| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: internet wird kontrolliert-ChromeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.05.2015, 03:18
| #1 |
| |  internet wird kontrolliert-Chrome Hallo, könnt ihr mir bitte helfen, gerade eben tauchte zufällig folgende Meldung oben rechts in Google Chrome auf: Internet ( oder war es Internetverbindung) wird kontrolliert habe ich mir was eingefangen, einen Trojaner oder so was? LG brauchehilfe |
|
25.05.2015, 06:06
| #2 |
| /// the machine /// TB-Ausbilder    | internet wird kontrolliert-Chrome hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
25.05.2015, 17:06
| #3 |
| | internet wird kontrolliert-Chrome Hallo Schrauber,
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01 Ran by Toshiba (administrator) on TOSHIBA-PC on 25-05-2015 18:01:39 Running from C:\Users\Toshiba\Desktop Loaded Profiles: Toshiba (Available Profiles: Toshiba) Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation) HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.) HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2014-11-19] (Cisco Systems, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-05] (Avast Software s.r.o.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-857925176-313793341-2178906098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net HKU\S-1-5-21-857925176-313793341-2178906098-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com SearchScopes: HKLM -> {05515DD9-7EF0-427F-9E3D-AC3AC39FDF14} URL = hxxp://www.startseite24.net/?q={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-857925176-313793341-2178906098-1000 -> {05515DD9-7EF0-427F-9E3D-AC3AC39FDF14} URL = hxxp://www.startseite24.net/?q={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-05] (Avast Software s.r.o.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-05] (Avast Software s.r.o.) DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.uni-kl.de/CACHE/stc/2/binaries/vpnweb.cab Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-04-21] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-04-21] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-04-21] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-04-21] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\jb2z4imn.default FF Homepage: hxxp://www.startseite24.net FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\jb2z4imn.default\Extensions\abs@avira.com [2015-05-02] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-05] FF HKU\S-1-5-21-857925176-313793341-2178906098-1000\...\Firefox\Extensions: [{ba2c82b0-7fa8-11e4-b4a9-0800200c9a66}] - C:\Users\Toshiba\AppData\Local\Temp\search.xpi Chrome: ======= CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-18] CHR Extension: (Google Slides) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05] CHR Extension: (Google Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05] CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05] CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05] CHR Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-05] CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05] CHR Extension: (Google Sheets) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05] CHR Extension: (Avira Browser Safety) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-05] CHR Extension: (Avast Online Security) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-05] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05] CHR Extension: (Google Wallet) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05] CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by Toshiba at 2015-05-25 18:02:35
Running from C:\Users\Toshiba\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-857925176-313793341-2178906098-500 - Administrator - Disabled)
Gast (S-1-5-21-857925176-313793341-2178906098-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-857925176-313793341-2178906098-1002 - Limited - Enabled)
Toshiba (S-1-5-21-857925176-313793341-2178906098-1000 - Administrator - Enabled) => C:\Users\Toshiba
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.007.20033 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
Cisco AnyConnect Diagnostics and Reporting Tool (HKLM-x32\...\{C124D485-A8CF-4142-9EE3-A8A163FC792E}) (Version: 3.1.06073 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.06073 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.06073 - Cisco Systems, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Earth (HKLM-x32\...\{1A295C25-6E02-49FB-826B-F0D2C56FFA4E}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.80.1213 - Intel Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0 (x86 de)) (Version: 29.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6307 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.1.34C - TOSHIBA CORPORATION)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.5.15.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.0.19 - TOSHIBA Corporation)
Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
Websuche (HKLM-x32\...\Websuche) (Version: - Websuche)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
05-05-2015 14:15:59 Windows Update
05-05-2015 19:52:07 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
05-05-2015 19:54:28 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
05-05-2015 19:56:13 OpenOffice 4.1.1 wird installiert
07-05-2015 19:55:20 Sprachpaketdeinstallation
16-05-2015 19:09:19 Geplanter Prüfpunkt
16-05-2015 19:26:53 Installed Cisco AnyConnect Secure Mobility Client
16-05-2015 19:32:22 Removed Cisco AnyConnect Secure Mobility Client
16-05-2015 19:37:07 Installed Cisco AnyConnect Secure Mobility Client
17-05-2015 18:11:38 Windows Update
17-05-2015 23:31:27 Windows Update
18-05-2015 00:42:36 Windows Update
25-05-2015 02:32:47 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2959D1A2-A9A2-404D-94F2-A89D48DFB04E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-05] (Avast Software s.r.o.)
Task: {567A0C19-76F3-4F2A-96D3-066B3DC72D7C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05] (Google Inc.)
Task: {BDDC2729-4C81-4A0A-8E04-EF71E23A194A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05] (Google Inc.)
Task: {F77F96F1-9457-4128-B596-00FC471A9271} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-03-07] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-05-02 14:16 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-18 17:18 - 2010-11-18 17:18 - 11190784 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2014-11-19 17:36 - 2014-11-19 17:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-05-05 13:19 - 2015-05-05 13:19 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-05-05 13:19 - 2015-05-05 13:19 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-25 00:07 - 2015-05-25 00:07 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052401\algo.dll
2015-05-25 18:00 - 2015-05-25 18:00 - 02931200 _____ () C:\Program Files\AVAST Software\Avast\defs\15052500\algo.dll
2015-05-02 14:16 - 2015-04-09 02:58 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-05 13:19 - 2015-05-05 13:19 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-20 04:12 - 2015-05-13 18:48 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libglesv2.dll
2015-05-20 04:12 - 2015-05-13 18:48 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\libegl.dll
2015-05-20 04:12 - 2015-05-13 18:48 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.65\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-857925176-313793341-2178906098-1000\...\uni-kl.de -> hxxps://vpn.uni-kl.de
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-857925176-313793341-2178906098-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{83A2BF74-7460-4FCB-A86E-ACD8B8215688}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9ADA1C0C-6F16-4620-81C0-03CA9E9040F2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E2DD110E-7B26-49C5-BDAD-E61293C274DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{51295A32-A248-49B6-A14C-5127B912AC9D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A38D6644-965C-4473-895D-C90EA299DE85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C50DDCF7-0181-4EDC-87E4-D5C0301DADE0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BD81903F-C17A-4910-9AE4-0F7484C08A10}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A4196633-D206-422C-83BF-1910B9AC87AF}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{97FA8192-33F4-4FF9-A6E0-537D3008DC42}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/25/2015 04:47:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Name des fehlerhaften Moduls: NvStreamNetworkService.exe, Version: 4.1.1943.6202, Zeitstempel: 0x551399be
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000004e920f
ID des fehlerhaften Prozesses: 0x8d4
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Error: (05/25/2015 04:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2015 04:05:32 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/23/2015 10:31:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5F3B8CF2F810B37D78B4CEEC1919C37334B9C774.crt>. Fehler: Dieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
.
Error: (05/23/2015 09:26:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/23/2015 04:15:00 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/23/2015 04:12:47 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: Fehler bei der automatischen Aktualisierung des Drittanbieterstammzertifikats von <hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crt>. Fehler: Der angegebene Server kann den angeforderten Vorgang nicht ausführen.
.
System errors:
=============
Error: (05/25/2015 04:44:51 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/25/2015 04:44:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/25/2015 04:44:21 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Cisco AnyConnect Secure Mobility Agent" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 4000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/25/2015 04:44:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/25/2015 04:44:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/25/2015 04:44:05 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/25/2015 04:44:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/25/2015 04:44:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/25/2015 04:44:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/25/2015 04:44:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TOSHIBA Power Saver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (05/25/2015 04:47:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: NvStreamNetworkService.exe4.1.1943.6202551399beNvStreamNetworkService.exe4.1.1943.6202551399bec000000500000000004e920f8d401d0969518ac0542C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe69b7ec11-0288-11e5-add5-dc0ea13abf2a
Error: (05/25/2015 04:47:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2015 04:05:32 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/23/2015 10:31:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5F3B8CF2F810B37D78B4CEEC1919C37334B9C774.crtDieser Vorgang wurde wegen Zeitüberschreitung zurückgegeben.
Error: (05/23/2015 09:26:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/23/2015 04:15:00 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/23/2015 04:12:47 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [0]
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crtDer angegebene Server kann den angeforderten Vorgang nicht ausführen.
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crtDer angegebene Server kann den angeforderten Vorgang nicht ausführen.
Error: (05/22/2015 08:57:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4101) (User: )
Description: hxxp://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/22D5D8DF8F0231D18DF79DB7CF8A2D64C93F6C3A.crtDer angegebene Server kann den angeforderten Vorgang nicht ausführen.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 6121.76 MB
Available physical RAM: 2253.02 MB
Total Pagefile: 12241.71 MB
Available Pagefile: 7362.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System7) (Fixed) (Total:292.87 GB) (Free:223.79 GB) NTFS
Drive d: (Volume) (Fixed) (Total:172.79 GB) (Free:148.67 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A71E1AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=292.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=172.8 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
26.05.2015, 07:33
| #4 |
| /// the machine /// TB-Ausbilder | internet wird kontrolliert-Chrome hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.05.2015, 17:02
| #5 |
| | internet wird kontrolliert-Chrome Hallo Schrauber, Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.26.04
rootkit: v2015.05.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Toshiba :: TOSHIBA-PC [administrator]
26.05.2015 17:19:29
mbar-log-2015-05-26 (17-19-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 340193
Time elapsed: 15 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 17:56:08.0033 0x1cf0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:56:11.0815 0x1cf0 ============================================================
17:56:11.0815 0x1cf0 Current date / time: 2015/05/26 17:56:11.0815
17:56:11.0815 0x1cf0 SystemInfo:
17:56:11.0815 0x1cf0
17:56:11.0815 0x1cf0 OS Version: 6.1.7601 ServicePack: 1.0
17:56:11.0815 0x1cf0 Product type: Workstation
17:56:11.0816 0x1cf0 ComputerName: TOSHIBA-PC
17:56:11.0816 0x1cf0 UserName: Toshiba
17:56:11.0816 0x1cf0 Windows directory: C:\Windows
17:56:11.0816 0x1cf0 System windows directory: C:\Windows
17:56:11.0816 0x1cf0 Running under WOW64
17:56:11.0816 0x1cf0 Processor architecture: Intel x64
17:56:11.0816 0x1cf0 Number of processors: 4
17:56:11.0816 0x1cf0 Page size: 0x1000
17:56:11.0816 0x1cf0 Boot type: Normal boot
17:56:11.0816 0x1cf0 ============================================================
17:56:14.0994 0x1cf0 KLMD registered as C:\Windows\system32\drivers\03352482.sys
17:56:15.0282 0x1cf0 System UUID: {FECD64A4-4C32-4AA6-C8E5-5E8045FDC759}
17:56:16.0041 0x1cf0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:56:16.0051 0x1cf0 ============================================================
17:56:16.0051 0x1cf0 \Device\Harddisk0\DR0:
17:56:16.0051 0x1cf0 MBR partitions:
17:56:16.0051 0x1cf0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:56:16.0051 0x1cf0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x249BE000
17:56:16.0051 0x1cf0 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x249F0800, BlocksNum 0x15994800
17:56:16.0051 0x1cf0 ============================================================
17:56:16.0072 0x1cf0 C: <-> \Device\Harddisk0\DR0\Partition2
17:56:16.0109 0x1cf0 D: <-> \Device\Harddisk0\DR0\Partition3
17:56:16.0109 0x1cf0 ============================================================
17:56:16.0110 0x1cf0 Initialize success
17:56:16.0110 0x1cf0 ============================================================
17:56:20.0320 0x1b6c ============================================================
17:56:20.0320 0x1b6c Scan started
17:56:20.0320 0x1b6c Mode: Manual;
17:56:20.0320 0x1b6c ============================================================
17:56:20.0320 0x1b6c KSN ping started
17:56:34.0060 0x1b6c KSN ping finished: true
17:56:35.0526 0x1b6c ================ Scan system memory ========================
17:56:35.0526 0x1b6c System memory - ok
17:56:35.0527 0x1b6c ================ Scan services =============================
17:56:35.0692 0x1b6c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
17:56:35.0703 0x1b6c 1394ohci - ok
17:56:35.0759 0x1b6c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:56:35.0767 0x1b6c ACPI - ok
17:56:35.0788 0x1b6c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
17:56:35.0790 0x1b6c AcpiPmi - ok
17:56:35.0837 0x1b6c [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\Windows\system32\DRIVERS\acsock64.sys
17:56:35.0847 0x1b6c acsock - ok
17:56:35.0930 0x1b6c [ 929593D76589294BA3F74540298D1B3E, 3D1C1772579141BD1040363BD65F2A2D78BF42EC85AE96317AE397E3D5267145 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:56:35.0932 0x1b6c AdobeARMservice - ok
17:56:35.0981 0x1b6c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:56:35.0992 0x1b6c adp94xx - ok
17:56:36.0032 0x1b6c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:56:36.0039 0x1b6c adpahci - ok
17:56:36.0066 0x1b6c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:56:36.0070 0x1b6c adpu320 - ok
17:56:36.0098 0x1b6c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:56:36.0101 0x1b6c AeLookupSvc - ok
17:56:36.0144 0x1b6c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
17:56:36.0155 0x1b6c AFD - ok
17:56:36.0191 0x1b6c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
17:56:36.0195 0x1b6c agp440 - ok
17:56:36.0232 0x1b6c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:56:36.0238 0x1b6c ALG - ok
17:56:36.0263 0x1b6c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
