2015.07.10 12:59:53 | 000,063,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2015.07.10 12:59:52 | 000,593,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2015.07.10 12:59:51 | 000,583,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2015.07.10 12:59:50 | 000,550,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2015.07.10 12:59:50 | 000,379,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015.07.10 12:59:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2015.07.10 12:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015.07.10 12:59:36 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2015.07.10 13:00:30 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015.07.10 13:00:29 | 002,049,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015.07.10 13:00:28 | 000,510,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015.07.10 13:00:25 | 000,924,672 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015.07.10 13:00:24 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015.07.10 13:00:23 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015.07.10 12:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2018.06.15 06:33:41 | 000,024,688 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2015.07.10 18:44:18 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2015.07.10 18:43:48 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.07.10 13:01:20 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2015.07.10 13:00:36 | 000,052,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2015.07.10 13:00:14 | 000,380,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015.07.10 13:00:14 | 000,215,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015.07.10 13:00:13 | 000,934,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2015.07.10 13:00:10 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2015.07.10 13:00:10 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2015.07.10 13:00:10 | 000,031,072 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2015.07.10 13:00:09 | 000,200,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2015.07.10 13:00:09 | 000,153,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2015.07.10 13:00:09 | 000,061,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2015.07.10 13:00:09 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2015.07.10 13:00:09 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:64bit: - [2015.07.10 13:00:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2015.07.10 13:00:00 | 000,245,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2015.07.10 13:00:00 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2015.07.10 13:00:00 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2015.07.10 13:00:00 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2015.07.10 13:00:00 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2015.07.10 13:00:00 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2015.07.10 12:59:59 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2015.07.10 12:59:59 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2015.07.10 12:59:59 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2015.07.10 12:59:58 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2015.07.10 12:59:56 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2015.07.10 12:59:55 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2015.07.10 12:59:53 | 000,129,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2015.07.10 12:59:53 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2015.07.10 12:59:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2015.07.10 12:59:51 | 000,685,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2015.07.10 12:59:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015.07.10 12:59:50 | 000,082,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2015.07.10 12:59:48 | 000,291,680 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015.07.10 12:59:48 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2015.07.10 12:59:48 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2015.07.10 12:59:48 | 000,098,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2015.07.10 12:59:48 | 000,083,968 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2015.07.10 12:59:48 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015.07.10 12:59:48 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015.07.10 12:59:48 | 000,044,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2015.07.10 12:59:48 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2015.07.10 12:59:40 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2015.07.10 12:59:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2015.07.10 12:59:40 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2015.07.10 12:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2015.07.10 12:59:40 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2015.07.10 12:59:40 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2015.07.10 12:59:39 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2015.07.10 12:59:39 | 000,517,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015.07.10 12:59:39 | 000,474,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2015.07.10 12:59:39 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2015.07.10 12:59:39 | 000,371,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015.07.10 12:59:39 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2015.07.10 12:59:39 | 000,133,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2015.07.10 12:59:39 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufxsynopsys.sys -- (ufxsynopsys)
DRV:64bit: - [2015.07.10 12:59:39 | 000,094,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UfxChipidea.sys -- (UfxChipidea)
DRV:64bit: - [2015.07.10 12:59:39 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2015.07.10 12:59:39 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2015.07.10 12:59:39 | 000,076,128 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndfltr.sys -- (ndfltr)
DRV:64bit: - [2015.07.10 12:59:39 | 000,067,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2015.07.10 12:59:39 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2015.07.10 12:59:39 | 000,059,232 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winverbs.sys -- (WinVerbs)
DRV:64bit: - [2015.07.10 12:59:39 | 000,058,720 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas3i.sys -- (percsas3i)
DRV:64bit: - [2015.07.10 12:59:39 | 000,058,208 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\percsas2i.sys -- (percsas2i)
DRV:64bit: - [2015.07.10 12:59:39 | 000,055,296 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2015.07.10 12:59:39 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmUcsi.sys -- (UcmUcsi)
DRV:64bit: - [2015.07.10 12:59:39 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2015.07.10 12:59:39 | 000,040,288 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storufs.sys -- (storufs)
DRV:64bit: - [2015.07.10 12:59:39 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2015.07.10 12:59:39 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2015.07.10 12:59:39 | 000,026,976 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\winmad.sys -- (WinMad)
DRV:64bit: - [2015.07.10 12:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
DRV:64bit: - [2015.07.10 12:59:38 | 003,436,896 | ---- | M] (QLogic Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2015.07.10 12:59:38 | 001,135,456 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2015.07.10 12:59:38 | 000,673,120 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2015.07.10 12:59:38 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2015.07.10 12:59:38 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2015.07.10 12:59:38 | 000,222,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xboxgip.sys -- (xboxgip)
DRV:64bit: - [2015.07.10 12:59:38 | 000,207,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2015.07.10 12:59:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\capimg.sys -- (CapImg)
DRV:64bit: - [2015.07.10 12:59:38 | 000,107,360 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2015.07.10 12:59:38 | 000,104,800 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2i.sys -- (LSI_SAS2i)
DRV:64bit: - [2015.07.10 12:59:38 | 000,099,168 | ---- | M] (Avago Technologies) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3i.sys -- (LSI_SAS3i)
DRV:64bit: - [2015.07.10 12:59:38 | 000,083,296 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2015.07.10 12:59:38 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2015.07.10 12:59:38 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2015.07.10 12:59:38 | 000,050,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidinterrupt.sys -- (hidinterrupt)
DRV:64bit: - [2015.07.10 12:59:38 | 000,032,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\buttonconverter.sys -- (buttonconverter)
DRV:64bit: - [2015.07.10 12:59:38 | 000,026,976 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2015.07.10 12:59:38 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xinputhid.sys -- (xinputhid)
DRV:64bit: - [2015.07.10 12:59:38 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2015.07.10 12:59:38 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\genericusbfn.sys -- (genericusbfn)
DRV:64bit: - [2015.07.10 12:59:38 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2015.07.10 12:59:38 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2015.07.10 12:59:38 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2015.07.10 12:59:36 | 004,207,104 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2015.07.10 12:59:36 | 000,276,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2015.07.10 12:59:36 | 000,237,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2015.07.10 12:59:36 | 000,122,608 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2015.07.10 12:59:36 | 000,116,576 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2015.07.10 12:59:36 | 000,094,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc.sys -- (netvsc)
DRV:64bit: - [2015.07.10 12:59:36 | 000,092,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2015.07.10 12:59:36 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2015.07.10 12:59:36 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2015.07.10 12:59:36 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
DRV:64bit: - [2015.07.10 12:59:36 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2015.07.10 12:59:36 | 000,043,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2015.07.10 12:59:36 | 000,042,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2015.07.10 12:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)
DRV:64bit: - [2015.07.10 12:59:36 | 000,038,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2015.07.10 12:59:36 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2015.07.10 12:59:36 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fcvsc.sys -- (fcvsc)
DRV:64bit: - [2015.07.10 12:59:36 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2015.07.10 12:59:36 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2015.07.10 12:59:36 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2015.07.10 12:59:36 | 000,013,312 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV - [2015.07.10 12:59:39 | 000,017,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\swenum.inf_amd64_2a699e44676b7781\swenum.sys -- (swenum)
DRV - [2015.07.10 12:59:36 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_98334ba6e76853ba\CompositeBus.sys -- (CompositeBus)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
 
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
 
IE - HKU\S-1-5-21-3746248641-295351815-3368058588-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKU\S-1-5-21-3746248641-295351815-3368058588-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
 
