| |
| |||||||
Log-Analyse und Auswertung: Hohe CPU-Auslastung ohne geöffnete ProgrammeWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.12.2015, 13:17
| #1 |
 |  Hohe CPU-Auslastung ohne geöffnete Programme Guten Tag, nach der Installation der SMART-Software (für die Verwendung unseres SMART-Boards in der Schule erforderlich) und dem dafür benötigten NET-Framework lief mein Laptop sehr langsam. Ich konnte auf twitch.tv keine Streams mehr flüssig angucken. Zusätzlich wollte ein unbekanntes Programm aus unbekannter Quelle die Berechtigung von mir ausgeführt zu werden. Nach dem Verweigern dieser Erlaubnis, öffnete sich das Pop-Up erneut. Daraufhin habe ich mir die laufenden Prozesse angeguckt und eine sehr hohe CPU-Auslastung festgestellt. Die dafür zuständigen Prozesse waren abwechselnd conhost und msiexec. Nach einer ersten Internetrecherche bin ich auf folgenden Artikel gestoßen: hxxp://www.wintips.org/malware-removal-guide/. Ich bin die Schritte durchgegangen. Leider wurden die Symptome nicht behoben. Daraufhin habe ich meine Systemplatte formatiert, Windows neuinstalliert, die Updates durchführen lassen und erneut den malware-removal-guide durchgeführt. Die Logs dazu: Code:
ATTFilter Rkill 2.8.2 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
hxxp://www.bleepingcomputer.com/forums/topic308364.html
Program started at: 12/03/2015 08:31:15 PM in x86 mode. (Safe Mode)
Windows Version: Windows 7 Ultimate Service Pack 1
Checking for Windows services to stop:
* No malware services found to stop.
Checking for processes to terminate:
* No malware processes found to kill.
Checking Registry for malware related settings:
* No issues found in the Registry.
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
Performing miscellaneous checks:
* No issues found.
Checking Windows Service Integrity:
* COM+-Ereignissystem (EventSystem) is not Running.
Startup Type set to: Automatic
* Sicherheitscenter (wscsvc) is not Running.
Startup Type set to: Automatic (Delayed Start)
* Windows Update (wuauserv) is not Running.
Startup Type set to: Automatic (Delayed Start)
Searching for Missing Digital Signatures:
* No issues found.
Checking HOSTS File:
* No issues found.
Program finished at: 12/03/2015 08:32:38 PM
Execution time: 0 hours(s), 1 minute(s), and 23 seconds(s)
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Ultimate x86
Ran by Hubacsek (Administrator) on 03.12.2015 at 21:15:21,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.12.2015 at 21:18:45,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter 20:55:16.0648 0x04f4 TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
20:55:34.0510 0x04f4 ============================================================
20:55:34.0510 0x04f4 Current date / time: 2015/12/03 20:55:34.0510
20:55:34.0510 0x04f4 SystemInfo:
20:55:34.0510 0x04f4
20:55:34.0510 0x04f4 OS Version: 6.1.7601 ServicePack: 1.0
20:55:34.0510 0x04f4 Product type: Workstation
20:55:34.0510 0x04f4 ComputerName: HUBACSEK-PC
20:55:34.0510 0x04f4 UserName: Hubacsek
20:55:34.0510 0x04f4 Windows directory: C:\Windows
20:55:34.0510 0x04f4 System windows directory: C:\Windows
20:55:34.0510 0x04f4 Processor architecture: Intel x86
20:55:34.0510 0x04f4 Number of processors: 2
20:55:34.0510 0x04f4 Page size: 0x1000
20:55:34.0510 0x04f4 Boot type: Safe boot with network
20:55:34.0510 0x04f4 ============================================================
20:55:36.0257 0x04f4 KLMD registered as C:\Windows\system32\drivers\78003448.sys
20:55:36.0444 0x04f4 System UUID: {3A2B8A28-9D8B-2F9D-AB6A-44ED6D11C867}
20:55:36.0897 0x04f4 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:55:36.0897 0x04f4 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:55:36.0897 0x04f4 ============================================================
20:55:36.0897 0x04f4 \Device\Harddisk0\DR0:
20:55:36.0897 0x04f4 MBR partitions:
20:55:36.0897 0x04f4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2542D800
20:55:36.0897 0x04f4 \Device\Harddisk1\DR1:
20:55:36.0897 0x04f4 MBR partitions:
20:55:36.0897 0x04f4 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:55:36.0897 0x04f4 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
20:55:36.0897 0x04f4 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x1E848AA8, BlocksNum 0x1BB3CAFC
20:55:36.0897 0x04f4 ============================================================
20:55:36.0944 0x04f4 C: <-> \Device\Harddisk1\DR1\Partition2
20:55:37.0271 0x04f4 D: <-> \Device\Harddisk0\DR0\Partition1
20:55:37.0318 0x04f4 E: <-> \Device\Harddisk1\DR1\Partition3
20:55:37.0318 0x04f4 ============================================================
20:55:37.0318 0x04f4 Initialize success
20:55:37.0318 0x04f4 ============================================================
20:56:03.0011 0x07b0 ============================================================
20:56:03.0011 0x07b0 Scan started
20:56:03.0011 0x07b0 Mode: Manual; TDLFS;
20:56:03.0011 0x07b0 ============================================================
20:56:03.0011 0x07b0 KSN ping started
20:56:16.0708 0x07b0 KSN ping finished: true
20:56:17.0519 0x07b0 ================ Scan system memory ========================
20:56:17.0519 0x07b0 System memory - ok
20:56:17.0519 0x07b0 ================ Scan services =============================
20:56:17.0862 0x07b0 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:56:17.0862 0x07b0 1394ohci - ok
20:56:17.0925 0x07b0 [ 148925140F53F63C8D1C991806F1E7EC, 2673E05B0D03A2159BE73BF65C19195F20B0B8B926E7AB5FF2EABFE7C456D004 ] 360AntiHacker C:\Windows\system32\Drivers\360AntiHacker.sys
20:56:17.0925 0x07b0 360AntiHacker - ok
20:56:17.0940 0x07b0 [ 53C05C1714177E3D1C548753E0691531, 6F1CF9133128F46098A17F965A507F9D1DE7A00887F5FCBF409DB47EA42AE93C ] 360AvFlt C:\Windows\system32\DRIVERS\360AvFlt.sys
20:56:17.0956 0x07b0 360AvFlt - ok
20:56:17.0972 0x07b0 [ 19B194BFABDC8DD15D10D2AE70DD7F73, B011FD357ED1E06A5061661569DD988C3465C55339AD65AEF6117EC056FB9B02 ] 360Box C:\Windows\system32\DRIVERS\360Box.sys
20:56:17.0972 0x07b0 360Box - ok