17:56:36.0266 0x1b6c aliide - ok
17:56:36.0272 0x1b6c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
17:56:36.0275 0x1b6c amdide - ok
17:56:36.0304 0x1b6c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:56:36.0306 0x1b6c AmdK8 - ok
17:56:36.0329 0x1b6c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
17:56:36.0331 0x1b6c AmdPPM - ok
17:56:36.0351 0x1b6c [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:56:36.0354 0x1b6c amdsata - ok
17:56:36.0371 0x1b6c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:56:36.0375 0x1b6c amdsbs - ok
17:56:36.0393 0x1b6c [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:56:36.0394 0x1b6c amdxata - ok
17:56:36.0427 0x1b6c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
17:56:36.0431 0x1b6c AppID - ok
17:56:36.0459 0x1b6c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:56:36.0463 0x1b6c AppIDSvc - ok
17:56:36.0488 0x1b6c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
17:56:36.0491 0x1b6c Appinfo - ok
17:56:36.0545 0x1b6c [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:56:36.0552 0x1b6c AppMgmt - ok
17:56:36.0583 0x1b6c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
17:56:36.0587 0x1b6c arc - ok
17:56:36.0617 0x1b6c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:56:36.0621 0x1b6c arcsas - ok
17:56:36.0727 0x1b6c [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:56:36.0733 0x1b6c aspnet_state - ok
17:56:36.0775 0x1b6c [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
17:56:36.0778 0x1b6c aswHwid - ok
17:56:36.0808 0x1b6c [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
17:56:36.0812 0x1b6c aswMonFlt - ok
17:56:36.0837 0x1b6c [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
17:56:36.0840 0x1b6c aswRdr - ok
17:56:36.0849 0x1b6c [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
17:56:36.0852 0x1b6c aswRvrt - ok
17:56:36.0914 0x1b6c [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
17:56:36.0942 0x1b6c aswSnx - ok
17:56:36.0969 0x1b6c [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP C:\Windows\system32\drivers\aswSP.sys
17:56:36.0978 0x1b6c aswSP - ok
17:56:36.0999 0x1b6c [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm C:\Windows\system32\drivers\aswStm.sys
17:56:37.0003 0x1b6c aswStm - ok
17:56:37.0018 0x1b6c [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
17:56:37.0024 0x1b6c aswVmm - ok
17:56:37.0056 0x1b6c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:56:37.0058 0x1b6c AsyncMac - ok
17:56:37.0086 0x1b6c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
17:56:37.0087 0x1b6c atapi - ok
17:56:37.0141 0x1b6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:56:37.0156 0x1b6c AudioEndpointBuilder - ok
17:56:37.0174 0x1b6c [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:56:37.0187 0x1b6c AudioSrv - ok
17:56:37.0284 0x1b6c [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:56:37.0290 0x1b6c avast! Antivirus - ok
17:56:37.0462 0x1b6c [ 46C430FE178028F7AD151B62EBA3EEC5, C883B7A974A629549470B28532640C1FD2166CC4F95C69E4C4A1596AF5A5A331 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
17:56:37.0535 0x1b6c AvastVBoxSvc - ok
17:56:37.0579 0x1b6c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:56:37.0582 0x1b6c AxInstSV - ok
17:56:37.0670 0x1b6c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:56:37.0680 0x1b6c b06bdrv - ok
17:56:37.0715 0x1b6c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:56:37.0721 0x1b6c b57nd60a - ok
17:56:37.0765 0x1b6c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:56:37.0769 0x1b6c BDESVC - ok
17:56:37.0786 0x1b6c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:56:37.0787 0x1b6c Beep - ok
17:56:37.0835 0x1b6c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
17:56:37.0850 0x1b6c BFE - ok
17:56:37.0907 0x1b6c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
17:56:37.0937 0x1b6c BITS - ok
17:56:37.0976 0x1b6c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:56:37.0978 0x1b6c blbdrive - ok
17:56:38.0011 0x1b6c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:56:38.0014 0x1b6c bowser - ok
17:56:38.0048 0x1b6c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
17:56:38.0051 0x1b6c BrFiltLo - ok
17:56:38.0057 0x1b6c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
17:56:38.0059 0x1b6c BrFiltUp - ok
17:56:38.0097 0x1b6c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
17:56:38.0102 0x1b6c Browser - ok
17:56:38.0142 0x1b6c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:56:38.0151 0x1b6c Brserid - ok
17:56:38.0156 0x1b6c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:56:38.0158 0x1b6c BrSerWdm - ok
17:56:38.0163 0x1b6c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:56:38.0164 0x1b6c BrUsbMdm - ok
17:56:38.0168 0x1b6c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:56:38.0169 0x1b6c BrUsbSer - ok
17:56:38.0173 0x1b6c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
17:56:38.0176 0x1b6c BTHMODEM - ok
17:56:38.0206 0x1b6c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:56:38.0208 0x1b6c bthserv - ok
17:56:38.0234 0x1b6c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:56:38.0237 0x1b6c cdfs - ok
17:56:38.0295 0x1b6c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:56:38.0298 0x1b6c cdrom - ok
17:56:38.0331 0x1b6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
17:56:38.0334 0x1b6c CertPropSvc - ok
17:56:38.0347 0x1b6c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
17:56:38.0349 0x1b6c circlass - ok
17:56:38.0383 0x1b6c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
17:56:38.0392 0x1b6c CLFS - ok
17:56:38.0464 0x1b6c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:56:38.0469 0x1b6c clr_optimization_v2.0.50727_32 - ok
17:56:38.0498 0x1b6c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:56:38.0504 0x1b6c clr_optimization_v2.0.50727_64 - ok
17:56:38.0578 0x1b6c [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:56:38.0588 0x1b6c clr_optimization_v4.0.30319_32 - ok
17:56:38.0609 0x1b6c [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:56:38.0615 0x1b6c clr_optimization_v4.0.30319_64 - ok
17:56:38.0653 0x1b6c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:56:38.0655 0x1b6c CmBatt - ok
17:56:38.0668 0x1b6c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:56:38.0670 0x1b6c cmdide - ok
17:56:38.0736 0x1b6c [ 9CD18EB0205D0B51D2B52EA24C7C1829, 78854CD263D53AB75B44B465A6B60EAB2FB5065F961D519E35623E5170290E59 ] CNG C:\Windows\system32\Drivers\cng.sys
17:56:38.0754 0x1b6c CNG - ok
17:56:38.0797 0x1b6c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:56:38.0798 0x1b6c Compbatt - ok
17:56:38.0825 0x1b6c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:56:38.0828 0x1b6c CompositeBus - ok
17:56:38.0841 0x1b6c COMSysApp - ok
17:56:38.0855 0x1b6c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:56:38.0857 0x1b6c crcdisk - ok
17:56:38.0900 0x1b6c [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:56:38.0906 0x1b6c CryptSvc - ok
17:56:38.0949 0x1b6c [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
17:56:38.0964 0x1b6c CSC - ok
17:56:38.0990 0x1b6c [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
17:56:39.0006 0x1b6c CscService - ok
17:56:39.0071 0x1b6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:56:39.0088 0x1b6c DcomLaunch - ok
17:56:39.0130 0x1b6c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:56:39.0141 0x1b6c defragsvc - ok
17:56:39.0162 0x1b6c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:56:39.0166 0x1b6c DfsC - ok
17:56:39.0202 0x1b6c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:56:39.0213 0x1b6c Dhcp - ok
17:56:39.0245 0x1b6c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:56:39.0247 0x1b6c discache - ok
17:56:39.0279 0x1b6c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
17:56:39.0281 0x1b6c Disk - ok
17:56:39.0312 0x1b6c [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
17:56:39.0314 0x1b6c dmvsc - ok
17:56:39.0348 0x1b6c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:56:39.0353 0x1b6c Dnscache - ok
17:56:39.0382 0x1b6c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
17:56:39.0388 0x1b6c dot3svc - ok
17:56:39.0403 0x1b6c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
17:56:39.0407 0x1b6c DPS - ok
17:56:39.0438 0x1b6c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:56:39.0439 0x1b6c drmkaud - ok
17:56:39.0501 0x1b6c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:56:39.0524 0x1b6c DXGKrnl - ok
17:56:39.0568 0x1b6c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:56:39.0571 0x1b6c EapHost - ok
17:56:39.0750 0x1b6c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:56:39.0883 0x1b6c ebdrv - ok
17:56:39.0906 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] EFS C:\Windows\System32\lsass.exe
17:56:39.0908 0x1b6c EFS - ok
17:56:40.0004 0x1b6c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:56:40.0029 0x1b6c ehRecvr - ok
17:56:40.0035 0x1b6c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:56:40.0038 0x1b6c ehSched - ok
17:56:40.0093 0x1b6c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:56:40.0105 0x1b6c elxstor - ok
17:56:40.0119 0x1b6c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
17:56:40.0121 0x1b6c ErrDev - ok
17:56:40.0164 0x1b6c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:56:40.0173 0x1b6c EventSystem - ok
17:56:40.0209 0x1b6c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:56:40.0215 0x1b6c exfat - ok
17:56:40.0247 0x1b6c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:56:40.0253 0x1b6c fastfat - ok
17:56:40.0304 0x1b6c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
17:56:40.0322 0x1b6c Fax - ok
17:56:40.0326 0x1b6c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
17:56:40.0328 0x1b6c fdc - ok
17:56:40.0345 0x1b6c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:56:40.0347 0x1b6c fdPHost - ok
17:56:40.0357 0x1b6c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:56:40.0359 0x1b6c FDResPub - ok
17:56:40.0392 0x1b6c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:56:40.0394 0x1b6c FileInfo - ok
17:56:40.0403 0x1b6c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:56:40.0404 0x1b6c Filetrace - ok
17:56:40.0414 0x1b6c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
17:56:40.0415 0x1b6c flpydisk - ok
17:56:40.0450 0x1b6c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:56:40.0456 0x1b6c FltMgr - ok
17:56:40.0514 0x1b6c [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
17:56:40.0540 0x1b6c FontCache - ok
17:56:40.0582 0x1b6c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:56:40.0584 0x1b6c FontCache3.0.0.0 - ok
17:56:40.0612 0x1b6c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:56:40.0614 0x1b6c FsDepends - ok
17:56:40.0643 0x1b6c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:56:40.0645 0x1b6c Fs_Rec - ok
17:56:40.0674 0x1b6c [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:56:40.0681 0x1b6c fvevol - ok
17:56:40.0737 0x1b6c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:56:40.0739 0x1b6c gagp30kx - ok
17:56:40.0857 0x1b6c [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:56:40.0880 0x1b6c GfExperienceService - ok
17:56:40.0925 0x1b6c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
17:56:40.0943 0x1b6c gpsvc - ok
17:56:40.0992 0x1b6c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:56:40.0997 0x1b6c gupdate - ok
17:56:41.0015 0x1b6c [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:56:41.0018 0x1b6c gupdatem - ok
17:56:41.0047 0x1b6c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:56:41.0048 0x1b6c hcw85cir - ok
17:56:41.0092 0x1b6c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:56:41.0102 0x1b6c HdAudAddService - ok
17:56:41.0132 0x1b6c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:56:41.0135 0x1b6c HDAudBus - ok
17:56:41.0154 0x1b6c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
17:56:41.0155 0x1b6c HidBatt - ok
17:56:41.0160 0x1b6c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:56:41.0163 0x1b6c HidBth - ok
17:56:41.0177 0x1b6c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
17:56:41.0180 0x1b6c HidIr - ok
17:56:41.0212 0x1b6c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:56:41.0214 0x1b6c hidserv - ok
17:56:41.0249 0x1b6c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
17:56:41.0251 0x1b6c HidUsb - ok
17:56:41.0288 0x1b6c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:56:41.0292 0x1b6c hkmsvc - ok
17:56:41.0316 0x1b6c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:56:41.0322 0x1b6c HomeGroupListener - ok
17:56:41.0344 0x1b6c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:56:41.0350 0x1b6c HomeGroupProvider - ok
17:56:41.0385 0x1b6c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:56:41.0387 0x1b6c HpSAMD - ok
17:56:41.0436 0x1b6c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:56:41.0452 0x1b6c HTTP - ok
17:56:41.0469 0x1b6c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:56:41.0471 0x1b6c hwpolicy - ok
17:56:41.0484 0x1b6c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:56:41.0487 0x1b6c i8042prt - ok
17:56:41.0550 0x1b6c [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:56:41.0566 0x1b6c iaStorV - ok
17:56:41.0693 0x1b6c [ DABFBE88774A3C1A8CEA198348E02740, 29B764BEBF5F9A54053E5EFEAD758308822476828857C743248F235740189B4A ] IconMan_R C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
17:56:41.0723 0x1b6c IconMan_R - ok
17:56:41.0806 0x1b6c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:56:41.0830 0x1b6c idsvc - ok
17:56:41.0851 0x1b6c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:56:41.0852 0x1b6c iirsp - ok
17:56:41.0896 0x1b6c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
17:56:41.0915 0x1b6c IKEEXT - ok
17:56:42.0059 0x1b6c [ 2CC2F7C5990BB76767038F4B16D17A56, 78D12EFC0AB81B87706D3F7ADFF3FA9C5AD05C7F02169DDBE7E2D2A67B47D9DE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:56:42.0115 0x1b6c IntcAzAudAddService - ok
17:56:42.0147 0x1b6c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
17:56:42.0149 0x1b6c intelide - ok
17:56:42.0164 0x1b6c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:56:42.0166 0x1b6c intelppm - ok
17:56:42.0186 0x1b6c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:56:42.0190 0x1b6c IPBusEnum - ok
17:56:42.0203 0x1b6c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:56:42.0206 0x1b6c IpFilterDriver - ok
17:56:42.0233 0x1b6c [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:56:42.0246 0x1b6c iphlpsvc - ok
17:56:42.0266 0x1b6c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
17:56:42.0269 0x1b6c IPMIDRV - ok
17:56:42.0274 0x1b6c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:56:42.0277 0x1b6c IPNAT - ok
17:56:42.0305 0x1b6c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:56:42.0306 0x1b6c IRENUM - ok
17:56:42.0312 0x1b6c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:56:42.0313 0x1b6c isapnp - ok
17:56:42.0331 0x1b6c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
17:56:42.0337 0x1b6c iScsiPrt - ok
17:56:42.0354 0x1b6c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:56:42.0356 0x1b6c kbdclass - ok
17:56:42.0387 0x1b6c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
17:56:42.0389 0x1b6c kbdhid - ok
17:56:42.0406 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] KeyIso C:\Windows\system32\lsass.exe
17:56:42.0409 0x1b6c KeyIso - ok
17:56:42.0437 0x1b6c [ 0F0D0D1EB1213BFF98C409EC0BB6322D, 5B43BFD59955225415531D75E0EF006B6D14EEC067C9F15081DC54897B4681EF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:56:42.0440 0x1b6c KSecDD - ok
17:56:42.0475 0x1b6c [ EB19EC6C0A34B3CF5474B0CDE4D2796D, 352B95CD4C203F8B2D9DEB8D14DD6ADC65253C7D88AD8052CA223499B8B463F3 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:56:42.0479 0x1b6c KSecPkg - ok
17:56:42.0513 0x1b6c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:56:42.0514 0x1b6c ksthunk - ok
17:56:42.0567 0x1b6c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:56:42.0585 0x1b6c KtmRm - ok
17:56:42.0626 0x1b6c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:56:42.0637 0x1b6c LanmanServer - ok
17:56:42.0666 0x1b6c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:56:42.0671 0x1b6c LanmanWorkstation - ok
17:56:42.0706 0x1b6c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:56:42.0708 0x1b6c lltdio - ok
17:56:42.0750 0x1b6c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:56:42.0758 0x1b6c lltdsvc - ok
17:56:42.0778 0x1b6c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:56:42.0780 0x1b6c lmhosts - ok
17:56:42.0853 0x1b6c [ 5ED319E8D88873D094CDA0F60185EBB9, 9DDC65D42A06EB60B0676BCB027525026BF4A6F7B0D2F16DDF86F19CC3E75343 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:56:42.0864 0x1b6c LMS - ok
17:56:42.0921 0x1b6c [ 41E122F6D1448C94CC05196BC41D6BFB, DC027B897A14359669C6C93CCC7FCEEA2FDCEE281489589DDAEE008FAD0B15E2 ] LPCFilter C:\Windows\system32\DRIVERS\LPCFilter.sys
17:56:42.0924 0x1b6c LPCFilter - ok