O1 HOSTS File: ([2015.07.10 13:02:42 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O4 - HKU\S-1-5-19..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3746248641-295351815-3368058588-1001..\Run: [OneDrive] C:\Users\jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2018.06.15 07:18:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\jan\Desktop\OTL.exe
[2018.06.15 07:18:19 | 002,413,056 | ---- | C] (Farbar) -- C:\Users\jan\Desktop\FRST64.exe
[2018.06.15 07:16:59 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\CrashDumps
[2018.06.15 06:58:41 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKillerPE
[2018.06.15 06:55:51 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2018.06.15 06:54:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VulkanRT
[2018.06.15 06:54:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2018.06.15 06:53:30 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\CEF
[2018.06.15 06:53:30 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Roaming\AVAST Software
[2018.06.15 06:53:03 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2018.06.15 06:52:54 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2018.06.15 06:52:14 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2018.06.15 06:51:24 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Roaming\Macromedia
[2018.06.15 06:51:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2018.06.15 06:51:02 | 000,000,000 | -HSD | C] -- C:\Users\jan\IntelGraphicsProfiles
[2018.06.15 06:51:00 | 000,000,000 | ---D | C] -- C:\Intel
[2018.06.15 06:50:52 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2018.06.15 06:50:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2018.06.15 06:49:52 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\MicrosoftEdge
[2018.06.15 06:49:08 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2018.06.15 06:48:53 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2018.06.15 06:44:36 | 000,000,000 | R--D | C] -- C:\Users\jan\OneDrive
[2018.06.15 06:43:31 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\PeerDistRepub
[2018.06.15 06:27:09 | 000,000,000 | ---D | C] -- C:\ProgramData\RogueKiller
[2018.06.15 06:23:55 | 000,000,000 | ---D | C] -- C:\Users\jan\Desktop\lang
[2018.06.15 06:22:44 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\NPE
[2018.06.15 06:22:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2018.06.15 06:21:38 | 000,000,000 | ---D | C] -- C:\Users\jan\Desktop\FixZeroAccess
[2018.06.15 06:21:20 | 009,497,720 | ---- | C] (Symantec Corporation) -- C:\Users\jan\Desktop\NPE.exe
[2018.06.15 06:21:16 | 001,124,816 | ---- | C] (Symantec Corporation) -- C:\Users\jan\Desktop\NSPremiumDownloader.exe
[2018.06.15 06:20:57 | 000,393,168 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\jan\Desktop\show-hidden.exe
[2018.06.15 06:13:52 | 000,027,256 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\FixZeroAccess.sys
[2018.06.15 06:13:40 | 001,805,736 | ---- | C] (Symantec Corporation) -- C:\Users\jan\Desktop\FixZeroAccess.exe
[2018.06.15 06:11:15 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2018.06.15 06:11:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2018.06.15 06:09:15 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\Publishers
[2018.06.15 06:08:54 | 000,000,000 | R--D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2018.06.15 06:08:54 | 000,000,000 | R--D | C] -- C:\Users\jan\Searches
[2018.06.15 06:08:54 | 000,000,000 | R--D | C] -- C:\Users\jan\Contacts
[2018.06.15 06:08:54 | 000,000,000 | R--D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2018.06.15 06:08:41 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Roaming\Adobe
[2018.06.15 06:08:38 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\VirtualStore
[2018.06.15 06:08:38 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\Packages
[2018.06.15 06:08:37 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\TileDataLayer
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Vorlagen
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\AppData\Local\Verlauf
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\AppData\Local\Temporary Internet Files
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Startmenü
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\SendTo
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Recent
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Netzwerkumgebung
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Lokale Einstellungen
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Documents\Eigene Videos
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Documents\Eigene Musik
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Eigene Dateien
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Documents\Eigene Bilder
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Druckumgebung
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Cookies
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\AppData\Local\Anwendungsdaten
[2018.06.15 06:08:33 | 000,000,000 | -HSD | C] -- C:\Users\jan\Anwendungsdaten
[2018.06.15 06:08:32 | 000,000,000 | --SD | C] -- C:\Users\jan\AppData\Roaming\Microsoft
[2018.06.15 06:08:32 | 000,000,000 | R-SD | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Videos
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Saved Games
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Pictures
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Music
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Links
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Favorites
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Downloads
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Documents
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\Desktop
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2018.06.15 06:08:32 | 000,000,000 | R--D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2018.06.15 06:08:32 | 000,000,000 | -H-D | C] -- C:\Users\jan\AppData
[2018.06.15 06:08:32 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\Temp
[2018.06.15 06:08:32 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Local\Microsoft
[2018.06.15 06:08:32 | 000,000,000 | ---D | C] -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2018.06.15 06:01:36 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2018.06.15 06:00:34 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2018.06.15 05:58:31 | 000,000,000 | -HSD | C] -- C:\Programme
[2018.06.15 05:58:31 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2018.06.15 05:58:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2018.06.15 05:58:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2018.06.15 05:58:31 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2018.06.15 05:58:27 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2018.06.15 05:58:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2018.06.15 05:58:26 | 000,000,000 | -HSD | C] -- C:\Dokumente und Einstellungen
[2018.06.15 05:58:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2018.06.15 05:58:26 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2018.06.15 05:58:19 | 000,000,000 | -HSD | C] -- C:\Recovery
[2018.06.15 05:53:07 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2018.06.15 05:52:44 | 000,000,000 | -HSD | C] -- C:\System Volume Information
 
========== Files - Modified Within 30 Days ==========
 
[2018.06.15 07:24:07 | 000,016,148 | ---- | M] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_jan_HistoryPrediction.bin
[2018.06.15 07:18:39 | 001,699,356 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.06.15 07:18:39 | 000,734,690 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2018.06.15 07:18:39 | 000,696,036 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2018.06.15 07:18:39 | 000,146,390 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2018.06.15 07:18:39 | 000,130,382 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2018.06.15 07:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jan\Desktop\OTL.exe
[2018.06.15 07:17:46 | 000,000,312 | ---- | M] () -- C:\Users\jan\Desktop\Speccy.ini
[2018.06.15 07:14:45 | 007,088,408 | ---- | M] (Piriform Ltd) -- C:\Users\jan\Desktop\Speccy64.exe
[2018.06.15 07:14:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2018.06.15 07:14:25 | 000,001,540 | ---- | M] () -- C:\Users\jan\Desktop\Norton Download Manager.lnk
[2018.06.15 07:14:25 | 000,001,350 | ---- | M] () -- C:\Users\jan\Desktop\Norton Installation Files.lnk
[2018.06.15 07:14:21 | 001,124,816 | ---- | M] (Symantec Corporation) -- C:\Users\jan\Desktop\NSPremiumDownloader.exe
[2018.06.15 07:12:38 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2018.06.15 07:12:36 | 2543,251,455 | -HS- | M] () -- C:\hiberfil.sys
[2018.06.15 06:40:28 | 000,000,214 | ---- | M] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job
[2018.06.15 06:33:41 | 000,024,688 | ---- | M] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2018.06.15 06:24:11 | 005,519,128 | ---- | M] (Piriform Ltd) -- C:\Users\jan\Desktop\Speccy.exe
[2018.06.15 06:23:52 | 000,000,010 | ---- | M] () -- C:\Users\jan\Desktop\portable.dat
[2018.06.15 06:23:23 | 000,852,798 | ---- | M] () -- C:\Users\jan\Desktop\SecurityCheck.exe
[2018.06.15 06:22:43 | 009,497,720 | ---- | M] (Symantec Corporation) -- C:\Users\jan\Desktop\NPE.exe
[2018.06.15 06:22:21 | 000,027,256 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\FixZeroAccess.sys
[2018.06.15 06:08:29 | 000,016,148 | ---- | M] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_defaultuser0_HistoryPrediction.bin
[2018.06.15 05:57:50 | 000,189,344 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2018.06.15 05:56:15 | 000,047,950 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2018.06.15 05:56:15 | 000,047,950 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2018.06.15 04:49:25 | 001,805,736 | ---- | M] (Symantec Corporation) -- C:\Users\jan\Desktop\FixZeroAccess.exe
[2018.06.13 02:24:14 | 000,393,168 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\jan\Desktop\show-hidden.exe
[2018.06.12 19:29:01 | 005,381,587 | ---- | M] () -- C:\Users\jan\Desktop\spsetup128.zip
[2018.06.12 19:26:39 | 000,228,140 | ---- | M] () -- C:\Users\jan\Desktop\WMIExplorer_2.0.0.0.zip
[2018.06.12 19:24:45 | 009,214,024 | ---- | M] () -- C:\jan.exe
[2018.06.12 19:23:46 | 002,413,056 | ---- | M] (Farbar) -- C:\Users\jan\Desktop\FRST64.exe
 
========== Files Created - No Company Name ==========
 
[2018.06.15 07:24:07 | 000,016,148 | ---- | C] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_jan_HistoryPrediction.bin
[2018.06.15 07:17:49 | 000,002,348 | ---- | C] () -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2018.06.15 07:14:24 | 000,001,540 | ---- | C] () -- C:\Users\jan\Desktop\Norton Download Manager.lnk
[2018.06.15 07:14:24 | 000,001,350 | ---- | C] () -- C:\Users\jan\Desktop\Norton Installation Files.lnk
[2018.06.15 06:38:13 | 000,000,312 | ---- | C] () -- C:\Users\jan\Desktop\Speccy.ini
[2018.06.15 06:27:10 | 000,024,688 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2018.06.15 06:21:10 | 005,381,587 | ---- | C] () -- C:\Users\jan\Desktop\spsetup128.zip
[2018.06.15 06:21:04 | 000,228,140 | ---- | C] () -- C:\Users\jan\Desktop\WMIExplorer_2.0.0.0.zip
[2018.06.15 06:21:00 | 000,852,798 | ---- | C] () -- C:\Users\jan\Desktop\SecurityCheck.exe
[2018.06.15 06:20:51 | 009,214,024 | ---- | C] () -- C:\jan.exe
[2018.06.15 06:14:03 | 001,699,356 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.06.15 06:12:29 | 000,000,214 | ---- | C] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job
[2018.06.15 06:08:29 | 000,016,148 | ---- | C] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_defaultuser0_HistoryPrediction.bin
[2018.06.15 05:57:34 | 2543,251,455 | -HS- | C] () -- C:\hiberfil.sys
[2018.06.15 05:52:46 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2015.07.10 13:00:07 | 006,490,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2015.07.10 13:00:29 | 005,121,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.07.10 12:59:53 | 000,995,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015.07.10 13:00:23 | 000,754,688 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015.07.10 12:59:55 | 000,516,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2018.06.15 06:53:30 | 000,000,000 | ---D | M] -- C:\Users\jan\AppData\Roaming\AVAST Software
 
========== Purity Check ==========
 
 