20:56:17.0987 0x07b0 [ 2255330A69644F179D0438666EEF1861, 29D10CBD372001332B49CD6248F7DFEDB7A707C8281AFFFFEE6F971D679A4973 ] 360Camera C:\Windows\system32\Drivers\360Camera.sys
20:56:17.0987 0x07b0 360Camera - ok
20:56:18.0018 0x07b0 [ CDD3E72C5EAAB45F74213CD9F15392AF, E1D791844488B1C7DC4C5D41404490E43DD1369A750EF676D164EFEFDC51299D ] 360SelfProtection C:\Windows\system32\drivers\360SelfProtection.sys
20:56:18.0018 0x07b0 360SelfProtection - ok
20:56:18.0065 0x07b0 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:56:18.0081 0x07b0 ACPI - ok
20:56:18.0096 0x07b0 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:56:18.0096 0x07b0 AcpiPmi - ok
20:56:18.0174 0x07b0 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
20:56:18.0190 0x07b0 AdobeARMservice - ok
20:56:18.0252 0x07b0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:56:18.0252 0x07b0 adp94xx - ok
20:56:18.0268 0x07b0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:56:18.0268 0x07b0 adpahci - ok
20:56:18.0284 0x07b0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:56:18.0284 0x07b0 adpu320 - ok
20:56:18.0315 0x07b0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:56:18.0315 0x07b0 AeLookupSvc - ok
20:56:18.0377 0x07b0 [ 1151FD4FB0216CFED887BFDE29EBD516, 673C2B498744C7EB846F6BD4FDC852B0A9722377D75FD694F7F78E727ADF4563 ] AFD C:\Windows\system32\drivers\afd.sys
20:56:18.0393 0x07b0 AFD - ok
20:56:18.0424 0x07b0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
20:56:18.0424 0x07b0 agp440 - ok
20:56:18.0455 0x07b0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:56:18.0455 0x07b0 aic78xx - ok
20:56:18.0502 0x07b0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:56:18.0502 0x07b0 ALG - ok
20:56:18.0533 0x07b0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
20:56:18.0533 0x07b0 aliide - ok
20:56:18.0549 0x07b0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
20:56:18.0549 0x07b0 amdagp - ok
20:56:18.0564 0x07b0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
20:56:18.0580 0x07b0 amdide - ok
20:56:18.0611 0x07b0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:56:18.0611 0x07b0 AmdK8 - ok
20:56:18.0611 0x07b0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:56:18.0611 0x07b0 AmdPPM - ok
20:56:18.0642 0x07b0 [ E7F4D42D8076EC60E21715CD11743A0D, 91AC020A70964F8783C999BDE8AB8391A3FA3AFC1CD4BC52A43625A2010A53E7 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:56:18.0642 0x07b0 amdsata - ok
20:56:18.0689 0x07b0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:56:18.0689 0x07b0 amdsbs - ok
20:56:18.0720 0x07b0 [ 146459D2B08BFDCBFA856D9947043C81, AC7F2069717601F949B0968EA651899D497170A93B84281B66D3CE5C382DDECB ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:56:18.0720 0x07b0 amdxata - ok
20:56:18.0752 0x07b0 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID C:\Windows\system32\drivers\appid.sys
20:56:18.0752 0x07b0 AppID - ok
20:56:18.0798 0x07b0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:56:18.0798 0x07b0 AppIDSvc - ok
20:56:18.0830 0x07b0 [ FB1959012294D6AD43E5304DF65E3C26, CFE906B07FF71A178CF9C254B056C6F5A303DDC511F0E4E1E75808F1D5326495 ] Appinfo C:\Windows\System32\appinfo.dll
20:56:18.0830 0x07b0 Appinfo - ok
20:56:18.0861 0x07b0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:56:18.0861 0x07b0 AppMgmt - ok
20:56:18.0908 0x07b0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:56:18.0908 0x07b0 arc - ok
20:56:18.0908 0x07b0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:56:18.0908 0x07b0 arcsas - ok
20:56:18.0923 0x07b0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:56:18.0923 0x07b0 AsyncMac - ok
20:56:18.0954 0x07b0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
20:56:18.0954 0x07b0 atapi - ok
20:56:19.0017 0x07b0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:56:19.0017 0x07b0 AudioEndpointBuilder - ok
20:56:19.0032 0x07b0 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:56:19.0048 0x07b0 Audiosrv - ok
20:56:19.0095 0x07b0 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:56:19.0095 0x07b0 AxInstSV - ok
20:56:19.0142 0x07b0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:56:19.0157 0x07b0 b06bdrv - ok
20:56:19.0188 0x07b0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:56:19.0204 0x07b0 b57nd60x - ok
20:56:19.0251 0x07b0 [ 14BD5F2B5A01038F8B289EC0868AA521, 725FE6A772C56C2FC853A7E7E8A59A5D03B03876FC821207F8A0848E0E90B886 ] BAPIDRV C:\Windows\system32\DRIVERS\BAPIDRV.sys
20:56:19.0251 0x07b0 BAPIDRV - ok
20:56:19.0282 0x07b0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:56:19.0298 0x07b0 BDESVC - ok
20:56:19.0313 0x07b0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:56:19.0313 0x07b0 Beep - ok
20:56:19.0360 0x07b0 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
20:56:19.0376 0x07b0 BFE - ok
20:56:19.0438 0x07b0 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
20:56:19.0438 0x07b0 BITS - ok
20:56:19.0469 0x07b0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:56:19.0469 0x07b0 blbdrive - ok
20:56:19.0500 0x07b0 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:56:19.0500 0x07b0 bowser - ok
20:56:19.0516 0x07b0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:56:19.0516 0x07b0 BrFiltLo - ok
20:56:19.0516 0x07b0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:56:19.0516 0x07b0 BrFiltUp - ok
20:56:19.0547 0x07b0 [ 6E11F33D14D020F58D5E02E4D67DFA19, 9563E4E8CE769B7619745F6F6DE618389A1595785023BF1F295AD8301B27F0AF ] Browser C:\Windows\System32\browser.dll
20:56:19.0563 0x07b0 Browser - ok
20:56:19.0594 0x07b0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:56:19.0594 0x07b0 Brserid - ok
20:56:19.0610 0x07b0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:56:19.0610 0x07b0 BrSerWdm - ok
20:56:19.0625 0x07b0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:56:19.0625 0x07b0 BrUsbMdm - ok
20:56:19.0625 0x07b0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:56:19.0641 0x07b0 BrUsbSer - ok
20:56:19.0641 0x07b0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:56:19.0641 0x07b0 BTHMODEM - ok