17:56:42.0969 0x1b6c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:56:42.0974 0x1b6c LSI_FC - ok
17:56:42.0982 0x1b6c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:56:42.0986 0x1b6c LSI_SAS - ok
17:56:42.0998 0x1b6c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:56:43.0001 0x1b6c LSI_SAS2 - ok
17:56:43.0020 0x1b6c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:56:43.0023 0x1b6c LSI_SCSI - ok
17:56:43.0038 0x1b6c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:56:43.0041 0x1b6c luafv - ok
17:56:43.0074 0x1b6c [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:56:43.0076 0x1b6c MBAMProtector - ok
17:56:43.0165 0x1b6c [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:56:43.0198 0x1b6c MBAMScheduler - ok
17:56:43.0260 0x1b6c [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:56:43.0284 0x1b6c MBAMService - ok
17:56:43.0324 0x1b6c [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
17:56:43.0327 0x1b6c MBAMSwissArmy - ok
17:56:43.0350 0x1b6c [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:56:43.0353 0x1b6c MBAMWebAccessControl - ok
17:56:43.0372 0x1b6c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:56:43.0377 0x1b6c Mcx2Svc - ok
17:56:43.0401 0x1b6c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
17:56:43.0403 0x1b6c megasas - ok
17:56:43.0428 0x1b6c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
17:56:43.0435 0x1b6c MegaSR - ok
17:56:43.0469 0x1b6c [ 6EA2F13DEAF130753F6FC19AFFFF94A8, ADA5BA2DBCD58372918FD278834B2E13FE0F73E200A2E747AB7B123C31E46825 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
17:56:43.0472 0x1b6c MEIx64 - ok
17:56:43.0496 0x1b6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:56:43.0499 0x1b6c MMCSS - ok
17:56:43.0525 0x1b6c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:56:43.0527 0x1b6c Modem - ok
17:56:43.0547 0x1b6c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:56:43.0549 0x1b6c monitor - ok
17:56:43.0560 0x1b6c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:56:43.0562 0x1b6c mouclass - ok
17:56:43.0571 0x1b6c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:56:43.0573 0x1b6c mouhid - ok
17:56:43.0594 0x1b6c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:56:43.0597 0x1b6c mountmgr - ok
17:56:43.0655 0x1b6c [ 4F65CBD93B9807BFD4C95598CAA390EE, 1AB3332F401A98A7E3CE99E6126D63E103B360C947BD73735B32C24FCD673D25 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:56:43.0659 0x1b6c MozillaMaintenance - ok
17:56:43.0667 0x1b6c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
17:56:43.0672 0x1b6c mpio - ok
17:56:43.0689 0x1b6c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:56:43.0692 0x1b6c mpsdrv - ok
17:56:43.0741 0x1b6c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:56:43.0760 0x1b6c MpsSvc - ok
17:56:43.0790 0x1b6c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:56:43.0795 0x1b6c MRxDAV - ok
17:56:43.0822 0x1b6c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:56:43.0826 0x1b6c mrxsmb - ok
17:56:43.0847 0x1b6c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:56:43.0854 0x1b6c mrxsmb10 - ok
17:56:43.0877 0x1b6c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:56:43.0880 0x1b6c mrxsmb20 - ok
17:56:43.0901 0x1b6c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
17:56:43.0903 0x1b6c msahci - ok
17:56:43.0924 0x1b6c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:56:43.0928 0x1b6c msdsm - ok
17:56:43.0944 0x1b6c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:56:43.0949 0x1b6c MSDTC - ok
17:56:43.0967 0x1b6c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:56:43.0969 0x1b6c Msfs - ok
17:56:43.0983 0x1b6c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:56:43.0984 0x1b6c mshidkmdf - ok
17:56:44.0000 0x1b6c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:56:44.0001 0x1b6c msisadrv - ok
17:56:44.0028 0x1b6c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:56:44.0034 0x1b6c MSiSCSI - ok
17:56:44.0037 0x1b6c msiserver - ok
17:56:44.0066 0x1b6c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:56:44.0067 0x1b6c MSKSSRV - ok
17:56:44.0103 0x1b6c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:56:44.0104 0x1b6c MSPCLOCK - ok
17:56:44.0118 0x1b6c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:56:44.0119 0x1b6c MSPQM - ok
17:56:44.0138 0x1b6c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:56:44.0148 0x1b6c MsRPC - ok
17:56:44.0165 0x1b6c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:56:44.0166 0x1b6c mssmbios - ok
17:56:44.0192 0x1b6c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:56:44.0193 0x1b6c MSTEE - ok
17:56:44.0205 0x1b6c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
17:56:44.0207 0x1b6c MTConfig - ok
17:56:44.0232 0x1b6c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:56:44.0235 0x1b6c Mup - ok
17:56:44.0276 0x1b6c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
17:56:44.0290 0x1b6c napagent - ok
17:56:44.0334 0x1b6c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:56:44.0342 0x1b6c NativeWifiP - ok
17:56:44.0390 0x1b6c [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
17:56:44.0413 0x1b6c NDIS - ok
17:56:44.0443 0x1b6c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:56:44.0445 0x1b6c NdisCap - ok
17:56:44.0466 0x1b6c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:56:44.0468 0x1b6c NdisTapi - ok
17:56:44.0481 0x1b6c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:56:44.0483 0x1b6c Ndisuio - ok
17:56:44.0504 0x1b6c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:56:44.0508 0x1b6c NdisWan - ok
17:56:44.0520 0x1b6c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:56:44.0522 0x1b6c NDProxy - ok
17:56:44.0570 0x1b6c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:56:44.0575 0x1b6c NetBIOS - ok
17:56:44.0617 0x1b6c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:56:44.0632 0x1b6c NetBT - ok
17:56:44.0651 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] Netlogon C:\Windows\system32\lsass.exe
17:56:44.0653 0x1b6c Netlogon - ok
17:56:44.0696 0x1b6c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:56:44.0707 0x1b6c Netman - ok
17:56:44.0747 0x1b6c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:56:44.0756 0x1b6c NetMsmqActivator - ok
17:56:44.0767 0x1b6c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:56:44.0771 0x1b6c NetPipeActivator - ok
17:56:44.0800 0x1b6c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:56:44.0817 0x1b6c netprofm - ok
17:56:44.0824 0x1b6c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:56:44.0828 0x1b6c NetTcpActivator - ok
17:56:44.0833 0x1b6c [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:56:44.0836 0x1b6c NetTcpPortSharing - ok
17:56:44.0894 0x1b6c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:56:44.0896 0x1b6c nfrd960 - ok
17:56:44.0926 0x1b6c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:56:44.0934 0x1b6c NlaSvc - ok
17:56:44.0948 0x1b6c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:56:44.0950 0x1b6c Npfs - ok
17:56:44.0974 0x1b6c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:56:44.0976 0x1b6c nsi - ok
17:56:44.0985 0x1b6c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:56:44.0987 0x1b6c nsiproxy - ok
17:56:45.0093 0x1b6c [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:56:45.0128 0x1b6c Ntfs - ok
17:56:45.0154 0x1b6c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:56:45.0155 0x1b6c Null - ok
17:56:45.0194 0x1b6c [ 786DB821BFD57C0551DBBE4F75384A7D, F956D636F834F2BA5F019E187FDB9CC33940363C75A60E53CD81310A4DB6A6AB ] nusb3hub C:\Windows\system32\drivers\nusb3hub.sys
17:56:45.0201 0x1b6c nusb3hub - ok
17:56:45.0224 0x1b6c [ DAA8005CAF745042BB427A1ED7433354, 3019002F174783B76D5D8AA47F7A465B7FEC7C14235B70E5C9277FE534839226 ] nusb3xhc C:\Windows\system32\drivers\nusb3xhc.sys
17:56:45.0233 0x1b6c nusb3xhc - ok
17:56:45.0277 0x1b6c [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
17:56:45.0283 0x1b6c NVHDA - ok
17:56:45.0651 0x1b6c [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:56:46.0016 0x1b6c nvlddmkm - ok
17:56:46.0139 0x1b6c [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:56:46.0170 0x1b6c NvNetworkService - ok
17:56:46.0205 0x1b6c [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:56:46.0209 0x1b6c nvraid - ok
17:56:46.0215 0x1b6c [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:56:46.0219 0x1b6c nvstor - ok
17:56:46.0328 0x1b6c [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:56:46.0397 0x1b6c NvStreamKms - ok
17:56:46.0584 0x1b6c NvStreamSvc - ok
17:56:46.0672 0x1b6c [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc C:\Windows\system32\nvvsvc.exe
17:56:46.0695 0x1b6c nvsvc - ok
17:56:46.0715 0x1b6c [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:56:46.0717 0x1b6c nvvad_WaveExtensible - ok
17:56:46.0736 0x1b6c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:56:46.0740 0x1b6c nv_agp - ok
17:56:46.0757 0x1b6c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
17:56:46.0759 0x1b6c ohci1394 - ok
17:56:46.0791 0x1b6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:56:46.0798 0x1b6c p2pimsvc - ok
17:56:46.0823 0x1b6c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:56:46.0834 0x1b6c p2psvc - ok
17:56:46.0849 0x1b6c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
17:56:46.0854 0x1b6c Parport - ok
17:56:46.0924 0x1b6c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:56:46.0926 0x1b6c partmgr - ok
17:56:46.0953 0x1b6c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:56:46.0960 0x1b6c PcaSvc - ok
17:56:46.0990 0x1b6c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
17:56:46.0995 0x1b6c pci - ok
17:56:47.0006 0x1b6c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
17:56:47.0007 0x1b6c pciide - ok
17:56:47.0031 0x1b6c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:56:47.0038 0x1b6c pcmcia - ok
17:56:47.0054 0x1b6c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:56:47.0057 0x1b6c pcw - ok
17:56:47.0093 0x1b6c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:56:47.0109 0x1b6c PEAUTH - ok
17:56:47.0166 0x1b6c [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:56:47.0196 0x1b6c PeerDistSvc - ok
17:56:47.0264 0x1b6c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:56:47.0271 0x1b6c PerfHost - ok
17:56:47.0311 0x1b6c [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\Windows\system32\DRIVERS\pgeffect.sys
17:56:47.0313 0x1b6c PGEffect - ok
17:56:47.0401 0x1b6c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
17:56:47.0441 0x1b6c pla - ok
17:56:47.0489 0x1b6c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:56:47.0500 0x1b6c PlugPlay - ok
17:56:47.0519 0x1b6c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:56:47.0522 0x1b6c PNRPAutoReg - ok
17:56:47.0547 0x1b6c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:56:47.0554 0x1b6c PNRPsvc - ok
17:56:47.0592 0x1b6c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:56:47.0603 0x1b6c PolicyAgent - ok
17:56:47.0637 0x1b6c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:56:47.0644 0x1b6c Power - ok
17:56:47.0678 0x1b6c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:56:47.0681 0x1b6c PptpMiniport - ok
17:56:47.0695 0x1b6c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
17:56:47.0698 0x1b6c Processor - ok
17:56:47.0727 0x1b6c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
17:56:47.0734 0x1b6c ProfSvc - ok
17:56:47.0751 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] ProtectedStorage C:\Windows\system32\lsass.exe
17:56:47.0753 0x1b6c ProtectedStorage - ok
17:56:47.0777 0x1b6c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:56:47.0781 0x1b6c Psched - ok
17:56:47.0884 0x1b6c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:56:47.0917 0x1b6c ql2300 - ok
17:56:47.0934 0x1b6c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:56:47.0937 0x1b6c ql40xx - ok
17:56:47.0974 0x1b6c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:56:47.0981 0x1b6c QWAVE - ok
17:56:48.0015 0x1b6c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:56:48.0017 0x1b6c QWAVEdrv - ok
17:56:48.0026 0x1b6c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:56:48.0027 0x1b6c RasAcd - ok
17:56:48.0070 0x1b6c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:56:48.0074 0x1b6c RasAgileVpn - ok
17:56:48.0101 0x1b6c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:56:48.0107 0x1b6c RasAuto - ok
17:56:48.0131 0x1b6c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:56:48.0136 0x1b6c Rasl2tp - ok
17:56:48.0165 0x1b6c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
17:56:48.0178 0x1b6c RasMan - ok
17:56:48.0200 0x1b6c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:56:48.0203 0x1b6c RasPppoe - ok
17:56:48.0207 0x1b6c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:56:48.0210 0x1b6c RasSstp - ok
17:56:48.0219 0x1b6c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:56:48.0227 0x1b6c rdbss - ok
17:56:48.0258 0x1b6c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:56:48.0260 0x1b6c rdpbus - ok
17:56:48.0272 0x1b6c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:56:48.0273 0x1b6c RDPCDD - ok
17:56:48.0295 0x1b6c [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:56:48.0300 0x1b6c RDPDR - ok
17:56:48.0316 0x1b6c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:56:48.0318 0x1b6c RDPENCDD - ok
17:56:48.0329 0x1b6c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:56:48.0330 0x1b6c RDPREFMP - ok
17:56:48.0365 0x1b6c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:56:48.0371 0x1b6c RDPWD - ok
17:56:48.0387 0x1b6c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:56:48.0392 0x1b6c rdyboost - ok
17:56:48.0415 0x1b6c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:56:48.0419 0x1b6c RemoteAccess - ok
17:56:48.0456 0x1b6c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:56:48.0463 0x1b6c RemoteRegistry - ok
17:56:48.0479 0x1b6c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:56:48.0484 0x1b6c RpcEptMapper - ok
17:56:48.0507 0x1b6c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:56:48.0509 0x1b6c RpcLocator - ok
17:56:48.0539 0x1b6c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
17:56:48.0550 0x1b6c RpcSs - ok
17:56:48.0585 0x1b6c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:56:48.0587 0x1b6c rspndr - ok
17:56:48.0625 0x1b6c [ 9BEB5F18A418FF70659CE2E356829568, 8E327A99E68B5F9028778F5845719D00C590882B8609AF66D97DA880D537C937 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
17:56:48.0629 0x1b6c RSUSBSTOR - ok
17:56:48.0679 0x1b6c [ 6D3C7E7D82D3DC92DC2A8B0DF9F20F8A, AB2615EB7313C02F6311143B27A426042A16925480ECBA6880448BE9818E9A39 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:56:48.0688 0x1b6c RTL8167 - ok
17:56:48.0778 0x1b6c [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
17:56:48.0803 0x1b6c RTL8192Ce - ok
17:56:48.0836 0x1b6c [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
17:56:48.0837 0x1b6c s3cap - ok
17:56:48.0851 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] SamSs C:\Windows\system32\lsass.exe
17:56:48.0853 0x1b6c SamSs - ok
17:56:48.0865 0x1b6c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:56:48.0868 0x1b6c sbp2port - ok
17:56:48.0905 0x1b6c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:56:48.0913 0x1b6c SCardSvr - ok
17:56:48.0930 0x1b6c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:56:48.0932 0x1b6c scfilter - ok
17:56:48.0986 0x1b6c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
17:56:49.0013 0x1b6c Schedule - ok
17:56:49.0031 0x1b6c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:56:49.0034 0x1b6c SCPolicySvc - ok
17:56:49.0058 0x1b6c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:56:49.0064 0x1b6c SDRSVC - ok
17:56:49.0084 0x1b6c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:56:49.0086 0x1b6c secdrv - ok
17:56:49.0103 0x1b6c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
17:56:49.0106 0x1b6c seclogon - ok
17:56:49.0116 0x1b6c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:56:49.0120 0x1b6c SENS - ok
17:56:49.0135 0x1b6c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:56:49.0138 0x1b6c SensrSvc - ok
17:56:49.0154 0x1b6c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
17:56:49.0155 0x1b6c Serenum - ok
17:56:49.0165 0x1b6c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
17:56:49.0168 0x1b6c Serial - ok
17:56:49.0182 0x1b6c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:56:49.0183 0x1b6c sermouse - ok
17:56:49.0221 0x1b6c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
17:56:49.0226 0x1b6c SessionEnv - ok
17:56:49.0234 0x1b6c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:56:49.0236 0x1b6c sffdisk - ok
17:56:49.0240 0x1b6c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:56:49.0242 0x1b6c sffp_mmc - ok
17:56:49.0259 0x1b6c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:56:49.0261 0x1b6c sffp_sd - ok
17:56:49.0264 0x1b6c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:56:49.0266 0x1b6c sfloppy - ok