< End of report >

Jan10001 15.06.2018 07:00
OTL Extras
 
edit
Themen zusammengführt +code tags
//cosinus

Code:
OTL Extras logfile created on: 15.06.2018 07:24:54 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\jan\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,92 Gb Total Physical Memory | 14,67 Gb Available Physical Memory | 92,14% Memory free
18,80 Gb Paging File | 17,70 Gb Available in Paging File | 94,18% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,21 Gb Total Space | 442,79 Gb Free Space | 95,18% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-MPKLAP2 | User Name: jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 2D 4C CF B5 5E 04 D4 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" =  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0827656D-B43A-4232-B20A-F7E800980D08}" = dir=in | name=@{microsoft.bingweather_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitle} |
"{0A3CA34F-D138-43B0-8F6A-F86DAE4CF971}" = dir=out | name=@{microsoft.zunevideo_3.6.10811.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{0A7FD480-065E-484C-827B-CE18ED8BB652}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{1CA168A1-0D45-46B6-8CE4-90E1E9CC436F}" = dir=out | name=@{microsoft.xboxidentityprovider_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxidentityprovider/resources/pkgdisplayname} |
"{23D0B790-AAF5-4071-8550-C923CE9A75ED}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{29EFA40D-AC67-4F84-916E-7AB49A297908}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{2A176DEE-BBC4-4A28-9395-3363180405C8}" = dir=out | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{2F104000-A4BC-419F-AE98-9195A84E3939}" = dir=out | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{320EA192-C312-46E8-B0D8-4521A89B7DD6}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{3A637CF0-2737-45ED-B262-7070E4EB4E18}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.6002.42251.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{3C95A6E3-DD95-45A9-A702-34FFE7E6E32C}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{48E29CEB-538F-473D-A027-C01DF1D41BB3}" = dir=out | name=@{microsoft.bingfinance_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{4ED45301-101A-4033-9DBA-02455F76973B}" = dir=out | name=@{microsoft.bingnews_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{50C82A93-EE7F-48F1-9C33-C0CA69880546}" = dir=in | name=xbox |
"{51AF3367-E250-4029-AE77-456616F48FF4}" = dir=out | name=@{microsoft.bingweather_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitle} |
"{576086E3-1BEC-4BE1-B86E-29FE354D3630}" = dir=out | name=@{microsoft.windowsphone_10.1506.20010.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{6BC963BF-27D4-4A18-B64A-CEB1D44943F8}" = dir=out | name=@{microsoft.people_1.10159.0.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{7082800F-F374-4F0A-BAE2-A7664F31C1A6}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{72897A72-950D-471B-94B4-D1382FB9AEC5}" = dir=out | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{76BD5E73-0C44-4918-945E-76CA539D1301}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{7925A6C5-8C6B-47C5-B3B5-B09D9902BE28}" = dir=out | name=@{microsoft.windowsmaps_4.1505.50619.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{7A50E392-F469-45D1-8622-EA063E3E6972}" = dir=out | name=xbox |
"{82E03A05-AE6D-4B8C-AEE0-9C56266917D5}" = dir=in | name=@{microsoft.bingfinance_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{87855CC6-80FA-4230-AE69-739224DC341C}" = dir=out | name=@{microsoft.accountscontrol_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{8AEF2A7C-4D21-4466-86F7-EF7A176BC82F}" = dir=out | name=@{microsoft.windowsfeedback_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windowsfeedback/feedbackapp.resources/appname/text} |
"{8C1ABA46-881E-465E-BE8F-0E161E5E177F}" = dir=in | name=@{microsoft.windowsstore_2015.7.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{8F5D5F93-9A36-40F2-A6EC-91279D5830A3}" = dir=out | name=@{microsoft.lockapp_10.0.10240.16384_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{9B103220-D188-4245-A354-45E672C725F5}" = dir=out | name=@{microsoft.zunemusic_3.6.10841.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{A0C78CE3-BF91-45FB-9795-2DE9CE1C8F57}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{AB80F61C-94B3-4887-9938-45E05D5B956A}" = dir=in | name=@{microsoft.microsoftedge_20.10240.16384.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{B831829E-9675-4B42-88E4-FA35286A7232}" = dir=in | name=@{microsoft.windows.cortana_1.4.8.152_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/displayname} |
"{BCF17A2C-B254-43C7-BAFD-79593687AFF5}" = dir=out | name=@{microsoft.windowsstore_2015.7.1.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{BCFAD2F1-E14B-4CFE-A9DD-1EE508F924FC}" = dir=in | name=@{microsoft.windows.photos_15.618.18170.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{BDA39C6F-DCE6-4901-89B5-3D6E913B55AC}" = dir=in | name=@{windows.contactsupport_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{BF7200D8-C860-4C3B-BF8A-44942B6E26EB}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{C207683E-519D-4EAF-BE3E-41A7B00702C2}" = dir=out | name=@{microsoft.windows.photos_15.618.18170.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{C389127B-F970-4460-ABD7-78864AE43D83}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.10240.16384.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{C6D1E500-4B4A-4B14-A549-A7E88DAB2E50}" = dir=out | name=get started |
"{CC26D5DF-7B17-4359-B55E-0DCE65A55F28}" = protocol=58 | dir=in | app=system |
"{D0E2D1E2-9D22-4967-91BD-D508864F7760}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.6002.42251.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxcommintl/appmanifest_outlookdesktop_displayname} |
"{D65450B8-FD94-4ED7-A531-F4188CB46BB1}" = dir=in | name=@{microsoft.bingnews_4.3.193.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{E011CA1B-FDD3-4152-BC35-6BAE04CA15A2}" = dir=out | name=@{windows.purchasedialog_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.purchasedialog/resources/displayname} |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 15.06.2018 01:04:22 | Computer Name = DESKTOP-MPKLAP2 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: APEV_portable64.exe, Version: 2.0.3.0,
 Zeitstempel: 0x59df192e  Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10240.16384,
 Zeitstempel: 0x559f384f  Ausnahmecode: 0xc0000374  Fehleroffset: 0x00000000000ea31c
ID
 des fehlerhaften Prozesses: 0xbe0  Startzeit der fehlerhaften Anwendung: 0x01d404659189c099
Pfad
 der fehlerhaften Anwendung: C:\Users\jan\Downloads\APEV_portable64.exe  Pfad des
fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 66dee32b-cd04-4fb9-8c8b-c6914d50a012
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 15.06.2018 01:13:02 | Computer Name = DESKTOP-MPKLAP2 | Source = ESENT | ID = 455
Description = svchost (1560) SRUJet: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei
 C:\Windows\system32\SRU\SRU00006.log.
 
Error - 15.06.2018 01:13:32 | Computer Name = DESKTOP-MPKLAP2 | Source = Software Protection Platform Service | ID = 8200
Description = Lizenzerwerb-Fehlerdetails.  hr=0x80072EE7
 
Error - 15.06.2018 01:13:32 | Computer Name = DESKTOP-MPKLAP2 | Source = Software Protection Platform Service | ID = 1014
Description = Fehler beim Erwerb der Endbenutzerlizenz. hr=0x80072EE7  SKU-ID=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c
 
Error - 15.06.2018 01:13:32 | Computer Name = DESKTOP-MPKLAP2 | Source = Software Protection Platform Service | ID = 8198
Description = Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:  hr=0x80072EE7
Befehlszeilenargumente:
RuleId=31e71c49-8da7-4a2f-ad92-45d98a1c79ba;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=4de7cb65-cdf1-4de9-8ae8-e3cce27b9f2c;NotificationInterval=1440;Trigger=UserLogon;SessionId=1
 
Error - 15.06.2018 01:16:26 | Computer Name = DESKTOP-MPKLAP2 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version:
 10.0.10240.16384, Zeitstempel: 0x559f467c  Name des fehlerhaften Moduls: ntdll.dll,
 Version: 10.0.10240.16384, Zeitstempel: 0x559f384f  Ausnahmecode: 0xc0000374  Fehleroffset:
 0x00000000000ea31c  ID des fehlerhaften Prozesses: 0xf50  Startzeit der fehlerhaften
 Anwendung: 0x01d40467a39ed9ee  Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 0906b13c-b360-4dd2-a342-87ea5f6fa5b1
Vollständiger
 Name des fehlerhaften Pakets: Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: App
 
Error - 15.06.2018 01:16:32 | Computer Name = DESKTOP-MPKLAP2 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RuntimeBroker.exe, Version: 10.0.10240.16384,
 Zeitstempel: 0x559f39eb  Name des fehlerhaften Moduls: SHELL32.dll, Version: 10.0.10240.16384,
 Zeitstempel: 0x559f3ee0  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00000000001c7c17
ID
 des fehlerhaften Prozesses: 0xe14  Startzeit der fehlerhaften Anwendung: 0x01d40467a2b5f43c
Pfad
 der fehlerhaften Anwendung: C:\Windows\System32\RuntimeBroker.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\system32\SHELL32.dll  Berichtskennung: 0efbd078-ab15-45ad-b41b-c278cf99ebbf
Vollständiger
 Name des fehlerhaften Pakets:  Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist:
 
Error - 15.06.2018 01:17:43 | Computer Name = DESKTOP-MPKLAP2 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.WindowsAlarms_8wekyb3d8bbwe!App“
 ist folgender Fehler aufgetreten: -2147023665. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
Error - 15.06.2018 01:17:47 | Computer Name = DESKTOP-MPKLAP2 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: ShellExperienceHost.exe, Version:
 10.0.10240.16384, Zeitstempel: 0x559f467c  Name des fehlerhaften Moduls: twinapi.appcore.dll,
 Version: 10.0.10240.16384, Zeitstempel: 0x559f39fb  Ausnahmecode: 0xc000027b  Fehleroffset:
 0x000000000006684f  ID des fehlerhaften Prozesses: 0x1780  Startzeit der fehlerhaften
 Anwendung: 0x01d404681773897f  Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Pfad
 des fehlerhaften Moduls: C:\Windows\System32\twinapi.appcore.dll  Berichtskennung:
 0e08df95-482d-4f07-993b-4c791768d857  Vollständiger Name des fehlerhaften Pakets:
 Microsoft.Windows.ShellExperienceHost_10.0.10240.16384_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID,
 die relativ zum fehlerhaften Paket ist: App
 
Error - 15.06.2018 01:26:19 | Computer Name = DESKTOP-MPKLAP2 | Source = Microsoft-Windows-Immersive-Shell | ID = 5973
Description = Bei der Aktivierung der App „Microsoft.WindowsPhone_8wekyb3d8bbwe!CompanionApp.App“
 ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie
 im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
 
[ System Events ]
Error - 15.06.2018 01:26:05 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:05 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:05 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:05 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:06 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:06 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:06 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:07 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:07 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
Error - 15.06.2018 01:26:08 | Computer Name = DESKTOP-MPKLAP2 | Source = DCOM | ID = 10016
Description =
 
 
< End of report >

Jan10001 15.06.2018 07:10
Otl mit Extra Registrierung
 
Code:
OTL logfile created on: 15.06.2018 08:02:55 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\jan\Desktop
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.10240.16384)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,92 Gb Total Physical Memory | 13,40 Gb Available Physical Memory | 84,14% Memory free
18,80 Gb Paging File | 16,74 Gb Available in Paging File | 89,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,21 Gb Total Space | 439,04 Gb Free Space | 94,38% Space Free | Partition Type: NTFS
 