20:56:19.0672 0x07b0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:56:19.0672 0x07b0 bthserv - ok
20:56:19.0703 0x07b0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:56:19.0703 0x07b0 cdfs - ok
20:56:19.0750 0x07b0 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:56:19.0750 0x07b0 cdrom - ok
20:56:19.0797 0x07b0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
20:56:19.0797 0x07b0 CertPropSvc - ok
20:56:19.0828 0x07b0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:56:19.0844 0x07b0 circlass - ok
20:56:19.0859 0x07b0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
20:56:19.0875 0x07b0 CLFS - ok
20:56:19.0968 0x07b0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:56:19.0968 0x07b0 clr_optimization_v2.0.50727_32 - ok
20:56:20.0171 0x07b0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:56:20.0187 0x07b0 clr_optimization_v4.0.30319_32 - ok
20:56:20.0202 0x07b0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:56:20.0202 0x07b0 CmBatt - ok
20:56:20.0234 0x07b0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:56:20.0234 0x07b0 cmdide - ok
20:56:20.0249 0x07b0 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
20:56:20.0265 0x07b0 CNG - ok
20:56:20.0265 0x07b0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:56:20.0280 0x07b0 Compbatt - ok
20:56:20.0296 0x07b0 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:56:20.0296 0x07b0 CompositeBus - ok
20:56:20.0312 0x07b0 COMSysApp - ok
20:56:20.0327 0x07b0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:56:20.0327 0x07b0 crcdisk - ok
20:56:20.0374 0x07b0 [ 3897DFF247D9ED0006190349DE264E14, AFD45853FE1025714BFF6E3287DE181F77C72A88570F92E996962FA0378FE88A ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:56:20.0374 0x07b0 CryptSvc - ok
20:56:20.0421 0x07b0 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC C:\Windows\system32\drivers\csc.sys
20:56:20.0436 0x07b0 CSC - ok
20:56:20.0468 0x07b0 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService C:\Windows\System32\cscsvc.dll
20:56:20.0483 0x07b0 CscService - ok
20:56:20.0514 0x07b0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
20:56:20.0514 0x07b0 DcomLaunch - ok
20:56:20.0561 0x07b0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:56:20.0561 0x07b0 defragsvc - ok
20:56:20.0624 0x07b0 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:56:20.0624 0x07b0 DfsC - ok
20:56:20.0686 0x07b0 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:56:20.0702 0x07b0 Dhcp - ok
20:56:20.0748 0x07b0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:56:20.0748 0x07b0 discache - ok
20:56:20.0764 0x07b0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:56:20.0780 0x07b0 Disk - ok
20:56:20.0811 0x07b0 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:56:20.0811 0x07b0 Dnscache - ok
20:56:20.0889 0x07b0 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
20:56:20.0889 0x07b0 dot3svc - ok
20:56:20.0936 0x07b0 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
20:56:20.0951 0x07b0 DPS - ok
20:56:20.0982 0x07b0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:56:20.0982 0x07b0 drmkaud - ok
20:56:21.0045 0x07b0 [ 23F5D28378A160352BA8F817BD8C71CB, 11BF7B7E6276C28EFF74B8AF89B493CBB89B394D2A091708EDA15DA5C342FF19 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:56:21.0060 0x07b0 DXGKrnl - ok
20:56:21.0107 0x07b0 [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
20:56:21.0123 0x07b0 E1G60 - ok
20:56:21.0138 0x07b0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:56:21.0154 0x07b0 EapHost - ok
20:56:21.0263 0x07b0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:56:21.0326 0x07b0 ebdrv - ok
20:56:21.0372 0x07b0 [ 08C0926ED095041DAB5699BC2AF56E4C, 15B8D6CDC3593016DA245B867701E155C879F2AB70170308015769D8317852DD ] EfiMon C:\Windows\system32\Drivers\Efimon.sys
20:56:21.0372 0x07b0 EfiMon - ok
20:56:21.0404 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
20:56:21.0404 0x07b0 EFS - ok
20:56:21.0513 0x07b0 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:56:21.0528 0x07b0 ehRecvr - ok
20:56:21.0560 0x07b0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
20:56:21.0560 0x07b0 ehSched - ok
20:56:21.0591 0x07b0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:56:21.0606 0x07b0 elxstor - ok
20:56:21.0622 0x07b0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:56:21.0622 0x07b0 ErrDev - ok
20:56:21.0684 0x07b0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:56:21.0684 0x07b0 EventSystem - ok
20:56:21.0700 0x07b0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:56:21.0716 0x07b0 exfat - ok
20:56:21.0731 0x07b0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:56:21.0731 0x07b0 fastfat - ok
20:56:21.0778 0x07b0 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
20:56:21.0794 0x07b0 Fax - ok
20:56:21.0794 0x07b0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:56:21.0809 0x07b0 fdc - ok
20:56:21.0840 0x07b0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:56:21.0840 0x07b0 fdPHost - ok
20:56:21.0856 0x07b0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:56:21.0856 0x07b0 FDResPub - ok
20:56:21.0872 0x07b0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:56:21.0872 0x07b0 FileInfo - ok
20:56:21.0872 0x07b0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:56:21.0872 0x07b0 Filetrace - ok
20:56:21.0903 0x07b0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:56:21.0903 0x07b0 flpydisk - ok
20:56:21.0918 0x07b0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:56:21.0934 0x07b0 FltMgr - ok
20:56:21.0981 0x07b0 [ FA6C66E4364D7DA57AADE5DCC03BB999, 9C0D0A04D2558CF60B7F7185CC9B369CDDD3B1C625960910CECF07611F288378 ] FontCache C:\Windows\system32\FntCache.dll
20:56:21.0996 0x07b0 FontCache - ok
20:56:22.0059 0x07b0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:56:22.0059 0x07b0 FontCache3.0.0.0 - ok
20:56:22.0074 0x07b0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:56:22.0074 0x07b0 FsDepends - ok