17:56:49.0291 0x1b6c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:56:49.0300 0x1b6c SharedAccess - ok
17:56:49.0321 0x1b6c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:56:49.0331 0x1b6c ShellHWDetection - ok
17:56:49.0358 0x1b6c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:56:49.0360 0x1b6c SiSRaid2 - ok
17:56:49.0379 0x1b6c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:56:49.0381 0x1b6c SiSRaid4 - ok
17:56:49.0427 0x1b6c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:56:49.0432 0x1b6c Smb - ok
17:56:49.0460 0x1b6c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:56:49.0464 0x1b6c SNMPTRAP - ok
17:56:49.0481 0x1b6c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:56:49.0482 0x1b6c spldr - ok
17:56:49.0519 0x1b6c [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
17:56:49.0537 0x1b6c Spooler - ok
17:56:49.0686 0x1b6c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
17:56:49.0760 0x1b6c sppsvc - ok
17:56:49.0774 0x1b6c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:56:49.0778 0x1b6c sppuinotify - ok
17:56:49.0818 0x1b6c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:56:49.0830 0x1b6c srv - ok
17:56:49.0857 0x1b6c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:56:49.0866 0x1b6c srv2 - ok
17:56:49.0886 0x1b6c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:56:49.0891 0x1b6c srvnet - ok
17:56:49.0928 0x1b6c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:56:49.0935 0x1b6c SSDPSRV - ok
17:56:49.0945 0x1b6c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:56:49.0949 0x1b6c SstpSvc - ok
17:56:49.0975 0x1b6c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:56:49.0977 0x1b6c stexstor - ok
17:56:50.0022 0x1b6c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
17:56:50.0036 0x1b6c stisvc - ok
17:56:50.0066 0x1b6c [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
17:56:50.0068 0x1b6c storflt - ok
17:56:50.0092 0x1b6c [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:56:50.0096 0x1b6c StorSvc - ok
17:56:50.0104 0x1b6c [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:56:50.0106 0x1b6c storvsc - ok
17:56:50.0134 0x1b6c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:56:50.0136 0x1b6c swenum - ok
17:56:50.0184 0x1b6c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:56:50.0199 0x1b6c swprv - ok
17:56:50.0268 0x1b6c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
17:56:50.0306 0x1b6c SysMain - ok
17:56:50.0318 0x1b6c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:56:50.0323 0x1b6c TabletInputService - ok
17:56:50.0354 0x1b6c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
17:56:50.0363 0x1b6c TapiSrv - ok
17:56:50.0378 0x1b6c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:56:50.0383 0x1b6c TBS - ok
17:56:50.0455 0x1b6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:56:50.0494 0x1b6c Tcpip - ok
17:56:50.0546 0x1b6c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:56:50.0578 0x1b6c TCPIP6 - ok
17:56:50.0603 0x1b6c [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:56:50.0605 0x1b6c tcpipreg - ok
17:56:50.0623 0x1b6c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:56:50.0625 0x1b6c TDPIPE - ok
17:56:50.0647 0x1b6c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:56:50.0649 0x1b6c TDTCP - ok
17:56:50.0715 0x1b6c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:56:50.0725 0x1b6c tdx - ok
17:56:50.0749 0x1b6c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:56:50.0752 0x1b6c TermDD - ok
17:56:50.0795 0x1b6c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
17:56:50.0809 0x1b6c TermService - ok
17:56:50.0822 0x1b6c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:56:50.0826 0x1b6c Themes - ok
17:56:50.0840 0x1b6c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:56:50.0843 0x1b6c THREADORDER - ok
17:56:50.0947 0x1b6c [ 63B379F8885CB1C557771BB8B16162E3, 3BF40F8E7E8EDCF0D17ABA0857EC0164EB78497C2FD8C9D06CBCE0F90070FCC5 ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
17:56:50.0957 0x1b6c TosCoSrv - ok
17:56:50.0986 0x1b6c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:56:50.0991 0x1b6c TrkWks - ok
17:56:51.0048 0x1b6c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:56:51.0062 0x1b6c TrustedInstaller - ok
17:56:51.0089 0x1b6c [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:56:51.0092 0x1b6c tssecsrv - ok
17:56:51.0186 0x1b6c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:56:51.0188 0x1b6c TsUsbFlt - ok
17:56:51.0192 0x1b6c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
17:56:51.0193 0x1b6c TsUsbGD - ok
17:56:51.0234 0x1b6c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:56:51.0238 0x1b6c tunnel - ok
17:56:51.0268 0x1b6c [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
17:56:51.0270 0x1b6c TVALZ - ok
17:56:51.0274 0x1b6c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:56:51.0276 0x1b6c uagp35 - ok
17:56:51.0297 0x1b6c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:56:51.0305 0x1b6c udfs - ok
17:56:51.0333 0x1b6c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:56:51.0337 0x1b6c UI0Detect - ok
17:56:51.0357 0x1b6c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:56:51.0360 0x1b6c uliagpkx - ok
17:56:51.0372 0x1b6c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:56:51.0374 0x1b6c umbus - ok
17:56:51.0378 0x1b6c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
17:56:51.0379 0x1b6c UmPass - ok
17:56:51.0411 0x1b6c [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
17:56:51.0418 0x1b6c UmRdpService - ok
17:56:51.0568 0x1b6c [ 24B7564D50B8091795CDA1FB78CE85BD, E47D5DEA58EE558E8F967B8E01D1F2DB5E6680403066C546A4CEB89966BF520E ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:56:51.0611 0x1b6c UNS - ok
17:56:51.0791 0x1b6c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:56:51.0832 0x1b6c upnphost - ok
17:56:51.0864 0x1b6c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:56:51.0867 0x1b6c usbccgp - ok
17:56:51.0896 0x1b6c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:56:51.0900 0x1b6c usbcir - ok
17:56:51.0926 0x1b6c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
17:56:51.0929 0x1b6c usbehci - ok
17:56:51.0966 0x1b6c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:56:51.0977 0x1b6c usbhub - ok
17:56:51.0999 0x1b6c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:56:52.0002 0x1b6c usbohci - ok
17:56:52.0022 0x1b6c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:56:52.0024 0x1b6c usbprint - ok
17:56:52.0040 0x1b6c [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:56:52.0044 0x1b6c USBSTOR - ok
17:56:52.0073 0x1b6c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
17:56:52.0075 0x1b6c usbuhci - ok
17:56:52.0117 0x1b6c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:56:52.0123 0x1b6c usbvideo - ok
17:56:52.0146 0x1b6c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:56:52.0151 0x1b6c UxSms - ok
17:56:52.0162 0x1b6c [ 1E31700D9C9E0FB79999D02A8437482C, 18DDBC35B5A740DD12BC0F6896D0E7E7005237A2843F5ECB3F2E068028F8828F ] VaultSvc C:\Windows\system32\lsass.exe
17:56:52.0165 0x1b6c VaultSvc - ok
17:56:52.0263 0x1b6c [ EB2461E88E1E9F2243FAA3F167BFB94E, 1A7E51BC964CC42A2839FE6DB20A7E2E695E827B62851B0B25CCDB091A144D24 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
17:56:52.0274 0x1b6c VBoxAswDrv - ok
17:56:52.0300 0x1b6c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:56:52.0302 0x1b6c vdrvroot - ok
17:56:52.0345 0x1b6c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
17:56:52.0359 0x1b6c vds - ok
17:56:52.0384 0x1b6c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:56:52.0386 0x1b6c vga - ok
17:56:52.0406 0x1b6c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:56:52.0408 0x1b6c VgaSave - ok
17:56:52.0416 0x1b6c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
17:56:52.0422 0x1b6c vhdmp - ok
17:56:52.0445 0x1b6c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
17:56:52.0446 0x1b6c viaide - ok
17:56:52.0468 0x1b6c [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:56:52.0473 0x1b6c vmbus - ok
17:56:52.0493 0x1b6c [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
17:56:52.0494 0x1b6c VMBusHID - ok
17:56:52.0509 0x1b6c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:56:52.0512 0x1b6c volmgr - ok
17:56:52.0530 0x1b6c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:56:52.0539 0x1b6c volmgrx - ok
17:56:52.0548 0x1b6c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:56:52.0555 0x1b6c volsnap - ok
17:56:52.0628 0x1b6c [ EAA5E27927B63B118F926CDF2F52EA75, 07A21B4D5CB174F64B0D1117F040C6FD88E00328AB4B4C6317F17BDC08BD502E ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
17:56:52.0643 0x1b6c vpnagent - ok
17:56:52.0694 0x1b6c [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\Windows\system32\DRIVERS\vpnva64-6.sys
17:56:52.0700 0x1b6c vpnva - ok
17:56:52.0772 0x1b6c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:56:52.0781 0x1b6c vsmraid - ok
17:56:52.0872 0x1b6c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
17:56:52.0901 0x1b6c VSS - ok
17:56:52.0938 0x1b6c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:56:52.0939 0x1b6c vwifibus - ok
17:56:52.0954 0x1b6c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:56:52.0956 0x1b6c vwififlt - ok
17:56:53.0008 0x1b6c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:56:53.0025 0x1b6c W32Time - ok
17:56:53.0052 0x1b6c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:56:53.0054 0x1b6c WacomPen - ok
17:56:53.0077 0x1b6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:56:53.0081 0x1b6c WANARP - ok
17:56:53.0093 0x1b6c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:56:53.0095 0x1b6c Wanarpv6 - ok
17:56:53.0175 0x1b6c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
17:56:53.0208 0x1b6c wbengine - ok
17:56:53.0225 0x1b6c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:56:53.0232 0x1b6c WbioSrvc - ok
17:56:53.0255 0x1b6c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:56:53.0266 0x1b6c wcncsvc - ok
17:56:53.0288 0x1b6c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:56:53.0292 0x1b6c WcsPlugInService - ok
17:56:53.0313 0x1b6c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
17:56:53.0315 0x1b6c Wd - ok
17:56:53.0358 0x1b6c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:56:53.0375 0x1b6c Wdf01000 - ok
17:56:53.0394 0x1b6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:56:53.0399 0x1b6c WdiServiceHost - ok
17:56:53.0403 0x1b6c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:56:53.0407 0x1b6c WdiSystemHost - ok
17:56:53.0443 0x1b6c [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
17:56:53.0453 0x1b6c WebClient - ok
17:56:53.0468 0x1b6c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:56:53.0476 0x1b6c Wecsvc - ok
17:56:53.0492 0x1b6c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:56:53.0497 0x1b6c wercplsupport - ok
17:56:53.0513 0x1b6c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:56:53.0517 0x1b6c WerSvc - ok
17:56:53.0536 0x1b6c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:56:53.0537 0x1b6c WfpLwf - ok
17:56:53.0554 0x1b6c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:56:53.0555 0x1b6c WIMMount - ok
17:56:53.0577 0x1b6c WinDefend - ok
17:56:53.0582 0x1b6c WinHttpAutoProxySvc - ok
17:56:53.0647 0x1b6c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:56:53.0662 0x1b6c Winmgmt - ok
17:56:53.0773 0x1b6c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
17:56:53.0823 0x1b6c WinRM - ok
17:56:53.0879 0x1b6c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:56:53.0900 0x1b6c Wlansvc - ok
17:56:53.0928 0x1b6c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:56:53.0929 0x1b6c WmiAcpi - ok
17:56:53.0956 0x1b6c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:56:53.0961 0x1b6c wmiApSrv - ok
17:56:53.0991 0x1b6c WMPNetworkSvc - ok
17:56:54.0012 0x1b6c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:56:54.0016 0x1b6c WPCSvc - ok
17:56:54.0030 0x1b6c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:56:54.0036 0x1b6c WPDBusEnum - ok
17:56:54.0058 0x1b6c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:56:54.0059 0x1b6c ws2ifsl - ok
17:56:54.0077 0x1b6c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:56:54.0082 0x1b6c wscsvc - ok
17:56:54.0088 0x1b6c WSearch - ok
17:56:54.0273 0x1b6c [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
17:56:54.0351 0x1b6c wuauserv - ok
17:56:54.0379 0x1b6c [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:56:54.0382 0x1b6c WudfPf - ok
17:56:54.0458 0x1b6c [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:56:54.0468 0x1b6c WUDFRd - ok
17:56:54.0501 0x1b6c [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:56:54.0511 0x1b6c wudfsvc - ok
17:56:54.0540 0x1b6c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:56:54.0548 0x1b6c WwanSvc - ok
17:56:54.0554 0x1b6c ================ Scan global ===============================
17:56:54.0572 0x1b6c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:56:54.0602 0x1b6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:56:54.0615 0x1b6c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
17:56:54.0638 0x1b6c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:56:54.0673 0x1b6c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:56:54.0680 0x1b6c [ Global ] - ok
17:56:54.0681 0x1b6c ================ Scan MBR ==================================
17:56:54.0702 0x1b6c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:56:54.0964 0x1b6c \Device\Harddisk0\DR0 - ok
17:56:54.0964 0x1b6c ================ Scan VBR ==================================
17:56:54.0967 0x1b6c [ 44F5C44525E962D1211287436546DD34 ] \Device\Harddisk0\DR0\Partition1
17:56:54.0969 0x1b6c \Device\Harddisk0\DR0\Partition1 - ok
17:56:54.0971 0x1b6c [ A0F62CAB0EF3396C40C799FEF87FB0B9 ] \Device\Harddisk0\DR0\Partition2
17:56:54.0973 0x1b6c \Device\Harddisk0\DR0\Partition2 - ok
17:56:54.0975 0x1b6c [ 444B9EC9B60BDF291C3E47860190CF75 ] \Device\Harddisk0\DR0\Partition3
17:56:54.0977 0x1b6c \Device\Harddisk0\DR0\Partition3 - ok
17:56:54.0977 0x1b6c ================ Scan generic autorun ======================
17:56:55.0388 0x1b6c [ 33FB7C579FB2591443D4255FED6E9087, 77D122B4BBAF13B89A3C00D0392B109B6088A0F5BD36FD959E28D1E3CE846E86 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
17:56:55.0575 0x1b6c RtHDVCpl - ok
17:56:55.0699 0x1b6c [ 495B01F44E917CCDF79005CC0EC56F5A, F9FE6E5EC0C40B8877F846568BA4DC23EEBCC0CCA1F43364C65079F7B77F19F9 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:56:55.0735 0x1b6c RtHDVBg - ok
17:56:55.0900 0x1b6c [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:56:55.0945 0x1b6c NvBackend - ok
17:56:55.0970 0x1b6c [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:56:55.0980 0x1b6c ShadowPlay - ok
17:56:55.0989 0x1b6c TPwrMain - ok
17:56:55.0990 0x1b6c TCrdMain - ok
17:56:56.0042 0x1b6c [ 8107E3A186C034DDEB14718D71332714, 641AD52C6F624A59648043D6E044B772B76DA1C82C4B3258A109A2FB67AACFA3 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
17:56:56.0051 0x1b6c HWSetup - ok
17:56:56.0279 0x1b6c [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:56:56.0372 0x1b6c AvastUI.exe - ok
17:56:56.0462 0x1b6c [ FBDB3FB7A588CE9A502D96BCB9EFCDF3, 54927F45FB36A91F6E1F0B7D35621C4F0555B6A364A6E97E2A38937C6153C55B ] C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
17:56:56.0480 0x1b6c Cisco AnyConnect Secure Mobility Agent for Windows - ok
17:56:56.0577 0x1b6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:56:56.0603 0x1b6c Sidebar - ok
17:56:56.0630 0x1b6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:56:56.0633 0x1b6c mctadmin - ok
17:56:56.0662 0x1b6c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:56:56.0682 0x1b6c Sidebar - ok
17:56:56.0687 0x1b6c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:56:56.0690 0x1b6c mctadmin - ok
17:56:56.0690 0x1b6c Waiting for KSN requests completion. In queue: 43
17:56:57.0690 0x1b6c Waiting for KSN requests completion. In queue: 43
17:56:58.0690 0x1b6c Waiting for KSN requests completion. In queue: 43
17:56:59.0763 0x1b6c AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
17:56:59.0803 0x1b6c Win FW state via NFP2: enabled
17:57:02.0525 0x1b6c ============================================================
17:57:02.0525 0x1b6c Scan finished
17:57:02.0525 0x1b6c ============================================================
17:57:02.0547 0x12cc Detected object count: 0
17:57:02.0547 0x12cc Actual detected object count: 0
17:57:30.0234 0x1880 Deinitialize success
 |
|
27.05.2015, 06:59
| #6 |
| /// the machine /// TB-Ausbilder | internet wird kontrolliert-Chrome hi, Scan mit Combofix
__________________ --> internet wird kontrolliert-Chrome |
|
27.05.2015, 22:51
| #7 |
| | internet wird kontrolliert-ChromeCode:
ATTFilter ComboFix 15-05-25.01 - Toshiba 27.05.2015 23:11:26.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.6122.2996 [GMT 2:00]
ausgeführt von:: c:\users\Toshiba\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-04-27 bis 2015-05-27 ))))))))))))))))))))))))))))))
.