Computer Name: DESKTOP-MPKLAP2 | User Name: jan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (All) ==========
 
PRC - File not found --
PRC - [2018.06.15 08:01:06 | 009,214,024 | ---- | M] () -- C:\jan.exe
PRC - [2018.06.15 07:53:27 | 012,007,128 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe
PRC - [2018.06.15 07:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\jan\Desktop\OTL.exe
PRC - [2018.06.15 07:17:46 | 000,382,144 | ---- | M] (Microsoft Corporation) -- C:\Users\jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
PRC - [2015.07.10 18:43:51 | 007,496,544 | ---- | M] (Microsoft Corporation) -- C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:25 | 000,035,176 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\svchost.exe  [comLaunch]
PRC - [2015.07.10 13:00:15 | 004,528,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
 
 
========== Services (All) ==========
 
SRV:64bit: - [2018.06.15 07:27:13 | 000,365,040 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService2.0.0.0)
SRV:64bit: - [2015.07.10 18:44:22 | 000,276,992 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\umrdp.dll -- (UmRdpService)
SRV:64bit: - [2015.07.10 18:44:12 | 000,177,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\sensrsvc.dll -- (SensrSvc)
SRV:64bit: - [2015.07.10 18:43:48 | 000,200,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2015.07.10 18:43:30 | 000,733,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cscsvc.dll -- (CscService)
SRV:64bit: - [2015.07.10 18:43:24 | 001,977,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\PeerDistSvc.dll -- (PeerDistSvc)
SRV:64bit: - [2015.07.10 13:01:38 | 000,651,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FXSSVC.exe -- (Fax)
SRV:64bit: - [2015.07.10 13:01:34 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\TabSvc.dll -- (TabletInputService)
SRV:64bit: - [2015.07.10 13:01:33 | 001,570,816 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbengine.exe -- (wbengine)
SRV:64bit: - [2015.07.10 13:01:20 | 000,086,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wpdbusenum.dll -- (WPDBusEnum)
SRV:64bit: - [2015.07.10 13:01:10 | 001,105,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\sysmain.dll -- (SysMain)
SRV:64bit: - [2015.07.10 13:01:10 | 000,956,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\RDXService.dll -- (RetailDemo)
SRV:64bit: - [2015.07.10 13:01:10 | 000,637,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2015.07.10 13:01:10 | 000,621,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2015.07.10 13:01:10 | 000,504,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WalletService.dll -- (WalletService)
SRV:64bit: - [2015.07.10 13:01:10 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2015.07.10 13:01:09 | 000,371,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2015.07.10 13:01:09 | 000,179,200 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2015.07.10 13:01:09 | 000,150,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2015.07.10 13:00:41 | 000,394,240 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\StorSvc.dll -- (StorSvc)
SRV:64bit: - [2015.07.10 13:00:41 | 000,167,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2015.07.10 13:00:39 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2015.07.10 13:00:38 | 001,844,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2015.07.10 13:00:38 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\provsvc.dll -- (HomeGroupProvider)
SRV:64bit: - [2015.07.10 13:00:38 | 000,359,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\bdesvc.dll -- (BDESVC)
SRV:64bit: - [2015.07.10 13:00:38 | 000,273,408 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ListSvc.dll -- (HomeGroupListener)
SRV:64bit: - [2015.07.10 13:00:36 | 000,434,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\p2psvc.dll -- (p2psvc)
SRV:64bit: - [2015.07.10 13:00:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (PNRPsvc)
SRV:64bit: - [2015.07.10 13:00:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\pnrpsvc.dll -- (p2pimsvc)
SRV:64bit: - [2015.07.10 13:00:36 | 000,115,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.07.10 13:00:36 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pnrpauto.dll -- (PNRPAutoReg)
SRV:64bit: - [2015.07.10 13:00:21 | 001,031,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SensorDataService.exe -- (SensorDataService)
SRV:64bit: - [2015.07.10 13:00:21 | 000,133,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wersvc.dll -- (WerSvc)
SRV:64bit: - [2015.07.10 13:00:21 | 000,095,744 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wercplsupport.dll -- (wercplsupport)
SRV:64bit: - [2015.07.10 13:00:20 | 001,032,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\termsrv.dll -- (TermService)
SRV:64bit: - [2015.07.10 13:00:20 | 000,749,056 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2015.07.10 13:00:20 | 000,371,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SessEnv.dll -- (SessionEnv)
SRV:64bit: - [2015.07.10 13:00:20 | 000,043,008 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\WcsPlugInService.dll -- (WcsPlugInService)
SRV:64bit: - [2015.07.10 13:00:19 | 000,593,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV:64bit: - [2015.07.10 13:00:17 | 000,058,368 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2015.07.10 13:00:16 | 000,075,264 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2015.07.10 13:00:14 | 000,781,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2015.07.10 13:00:14 | 000,311,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2015.07.10 13:00:13 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\WUDFSvc.dll -- (wudfsvc)
SRV:64bit: - [2015.07.10 13:00:10 | 000,228,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SensorService.dll -- (SensorService)
SRV:64bit: - [2015.07.10 13:00:10 | 000,186,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NetSetupSvc.dll -- (NetSetupSvc)
SRV:64bit: - [2015.07.10 13:00:10 | 000,079,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\RpcEpMap.dll -- (RpcEptMapper)
SRV:64bit: - [2015.07.10 13:00:10 | 000,056,344 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2015.07.10 13:00:10 | 000,029,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2015.07.10 13:00:09 | 001,643,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2015.07.10 13:00:09 | 001,420,288 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\UserDataService.dll -- (UserDataSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 001,202,176 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\Unistore.dll -- (UnistoreSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,954,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IKEEXT.DLL -- (IKEEXT)
SRV:64bit: - [2015.07.10 13:00:09 | 000,794,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2015.07.10 13:00:09 | 000,526,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2015.07.10 13:00:09 | 000,504,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\tileobjserver.dll -- (tiledatamodelsvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,356,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2015.07.10 13:00:09 | 000,337,408 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2015.07.10 13:00:09 | 000,289,280 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\PimIndexMaintenance.dll -- (PimIndexMaintenanceSvc)
SRV:64bit: - [2015.07.10 13:00:09 | 000,276,992 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2015.07.10 13:00:09 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wpnservice.dll -- (WpnService)
SRV:64bit: - [2015.07.10 13:00:09 | 000,033,280 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DevQueryBroker.dll -- (DevQueryBroker)
SRV:64bit: - [2015.07.10 13:00:09 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lfsvc.dll -- (lfsvc)
SRV:64bit: - [2015.07.10 13:00:07 | 002,674,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\Windows.StateRepository.dll -- (StateRepository)
SRV:64bit: - [2015.07.10 13:00:07 | 001,149,440 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XblGameSave.dll -- (XblGameSave)
SRV:64bit: - [2015.07.10 13:00:07 | 001,019,392 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XboxNetApiSvc.dll -- (XboxNetApiSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,902,144 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SearchIndexer.exe -- (WSearch)
SRV:64bit: - [2015.07.10 13:00:07 | 000,856,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,512,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ngcsvc.dll -- (NgcSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,268,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NgcCtnrSvc.dll -- (NgcCtnrSvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,149,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tetheringservice.dll -- (icssvc)
SRV:64bit: - [2015.07.10 13:00:07 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\moshost.dll -- (MapsBroker)
SRV:64bit: - [2015.07.10 13:00:07 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AJRouter.dll -- (AJRouter)
SRV:64bit: - [2015.07.10 13:00:07 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\LicenseManagerSvc.dll -- (LicenseManager)
SRV:64bit: - [2015.07.10 13:00:06 | 000,134,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\cdpsvc.dll -- (CDPSvc)
SRV:64bit: - [2015.07.10 13:00:06 | 000,087,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\embeddedmodesvc.dll -- (embeddedmode)
SRV:64bit: - [2015.07.10 13:00:05 | 001,679,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\FntCache.dll -- (FontCache)
SRV:64bit: - [2015.07.10 13:00:05 | 000,808,856 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV:64bit: - [2015.07.10 13:00:04 | 001,082,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (Audiosrv)
SRV:64bit: - [2015.07.10 13:00:04 | 000,279,552 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2015.07.10 13:00:03 | 003,467,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2015.07.10 13:00:03 | 002,239,488 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2015.07.10 13:00:03 | 001,169,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dosvc.dll -- (DoSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 006,525,424 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\sppsvc.exe -- (sppsvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,918,016 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\XblAuthManager.dll -- (XblAuthManager)
SRV:64bit: - [2015.07.10 13:00:02 | 000,836,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2015.07.10 13:00:02 | 000,658,568 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ClipSVC.dll -- (ClipSVC)
SRV:64bit: - [2015.07.10 13:00:02 | 000,343,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\usocore.dll -- (UsoSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,324,608 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,322,048 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2015.07.10 13:00:02 | 000,093,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2015.07.10 13:00:02 | 000,055,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2015.07.10 13:00:02 | 000,043,008 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\UI0Detect.exe -- (UI0Detect)
SRV:64bit: - [2015.07.10 13:00:01 | 002,093,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2015.07.10 13:00:01 | 001,335,296 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\gpsvc.dll -- (gpsvc)
SRV:64bit: - [2015.07.10 13:00:01 | 000,605,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbiosrvc.dll -- (WbioSrvc)
SRV:64bit: - [2015.07.10 13:00:01 | 000,283,136 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2015.07.10 13:00:01 | 000,279,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)
SRV:64bit: - [2015.07.10 13:00:01 | 000,096,256 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2015.07.10 13:00:01 | 000,077,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2015.07.10 13:00:01 | 000,043,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appidsvc.dll -- (AppIDSvc)
SRV:64bit: - [2015.07.10 13:00:01 | 000,031,232 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2015.07.10 13:00:01 | 000,027,648 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2015.07.10 13:00:00 | 000,717,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\usermgr.dll -- (UserManager)
SRV:64bit: - [2015.07.10 13:00:00 | 000,518,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\w32time.dll -- (W32Time)
SRV:64bit: - [2015.07.10 13:00:00 | 000,232,448 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\SCardSvr.dll -- (SCardSvr)
SRV:64bit: - [2015.07.10 13:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (SCPolicySvc)
SRV:64bit: - [2015.07.10 13:00:00 | 000,192,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\certprop.dll -- (CertPropSvc)
SRV:64bit: - [2015.07.10 13:00:00 | 000,181,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2015.07.10 13:00:00 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\iscsiexe.dll -- (MSiSCSI)