20:56:22.0090 0x07b0 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:56:22.0090 0x07b0 Fs_Rec - ok
20:56:22.0137 0x07b0 [ 8A73E79089B282100B9393B644CB853B, 844DC5AADFABBD050B967904B796BA06BFD64C9112616EA26229D084F8B3AD41 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:56:22.0137 0x07b0 fvevol - ok
20:56:22.0184 0x07b0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:56:22.0184 0x07b0 gagp30kx - ok
20:56:22.0230 0x07b0 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
20:56:22.0246 0x07b0 gpsvc - ok
20:56:22.0277 0x07b0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:56:22.0277 0x07b0 hcw85cir - ok
20:56:22.0324 0x07b0 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:56:22.0340 0x07b0 HdAudAddService - ok
20:56:22.0355 0x07b0 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:56:22.0355 0x07b0 HDAudBus - ok
20:56:22.0386 0x07b0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:56:22.0386 0x07b0 HidBatt - ok
20:56:22.0402 0x07b0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:56:22.0402 0x07b0 HidBth - ok
20:56:22.0433 0x07b0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:56:22.0433 0x07b0 HidIr - ok
20:56:22.0480 0x07b0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
20:56:22.0480 0x07b0 hidserv - ok
20:56:22.0527 0x07b0 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
20:56:22.0527 0x07b0 HidUsb - ok
20:56:22.0558 0x07b0 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
20:56:22.0558 0x07b0 hkmsvc - ok
20:56:22.0589 0x07b0 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:56:22.0589 0x07b0 HomeGroupListener - ok
20:56:22.0620 0x07b0 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:56:22.0620 0x07b0 HomeGroupProvider - ok
20:56:22.0667 0x07b0 [ D0BA27F865AC0BE4AC2C42E3F8FAEAEC, 08839CD71A6E6C2A3D51F8EDB505F42FA98CDAED0A232E0AFC829853FBE761BE ] HookPort C:\Windows\system32\Drivers\Hookport.sys
20:56:22.0667 0x07b0 HookPort - ok
20:56:22.0683 0x07b0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:56:22.0683 0x07b0 HpSAMD - ok
20:56:22.0745 0x07b0 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:56:22.0745 0x07b0 HTTP - ok
20:56:22.0792 0x07b0 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:56:22.0792 0x07b0 hwpolicy - ok
20:56:22.0839 0x07b0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:56:22.0839 0x07b0 i8042prt - ok
20:56:22.0901 0x07b0 [ A3CAE5D281DB4CFF7CFF8233507EE5AD, 2666107220B9F301193F2CF85A3D6B09E6E42CC150152D10A8886E47A3FD9B0D ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:56:22.0901 0x07b0 iaStorV - ok
20:56:22.0979 0x07b0 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:56:22.0995 0x07b0 idsvc - ok
20:56:23.0198 0x07b0 [ 36CC40B02AE593D6152AC8BD657720AF, 4AE1417A762EA3B00D49B721D5E147FA741D416DC4617BFBB21BD2EF1F81F057 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
20:56:23.0307 0x07b0 igfx - ok
20:56:23.0416 0x07b0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:56:23.0416 0x07b0 iirsp - ok
20:56:23.0478 0x07b0 [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT C:\Windows\System32\ikeext.dll
20:56:23.0494 0x07b0 IKEEXT - ok
20:56:23.0525 0x07b0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
20:56:23.0525 0x07b0 intelide - ok
20:56:23.0556 0x07b0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:56:23.0572 0x07b0 intelppm - ok
20:56:23.0603 0x07b0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:56:23.0603 0x07b0 IPBusEnum - ok
20:56:23.0603 0x07b0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:56:23.0603 0x07b0 IpFilterDriver - ok
20:56:23.0666 0x07b0 [ 4D65A07B795D6674312F879D09AA7663, 8D72FE0B51A6FF71F85D2602DB3AE91C8749F70869B6789552F047BA81411EDA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:56:23.0681 0x07b0 iphlpsvc - ok
20:56:23.0712 0x07b0 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:56:23.0712 0x07b0 IPMIDRV - ok
20:56:23.0744 0x07b0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:56:23.0744 0x07b0 IPNAT - ok
20:56:23.0759 0x07b0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:56:23.0759 0x07b0 IRENUM - ok
20:56:23.0775 0x07b0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:56:23.0775 0x07b0 isapnp - ok
20:56:23.0806 0x07b0 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:56:23.0822 0x07b0 iScsiPrt - ok
20:56:23.0853 0x07b0 [ 65DA9FA42C0972FE5B9B7D6047F06F4C, 602A0A2EA95726FE6988867EB624D911D67D1FA9415AFC96559DE5E031A48FC5 ] JMCR C:\Windows\system32\DRIVERS\jmcr.sys
20:56:23.0868 0x07b0 JMCR - ok
20:56:23.0884 0x07b0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
20:56:23.0884 0x07b0 kbdclass - ok
20:56:23.0915 0x07b0 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
20:56:23.0915 0x07b0 kbdhid - ok
20:56:23.0946 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
20:56:23.0946 0x07b0 KeyIso - ok
20:56:23.0962 0x07b0 [ 412CEA1AA78CC02A447F5C9E62B32FF1, E06859E2CE2AFA3CE521851F8810778ED1748B812E601A58786605096AACEA81 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:56:23.0962 0x07b0 KSecDD - ok
20:56:24.0009 0x07b0 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:56:24.0009 0x07b0 KSecPkg - ok
20:56:24.0040 0x07b0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:56:24.0056 0x07b0 KtmRm - ok
20:56:24.0087 0x07b0 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:56:24.0087 0x07b0 LanmanServer - ok
20:56:24.0118 0x07b0 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:56:24.0134 0x07b0 LanmanWorkstation - ok
20:56:24.0165 0x07b0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:56:24.0165 0x07b0 lltdio - ok
20:56:24.0196 0x07b0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:56:24.0196 0x07b0 lltdsvc - ok
20:56:24.0196 0x07b0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:56:24.0212 0x07b0 lmhosts - ok
20:56:24.0212 0x07b0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:56:24.0212 0x07b0 LSI_FC - ok
20:56:24.0227 0x07b0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:56:24.0243 0x07b0 LSI_SAS - ok
20:56:24.0258 0x07b0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:56:24.0258 0x07b0 LSI_SAS2 - ok