.
2015-05-27 21:23 . 2015-05-27 21:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-05-27 00:22 . 2015-05-27 00:22 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8189D76C-3BED-4014-BCA9-FF1AC032879C}\offreg.dll
2015-05-26 15:19 . 2015-05-26 15:51 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-25 16:01 . 2015-05-25 16:04 -------- d-----w- C:\FRST
2015-05-25 02:41 . 2015-05-25 02:53 -------- d-----w- C:\AdwCleaner
2015-05-17 22:43 . 2015-05-17 22:43 -------- d-----w- c:\windows\CheckSur
2015-05-17 21:29 . 2015-04-20 03:17 1647104 ----a-w- c:\windows\system32\DWrite.dll
2015-05-17 21:29 . 2015-04-20 03:17 1179136 ----a-w- c:\windows\system32\FntCache.dll
2015-05-17 21:29 . 2015-04-20 02:56 1250816 ----a-w- c:\windows\SysWow64\DWrite.dll
2015-05-17 21:29 . 2015-02-03 03:31 1424896 ----a-w- c:\windows\system32\WindowsCodecs.dll
2015-05-17 21:29 . 2015-02-03 03:12 1230848 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2015-05-17 21:22 . 2015-02-04 03:16 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2015-05-17 21:22 . 2015-02-04 02:54 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2015-05-17 18:27 . 2015-05-17 18:27 327168 ----a-w- c:\windows\system32\mswsock.dll
2015-05-17 18:27 . 2015-05-17 18:27 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2015-05-17 18:10 . 2015-05-17 18:10 1887232 ----a-w- c:\windows\system32\d3d11.dll
2015-05-17 18:10 . 2015-05-17 18:10 1505280 ----a-w- c:\windows\SysWow64\d3d11.dll
2015-05-17 17:35 . 2015-04-19 22:58 12032440 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8189D76C-3BED-4014-BCA9-FF1AC032879C}\mpengine.dll
2015-05-17 16:33 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 16:33 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 16:28 . 2012-03-01 06:38 220672 ----a-w- c:\windows\system32\wintrust.dll
2015-05-17 16:28 . 2012-03-01 05:37 172544 ----a-w- c:\windows\SysWow64\wintrust.dll
2015-05-17 15:58 . 2015-02-18 07:06 123904 ----a-w- c:\windows\SysWow64\poqexec.exe
2015-05-17 15:58 . 2015-02-18 07:04 142336 ----a-w- c:\windows\system32\poqexec.exe
2015-05-17 15:58 . 2015-04-20 02:11 3204608 ----a-w- c:\windows\system32\win32k.sys
2015-05-17 15:58 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
2015-05-16 17:27 . 2015-05-16 17:37 -------- d-----w- c:\programdata\Cisco
2015-05-16 17:27 . 2015-05-16 17:37 -------- d-----w- c:\program files (x86)\Cisco
2015-05-05 21:24 . 2015-05-27 16:59 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-05 21:23 . 2015-05-26 15:12 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-05-05 21:23 . 2015-05-05 21:23 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-05-05 21:23 . 2015-05-05 21:23 -------- d-----w- c:\programdata\Malwarebytes
2015-05-05 21:23 . 2015-04-14 07:37 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-05-05 21:23 . 2015-04-14 07:37 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-05-05 17:56 . 2015-05-05 17:56 -------- d-----w- c:\program files (x86)\OpenOffice 4
2015-05-05 15:31 . 2015-05-05 16:09 -------- d-----w- C:\9f114be7f90937485b9336051b77c214
2015-05-05 15:30 . 2015-05-05 15:30 -------- d-----w- c:\program files (x86)\Browser Files
2015-05-05 15:19 . 2013-10-14 16:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2015-05-05 15:14 . 2015-05-05 15:14 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2015-05-05 12:59 . 2015-05-17 17:28 -------- d-----w- c:\windows\system32\MRT
2015-05-05 12:16 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2015-05-05 12:16 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2015-05-05 12:16 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2015-05-05 12:16 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2015-05-05 12:16 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2015-05-05 12:16 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2015-05-05 12:16 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2015-05-05 12:16 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2015-05-05 12:13 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2015-05-05 12:13 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2015-05-05 12:13 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2015-05-05 12:13 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2015-05-05 12:13 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2015-05-05 12:13 . 2014-09-04 05:23 424448 ----a-w- c:\windows\system32\rastls.dll
2015-05-05 12:13 . 2014-09-04 05:04 372736 ----a-w- c:\windows\SysWow64\rastls.dll
2015-05-05 12:13 . 2013-04-26 05:51 751104 ----a-w- c:\windows\system32\win32spl.dll
2015-05-05 12:13 . 2013-04-26 04:55 492544 ----a-w- c:\windows\SysWow64\win32spl.dll
2015-05-05 12:12 . 2014-10-25 01:57 77824 ----a-w- c:\windows\system32\packager.dll
2015-05-05 12:12 . 2014-10-25 01:32 67584 ----a-w- c:\windows\SysWow64\packager.dll
2015-05-05 12:12 . 2015-03-04 04:55 367552 ----a-w- c:\windows\system32\clfs.sys
2015-05-05 12:12 . 2015-03-04 04:41 79360 ----a-w- c:\windows\system32\clfsw32.dll
2015-05-05 12:12 . 2015-03-04 04:10 58880 ----a-w- c:\windows\SysWow64\clfsw32.dll
2015-05-05 12:06 . 2015-03-25 03:24 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-05-05 12:05 . 2015-02-20 04:41 41984 ----a-w- c:\windows\system32\lpk.dll
2015-05-05 12:05 . 2015-02-20 04:40 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-05-05 12:05 . 2015-02-20 04:40 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-05-05 12:05 . 2015-02-20 04:40 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-05-05 12:05 . 2015-02-20 04:13 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-05-05 12:05 . 2015-02-20 04:13 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-05-05 12:05 . 2015-02-20 04:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-05-05 12:05 . 2015-02-20 04:12 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-05-05 12:05 . 2015-02-20 03:29 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-05-05 12:05 . 2015-02-20 03:09 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-05-05 12:03 . 2014-05-30 06:45 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2015-05-05 12:03 . 2011-06-15 10:02 212992 ----a-w- c:\windows\system32\odbctrac.dll
2015-05-05 12:03 . 2011-06-15 10:02 163840 ----a-w- c:\windows\system32\odbccp32.dll
2015-05-05 12:03 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccu32.dll
2015-05-05 12:03 . 2011-06-15 10:02 106496 ----a-w- c:\windows\system32\odbccr32.dll
2015-05-05 12:03 . 2011-06-15 09:59 126976 ----a-w- c:\program files\Common Files\System\Ole DB\msdaosp.dll
2015-05-05 12:03 . 2011-06-15 08:55 86016 ----a-w- c:\windows\SysWow64\odbccu32.dll
2015-05-05 12:03 . 2011-06-15 08:55 81920 ----a-w- c:\windows\SysWow64\odbccr32.dll
2015-05-05 12:03 . 2011-06-15 08:55 319488 ----a-w- c:\windows\SysWow64\odbcjt32.dll
2015-05-05 12:03 . 2011-06-15 08:55 163840 ----a-w- c:\windows\SysWow64\odbctrac.dll
2015-05-05 12:03 . 2011-06-15 08:55 122880 ----a-w- c:\windows\SysWow64\odbccp32.dll
2015-05-05 12:03 . 2011-06-15 08:54 94208 ----a-w- c:\program files (x86)\Common Files\System\Ole DB\msdaosp.dll
2015-05-05 12:03 . 2012-04-28 03:55 210944 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2015-05-05 12:02 . 2013-07-26 02:24 197120 ----a-w- c:\windows\system32\shdocvw.dll
2015-05-05 12:00 . 2013-06-25 22:55 785624 ----a-w- c:\windows\system32\drivers\Wdf01000.sys
2015-05-05 12:00 . 2012-11-28 22:56 9728 ----a-w- c:\windows\system32\Wdfres.dll
2015-05-05 12:00 . 2012-11-28 22:56 54376 ----a-w- c:\windows\system32\drivers\WdfLdr.sys
2015-05-05 12:00 . 2013-07-25 09:25 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2015-05-05 12:00 . 2013-07-25 08:57 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2015-05-05 11:58 . 2014-12-06 04:17 303616 ----a-w- c:\windows\system32\nlasvc.dll
2015-05-05 11:57 . 2015-02-03 03:12 171520 ----a-w- c:\windows\SysWow64\ubpm.dll
2015-05-05 11:56 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2015-05-05 11:55 . 2015-01-17 02:48 1067520 ----a-w- c:\windows\system32\msctf.dll
2015-05-05 11:55 . 2015-01-17 02:30 828928 ----a-w- c:\windows\SysWow64\msctf.dll
2015-05-05 11:55 . 2011-08-27 05:37 331776 ----a-w- c:\windows\system32\oleacc.dll
2015-05-05 11:55 . 2011-08-27 04:26 233472 ----a-w- c:\windows\SysWow64\oleacc.dll
2015-05-05 11:55 . 2011-05-03 05:29 976896 ----a-w- c:\windows\system32\inetcomm.dll
2015-05-05 11:55 . 2011-05-03 04:30 741376 ----a-w- c:\windows\SysWow64\inetcomm.dll
2015-05-05 11:52 . 2014-04-05 02:47 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2015-05-05 11:52 . 2014-04-05 02:47 288192 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2015-05-05 11:52 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2015-05-05 11:52 . 2014-06-18 22:23 73880 ----a-w- c:\windows\system32\mscories.dll
2015-05-05 11:52 . 2014-06-18 22:23 1943696 ----a-w- c:\windows\system32\dfshim.dll
2015-05-05 11:52 . 2014-06-18 22:23 156312 ----a-w- c:\windows\system32\mscorier.dll
2015-05-05 11:52 . 2014-06-18 22:23 81560 ----a-w- c:\windows\SysWow64\mscories.dll
2015-05-05 11:52 . 2014-06-18 22:23 156824 ----a-w- c:\windows\SysWow64\mscorier.dll
2015-05-05 11:52 . 2014-06-18 22:23 1131664 ----a-w- c:\windows\SysWow64\dfshim.dll
2015-05-05 11:41 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2015-05-05 11:41 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2015-05-05 11:41 . 2013-07-09 05:46 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2015-05-05 11:41 . 2013-07-09 05:46 139776 ----a-w- c:\windows\system32\cryptnet.dll
2015-05-05 11:41 . 2013-07-09 04:46 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2015-05-05 11:41 . 2013-07-09 04:46 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2015-05-05 11:41 . 2014-04-25 02:34 801280 ----a-w- c:\windows\system32\usp10.dll
2015-05-05 11:41 . 2014-04-25 02:06 626688 ----a-w- c:\windows\SysWow64\usp10.dll
2015-05-05 11:38 . 2010-12-23 10:42 961024 ----a-w- c:\windows\system32\CPFilters.dll
2015-05-05 11:36 . 2011-05-24 11:42 404480 ----a-w- c:\windows\system32\umpnpmgr.dll
2015-05-05 11:36 . 2011-05-24 10:39 145920 ----a-w- c:\windows\SysWow64\cfgmgr32.dll
2015-05-05 11:36 . 2011-05-24 10:37 252928 ----a-w- c:\windows\SysWow64\drvinst.exe
2015-05-05 11:32 . 2013-07-04 12:50 633856 ----a-w- c:\windows\system32\comctl32.dll
2015-05-05 11:32 . 2013-07-04 11:50 530432 ----a-w- c:\windows\SysWow64\comctl32.dll
2015-05-05 11:31 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HWSetup"="c:\program files\TOSHIBA\Utilities\HWSetup.exe" [2010-03-04 423936]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-05-11 5515496]
"Cisco AnyConnect Secure Mobility Agent for Windows"="c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" [2014-11-19 707984]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 acsock;acsock;c:\windows\system32\DRIVERS\acsock64.sys;c:\windows\SYSNATIVE\DRIVERS\acsock64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S2 vpnagent;Cisco AnyConnect Secure Mobility Agent;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe;c:\program files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 PGEffect;Pangu effect driver;c:\windows\system32\DRIVERS\pgeffect.sys;c:\windows\SYSNATIVE\DRIVERS\pgeffect.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192Ce;Realtek Wireless LAN 802.11n PCI-E NIC Driver;c:\windows\system32\DRIVERS\rtl8192Ce.sys;c:\windows\SYSNATIVE\DRIVERS\rtl8192Ce.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 77164710
*NewlyCreated* - NVSTREAMKMS
*Deregistered* - 77164710
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-25 21:09 986440 ----a-w- c:\program files (x86)\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05 10:56]
.