SRV:64bit: - [2015.07.10 13:00:00 | 000,114,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AxInstSv.dll -- (AxInstSV)
SRV:64bit: - [2015.07.10 13:00:00 | 000,085,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\bthserv.dll -- (bthserv)
SRV:64bit: - [2015.07.10 12:59:59 | 000,873,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2015.07.10 12:59:59 | 000,873,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2015.07.10 12:59:59 | 000,472,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV:64bit: - [2015.07.10 12:59:59 | 000,378,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtckrm.dll -- (KtmRm)
SRV:64bit: - [2015.07.10 12:59:59 | 000,296,960 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\APHostService.dll -- (OneSyncSvc)
SRV:64bit: - [2015.07.10 12:59:59 | 000,196,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dcpsvc.dll -- (DcpSvc)
SRV:64bit: - [2015.07.10 12:59:59 | 000,147,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msdtc.exe -- (MSDTC)
SRV:64bit: - [2015.07.10 12:59:59 | 000,114,176 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\trkwks.dll -- (TrkWks)
SRV:64bit: - [2015.07.10 12:59:59 | 000,093,184 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpo.dll -- (Power)
SRV:64bit: - [2015.07.10 12:59:59 | 000,034,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV:64bit: - [2015.07.10 12:59:59 | 000,027,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe -- (diagnosticshub.standardcollector.service)
SRV:64bit: - [2015.07.10 12:59:59 | 000,018,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dllhost.exe -- (COMSysApp)
SRV:64bit: - [2015.07.10 12:59:59 | 000,010,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Locator.exe -- (RpcLocator)
SRV:64bit: - [2015.07.10 12:59:58 | 001,486,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\pla.dll -- (pla)
SRV:64bit: - [2015.07.10 12:59:58 | 001,370,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2015.07.10 12:59:58 | 000,508,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\pcasvc.dll -- (PcaSvc)
SRV:64bit: - [2015.07.10 12:59:58 | 000,143,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dssvc.dll -- (DsSvc)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UserDataSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (UnistoreSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysNative\svchost.exe -- (PimIndexMaintenanceSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:58 | 000,039,856 | ---- | M] (Microsoft Corporation) [Auto | Unknown] -- C:\Windows\SysNative\svchost.exe -- (OneSyncSvc_Session1)
SRV:64bit: - [2015.07.10 12:59:57 | 000,665,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vds.exe -- (vds)
SRV:64bit: - [2015.07.10 12:59:57 | 000,405,504 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2015.07.10 12:59:57 | 000,237,568 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2015.07.10 12:59:57 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2015.07.10 12:59:57 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (DeviceInstall)
SRV:64bit: - [2015.07.10 12:59:56 | 000,495,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\defragsvc.dll -- (defragsvc)
SRV:64bit: - [2015.07.10 12:59:56 | 000,228,864 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\WebClnt.dll -- (WebClient)
SRV:64bit: - [2015.07.10 12:59:56 | 000,168,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dps.dll -- (DPS)
SRV:64bit: - [2015.07.10 12:59:56 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiSystemHost)
SRV:64bit: - [2015.07.10 12:59:56 | 000,098,304 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wdi.dll -- (WdiServiceHost)
SRV:64bit: - [2015.07.10 12:59:56 | 000,072,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\Sens.dll -- (SENS)
SRV:64bit: - [2015.07.10 12:59:56 | 000,035,840 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\FDResPub.dll -- (FDResPub)
SRV:64bit: - [2015.07.10 12:59:56 | 000,019,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2015.07.10 12:59:55 | 000,464,896 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2015.07.10 12:59:55 | 000,154,112 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\regsvc.dll -- (RemoteRegistry)
SRV:64bit: - [2015.07.10 12:59:55 | 000,118,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2015.07.10 12:59:55 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fdPHost.dll -- (fdPHost)
SRV:64bit: - [2015.07.10 12:59:55 | 000,013,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2015.07.10 12:59:54 | 002,556,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WsmSvc.dll -- (WinRM)
SRV:64bit: - [2015.07.10 12:59:54 | 002,178,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2015.07.10 12:59:54 | 001,729,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (EventLog)
SRV:64bit: - [2015.07.10 12:59:54 | 001,008,640 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2015.07.10 12:59:54 | 000,275,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll -- (EntAppSvc)
SRV:64bit: - [2015.07.10 12:59:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2015.07.10 12:59:54 | 000,202,752 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wbem\WmiApSrv.exe -- (wmiApSrv)
SRV:64bit: - [2015.07.10 12:59:53 | 001,168,896 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2015.07.10 12:59:53 | 000,855,552 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\winhttp.dll -- (WinHttpAutoProxySvc)
SRV:64bit: - [2015.07.10 12:59:53 | 000,452,608 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2015.07.10 12:59:53 | 000,452,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\upnphost.dll -- (upnphost)
SRV:64bit: - [2015.07.10 12:59:53 | 000,267,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV:64bit: - [2015.07.10 12:59:53 | 000,265,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2015.07.10 12:59:53 | 000,211,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wecsvc.dll -- (Wecsvc)
SRV:64bit: - [2015.07.10 12:59:53 | 000,097,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2015.07.10 12:59:53 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV:64bit: - [2015.07.10 12:59:53 | 000,063,488 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\dmwappushsvc.dll -- (dmwappushservice)
SRV:64bit: - [2015.07.10 12:59:53 | 000,023,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lmhsvc.dll -- (lmhosts)
SRV:64bit: - [2015.07.10 12:59:53 | 000,015,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\snmptrap.exe -- (SNMPTRAP)
SRV:64bit: - [2015.07.10 12:59:52 | 002,226,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (WlanSvc)
SRV:64bit: - [2015.07.10 12:59:52 | 001,175,040 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\wwansvc.dll -- (WwanSvc)
SRV:64bit: - [2015.07.10 12:59:52 | 000,593,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2015.07.10 12:59:52 | 000,471,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wcncsvc.dll -- (wcncsvc)
SRV:64bit: - [2015.07.10 12:59:52 | 000,390,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
SRV:64bit: - [2015.07.10 12:59:52 | 000,279,040 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lltdsvc.dll -- (lltdsvc)
SRV:64bit: - [2015.07.10 12:59:52 | 000,243,712 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ssdpsrv.dll -- (SSDPSRV)
SRV:64bit: - [2015.07.10 12:59:52 | 000,210,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sstpsvc.dll -- (SstpSvc)
SRV:64bit: - [2015.07.10 12:59:52 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\eapsvc.dll -- (Eaphost)
SRV:64bit: - [2015.07.10 12:59:51 | 000,679,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2015.07.10 12:59:51 | 000,583,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\SmsRouterSvc.dll -- (SmsRouter)
SRV:64bit: - [2015.07.10 12:59:50 | 000,954,880 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\iphlpsvc.dll -- (iphlpsvc)
SRV:64bit: - [2015.07.10 12:59:50 | 000,550,400 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2015.07.10 12:59:50 | 000,497,152 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\mprdim.dll -- (RemoteAccess)
SRV:64bit: - [2015.07.10 12:59:50 | 000,379,904 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2015.07.10 12:59:50 | 000,286,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\qwave.dll -- (QWAVE)
SRV:64bit: - [2015.07.10 12:59:50 | 000,263,680 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2015.07.10 12:59:50 | 000,167,936 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2015.07.10 12:59:50 | 000,106,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvmsession)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2015.07.10 12:59:48 | 000,506,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2015.07.10 12:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2015.07.10 12:59:36 | 000,326,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
SRV - [2018.06.15 07:51:52 | 000,317,280 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2018.06.15 07:51:42 | 007,620,096 | ---- | M] (AVAST Software) [On_Demand | Running] -- C:\Programme\AVAST Software\Avast\x64\aswidsagenta.exe -- (aswbIDSAgent)
SRV - [2018.06.15 07:31:11 | 000,266,328 | ---- | M] (Synaptics Incorporated) [Auto | Running] -- C:\Programme\Synaptics\SynTP\SynTPEnhService.exe -- (SynTPEnhService)
SRV - [2018.06.15 07:27:17 | 000,494,056 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2016.12.29 15:10:15 | 000,458,176 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe -- (NVDisplay.ContainerLocalSystem)
SRV - [2015.07.10 18:43:43 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\appmgmts.dll -- (AppMgmt)
SRV - [2015.07.10 13:01:20 | 000,381,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\provsvc.dll -- (HomeGroupProvider)
SRV - [2015.07.10 13:00:33 | 000,544,768 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
SRV - [2015.07.10 13:00:33 | 000,312,320 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\SessEnv.dll -- (SessionEnv)
SRV - [2015.07.10 13:00:32 | 000,254,976 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV - [2015.07.10 13:00:31 | 000,410,112 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\mprdim.dll -- (RemoteAccess)
SRV - [2015.07.10 13:00:31 | 000,329,216 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\upnphost.dll -- (upnphost)
SRV - [2015.07.10 13:00:31 | 000,246,784 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\qwave.dll -- (QWAVE)
SRV - [2015.07.10 13:00:31 | 000,021,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\perfhost.exe -- (PerfHost)
SRV - [2015.07.10 13:00:30 | 000,667,136 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2015.07.10 13:00:30 | 000,292,352 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV - [2015.07.10 13:00:30 | 000,022,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\lfsvc.dll -- (lfsvc)
SRV - [2015.07.10 13:00:29 | 002,049,024 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\Windows.StateRepository.dll -- (StateRepository)
SRV - [2015.07.10 13:00:29 | 000,711,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWow64\SearchIndexer.exe -- (WSearch)
SRV - [2015.07.10 13:00:28 | 000,510,976 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\CoreMessaging.dll -- (CoreMessagingRegistrar)
SRV - [2015.07.10 13:00:27 | 000,069,632 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\keyiso.dll -- (KeyIso)
SRV - [2015.07.10 13:00:26 | 000,708,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\netlogon.dll -- (Netlogon)
SRV - [2015.07.10 13:00:26 | 000,344,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV - [2015.07.10 13:00:26 | 000,029,696 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV - [2015.07.10 13:00:26 | 000,017,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\dllhost.exe -- (COMSysApp)
SRV - [2015.07.10 13:00:25 | 001,536,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\pla.dll -- (pla)
SRV - [2015.07.10 13:00:25 | 000,924,672 | ---- | M] (Microsoft Corporation) [On_Demand | Unknown] -- C:\Windows\SysWOW64\Unistore.dll -- (UnistoreSvc)
SRV - [2015.07.10 13:00:25 | 000,199,680 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\WebClnt.dll -- (WebClient)
SRV - [2015.07.10 13:00:24 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiSystemHost)
SRV - [2015.07.10 13:00:24 | 000,089,600 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\wdi.dll -- (WdiServiceHost)
SRV - [2015.07.10 13:00:24 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2015.07.10 13:00:23 | 002,181,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\WsmSvc.dll -- (WinRM)
SRV - [2015.07.10 13:00:23 | 000,193,024 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Windows.Internal.Management.dll -- (DmEnrollmentSvc)
SRV - [2015.07.10 13:00:23 | 000,058,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV - [2015.07.10 13:00:21 | 000,033,792 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysWOW64\WcsPlugInService.dll -- (WcsPlugInService)
SRV - [2015.07.10 12:59:37 | 003,337,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2015.07.10 11:05:37 | 000,120,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\servicing\TrustedInstaller.exe -- (TrustedInstaller)
 