20:56:24.0258 0x07b0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:56:24.0274 0x07b0 LSI_SCSI - ok
20:56:24.0274 0x07b0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:56:24.0274 0x07b0 luafv - ok
20:56:24.0305 0x07b0 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:56:24.0305 0x07b0 Mcx2Svc - ok
20:56:24.0336 0x07b0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:56:24.0336 0x07b0 megasas - ok
20:56:24.0352 0x07b0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:56:24.0352 0x07b0 MegaSR - ok
20:56:24.0555 0x07b0 Microsoft SharePoint Workspace Audit Service - ok
20:56:24.0586 0x07b0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:56:24.0586 0x07b0 MMCSS - ok
20:56:24.0617 0x07b0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:56:24.0617 0x07b0 Modem - ok
20:56:24.0648 0x07b0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:56:24.0648 0x07b0 monitor - ok
20:56:24.0695 0x07b0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\drivers\mouclass.sys
20:56:24.0695 0x07b0 mouclass - ok
20:56:24.0726 0x07b0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:56:24.0726 0x07b0 mouhid - ok
20:56:24.0773 0x07b0 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:56:24.0789 0x07b0 mountmgr - ok
20:56:24.0836 0x07b0 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:56:24.0851 0x07b0 MozillaMaintenance - ok
20:56:24.0867 0x07b0 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
20:56:24.0867 0x07b0 mpio - ok
20:56:24.0898 0x07b0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:56:24.0898 0x07b0 mpsdrv - ok
20:56:24.0960 0x07b0 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:56:24.0976 0x07b0 MpsSvc - ok
20:56:25.0007 0x07b0 [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:56:25.0007 0x07b0 MRxDAV - ok
20:56:25.0054 0x07b0 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:56:25.0054 0x07b0 mrxsmb - ok
20:56:25.0085 0x07b0 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:56:25.0085 0x07b0 mrxsmb10 - ok
20:56:25.0101 0x07b0 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:56:25.0101 0x07b0 mrxsmb20 - ok
20:56:25.0132 0x07b0 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
20:56:25.0132 0x07b0 msahci - ok
20:56:25.0148 0x07b0 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:56:25.0148 0x07b0 msdsm - ok
20:56:25.0179 0x07b0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:56:25.0179 0x07b0 MSDTC - ok
20:56:25.0210 0x07b0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:56:25.0210 0x07b0 Msfs - ok
20:56:25.0210 0x07b0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:56:25.0210 0x07b0 mshidkmdf - ok
20:56:25.0257 0x07b0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:56:25.0257 0x07b0 msisadrv - ok
20:56:25.0304 0x07b0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:56:25.0304 0x07b0 MSiSCSI - ok
20:56:25.0304 0x07b0 msiserver - ok
20:56:25.0335 0x07b0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:56:25.0335 0x07b0 MSKSSRV - ok
20:56:25.0335 0x07b0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:56:25.0335 0x07b0 MSPCLOCK - ok
20:56:25.0350 0x07b0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:56:25.0350 0x07b0 MSPQM - ok
20:56:25.0366 0x07b0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:56:25.0366 0x07b0 MsRPC - ok
20:56:25.0397 0x07b0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:56:25.0397 0x07b0 mssmbios - ok
20:56:25.0397 0x07b0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:56:25.0397 0x07b0 MSTEE - ok
20:56:25.0413 0x07b0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:56:25.0413 0x07b0 MTConfig - ok
20:56:25.0428 0x07b0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
20:56:25.0428 0x07b0 Mup - ok
20:56:25.0460 0x07b0 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
20:56:25.0475 0x07b0 napagent - ok
20:56:25.0522 0x07b0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:56:25.0538 0x07b0 NativeWifiP - ok
20:56:25.0569 0x07b0 [ E7C54812A2AAF43316EB6930C1FFA108, C8A6FC1957FA29A3B372132FEA9145538BC767044A11D77316D3D1A3EAA60630 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:56:25.0584 0x07b0 NDIS - ok
20:56:25.0616 0x07b0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:56:25.0616 0x07b0 NdisCap - ok
20:56:25.0631 0x07b0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:56:25.0631 0x07b0 NdisTapi - ok
20:56:25.0662 0x07b0 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:56:25.0662 0x07b0 Ndisuio - ok
20:56:25.0709 0x07b0 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:56:25.0709 0x07b0 NdisWan - ok
20:56:25.0725 0x07b0 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:56:25.0725 0x07b0 NDProxy - ok
20:56:25.0756 0x07b0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:56:25.0756 0x07b0 NetBIOS - ok
20:56:25.0818 0x07b0 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:56:25.0818 0x07b0 NetBT - ok
20:56:25.0834 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
20:56:25.0850 0x07b0 Netlogon - ok
20:56:25.0881 0x07b0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
20:56:25.0896 0x07b0 Netman - ok
20:56:25.0928 0x07b0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
20:56:25.0928 0x07b0 netprofm - ok
20:56:25.0959 0x07b0 [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:56:25.0959 0x07b0 NetTcpPortSharing - ok
20:56:25.0990 0x07b0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:56:25.0990 0x07b0 nfrd960 - ok
20:56:26.0021 0x07b0 [ 912084381D30D8B89EC4E293053F4710, 99B8CD043DF531D4B9725ED167F63CED220608B2FED3EE8250C217D15762DFD7 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:56:26.0037 0x07b0 NlaSvc - ok
20:56:26.0037 0x07b0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:56:26.0037 0x07b0 Npfs - ok
20:56:26.0068 0x07b0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
20:56:26.0068 0x07b0 nsi - ok
20:56:26.0084 0x07b0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:56:26.0084 0x07b0 nsiproxy - ok
20:56:26.0146 0x07b0 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:56:26.0177 0x07b0 Ntfs - ok