2015-05-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-05-05 10:56]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-05-05 11:19 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-02-11 11776104]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-01-18 2188904]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-04-09 2673296]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-04-09 1570672]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startseite24.net
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: uni-kl.de\vpn
TCP: DhcpNameServer = 192.168.2.1
DPF: {538793D5-659C-4639-A56C-A179AD87ED44} - hxxps://vpn.uni-kl.de/CACHE/stc/2/binaries/vpnweb.cab
FF - ProfilePath - c:\users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\jb2z4imn.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.startseite24.net
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-TPwrMain - c:\program files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
HKLM-Run-TCrdMain - c:\program files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-05-27 23:48:09
ComboFix-quarantined-files.txt 2015-05-27 21:48
.
Vor Suchlauf: 12 Verzeichnis(se), 237.209.067.520 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 238.350.131.200 Bytes frei
.
- - End Of File - - 57B26C9320F5D343D5F11136F42AC496
A36C5E4F47E84449FF07ED3517B43A31
|
|
28.05.2015, 19:55
| #8 |
| /// the machine /// TB-Ausbilder | internet wird kontrolliert-Chrome Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.05.2015, 23:40
| #9 |
| | internet wird kontrolliert-ChromeCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 29.05.2015 Suchlauf-Zeit: 00:00:55 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.05.28.08 Rootkit Datenbank: v2015.05.24.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Toshiba Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 351569 Verstrichene Zeit: 13 Min, 53 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) Code:
ATTFilter # AdwCleaner v4.205 - Bericht erstellt 29/05/2015 um 00:22:04
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Toshiba - TOSHIBA-PC
# Gestarted von : C:\Users\Toshiba\Desktop\AdwCleaner_4.205.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v8.0.7601.18835
-\\ Mozilla Firefox v29.0 (de)
-\\ Google Chrome v43.0.2357.81
*************************
AdwCleaner[R0].txt - [2092 Bytes] - [25/05/2015 04:41:29]
AdwCleaner[R1].txt - [952 Bytes] - [25/05/2015 04:52:22]
AdwCleaner[R2].txt - [1004 Bytes] - [29/05/2015 00:19:37]
AdwCleaner[S0].txt - [2075 Bytes] - [25/05/2015 04:44:19]
AdwCleaner[S1].txt - [926 Bytes] - [29/05/2015 00:22:04]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [984 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.3 (05.28.2015:2)
OS: Windows 7 Professional x64
Ran by Toshiba on 29.05.2015 at 0:30:42,47
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Users\Toshiba\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Toshiba\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal
~~~ Folders
~~~ Chrome
[C:\Users\Toshiba\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Toshiba\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Toshiba\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Toshiba\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.05.2015 at 0:35:48,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
weißt du schon, ob ich was schlimmes auf meinem Laptop habe? |
|
29.05.2015, 17:58
| #10 |
| /// the machine /// TB-Ausbilder | internet wird kontrolliert-Chrome Nur bissl Adware. ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.05.2015, 13:42
| #11 |
| | internet wird kontrolliert-ChromeCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=962d162eab237548b75f0cb299ae3d23
# engine=24095
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-30 12:11:57
# local_time=2015-05-30 02:11:57 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 1091675 2163463 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 113376 184617767 0 0
# scanned=128115
# found=0
# cleaned=0
# scan_time=5285
Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is enabled)
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Mozilla Firefox 29.0 Firefox out of Date!
Google Chrome (43.0.2357.65)
Google Chrome (43.0.2357.81)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast ng vbox\AvastVBoxSVC.exe
AVAST Software Avast avastui.exe
AVAST Software Avast ng ngservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Toshiba (administrator) on TOSHIBA-PC on 30-05-2015 14:36:25
Running from C:\Users\Toshiba\Desktop
Loaded Profiles: Toshiba (Available Profiles: Toshiba)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Toshiba\Desktop\FRST64 (1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11776104 2011-02-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2188904 2011-01-18] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-04-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [561152 2011-04-20] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [972672 2011-04-27] (TOSHIBA Corporation)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-11] (Avast Software s.r.o.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707984 2014-11-19] (Cisco Systems, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-05] (Avast Software s.r.o.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-857925176-313793341-2178906098-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-857925176-313793341-2178906098-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-857925176-313793341-2178906098-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM -> {05515DD9-7EF0-427F-9E3D-AC3AC39FDF14} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-857925176-313793341-2178906098-1000 -> DefaultScope {05515DD9-7EF0-427F-9E3D-AC3AC39FDF14} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-857925176-313793341-2178906098-1000 -> {05515DD9-7EF0-427F-9E3D-AC3AC39FDF14} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-05] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-05] (Avast Software s.r.o.)
DPF: HKLM-x32 {538793D5-659C-4639-A56C-A179AD87ED44} https://vpn.uni-kl.de/CACHE/stc/2/binaries/vpnweb.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-04-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-04-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-04-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-04-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\jb2z4imn.default
FF Homepage: hxxp://www.startseite24.net
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-03-17] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Toshiba\AppData\Roaming\Mozilla\Firefox\Profiles\jb2z4imn.default\Extensions\abs@avira.com [2015-05-02]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-05]
FF HKU\S-1-5-21-857925176-313793341-2178906098-1000\...\Firefox\Extensions: [{ba2c82b0-7fa8-11e4-b4a9-0800200c9a66}] - C:\Users\Toshiba\AppData\Local\Temp\search.xpi
Chrome:
=======
CHR Profile: C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-18]
CHR Extension: (Google Slides) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-05]
CHR Extension: (Google Docs) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-05]
CHR Extension: (Google Drive) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-05]
CHR Extension: (YouTube) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-05]
CHR Extension: (Adblock Plus) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-05]
CHR Extension: (Google Search) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-05]
CHR Extension: (Google Sheets) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-05]
CHR Extension: (Avira Browser Safety) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-05]
CHR Extension: (Bookmark Manager) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-25]
CHR Extension: (Avast Online Security) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-05-05]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-05]
CHR Extension: (Google Wallet) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-05]
CHR Extension: (Gmail) - C:\Users\Toshiba\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-05]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-05]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-05] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-05] (Avast Software)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-04-09] (NVIDIA Corporation)
S2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-04-09] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-04-09] (NVIDIA Corporation)
S2 TosCoSrv; C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe [480256 2011-04-20] (TOSHIBA Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-05] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-05] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-05] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-05] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-05] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-05] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-05] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-04-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-09] (NVIDIA Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-05] (Avast Software)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52592 2014-11-19] (Cisco Systems, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 14:36 - 2015-05-30 14:36 - 02108928 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64 (1).exe
2015-05-30 14:35 - 2015-05-30 14:35 - 00000000 ____D () C:\Users\Toshiba\Desktop\FRST-OlderVersion
2015-05-30 14:31 - 2015-05-30 14:31 - 00852639 _____ () C:\Users\Toshiba\Desktop\SecurityCheck.exe
2015-05-30 12:38 - 2015-05-30 12:38 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-30 12:37 - 2015-05-30 12:37 - 02347384 _____ (ESET) C:\Users\Toshiba\Downloads\esetsmartinstaller_deu.exe
2015-05-29 00:35 - 2015-05-29 00:35 - 00001368 _____ () C:\Users\Toshiba\Desktop\JRT.txt
2015-05-29 00:30 - 2015-05-29 00:30 - 02947193 _____ (Thisisu) C:\Users\Toshiba\Desktop\JRT.exe
2015-05-29 00:30 - 2015-05-29 00:30 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-TOSHIBA-PC-Windows-7-Professional-(64-bit).dat
2015-05-29 00:30 - 2015-05-29 00:30 - 00000000 ____D () C:\RegBackup
2015-05-29 00:19 - 2015-05-29 00:19 - 02222592 _____ () C:\Users\Toshiba\Desktop\AdwCleaner_4.205.exe
2015-05-29 00:16 - 2015-05-29 00:16 - 00001213 _____ () C:\Users\Toshiba\Desktop\mbam.txt
2015-05-28 23:58 - 2015-05-28 23:58 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Toshiba\Desktop\mbam-setup-2.1.6.1022.exe
2015-05-27 23:48 - 2015-05-27 23:48 - 00019808 _____ () C:\ComboFix.txt
2015-05-27 23:09 - 2015-05-27 23:49 - 00000000 ____D () C:\Qoobox
2015-05-27 23:09 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-27 23:09 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-27 23:09 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-27 23:09 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-27 23:09 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-27 23:09 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-27 23:09 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-27 23:09 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-27 23:08 - 2015-05-27 23:42 - 00000000 ____D () C:\Windows\erdnt
2015-05-27 23:05 - 2015-05-27 23:05 - 05628291 _____ (Swearware) C:\Users\Toshiba\Desktop\Nicht bestätigt 917415.crdownload
2015-05-26 17:55 - 2015-05-26 17:55 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Toshiba\Desktop\tdsskiller.exe
2015-05-26 17:19 - 2015-05-26 17:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-26 17:18 - 2015-05-26 17:18 - 00017642 _____ () C:\Users\Toshiba\Desktop\amazon-rück.odt
2015-05-26 17:14 - 2015-05-26 17:14 - 00050729 _____ () C:\Users\Toshiba\Desktop\Amazon.de - Rücksendezentrum.html
2015-05-26 17:14 - 2015-05-26 17:14 - 00000000 ____D () C:\Users\Toshiba\Desktop\Amazon.de - Rücksendezentrum_files
2015-05-26 17:12 - 2015-05-26 17:51 - 00000000 ____D () C:\Users\Toshiba\Desktop\mbar
2015-05-26 17:11 - 2015-05-26 17:12 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Toshiba\Desktop\mbar-1.09.1.1004.exe
2015-05-25 20:42 - 2015-05-25 20:42 - 00015964 _____ () C:\Users\Toshiba\Desktop\Unbenannt 1.odt
2015-05-25 20:31 - 2015-05-25 20:31 - 00000000 ____D () C:\Users\Toshiba\Desktop\FSJ EOS
2015-05-25 20:29 - 2015-05-25 20:29 - 00150722 _____ () C:\Users\Toshiba\Downloads\Files_Online2PDF.zip
2015-05-25 20:29 - 2015-05-25 20:29 - 00150722 _____ () C:\Users\Toshiba\Desktop\Files_Online2PDF.zip
2015-05-25 20:26 - 2015-05-25 20:26 - 00018510 _____ () C:\Users\Toshiba\Desktop\EOS FSJ.odt
2015-05-25 18:02 - 2015-05-25 18:04 - 00022345 _____ () C:\Users\Toshiba\Desktop\Addition.txt
2015-05-25 18:01 - 2015-05-30 14:36 - 00016192 _____ () C:\Users\Toshiba\Desktop\FRST.txt
2015-05-25 18:01 - 2015-05-30 14:36 - 00000000 ____D () C:\FRST
2015-05-25 18:00 - 2015-05-30 14:35 - 02108928 _____ (Farbar) C:\Users\Toshiba\Desktop\FRST64.exe
2015-05-25 04:51 - 2015-05-25 04:51 - 02223104 _____ () C:\Users\Toshiba\Downloads\adwcleaner_4.205 (1).exe
2015-05-25 04:41 - 2015-05-29 00:22 - 00000000 ____D () C:\AdwCleaner
2015-05-25 04:40 - 2015-05-25 04:40 - 02209792 _____ () C:\Users\Toshiba\Downloads\adwcleaner_4.205.exe
2015-05-25 04:35 - 2015-05-25 04:36 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Toshiba\Downloads\spybot-2.4.exe
2015-05-24 23:02 - 2015-05-25 01:50 - 00000000 ____D () C:\Users\Toshiba\Desktop\Bewerbungusb
2015-05-24 23:02 - 2015-05-24 23:02 - 00000000 ____D () C:\Users\Toshiba\Desktop\Bewerbung2usb
2015-05-24 21:48 - 2015-05-24 21:49 - 00000000 ____D () C:\Users\Toshiba\Desktop\Don't Starve Beta 21 May 2013
2015-05-19 03:00 - 2015-05-23 09:25 - 00014391 _____ () C:\Users\Toshiba\Desktop\ToomKündigung.odt
2015-05-19 00:48 - 2015-05-19 02:43 - 00016795 _____ () C:\Users\Toshiba\Desktop\FSJ Landstuhl.odt
2015-05-18 00:43 - 2015-05-18 00:43 - 00000000 ____D () C:\Windows\CheckSur
2015-05-17 23:43 - 2015-05-18 00:02 - 564744309 _____ () C:\Users\Toshiba\Downloads\Windows6.1-KB947821-v34-x64.msu
2015-05-17 23:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-17 23:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-17 23:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-17 23:30 - 2013-08-02 04:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-17 23:30 - 2013-08-02 03:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-17 23:29 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-17 23:29 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-17 23:29 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-17 23:29 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-05-17 23:29 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-05-17 23:22 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-05-17 23:22 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-05-17 20:27 - 2015-05-17 20:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-05-17 20:27 - 2015-05-17 20:27 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 01988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-17 20:14 - 2015-05-17 20:14 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-05-17 20:10 - 2015-05-17 20:10 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-05-17 20:10 - 2015-05-17 20:10 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-05-17 18:42 - 2015-05-17 18:42 - 00051169 _____ () C:\Users\Toshiba\Desktop\Online-Bewerbung - Hochschule HIS.html
2015-05-17 18:42 - 2015-05-17 18:42 - 00000000 ____D () C:\Users\Toshiba\Desktop\Online-Bewerbung - Hochschule HIS_files
2015-05-17 18:37 - 2015-05-17 18:37 - 00009920 _____ () C:\Users\Toshiba\Desktop\Fachhochschule Potsdam.html
2015-05-17 18:36 - 2015-05-17 18:36 - 00021352 _____ () C:\Users\Toshiba\Desktop\potsdam.odt
2015-05-17 18:33 - 2015-05-17 18:37 - 00000000 ____D () C:\Users\Toshiba\Desktop\Fachhochschule Potsdam_files
2015-05-17 18:33 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 18:33 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-17 18:28 - 2012-03-01 08:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-05-17 18:28 - 2012-03-01 07:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-05-17 18:19 - 2015-05-17 18:19 - 00820172 _____ () C:\Users\Toshiba\Desktop\(77 ungelesen) – kamerba92 – Yahoo Mail.html
2015-05-17 18:19 - 2015-05-17 18:19 - 00000000 ____D () C:\Users\Toshiba\Desktop\(77 ungelesen) – kamerba92 – Yahoo Mail_files
2015-05-17 18:00 - 2015-05-17 18:00 - 00018551 _____ () C:\Users\Toshiba\Downloads\Lebenslauf.odt
2015-05-17 18:00 - 2015-05-17 18:00 - 00018551 _____ () C:\Users\Toshiba\Downloads\Lebenslauf (1).odt
2015-05-17 17:59 - 2015-04-21 20:17 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 12304384 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 09065472 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 02470912 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 01539584 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\mstime.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00445952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-17 17:59 - 2015-04-21 20:16 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-17 17:59 - 2015-04-21 20:16 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\corpol.dll
2015-05-17 17:59 - 2015-04-21 20:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-17 17:59 - 2015-04-21 20:15 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-17 17:59 - 2015-04-21 19:58 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 11030016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 06032896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 02088448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 01267712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstime.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00428544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00389632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00186368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-05-17 17:59 - 2015-04-21 19:57 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\corpol.dll
2015-05-17 17:59 - 2015-04-21 19:56 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-17 17:59 - 2015-04-21 19:56 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-17 17:59 - 2015-04-21 19:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-17 17:59 - 2015-04-21 19:56 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-17 17:59 - 2015-04-21 19:44 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-17 17:59 - 2015-04-21 19:29 - 00386560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-17 17:59 - 2015-04-21 19:22 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-17 17:59 - 2015-04-21 19:11 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-17 17:58 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-17 17:58 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-17 17:58 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-17 17:58 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-17 17:25 - 2015-05-17 17:25 - 00026596 _____ () C:\Users\Toshiba\Desktop\anbnjsd.xps
2015-05-17 17:25 - 2015-05-17 17:25 - 00026585 _____ () C:\Users\Toshiba\Desktop\keinplan.xps
2015-05-16 19:37 - 2015-05-16 19:37 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Cisco
2015-05-16 19:37 - 2015-05-16 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cisco
2015-05-16 19:28 - 2015-05-17 19:12 - 00002000 ____H () C:\Users\Toshiba\Documents\Default.rdp
2015-05-16 19:27 - 2015-05-16 19:37 - 00000000 ____D () C:\ProgramData\Cisco
2015-05-16 19:27 - 2015-05-16 19:37 - 00000000 ____D () C:\Program Files (x86)\Cisco
2015-05-16 19:26 - 2015-05-16 19:26 - 03344552 _____ (Cisco Systems, Inc.) C:\Users\Toshiba\Downloads\anyconnect-win-3.1.06073-web-deploy-k9.exe
2015-05-14 00:20 - 2015-05-14 00:20 - 00002163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-05-14 00:17 - 2015-05-14 00:17 - 00880208 _____ (Google Inc.) C:\Users\Toshiba\Downloads\GoogleEarthSetup.exe
2015-05-05 23:24 - 2015-05-29 00:00 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 23:23 - 2015-05-29 00:00 - 00001109 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-05 23:23 - 2015-05-29 00:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-05 23:23 - 2015-05-29 00:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-05 23:23 - 2015-05-05 23:23 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-05 23:23 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-05 23:23 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-05 23:23 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-05 23:21 - 2015-05-05 23:22 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Toshiba\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-05 23:05 - 2015-05-25 20:42 - 00016302 _____ () C:\Users\Toshiba\Desktop\AnschreibenFSJ.odt
2015-05-05 22:54 - 2015-05-05 22:54 - 00015391 _____ () C:\Users\Toshiba\Downloads\FSJ BFD.odt
2015-05-05 21:29 - 2015-05-25 20:27 - 00105485 _____ () C:\Users\Toshiba\Desktop\Lebenslauf.odt
2015-05-05 21:28 - 2015-04-25 20:31 - 00015258 _____ () C:\Users\Toshiba\Desktop\Krankenschwester112.odt
2015-05-05 21:01 - 2015-05-05 21:54 - 00000000 ____D () C:\Users\Toshiba\Desktop\Bewerbung
2015-05-05 21:01 - 2015-05-05 21:01 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\OpenOffice