 
========== Driver Services (All) ==========
 
DRV:64bit: - [2018.06.15 07:52:11 | 000,460,520 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2018.06.15 07:52:11 | 000,381,552 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2018.06.15 07:52:11 | 000,205,976 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2018.06.15 07:52:11 | 000,159,120 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2018.06.15 07:52:11 | 000,085,968 | ---- | M] (AVAST Software) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2018.06.15 07:52:10 | 000,196,640 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswArPot.sys -- (aswArPot)
DRV:64bit: - [2018.06.15 07:52:10 | 000,111,360 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2018.06.15 07:52:10 | 000,046,968 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2018.06.15 07:51:46 | 001,027,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2018.06.15 07:51:40 | 000,234,560 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswHdsKe.sys -- (aswHdsKe)
DRV:64bit: - [2018.06.15 07:51:38 | 000,057,680 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbuniva.sys -- (aswbuniv)
DRV:64bit: - [2018.06.15 07:51:37 | 000,343,752 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbloga.sys -- (aswblog)
DRV:64bit: - [2018.06.15 07:51:37 | 000,227,504 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswbidsdrivera.sys -- (aswbidsdriver)
DRV:64bit: - [2018.06.15 07:51:37 | 000,199,440 | ---- | M] (AVAST Software) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\aswbidsha.sys -- (aswbidsh)
DRV:64bit: - [2018.06.15 07:34:24 | 000,024,688 | ---- | M] () [Kernel | On_Demand | Unknown] -- C:\Windows\SysNative\drivers\TrueSight.sys -- (TrueSight)
DRV:64bit: - [2018.06.15 07:31:23 | 000,162,456 | ---- | M] (Qualcomm Atheros, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e2xw10x64.sys -- (KillerEth)
DRV:64bit: - [2018.06.15 07:31:10 | 000,925,280 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2018.06.15 07:28:56 | 000,048,696 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2018.06.15 07:28:54 | 014,190,520 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV:64bit: - [2018.06.15 07:28:33 | 000,760,968 | ---- | M] (Realsil Semiconductor Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPer.sys -- (RTSPER)
DRV:64bit: - [2018.06.15 07:27:10 | 007,963,632 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2018.06.15 07:27:01 | 000,195,152 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverW8x64.sys -- (MEIx64)
DRV:64bit: - [2015.07.10 18:44:20 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpbus.sys -- (rdpbus)
DRV:64bit: - [2015.07.10 18:44:18 | 000,038,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2015.07.10 18:43:48 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2015.07.10 18:43:39 | 000,176,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpdr.sys -- (RDPDR)
DRV:64bit: - [2015.07.10 18:43:28 | 000,544,768 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\csc.sys -- (CSC)
DRV:64bit: - [2015.07.10 13:01:20 | 000,029,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2015.07.10 13:00:38 | 000,410,624 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\srv.sys -- (srv)
DRV:64bit: - [2015.07.10 13:00:38 | 000,284,672 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\mrxsmb10.sys -- (mrxsmb10)
DRV:64bit: - [2015.07.10 13:00:36 | 000,052,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2015.07.10 13:00:14 | 000,380,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2015.07.10 13:00:14 | 000,215,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2015.07.10 13:00:14 | 000,092,672 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cdfs.sys -- (cdfs)
DRV:64bit: - [2015.07.10 13:00:13 | 001,010,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\http.sys -- (HTTP)
DRV:64bit: - [2015.07.10 13:00:13 | 000,934,752 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refsv1.sys -- (ReFSv1)
DRV:64bit: - [2015.07.10 13:00:13 | 000,370,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volmgrx.sys -- (volmgrx)
DRV:64bit: - [2015.07.10 13:00:13 | 000,273,408 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\netbt.sys -- (NetBT)
DRV:64bit: - [2015.07.10 13:00:13 | 000,214,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFRd.sys -- (WUDFRd)
DRV:64bit: - [2015.07.10 13:00:13 | 000,097,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WUDFPf.sys -- (WudfPf)
DRV:64bit: - [2015.07.10 13:00:13 | 000,029,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\hwpolicy.sys -- (hwpolicy)
DRV:64bit: - [2015.07.10 13:00:10 | 002,430,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip6)
DRV:64bit: - [2015.07.10 13:00:10 | 002,430,816 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tcpip.sys -- (Tcpip)
DRV:64bit: - [2015.07.10 13:00:10 | 002,117,472 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\ntfs.sys -- (NTFS)
DRV:64bit: - [2015.07.10 13:00:10 | 001,168,736 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ndis.sys -- (NDIS)
DRV:64bit: - [2015.07.10 13:00:10 | 000,892,224 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Wdf01000.sys -- (Wdf01000)
DRV:64bit: - [2015.07.10 13:00:10 | 000,633,184 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\fvevol.sys -- (fvevol)
DRV:64bit: - [2015.07.10 13:00:10 | 000,577,888 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afd.sys -- (AFD)
DRV:64bit: - [2015.07.10 13:00:10 | 000,368,992 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fltMgr.sys -- (FltMgr)
DRV:64bit: - [2015.07.10 13:00:10 | 000,355,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msrpc.sys -- (MsRPC)
DRV:64bit: - [2015.07.10 13:00:10 | 000,131,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecdd.sys -- (KSecDD)
DRV:64bit: - [2015.07.10 13:00:10 | 000,116,576 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tdx.sys -- (tdx)
DRV:64bit: - [2015.07.10 13:00:10 | 000,106,520 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys -- (WindowsTrustedRT)
DRV:64bit: - [2015.07.10 13:00:10 | 000,063,488 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\npfs.sys -- (Npfs)
DRV:64bit: - [2015.07.10 13:00:10 | 000,061,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UcmCx.sys -- (UcmCx0101)
DRV:64bit: - [2015.07.10 13:00:10 | 000,040,448 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\nsiproxy.sys -- (nsiproxy)
DRV:64bit: - [2015.07.10 13:00:10 | 000,031,232 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\msfs.sys -- (Msfs)
DRV:64bit: - [2015.07.10 13:00:10 | 000,031,072 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2015.07.10 13:00:10 | 000,007,168 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\null.sys -- (Null)
DRV:64bit: - [2015.07.10 13:00:09 | 000,200,544 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2015.07.10 13:00:09 | 000,153,440 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2015.07.10 13:00:09 | 000,117,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\partmgr.sys -- (partmgr)
DRV:64bit: - [2015.07.10 13:00:09 | 000,103,264 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mountmgr.sys -- (mountmgr)
DRV:64bit: - [2015.07.10 13:00:09 | 000,061,952 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\storqosflt.sys -- (storqosflt)
DRV:64bit: - [2015.07.10 13:00:09 | 000,051,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pcw.sys -- (pcw)
DRV:64bit: - [2015.07.10 13:00:09 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2015.07.10 13:00:09 | 000,026,624 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ioqos.sys -- (IoQos)
DRV:64bit: - [2015.07.10 13:00:07 | 000,076,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mpsdrv.sys -- (mpsdrv)
DRV:64bit: - [2015.07.10 13:00:05 | 001,982,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dxgkrnl.sys -- (DXGKrnl)
DRV:64bit: - [2015.07.10 13:00:04 | 000,048,128 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mmcss.sys -- (MMCSS)
DRV:64bit: - [2015.07.10 13:00:02 | 000,601,344 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cng.sys -- (CNG)
DRV:64bit: - [2015.07.10 13:00:02 | 000,158,560 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\ksecpkg.sys -- (KSecPkg)
DRV:64bit: - [2015.07.10 13:00:01 | 000,141,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\appid.sys -- (AppID)
DRV:64bit: - [2015.07.10 13:00:00 | 000,721,408 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\PEAuth.sys -- (PEAUTH)
DRV:64bit: - [2015.07.10 13:00:00 | 000,245,088 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ufx01000.sys -- (Ufx01000)
DRV:64bit: - [2015.07.10 13:00:00 | 000,159,072 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2015.07.10 13:00:00 | 000,077,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2015.07.10 13:00:00 | 000,074,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2015.07.10 13:00:00 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urscx01000.sys -- (UrsCx01000)
DRV:64bit: - [2015.07.10 13:00:00 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\scfilter.sys -- (scfilter)
DRV:64bit: - [2015.07.10 13:00:00 | 000,039,264 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\cnghwassist.sys -- (cnghwassist)
DRV:64bit: - [2015.07.10 13:00:00 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ksthunk.sys -- (ksthunk)
DRV:64bit: - [2015.07.10 13:00:00 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspclock.sys -- (MSPCLOCK)
DRV:64bit: - [2015.07.10 13:00:00 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\beep.sys -- (Beep)
DRV:64bit: - [2015.07.10 12:59:59 | 000,415,232 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb.sys -- (mrxsmb)
DRV:64bit: - [2015.07.10 12:59:59 | 000,414,720 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\rdbss.sys -- (rdbss)
DRV:64bit: - [2015.07.10 12:59:59 | 000,331,104 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\fastfat.sys -- (fastfat)
DRV:64bit: - [2015.07.10 12:59:59 | 000,155,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2015.07.10 12:59:59 | 000,118,624 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\mup.sys -- (Mup)
DRV:64bit: - [2015.07.10 12:59:59 | 000,088,928 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2015.07.10 12:59:59 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mskssrv.sys -- (MSKSSRV)
DRV:64bit: - [2015.07.10 12:59:59 | 000,012,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mstee.sys -- (MSTEE)
DRV:64bit: - [2015.07.10 12:59:59 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2015.07.10 12:59:59 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mspqm.sys -- (MSPQM)
DRV:64bit: - [2015.07.10 12:59:59 | 000,008,704 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidkmdf.sys -- (mshidkmdf)
DRV:64bit: - [2015.07.10 12:59:58 | 000,321,024 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\udfs.sys -- (udfs)
DRV:64bit: - [2015.07.10 12:59:58 | 000,313,856 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\exfat.sys -- (exfat)
DRV:64bit: - [2015.07.10 12:59:58 | 000,239,616 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srvnet.sys -- (srvnet)
DRV:64bit: - [2015.07.10 12:59:58 | 000,199,008 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2015.07.10 12:59:58 | 000,105,472 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\bowser.sys -- (bowser)
DRV:64bit: - [2015.07.10 12:59:58 | 000,083,808 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\fileinfo.sys -- (FileInfo)
DRV:64bit: - [2015.07.10 12:59:58 | 000,035,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wimmount.sys -- (WIMMount)
DRV:64bit: - [2015.07.10 12:59:57 | 000,674,304 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\srv2.sys -- (srv2)
DRV:64bit: - [2015.07.10 12:59:57 | 000,235,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\rdyboost.sys -- (rdyboost)