20:56:26.0208 0x07b0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
20:56:26.0208 0x07b0 Null - ok
20:56:26.0255 0x07b0 [ AF2EEC9580C1D32FB7EAF105D9784061, 6DAAE3BCA048ACD7FFD26A65C793C461933179070F03855FE3DC3C01F968163A ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:56:26.0255 0x07b0 nvraid - ok
20:56:26.0286 0x07b0 [ 9283C58EBAA2618F93482EB5DABCEC82, 0BC119D4EAFDEA879E4C1CFBA5402499DBD1970EDF963C6D2034D4867C34D15E ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:56:26.0286 0x07b0 nvstor - ok
20:56:26.0318 0x07b0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:56:26.0318 0x07b0 nv_agp - ok
20:56:26.0349 0x07b0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:56:26.0349 0x07b0 ohci1394 - ok
20:56:26.0427 0x07b0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:56:26.0427 0x07b0 ose - ok
20:56:26.0614 0x07b0 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:56:26.0708 0x07b0 osppsvc - ok
20:56:26.0754 0x07b0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:56:26.0770 0x07b0 p2pimsvc - ok
20:56:26.0786 0x07b0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
20:56:26.0801 0x07b0 p2psvc - ok
20:56:26.0832 0x07b0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:56:26.0832 0x07b0 Parport - ok
20:56:26.0879 0x07b0 [ BF8F6AF06DA75B336F07E23AEF97D93B, 2F2C4314872732550A112BFF2F803484D4A3D697F0D69D352350CE208FD8A1A4 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:56:26.0879 0x07b0 partmgr - ok
20:56:26.0879 0x07b0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:56:26.0879 0x07b0 Parvdm - ok
20:56:26.0910 0x07b0 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:56:26.0910 0x07b0 PcaSvc - ok
20:56:26.0942 0x07b0 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
20:56:26.0942 0x07b0 pci - ok
20:56:26.0973 0x07b0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
20:56:26.0973 0x07b0 pciide - ok
20:56:27.0004 0x07b0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:56:27.0004 0x07b0 pcmcia - ok
20:56:27.0020 0x07b0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
20:56:27.0020 0x07b0 pcw - ok
20:56:27.0066 0x07b0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:56:27.0082 0x07b0 PEAUTH - ok
20:56:27.0129 0x07b0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:56:27.0160 0x07b0 PeerDistSvc - ok
20:56:27.0254 0x07b0 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
20:56:27.0285 0x07b0 pla - ok
20:56:27.0332 0x07b0 [ 92DC6E68D2C856C5C2F21AE9E22112B8, EFAA27886A05E57E629A9EFC3671D9D64144795EDF55438A676F5B43E59BE3FC ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:56:27.0347 0x07b0 PlugPlay - ok
20:56:27.0378 0x07b0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:56:27.0378 0x07b0 PNRPAutoReg - ok
20:56:27.0378 0x07b0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:56:27.0394 0x07b0 PNRPsvc - ok
20:56:27.0425 0x07b0 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:56:27.0425 0x07b0 PolicyAgent - ok
20:56:27.0472 0x07b0 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
20:56:27.0472 0x07b0 Power - ok
20:56:27.0519 0x07b0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:56:27.0519 0x07b0 PptpMiniport - ok
20:56:27.0519 0x07b0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:56:27.0519 0x07b0 Processor - ok
20:56:27.0566 0x07b0 [ 43CA4CCC22D52FB58E8988F0198851D0, DF67BD70D9D82677AE61244B4E54677A5008A7F5EB531DF2A7E7D33F1658EA78 ] ProfSvc C:\Windows\system32\profsvc.dll
20:56:27.0581 0x07b0 ProfSvc - ok
20:56:27.0597 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:56:27.0597 0x07b0 ProtectedStorage - ok
20:56:27.0612 0x07b0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:56:27.0628 0x07b0 Psched - ok
20:56:27.0800 0x07b0 [ A51373CABB6A0F48F9296F27ECF837D1, 2E67C2582CA16DE85B1A29239A33959C4391923ED90CDC6D45D12F6FBC3D610B ] QHActiveDefense C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
20:56:27.0815 0x07b0 QHActiveDefense - ok
20:56:27.0893 0x07b0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:56:27.0924 0x07b0 ql2300 - ok
20:56:27.0940 0x07b0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:56:27.0940 0x07b0 ql40xx - ok
20:56:27.0956 0x07b0 [ D0D16B6A1BF8FACDC8A96E2022612E9C, B35E1168299B0C2BD34FAD33FE8D1B809A4FCCC0A599B56E15ACE7CB3EEF4BCE ] qutmdserv C:\Windows\system32\DRIVERS\qutmdrv.sys
20:56:27.0971 0x07b0 qutmdserv - ok
20:56:28.0018 0x07b0 [ C94FD2E64D92D1CEC22604D6802CF86C, 75323FDABB997AB079182EE0FF0E1AA0F7D949416B26E24629703E0844E93789 ] qutmipc C:\Windows\system32\drivers\qutmipc.sys
20:56:28.0018 0x07b0 qutmipc - ok
20:56:28.0049 0x07b0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
20:56:28.0049 0x07b0 QWAVE - ok
20:56:28.0080 0x07b0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:56:28.0080 0x07b0 QWAVEdrv - ok
20:56:28.0080 0x07b0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:56:28.0080 0x07b0 RasAcd - ok
20:56:28.0112 0x07b0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:56:28.0112 0x07b0 RasAgileVpn - ok
20:56:28.0127 0x07b0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
20:56:28.0127 0x07b0 RasAuto - ok
20:56:28.0143 0x07b0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:56:28.0143 0x07b0 Rasl2tp - ok
20:56:28.0190 0x07b0 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
20:56:28.0190 0x07b0 RasMan - ok
20:56:28.0236 0x07b0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:56:28.0236 0x07b0 RasPppoe - ok
20:56:28.0252 0x07b0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:56:28.0252 0x07b0 RasSstp - ok
20:56:28.0283 0x07b0 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:56:28.0283 0x07b0 rdbss - ok
20:56:28.0314 0x07b0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:56:28.0314 0x07b0 rdpbus - ok
20:56:28.0346 0x07b0 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:56:28.0346 0x07b0 RDPCDD - ok
20:56:28.0361 0x07b0 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:56:28.0361 0x07b0 RDPDR - ok
20:56:28.0408 0x07b0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:56:28.0408 0x07b0 RDPENCDD - ok