2015-05-05 19:57 - 2015-05-05 19:57 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-05 19:57 - 2015-05-05 19:57 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-05 19:56 - 2015-05-05 19:56 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-05 19:39 - 2015-05-05 19:44 - 165182416 _____ () C:\Users\Toshiba\Downloads\OpenOffice_4.1.1_Win_x86_install_de (1).exe
2015-05-05 17:31 - 2015-05-05 18:09 - 00000000 ____D () C:\9f114be7f90937485b9336051b77c214
2015-05-05 17:31 - 2015-05-05 17:31 - 00000000 ____D () C:\Users\Toshiba\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-05-05 17:30 - 2015-05-05 17:30 - 00000000 ____D () C:\Program Files (x86)\Browser Files
2015-05-05 17:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-05-05 17:16 - 2015-05-05 17:18 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Adobe
2015-05-05 17:15 - 2015-05-05 17:15 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-05 17:14 - 2015-05-05 17:14 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-05-05 17:14 - 2015-05-05 17:14 - 00002054 _____ () C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-05-05 17:14 - 2015-05-05 17:14 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-05-05 17:13 - 2015-05-05 17:17 - 00000000 ____D () C:\ProgramData\Adobe
2015-05-05 17:11 - 2015-05-05 17:17 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Adobe
2015-05-05 16:41 - 2015-05-17 23:40 - 00035503 _____ () C:\Windows\IE11_main.log
2015-05-05 14:59 - 2015-05-17 19:28 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-05 14:58 - 2015-05-17 19:20 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-05 14:16 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-05-05 14:16 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-05-05 14:16 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-05-05 14:16 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-05-05 14:16 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-05-05 14:16 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-05-05 14:16 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-05-05 14:16 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-05-05 14:13 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-05-05 14:13 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-05-05 14:13 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-05-05 14:13 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-05-05 14:13 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-05-05 14:13 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-05-05 14:13 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-05-05 14:13 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-05-05 14:13 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-05-05 14:13 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-05-05 14:12 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-05-05 14:12 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-05-05 14:12 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-05-05 14:12 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-05-05 14:12 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-05-05 14:11 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-05-05 14:11 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-05-05 14:11 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-05-05 14:11 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-05-05 14:11 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-05-05 14:11 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-05-05 14:11 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-05-05 14:11 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-05-05 14:11 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-05-05 14:11 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-05-05 14:11 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-05-05 14:11 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-05-05 14:11 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-05-05 14:11 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-05-05 14:11 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-05-05 14:11 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-05-05 14:11 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-05-05 14:11 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-05-05 14:06 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-05-05 14:06 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-05-05 14:06 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-05-05 14:06 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-05-05 14:06 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-05-05 14:06 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-05-05 14:06 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-05-05 14:06 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-05-05 14:06 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-05-05 14:06 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-05-05 14:05 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-05-05 14:05 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-05-05 14:05 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-05-05 14:05 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-05-05 14:05 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-05-05 14:05 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-05-05 14:05 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-05-05 14:05 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-05-05 14:05 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-05-05 14:05 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-05-05 14:04 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-05-05 14:04 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-05-05 14:04 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-05-05 14:04 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-05-05 14:04 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-05-05 14:04 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-05-05 14:04 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-05-05 14:04 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-05-05 14:04 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-05-05 14:04 - 2013-02-27 07:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-05-05 14:04 - 2013-02-15 08:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-05-05 14:04 - 2013-02-15 08:06 - 03717632 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-05-05 14:04 - 2013-02-15 08:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-05-05 14:04 - 2013-02-15 06:37 - 03217408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-05-05 14:04 - 2013-02-15 06:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-05-05 14:04 - 2013-02-15 05:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-05-05 14:03 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-05-05 14:03 - 2012-04-28 05:55 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-05-05 14:03 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-05-05 14:03 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-05-05 14:03 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-05-05 14:03 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-05-05 14:03 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-05-05 14:03 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-05-05 14:03 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-05-05 14:03 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-05-05 14:03 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-05-05 14:02 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-05-05 14:02 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-05-05 14:00 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-05-05 14:00 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-05-05 14:00 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-05-05 14:00 - 2012-11-29 00:56 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-05-05 14:00 - 2012-11-29 00:56 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-05-05 14:00 - 2012-11-29 00:56 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-05-05 13:59 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-05-05 13:59 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-05-05 13:59 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-05-05 13:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-05-05 13:59 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-05-05 13:59 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-05-05 13:59 - 2013-04-12 16:45 - 01656680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-05-05 13:59 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-05-05 13:59 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-05-05 13:59 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-05-05 13:59 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-05-05 13:59 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-05-05 13:59 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-05-05 13:59 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-05-05 13:59 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-05-05 13:59 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-05-05 13:59 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-05-05 13:58 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-05-05 13:58 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-05-05 13:58 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-05-05 13:58 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-05-05 13:58 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-05-05 13:58 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-05-05 13:58 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-05-05 13:58 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-05-05 13:58 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-05-05 13:58 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-05-05 13:58 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-05-05 13:58 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-05-05 13:58 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-05-05 13:58 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-05-05 13:58 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-05-05 13:58 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-05-05 13:58 - 2013-07-12 12:41 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-05-05 13:58 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-05-05 13:58 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-05-05 13:58 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-05-05 13:58 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-05-05 13:58 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-05-05 13:58 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-05-05 13:58 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-05-05 13:57 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-05-05 13:57 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-05-05 13:57 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-05-05 13:57 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-05-05 13:57 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-05-05 13:57 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-05-05 13:57 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-05-05 13:57 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-05-05 13:57 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-05-05 13:57 - 2012-04-26 07:41 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-05-05 13:57 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-05-05 13:57 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-05-05 13:57 - 2011-07-09 04:46 - 00288768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-05-05 13:57 - 2011-04-27 04:40 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-05-05 13:57 - 2011-04-27 04:39 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-05-05 13:56 - 2015-01-14 08:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-05 13:56 - 2015-01-14 08:09 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-05 13:56 - 2015-01-14 08:09 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-05 13:56 - 2015-01-14 08:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-05 13:56 - 2015-01-14 08:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-05 13:56 - 2015-01-14 08:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-05 13:56 - 2015-01-14 08:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-05 13:56 - 2015-01-14 08:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-05 13:56 - 2015-01-14 08:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-05 13:56 - 2015-01-14 08:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-05 13:56 - 2015-01-14 08:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-05 13:56 - 2015-01-14 08:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-05 13:56 - 2015-01-14 08:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-05 13:56 - 2015-01-14 08:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-05 13:56 - 2015-01-14 07:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-05 13:56 - 2015-01-14 07:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-05 13:56 - 2015-01-14 07:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-05 13:56 - 2015-01-14 07:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-05 13:56 - 2015-01-14 07:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-05 13:56 - 2015-01-14 07:40 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-05 13:56 - 2015-01-14 07:40 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-05 13:56 - 2015-01-14 07:38 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-05 13:56 - 2015-01-14 07:37 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-05 13:56 - 2015-01-14 07:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-05 13:56 - 2014-12-30 03:23 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-05-05 13:56 - 2014-11-11 05:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-05 13:56 - 2014-11-11 04:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-05 13:56 - 2014-10-03 04:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-05-05 13:56 - 2014-10-03 04:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-05-05 13:56 - 2014-10-03 04:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-05-05 13:56 - 2014-10-03 04:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-05-05 13:56 - 2014-10-03 04:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-05-05 13:56 - 2014-10-03 03:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-05-05 13:56 - 2014-10-03 03:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-05-05 13:56 - 2014-10-03 03:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-05 13:56 - 2014-09-19 11:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-05 13:56 - 2014-09-19 11:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-05 13:56 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-05-05 13:56 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-05-05 13:56 - 2013-08-02 04:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-05 13:56 - 2013-08-02 04:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-05 13:56 - 2013-08-02 03:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-05 13:56 - 2013-08-02 02:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-05 13:56 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-05-05 13:55 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-05-05 13:55 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-05-05 13:55 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-05-05 13:55 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-05-05 13:55 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-05-05 13:55 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-05-05 13:52 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-05-05 13:52 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-05-05 13:52 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-05-05 13:52 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-05-05 13:41 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-05-05 13:41 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-05-05 13:41 - 2013-10-05 22:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-05-05 13:41 - 2013-10-05 21:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-05-05 13:41 - 2013-07-09 07:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-05-05 13:41 - 2013-07-09 07:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-05-05 13:41 - 2013-07-09 06:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-05-05 13:41 - 2013-07-09 06:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-05-05 13:40 - 2014-10-18 04:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-05-05 13:40 - 2014-10-18 03:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-05-05 13:40 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-05 13:40 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-05 13:40 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-05 13:40 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-05 13:40 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-05 13:40 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-05 13:40 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-05 13:40 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-05 13:40 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-05 13:40 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-05 13:40 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-05 13:40 - 2013-08-02 04:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 04:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 03:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-05 13:40 - 2013-08-02 02:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 02:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 02:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-05 13:40 - 2013-08-02 02:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-05 13:40 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-05-05 13:40 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-05-05 13:40 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-05-05 13:40 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-05-05 13:40 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-05-05 13:40 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-05-05 13:40 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-05-05 13:38 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-05-05 13:38 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-05-05 13:38 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-05-05 13:38 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-05-05 13:38 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-05-05 13:38 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-05-05 13:38 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-05-05 13:38 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-05-05 13:38 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-05-05 13:38 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-05-05 13:38 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-05-05 13:38 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-05-05 13:38 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-05-05 13:38 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-05-05 13:38 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-05-05 13:38 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-05-05 13:38 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-05-05 13:38 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-05-05 13:38 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-05-05 13:38 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-05-05 13:38 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-05-05 13:38 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-05-05 13:36 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-05-05 13:36 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-05-05 13:36 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-05-05 13:36 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-05-05 13:36 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-05-05 13:32 - 2013-07-04 14:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-05-05 13:32 - 2013-07-04 13:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-05-05 13:31 - 2011-10-26 07:25 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-05-05 13:31 - 2011-10-26 07:25 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-05-05 13:31 - 2011-10-26 06:32 - 01328128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-05-05 13:31 - 2011-10-26 06:32 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-05-05 13:29 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-05-05 13:29 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-05-05 13:29 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-05-05 13:29 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-05-05 13:29 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-05-05 13:27 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-05-05 13:27 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-05-05 13:20 - 2015-05-30 12:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-05 13:20 - 2015-05-05 13:20 - 00001929 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-05-05 13:20 - 2015-05-05 13:20 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-05 13:20 - 2015-05-05 13:20 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-05 13:20 - 2015-05-05 13:20 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\AVAST Software