DRV:64bit: - [2015.07.10 12:59:57 | 000,143,872 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mrxdav.sys -- (MRxDAV)
DRV:64bit: - [2015.07.10 12:59:57 | 000,138,240 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\dfsc.sys -- (Dfsc)
DRV:64bit: - [2015.07.10 12:59:56 | 000,217,600 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mrxsmb20.sys -- (mrxsmb20)
DRV:64bit: - [2015.07.10 12:59:56 | 000,127,488 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\luafv.sys -- (luafv)
DRV:64bit: - [2015.07.10 12:59:56 | 000,062,816 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fsdepends.sys -- (FsDepends)
DRV:64bit: - [2015.07.10 12:59:56 | 000,008,192 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gpuenergydrv.sys -- (GpuEnergyDrv)
DRV:64bit: - [2015.07.10 12:59:55 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2015.07.10 12:59:55 | 000,035,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\filetrace.sys -- (Filetrace)
DRV:64bit: - [2015.07.10 12:59:53 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (ndiswanlegacy)
DRV:64bit: - [2015.07.10 12:59:53 | 000,188,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiswan.sys -- (NdisWan)
DRV:64bit: - [2015.07.10 12:59:53 | 000,143,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipnat.sys -- (IPNAT)
DRV:64bit: - [2015.07.10 12:59:53 | 000,129,024 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2015.07.10 12:59:53 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2015.07.10 12:59:53 | 000,063,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ndisuio.sys -- (Ndisuio)
DRV:64bit: - [2015.07.10 12:59:53 | 000,028,160 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\asyncmac.sys -- (AsyncMac)
DRV:64bit: - [2015.07.10 12:59:53 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\irenum.sys -- (IRENUM)
DRV:64bit: - [2015.07.10 12:59:52 | 000,114,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bridge.sys -- (MsBridge)
DRV:64bit: - [2015.07.10 12:59:52 | 000,104,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasl2tp.sys -- (Rasl2tp)
DRV:64bit: - [2015.07.10 12:59:52 | 000,095,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\raspptp.sys -- (PptpMiniport)
DRV:64bit: - [2015.07.10 12:59:52 | 000,085,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ipfltdrv.sys -- (IpFilterDriver)
DRV:64bit: - [2015.07.10 12:59:52 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (wanarpv6)
DRV:64bit: - [2015.07.10 12:59:52 | 000,080,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wanarp.sys -- (wanarp)
DRV:64bit: - [2015.07.10 12:59:52 | 000,078,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rassstp.sys -- (RasSstp)
DRV:64bit: - [2015.07.10 12:59:52 | 000,072,704 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vwififlt.sys -- (vwififlt)
DRV:64bit: - [2015.07.10 12:59:52 | 000,060,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndproxy.sys -- (ndproxy)
DRV:64bit: - [2015.07.10 12:59:52 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tcpipreg.sys -- (tcpipreg)
DRV:64bit: - [2015.07.10 12:59:52 | 000,050,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndiscap.sys -- (NdisCap)
DRV:64bit: - [2015.07.10 12:59:52 | 000,041,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\modem.sys -- (Modem)
DRV:64bit: - [2015.07.10 12:59:52 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifimp.sys -- (vwifimp)
DRV:64bit: - [2015.07.10 12:59:52 | 000,026,112 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vwifibus.sys -- (vwifibus)
DRV:64bit: - [2015.07.10 12:59:52 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ndistapi.sys -- (NdisTapi)
DRV:64bit: - [2015.07.10 12:59:52 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\ws2ifsl.sys -- (ws2ifsl)
DRV:64bit: - [2015.07.10 12:59:52 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2015.07.10 12:59:51 | 000,685,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdiWiFi.sys -- (wdiwifi)
DRV:64bit: - [2015.07.10 12:59:51 | 000,529,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nwifi.sys -- (NativeWifiP)
DRV:64bit: - [2015.07.10 12:59:51 | 000,155,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tunnel.sys -- (tunnel)
DRV:64bit: - [2015.07.10 12:59:51 | 000,105,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\agilevpn.sys -- (RasAgileVpn)
DRV:64bit: - [2015.07.10 12:59:51 | 000,081,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\raspppoe.sys -- (RasPppoe)
DRV:64bit: - [2015.07.10 12:59:51 | 000,080,896 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rspndr.sys -- (rspndr)
DRV:64bit: - [2015.07.10 12:59:51 | 000,064,000 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lltdio.sys -- (lltdio)
DRV:64bit: - [2015.07.10 12:59:50 | 000,160,096 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\pacer.sys -- (Psched)
DRV:64bit: - [2015.07.10 12:59:50 | 000,119,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2015.07.10 12:59:50 | 000,082,432 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2015.07.10 12:59:50 | 000,057,184 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\netbios.sys -- (NetBIOS)
DRV:64bit: - [2015.07.10 12:59:50 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\qwavedrv.sys -- (QWAVEdrv)
DRV:64bit: - [2015.07.10 12:59:50 | 000,017,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rasacd.sys -- (RasAcd)
DRV:64bit: - [2015.07.10 12:59:48 | 000,291,680 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2015.07.10 12:59:48 | 000,209,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Ucx01000.sys -- (Ucx01000)
DRV:64bit: - [2015.07.10 12:59:48 | 000,127,840 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2015.07.10 12:59:48 | 000,098,144 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2015.07.10 12:59:48 | 000,083,968 | ---- | M] (Microsoft Corporation) [File_System | System | Running] -- C:\Windows\SysNative\drivers\filecrypt.sys -- (FileCrypt)
DRV:64bit: - [2015.07.10 12:59:48 | 000,061,440 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2015.07.10 12:59:48 | 000,044,568 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2015.07.10 12:59:48 | 000,044,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Udecx.sys -- (UdeCx)
DRV:64bit: - [2015.07.10 12:59:48 | 000,031,744 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhf.sys -- (vhf)
DRV:64bit: - [2015.07.10 12:59:40 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2015.07.10 12:59:40 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2015.07.10 12:59:40 | 000,028,512 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urschipidea.sys -- (UrsChipidea)
DRV:64bit: - [2015.07.10 12:59:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\urssynopsys.sys -- (UrsSynopsys)
DRV:64bit: - [2015.07.10 12:59:40 | 000,026,624 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2015.07.10 12:59:40 | 000,017,944 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys -- (WindowsTrustedRTProxy)
DRV:64bit: - [2015.07.10 12:59:39 | 000,705,376 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mlx4_bus.sys -- (mlx4_bus)
DRV:64bit: - [2015.07.10 12:59:39 | 000,671,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vhdmp.sys -- (vhdmp)
DRV:64bit: - [2015.07.10 12:59:39 | 000,575,840 | ---- | M] (LSI Corporation, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\megasr.sys -- (megasr)
DRV:64bit: - [2015.07.10 12:59:39 | 000,565,088 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpi.sys -- (ACPI)
DRV:64bit: - [2015.07.10 12:59:39 | 000,517,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2015.07.10 12:59:39 | 000,499,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbhub.sys -- (usbhub)
DRV:64bit: - [2015.07.10 12:59:39 | 000,474,464 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2015.07.10 12:59:39 | 000,424,800 | ---- | M] (Mellanox) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ibbus.sys -- (ibbus)
DRV:64bit: - [2015.07.10 12:59:39 | 000,378,720 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\volsnap.sys -- (volsnap)
DRV:64bit: - [2015.07.10 12:59:39 | 000,371,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2015.07.10 12:59:39 | 000,325,984 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pci.sys -- (pci)
DRV:64bit: - [2015.07.10 12:59:39 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2015.07.10 12:59:39 | 000,174,080 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cdrom.sys -- (cdrom)
DRV:64bit: - [2015.07.10 12:59:39 | 000,166,752 | ---- | M] (VIA Technologies Inc.,Ltd) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\vsmraid.sys -- (vsmraid)[2018.06.15 07:27:15 | 000,013,808 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
[2018.06.15 07:27:14 | 000,020,464 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
[2018.06.15 07:27:14 | 000,020,464 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll
[2018.06.15 07:27:14 | 000,018,928 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
[2018.06.15 07:27:14 | 000,018,928 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
[2018.06.15 07:27:13 | 000,264,688 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl
[2018.06.15 07:27:13 | 000,094,704 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
[2018.06.15 07:27:13 | 000,086,512 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
[2018.06.15 07:27:13 | 000,076,272 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
[2018.06.15 07:27:09 | 005,799,386 | ---- | C] () -- C:\Windows\SysNative\igdclbif.bin
[2018.06.15 07:27:06 | 000,831,685 | ---- | C] () -- C:\Windows\SysNative\DisplayAudiox64.cab
[2018.06.15 07:27:06 | 000,641,530 | ---- | C] () -- C:\Windows\SysNative\FilmModeDetection.wmv
[2018.06.15 07:27:06 | 000,511,260 | ---- | C] () -- C:\Windows\SysNative\cp_resources.bin
[2018.06.15 07:27:06 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\Gfxv4_0.exe.config
[2018.06.15 07:27:06 | 000,000,935 | ---- | C] () -- C:\Windows\SysNative\DPTopologyApp.exe.config
[2018.06.15 07:27:06 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\Gfxv2_0.exe.config
[2018.06.15 07:27:06 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\DPTopologyAppv2_0.exe.config
[2018.06.15 07:27:05 | 000,375,173 | ---- | C] () -- C:\Windows\SysNative\ColorImageEnhancement.wmv
[2018.06.15 07:24:07 | 000,016,148 | ---- | C] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_jan_HistoryPrediction.bin
[2018.06.15 07:17:49 | 000,002,348 | ---- | C] () -- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
[2018.06.15 07:14:24 | 000,001,540 | ---- | C] () -- C:\Users\jan\Desktop\Norton Download Manager.lnk
[2018.06.15 07:14:24 | 000,001,350 | ---- | C] () -- C:\Users\jan\Desktop\Norton Installation Files.lnk
[2018.06.15 06:38:13 | 000,000,312 | ---- | C] () -- C:\Users\jan\Desktop\Speccy.ini
[2018.06.15 06:27:10 | 000,024,688 | ---- | C] () -- C:\Windows\SysNative\drivers\TrueSight.sys
[2018.06.15 06:21:10 | 005,381,587 | ---- | C] () -- C:\Users\jan\Desktop\spsetup128.zip
[2018.06.15 06:21:04 | 000,228,140 | ---- | C] () -- C:\Users\jan\Desktop\WMIExplorer_2.0.0.0.zip
[2018.06.15 06:21:00 | 000,852,798 | ---- | C] () -- C:\Users\jan\Desktop\SecurityCheck.exe
[2018.06.15 06:20:51 | 009,214,024 | ---- | C] () -- C:\jan.exe
[2018.06.15 06:14:03 | 001,699,356 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2018.06.15 06:12:29 | 000,000,214 | ---- | C] () -- C:\Windows\tasks\CreateExplorerShellUnelevatedTask.job
[2018.06.15 06:08:29 | 000,016,148 | ---- | C] () -- C:\Windows\SysNative\DESKTOP-MPKLAP2_defaultuser0_HistoryPrediction.bin
[2018.06.15 05:57:34 | 2543,251,455 | -HS- | C] () -- C:\hiberfil.sys
[2018.06.15 05:52:46 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2016.09.09 20:25:58 | 000,269,600 | ---- | C] () -- C:\Windows\SysWow64\vulkan-1-1-0-26-0.dll
[2016.09.09 20:25:28 | 000,110,880 | ---- | C] () -- C:\Windows\SysWow64\vulkaninfo-1-1-0-26-0.exe