20:56:28.0424 0x07b0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:56:28.0424 0x07b0 RDPREFMP - ok
20:56:28.0470 0x07b0 [ 68A0387F58E226DEEE23D9715955572A, F95BB1D2BB3E79AF47B1C715BB5E3003EEF888AAA963F46F4A2FE8AFBD4F37A4 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:56:28.0470 0x07b0 RdpVideoMiniport - ok
20:56:28.0517 0x07b0 [ 288B06960D78428FF89E811632684E20, 82FB13C2749637E172381C9C205080921A45453191B6246C5D3FE946A06D17F5 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:56:28.0517 0x07b0 RDPWD - ok
20:56:28.0580 0x07b0 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:56:28.0580 0x07b0 rdyboost - ok
20:56:28.0611 0x07b0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:56:28.0611 0x07b0 RemoteAccess - ok
20:56:28.0626 0x07b0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:56:28.0642 0x07b0 RemoteRegistry - ok
20:56:28.0658 0x07b0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:56:28.0658 0x07b0 RpcEptMapper - ok
20:56:28.0689 0x07b0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
20:56:28.0689 0x07b0 RpcLocator - ok
20:56:28.0720 0x07b0 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
20:56:28.0736 0x07b0 RpcSs - ok
20:56:28.0767 0x07b0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:56:28.0767 0x07b0 rspndr - ok
20:56:28.0829 0x07b0 [ B5E9979FBB26FC059BD87A81F763D5DA, 1EE2FB1CB2F86FBE1589ACE3542E0003CC88499406A3EF37073CCA45651F493D ] rtl8192se C:\Windows\system32\DRIVERS\rtl8192se.sys
20:56:28.0860 0x07b0 rtl8192se - ok
20:56:28.0892 0x07b0 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap C:\Windows\system32\drivers\vms3cap.sys
20:56:28.0892 0x07b0 s3cap - ok
20:56:28.0907 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
20:56:28.0907 0x07b0 SamSs - ok
20:56:28.0938 0x07b0 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:56:28.0938 0x07b0 sbp2port - ok
20:56:28.0970 0x07b0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:56:28.0970 0x07b0 SCardSvr - ok
20:56:29.0001 0x07b0 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:56:29.0001 0x07b0 scfilter - ok
20:56:29.0048 0x07b0 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
20:56:29.0063 0x07b0 Schedule - ok
20:56:29.0079 0x07b0 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:56:29.0079 0x07b0 SCPolicySvc - ok
20:56:29.0141 0x07b0 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\drivers\sdbus.sys
20:56:29.0141 0x07b0 sdbus - ok
20:56:29.0172 0x07b0 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:56:29.0172 0x07b0 SDRSVC - ok
20:56:29.0344 0x07b0 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
20:56:29.0375 0x07b0 SDScannerService - ok
20:56:29.0484 0x07b0 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:56:29.0516 0x07b0 SDUpdateService - ok
20:56:29.0547 0x07b0 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:56:29.0547 0x07b0 SDWSCService - ok
20:56:29.0578 0x07b0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:56:29.0578 0x07b0 secdrv - ok
20:56:29.0609 0x07b0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
20:56:29.0609 0x07b0 seclogon - ok
20:56:29.0625 0x07b0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
20:56:29.0625 0x07b0 SENS - ok
20:56:29.0640 0x07b0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:56:29.0640 0x07b0 SensrSvc - ok
20:56:29.0640 0x07b0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:56:29.0656 0x07b0 Serenum - ok
20:56:29.0687 0x07b0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:56:29.0687 0x07b0 Serial - ok
20:56:29.0718 0x07b0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:56:29.0718 0x07b0 sermouse - ok
20:56:29.0765 0x07b0 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
20:56:29.0765 0x07b0 SessionEnv - ok
20:56:29.0781 0x07b0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:56:29.0781 0x07b0 sffdisk - ok
20:56:29.0812 0x07b0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:56:29.0812 0x07b0 sffp_mmc - ok
20:56:29.0828 0x07b0 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:56:29.0828 0x07b0 sffp_sd - ok
20:56:29.0859 0x07b0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:56:29.0859 0x07b0 sfloppy - ok
20:56:29.0890 0x07b0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:56:29.0906 0x07b0 SharedAccess - ok
20:56:29.0952 0x07b0 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:56:29.0952 0x07b0 ShellHWDetection - ok
20:56:29.0999 0x07b0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
20:56:29.0999 0x07b0 sisagp - ok
20:56:30.0030 0x07b0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:56:30.0030 0x07b0 SiSRaid2 - ok
20:56:30.0030 0x07b0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:56:30.0030 0x07b0 SiSRaid4 - ok
20:56:30.0062 0x07b0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:56:30.0062 0x07b0 Smb - ok
20:56:30.0093 0x07b0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:56:30.0093 0x07b0 SNMPTRAP - ok
20:56:30.0093 0x07b0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
20:56:30.0093 0x07b0 spldr - ok
20:56:30.0140 0x07b0 [ 866A43013535DC8587C258E43579C764, B2BE846B5167A2ECD1E30C69A81385FCC6EAE6033394D08458A5583D311C4D82 ] Spooler C:\Windows\System32\spoolsv.exe
20:56:30.0155 0x07b0 Spooler - ok
20:56:30.0296 0x07b0 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
20:56:30.0358 0x07b0 sppsvc - ok
20:56:30.0405 0x07b0 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:56:30.0405 0x07b0 sppuinotify - ok
20:56:30.0452 0x07b0 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:56:30.0452 0x07b0 srv - ok
20:56:30.0498 0x07b0 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:56:30.0514 0x07b0 srv2 - ok
20:56:30.0530 0x07b0 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:56:30.0530 0x07b0 srvnet - ok
20:56:30.0576 0x07b0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:56:30.0576 0x07b0 SSDPSRV - ok
20:56:30.0592 0x07b0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:56:30.0592 0x07b0 SstpSvc - ok