2015-05-05 13:20 - 2015-05-05 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-05 13:20 - 2015-05-05 13:19 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-05 13:19 - 2015-05-05 13:19 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-05 13:19 - 2015-05-05 13:19 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-05 13:19 - 2015-05-05 13:19 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-05 13:17 - 2015-05-05 13:24 - 165182416 _____ () C:\Users\Toshiba\Downloads\OpenOffice_4.1.1_Win_x86_install_de.exe
2015-05-05 13:15 - 2015-05-05 13:15 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-05 13:14 - 2015-05-05 13:14 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-05-05 13:09 - 2015-05-05 13:09 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Toshiba\Downloads\avast_free_antivirus_setup_online.exe
2015-05-05 12:58 - 2015-05-25 23:11 - 00002224 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-05 12:58 - 2015-05-05 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-05 12:56 - 2015-05-30 14:08 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 12:56 - 2015-05-30 12:44 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 12:56 - 2015-05-15 00:03 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-05 12:56 - 2015-05-15 00:03 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-05 12:56 - 2015-05-14 00:20 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-05 12:56 - 2015-05-05 12:58 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Google
2015-05-05 12:55 - 2015-05-05 12:55 - 00880208 _____ (Google Inc.) C:\Users\Toshiba\Downloads\ChromeSetup.exe
2015-05-02 23:31 - 2015-05-02 23:31 - 00000000 ____D () C:\Hotfix
2015-05-02 23:31 - 2015-05-02 13:40 - 00000000 ____D () C:\Windows\Panther
2015-05-02 23:31 - 2011-02-16 04:16 - 00000029 ___RH () C:\Windows\version
2015-05-02 23:31 - 2011-02-16 04:16 - 00000013 ____R () C:\Windows\csup.txt
2015-05-02 23:29 - 2015-05-30 12:38 - 00697082 _____ () C:\Windows\system32\perfh007.dat
2015-05-02 23:29 - 2015-05-30 12:38 - 00148346 _____ () C:\Windows\system32\perfc007.dat
2015-05-02 23:29 - 2015-05-02 23:29 - 00295922 _____ () C:\Windows\system32\perfi007.dat
2015-05-02 23:29 - 2015-05-02 23:29 - 00038104 _____ () C:\Windows\system32\perfd007.dat
2015-05-02 23:29 - 2015-05-02 23:29 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2015-05-02 23:29 - 2015-05-02 23:29 - 00000000 ____D () C:\Windows\SysWOW64\de
2015-05-02 23:29 - 2015-05-02 23:29 - 00000000 ____D () C:\Windows\SysWOW64\0407
2015-05-02 23:29 - 2015-05-02 23:29 - 00000000 ____D () C:\Windows\system32\de
2015-05-02 23:29 - 2015-05-02 23:29 - 00000000 ____D () C:\Windows\system32\0407
2015-05-02 14:44 - 2015-05-02 14:44 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\TOSHIBA
2015-05-02 14:42 - 2015-05-02 14:42 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\toshiba
2015-05-02 14:41 - 1999-10-12 18:47 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\TSCI.dll
2015-05-02 14:41 - 1999-10-12 18:45 - 00024576 _____ (Toshiba) C:\Windows\SysWOW64\THCI.dll
2015-05-02 14:21 - 2015-05-05 21:10 - 00063568 _____ () C:\Users\Toshiba\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-02 14:20 - 2015-05-02 14:20 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\NVIDIA Corporation
2015-05-02 14:19 - 2015-05-02 14:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-02 14:18 - 2015-05-02 14:18 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\NVIDIA
2015-05-02 14:17 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-05-02 14:17 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-05-02 14:17 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-05-02 14:17 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-05-02 14:17 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-05-02 14:17 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-05-02 14:16 - 2015-05-02 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-02 14:16 - 2015-05-02 14:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-02 14:16 - 2015-04-09 02:58 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-02 14:16 - 2015-04-09 02:58 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-02 14:16 - 2015-04-09 02:58 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-02 14:16 - 2015-04-09 02:58 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-02 14:16 - 2015-04-08 23:30 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-02 14:16 - 2015-04-08 23:30 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-02 14:16 - 2015-04-08 23:30 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-02 14:16 - 2015-04-08 23:30 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-02 14:16 - 2015-04-08 23:30 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-02 14:16 - 2015-04-08 23:30 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-02 14:16 - 2015-04-08 19:52 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-05-02 14:15 - 2015-05-02 14:20 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-02 14:15 - 2015-04-09 02:58 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-02 14:15 - 2015-04-09 02:58 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-02 14:13 - 2015-05-05 17:29 - 01590506 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-02 14:08 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-02 14:08 - 2015-04-09 02:58 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 01540240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00195728 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-02 14:08 - 2015-04-09 02:58 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-02 14:08 - 2015-04-09 02:58 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00030536 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-02 14:08 - 2015-04-09 02:58 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-05-02 14:06 - 2015-05-02 14:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-02 14:06 - 2015-05-02 14:06 - 00000000 ____D () C:\NVIDIA
2015-05-02 14:01 - 2015-05-02 14:01 - 00000000 ____D () C:\Windows\SysWOW64\sda
2015-05-02 14:01 - 2010-07-20 17:43 - 00247400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2015-05-02 14:01 - 2010-07-20 17:42 - 09112168 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RtsUStoricon.dll
2015-05-02 14:01 - 2010-07-20 17:42 - 00422504 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtsUStor.dll
2015-05-02 14:00 - 2010-10-04 13:02 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-05-02 13:59 - 2015-05-02 14:00 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-02 13:59 - 2015-05-02 13:59 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\InstallShield
2015-05-02 13:59 - 2013-07-02 13:12 - 00008192 _____ () C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-05-02 13:59 - 2012-11-09 13:57 - 00057376 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-05-02 13:58 - 2015-05-02 13:59 - 00000000 ___HD () C:\Program Files (x86)\Temp
2015-05-02 13:58 - 2015-05-02 13:58 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-05-02 13:58 - 2015-05-02 13:58 - 00000000 ____D () C:\Program Files\Realtek
2015-05-02 13:58 - 2011-02-11 18:18 - 02739176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-05-02 13:58 - 2011-02-11 14:46 - 00819712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-05-02 13:58 - 2011-02-11 14:39 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-05-02 13:58 - 2011-02-09 15:56 - 01284712 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-05-02 13:58 - 2011-01-28 23:03 - 02841704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-05-02 13:58 - 2011-01-25 13:58 - 02358888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-05-02 13:58 - 2011-01-24 14:20 - 00638056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-05-02 13:58 - 2011-01-20 14:47 - 01943616 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-02 13:58 - 2011-01-04 19:25 - 00083560 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2015-05-02 13:58 - 2010-11-29 18:47 - 02578576 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-05-02 13:58 - 2010-11-29 18:47 - 01868944 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-05-02 13:58 - 2010-11-18 11:49 - 00121744 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-05-02 13:58 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-05-02 13:58 - 2010-11-03 18:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-02 13:58 - 2010-11-03 18:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-05-02 13:58 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 01327208 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 01179752 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 01111656 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00504936 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00491112 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00475752 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00317032 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00269928 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00266856 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00126056 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00125544 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-05-02 13:58 - 2010-11-03 18:29 - 00125032 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-05-02 13:58 - 2010-11-02 09:35 - 01718616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-05-02 13:58 - 2010-11-02 09:35 - 00127832 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-05-02 13:58 - 2010-11-02 09:34 - 00421720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-05-02 13:58 - 2010-11-02 09:34 - 00108888 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-05-02 13:58 - 2010-11-02 09:34 - 00074584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-05-02 13:58 - 2010-10-03 13:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-05-02 13:58 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-05-02 13:58 - 2010-07-22 16:48 - 00220496 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.dll
2015-05-02 13:58 - 2010-07-22 16:48 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.dll
2015-05-02 13:58 - 2010-07-22 16:48 - 00078160 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.dll
2015-05-02 13:58 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-05-02 13:58 - 2010-07-22 16:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-05-02 13:58 - 2010-05-06 17:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-05-02 13:58 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-05-02 13:58 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-05-02 13:58 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-05-02 13:58 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-05-02 13:58 - 2009-11-18 18:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-05-02 13:58 - 2009-11-17 18:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-05-02 13:57 - 2011-02-08 19:07 - 00038096 _____ (TOSHIBA Corporation) C:\Windows\system32\Drivers\PGEffect.sys
2015-05-02 13:55 - 2015-05-02 14:41 - 00000000 ____D () C:\Program Files\TOSHIBA
2015-05-02 13:55 - 2015-05-02 13:56 - 00000000 ____D () C:\Program Files (x86)\Realtek WLAN Driver
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\Windows\SysWOW64\Microsoft.VC80.MFC
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\Windows\system32\Microsoft.VC80.MFC
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\xp
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\win7_64
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\win7_32
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\vista64
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\vista32
2015-05-02 13:55 - 2015-05-02 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2015-05-02 13:55 - 2011-01-05 01:08 - 01109096 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192ce.sys
2015-05-02 13:55 - 2010-12-22 16:24 - 00626792 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl819xp.sys
2015-05-02 13:55 - 2010-12-17 16:04 - 01221224 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8192se.sys
2015-05-02 13:55 - 2010-11-11 10:26 - 00295936 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\HWS_Ctrl.dll
2015-05-02 13:55 - 2010-04-01 14:01 - 00442368 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8187Se.sys
2015-05-02 13:55 - 2010-03-31 11:10 - 00450048 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtl8187B.sys
2015-05-02 13:55 - 2010-03-04 16:44 - 00008192 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\TSBWLS.dll
2015-05-02 13:55 - 2009-08-21 19:04 - 00049152 _____ (COMPAL ELECTRONIC INC.) C:\Windows\SysWOW64\EBLib.dll
2015-05-02 13:55 - 2009-08-21 19:04 - 00045056 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\EBLib.dll
2015-05-02 13:55 - 2009-07-30 21:02 - 00044912 _____ (COMPAL ELECTRONIC INC.) C:\Windows\system32\Drivers\LPCFilter.sys
2015-05-02 13:55 - 2009-02-05 02:49 - 00451072 ____N () C:\Windows\SysWOW64\ISSRemoveSP.exe
2015-05-02 13:54 - 2015-05-02 14:41 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA
2015-05-02 13:47 - 2015-05-02 13:47 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-05-02 13:47 - 2015-05-02 13:47 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-02 13:47 - 2015-05-02 13:47 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\Mozilla
2015-05-02 13:47 - 2015-05-02 13:47 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\Mozilla
2015-05-02 13:47 - 2015-05-02 13:47 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-02 13:47 - 2015-05-02 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-02 13:47 - 2015-05-02 13:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-02 13:46 - 2015-05-02 14:42 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-02 13:46 - 2015-05-02 14:01 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-05-02 13:46 - 2011-01-13 19:58 - 00413800 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-05-02 13:46 - 2011-01-13 19:58 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-05-02 13:46 - 2011-01-13 19:58 - 00074272 _____ () C:\Windows\system32\RtNicProp64.dll
2015-05-02 13:45 - 2015-05-02 13:45 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-05-02 13:45 - 2015-05-02 13:45 - 00000000 ____D () C:\Users\Toshiba\AppData\Roaming\WinBatch
2015-05-02 13:41 - 2015-05-02 13:41 - 00001405 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-05-02 13:40 - 2015-05-02 13:41 - 00001439 _____ () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-02 13:40 - 2015-05-02 13:40 - 00000020 ___SH () C:\Users\Toshiba\ntuser.ini
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Vorlagen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Startmenü
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Netzwerkumgebung
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Lokale Einstellungen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Eigene Dateien
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Druckumgebung
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Documents\Eigene Musik
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Documents\Eigene Bilder
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\AppData\Local\Verlauf
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\AppData\Local\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Toshiba\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Programme
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Favoriten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 _SHDL () C:\Dokumente und Einstellungen
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 ____D () C:\Users\Toshiba\AppData\Local\VirtualStore
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 ____D () C:\Users\Toshiba
2015-05-02 13:40 - 2015-05-02 13:40 - 00000000 ____D () C:\Recovery
2015-05-02 13:40 - 2009-07-14 06:54 - 00000000 ___RD () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-02 13:40 - 2009-07-14 06:49 - 00000000 ___RD () C:\Users\Toshiba\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-02 13:36 - 2015-05-02 13:36 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-05-02 13:36 - 2015-05-02 13:36 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-05-02 13:35 - 2015-05-30 12:32 - 01729008 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 13:35 - 2015-05-02 13:35 - 00001355 _____ () C:\Windows\TSSysprep.log
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-30 12:38 - 2009-07-14 07:13 - 01613340 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 00:38 - 2009-07-14 06:45 - 00033712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-29 00:38 - 2009-07-14 06:45 - 00033712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-29 00:24 - 2009-07-14 06:51 - 00030011 _____ () C:\Windows\setupact.log
2015-05-29 00:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-28 00:08 - 2010-11-21 05:47 - 00143680 _____ () C:\Windows\PFRO.log
2015-05-27 23:24 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-25 04:47 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-18 01:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-18 01:53 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-18 01:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-05-17 23:05 - 2009-07-14 06:45 - 00292456 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-17 23:01 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-17 23:01 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-17 23:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2015-05-17 23:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2015-05-17 23:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2015-05-17 23:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2015-05-17 23:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-05-17 23:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\winrm
2015-05-17 23:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\WCN
2015-05-17 23:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\sysprep
2015-05-17 23:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\slmgr
2015-05-17 23:00 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-05-17 23:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-05-17 23:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-17 23:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files\DVD Maker
2015-05-17 23:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2015-05-17 23:00 - 2009-07-14 07:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-05-17 23:00 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\servicing
2015-05-17 22:59 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\winrm
2015-05-17 22:59 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\WCN
2015-05-17 22:59 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\slmgr
2015-05-17 22:59 - 2010-11-21 09:06 - 00000000 ____D () C:\Windows\system32\Printing_Admin_Scripts
2015-05-17 22:59 - 2009-07-14 07:37 - 00000000 ____D () C:\Windows\DigitalLocker
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sysprep
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Setup
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\oobe
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\MUI
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\migwiz
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\com
2015-05-17 22:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\IME
2015-05-05 19:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-05-05 12:54 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-02 23:31 - 2009-07-14 07:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2015-05-02 23:31 - 2009-07-14 07:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2015-05-02 23:31 - 2009-07-14 06:45 - 00000000 ____D () C:\Windows\Setup
2015-05-02 23:29 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2015-05-02 14:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2015-05-02 13:46 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\restore
2015-05-02 13:40 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-02 13:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Recovery
2015-05-02 13:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-02 13:36 - 2009-07-14 06:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2015-05-02 13:36 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-02 13:33 - 2010-11-21 09:17 - 00000000 ____D () C:\Windows\CSC
Some files in TEMP:
====================
C:\Users\Toshiba\AppData\Local\Temp\Quarantine.exe
C:\Users\Toshiba\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-24 17:54
==================== End of log ============================
|
|
31.05.2015, 05:44
| #12 |
| /// the machine /// TB-Ausbilder | internet wird kontrolliert-Chrome Ja  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu internet wird kontrolliert-Chrome |
| chrome, eingefangen, folge, folgende, gefangen, google, google chrome, inter, interne, internet, internetverbindung, meldung, rechts, troja, trojaner, verbindung, zufällig |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