Jan10001 15.06.2018 07:14
Otl mit Extra Registrierung teil 2
 
Code:
.
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2015.07.10 13:00:07 | 006,490,832 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2015.07.10 13:00:29 | 005,121,128 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2015.07.10 12:59:53 | 000,995,328 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2015.07.10 13:00:23 | 000,754,688 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2015.07.10 12:59:55 | 000,516,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2018.06.15 06:53:30 | 000,000,000 | ---D | M] -- C:\Users\jan\AppData\Roaming\AVAST Software
 
========== Purity Check ==========
 
 

< End of report >

cosinus 15.06.2018 08:40
Du knallst hier kommentarlos ein Log rein - was soll denn das? Sollen wir jetzt erraten welche Probleme du hast oder was soll das werden?

Jan10001 15.06.2018 09:21
Zitat:
Zitat von cosinus (Beitrag 1695075)
Du knallst hier kommentarlos ein Log rein - was soll denn das? Sollen wir jetzt erraten welche Probleme du hast oder was soll das werden?
Oh ,sorry ich hatte eigentlich ein Text geschrieben dazu .
Mein Laptop der ist teilweise ferngesteuert und das ´Tool RougekillerCmd hat bei mir Zeroaccess und Root.Necurs , Root.Wajam,Adw.DNSunlocker erkannt ich hab schon alles probiert ..
Neue Festplatte eingebaut mit einer Linux Live Cd , die sind so gut getarnt , denn hab ich wieder keine Admin rechte mehr auf meine Ordner.

Meine Computer einige male neu aufgesetzt ,mit Diskpart Formatiert und so.
unter Linux habe ich gesehen das ich keine Root rechte habe und 4 Benutzer auf mein Laptop sind ob wohl ich nie Linux drauf hatte , es besteht da eine Internet Verbindung über routen denk ich mal.
installiere ich Vieren Scanner denn öffnet sich ganz schnell mal ein popup Fenster und schon erkennt der Scanner nix mehr .

Zitat:
Zitat von Jan10001 (Beitrag 1695076)
Oh ,sorry ich hatte eigentlich ein Text geschrieben dazu .
Mein Laptop der ist teilweise ferngesteuert und das ´Tool RougekillerCmd hat bei mir Zeroaccess und Root.Necurs , Root.Wajam,Adw.DNSunlocker erkannt ich hab schon alles probiert ..
Neue Festplatte eingebaut mit einer Linux Live Cd , die sind so gut getarnt , denn hab ich wieder keine Admin rechte mehr auf meine Ordner.

Meine Computer einige male neu aufgesetzt ,mit Diskpart Formatiert und so.
unter Linux habe ich gesehen das ich keine Root rechte habe und 4 Benutzer auf mein Laptop sind ob wohl ich nie Linux drauf hatte , es besteht da eine Internet Verbindung über routen denk ich mal.
installiere ich Vieren Scanner denn öffnet sich ganz schnell mal ein popup Fenster und schon erkennt der Scanner nix mehr .
Teilweise werden auch Programm schnell beendet beim Scannen , und meine wmi ist total fehlerhaft Win32 ..und jede menge Server Sachen am Laufen alles ist hier am Sender auf mein Ports ,bei der ein Festplatte wurde mein MBR verschlüsselt ´, kein zugriff mehr drauf gehabt mit Passwort ..

cosinus 15.06.2018 11:00
Zitat:
Zitat von Jan10001 (Beitrag 1695076)
Neue Festplatte eingebaut mit einer Linux Live Cd , die sind so gut getarnt , denn hab ich wieder keine Admin rechte mehr auf meine Ordner.
Fehlende Adminrechte haben rein garnix mit Tarnung zu tun.


Zitat:
Zitat von Jan10001 (Beitrag 1695076)
Meine Computer einige male neu aufgesetzt ,mit Diskpart Formatiert und so.
Dann sind auch keine Schädlinge mehr drauf. Es sei denn du installierst diese immer wieder nach durch irgendwelche verseuchten Setups


Zitat:
Zitat von Jan10001 (Beitrag 1695076)
unter Linux habe ich gesehen das ich keine Root rechte habe und 4 Benutzer auf mein Laptop sind ob wohl ich nie Linux drauf hatte ,
Total wirr. :balla:
Du hast unter Linux was geseehen aber hast ja garkein Linux drauf. Bitte mal den Sinn erklären, ich kapier dien Geschreibsel nicht und auch nicht was du als Laie mit Linux willst.:confused:


Zitat:
Zitat von Jan10001 (Beitrag 1695076)
Teilweise werden auch Programm schnell beendet beim Scannen , und meine wmi ist total fehlerhaft Win32 ..und jede menge Server Sachen am Laufen alles ist hier am Sender auf mein Ports ,bei der ein Festplatte wurde mein MBR verschlüsselt ´, kein zugriff mehr drauf gehabt mit Passwort ..
Alles sehr unkonkret und hilft niemandem weiter. Nochmal : wenn du richtig neu installiert hast, dann sind keine Schädlinge drauf.


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:38 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131