20:56:30.0717 0x07b0 [ DDF25A14518C76C0A0EE599AF319F3C0, 85D08C9D5D290835019F10D2FA63EDFF3DCC3C596E35FF418033D0567A56114A ] STacSV c:\program files\idt\wdm\STacSV.exe
20:56:30.0732 0x07b0 STacSV - ok
20:56:30.0748 0x07b0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:56:30.0764 0x07b0 stexstor - ok
20:56:30.0826 0x07b0 [ 3BBCF6640F534DA7753B94C576B29FFC, B6B97885EEF890D02B4BDE660B41B5CC9BD1BCAE5E970F52C60E92EE340896E3 ] STHDA C:\Windows\system32\DRIVERS\stwrt.sys
20:56:30.0826 0x07b0 STHDA - ok
20:56:30.0904 0x07b0 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
20:56:30.0920 0x07b0 StiSvc - ok
20:56:30.0935 0x07b0 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt C:\Windows\system32\drivers\vmstorfl.sys
20:56:30.0951 0x07b0 storflt - ok
20:56:30.0966 0x07b0 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:56:30.0966 0x07b0 storvsc - ok
20:56:30.0998 0x07b0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\drivers\swenum.sys
20:56:30.0998 0x07b0 swenum - ok
20:56:31.0044 0x07b0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
20:56:31.0060 0x07b0 swprv - ok
20:56:31.0091 0x07b0 Synth3dVsc - ok
20:56:31.0154 0x07b0 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
20:56:31.0185 0x07b0 SysMain - ok
20:56:31.0216 0x07b0 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
20:56:31.0216 0x07b0 TabletInputService - ok
20:56:31.0263 0x07b0 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
20:56:31.0278 0x07b0 TapiSrv - ok
20:56:31.0310 0x07b0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
20:56:31.0310 0x07b0 TBS - ok
20:56:31.0388 0x07b0 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:56:31.0419 0x07b0 Tcpip - ok
20:56:31.0481 0x07b0 [ 37E8FA3779668837CA9E2C36D2415949, FDDA99B7501CDBC3032AA12FD8E929F5E3B47DA112D0F8A05E2D833E5609EDEA ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:56:31.0512 0x07b0 TCPIP6 - ok
20:56:31.0559 0x07b0 [ CCA24162E055C3714CE5A88B100C64ED, 9B7712E793B9478BA7A1EF71EA9CC03CCB9C4004C54EAA911F158958519EDCD9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:56:31.0575 0x07b0 tcpipreg - ok
20:56:31.0622 0x07b0 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:56:31.0622 0x07b0 TDPIPE - ok
20:56:31.0637 0x07b0 [ 2C10395BAA4847F83042813C515CC289, CBC058AE2EB6AA5905F9D2EF52573E1C06330462952E6D6E7083F8DB2C441E3E ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:56:31.0637 0x07b0 TDTCP - ok
20:56:31.0684 0x07b0 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:56:31.0684 0x07b0 tdx - ok
20:56:31.0715 0x07b0 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:56:31.0715 0x07b0 TermDD - ok
20:56:31.0746 0x07b0 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService C:\Windows\System32\termsrv.dll
20:56:31.0762 0x07b0 TermService - ok
20:56:31.0809 0x07b0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
20:56:31.0809 0x07b0 Themes - ok
20:56:31.0824 0x07b0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
20:56:31.0824 0x07b0 THREADORDER - ok
20:56:31.0856 0x07b0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
20:56:31.0856 0x07b0 TrkWks - ok
20:56:31.0934 0x07b0 [ 5BD389925662396A52AEB64901D3C952, 8B6C99ADA6B39E16D055F18DB220C90AEE67E36B08AE5E117103D86C9A138834 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
20:56:31.0934 0x07b0 TrueSight - ok
20:56:32.0012 0x07b0 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:56:32.0012 0x07b0 TrustedInstaller - ok
20:56:32.0058 0x07b0 [ 254BB140EEE3C59D6114C1A86B636877, EE09D62E90407A40278F2136F640DAB16A4E2BF57D4FB6E05F92CA9CC9CF57C0 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:56:32.0058 0x07b0 tssecsrv - ok
20:56:32.0090 0x07b0 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:56:32.0105 0x07b0 TsUsbFlt - ok
20:56:32.0105 0x07b0 tsusbhub - ok
20:56:32.0152 0x07b0 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:56:32.0168 0x07b0 tunnel - ok
20:56:32.0199 0x07b0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:56:32.0199 0x07b0 uagp35 - ok
20:56:32.0230 0x07b0 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:56:32.0230 0x07b0 udfs - ok
20:56:32.0261 0x07b0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:56:32.0277 0x07b0 UI0Detect - ok
20:56:32.0308 0x07b0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:56:32.0308 0x07b0 uliagpkx - ok
20:56:32.0324 0x07b0 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\drivers\umbus.sys
20:56:32.0339 0x07b0 umbus - ok
20:56:32.0370 0x07b0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:56:32.0370 0x07b0 UmPass - ok
20:56:32.0417 0x07b0 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService C:\Windows\System32\umrdp.dll
20:56:32.0433 0x07b0 UmRdpService - ok
20:56:32.0464 0x07b0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
20:56:32.0480 0x07b0 upnphost - ok
20:56:32.0511 0x07b0 [ 7E72E7D7E0757D59481D530FD2B0BFAE, 288CAC9F4AC09DEB2B30C6E3A6ACF8D62A75576F62F0EC159D5E1B257419E9DC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
20:56:32.0511 0x07b0 usbccgp - ok
20:56:32.0526 0x07b0 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:56:32.0526 0x07b0 usbcir - ok
20:56:32.0542 0x07b0 [ CFBCE999C057D78979A181C9C60F208E, D60698EAA8A085214D5945818B0863976CF116EBE523046C344AF4E9392FDF80 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:56:32.0542 0x07b0 usbehci - ok
20:56:32.0573 0x07b0 [ 9D22AAD9AC6A07C691A1113E5F860868, AC34D36DBB5649650FCD873A792CA1387AE841D4C46781C63C0D29834F9B58E9 ] usbhub C:\Windows\system32\drivers\usbhub.sys
20:56:32.0573 0x07b0 usbhub - ok
20:56:32.0604 0x07b0 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:56:32.0604 0x07b0 usbohci - ok
20:56:32.0636 0x07b0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:56:32.0636 0x07b0 usbprint - ok
20:56:32.0667 0x07b0 [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:56:32.0682 0x07b0 usbscan - ok
20:56:32.0698 0x07b0 [ BF63EBFC6979FEFB2BC03DF7989A0C1A, AFEF764A3E5D52CDBB5074F0E87F2B5EBCDF8D9B6E8F88EE235602B80145BE31 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
20:56:32.0698 0x07b0 USBSTOR - ok
20:56:32.0714 0x07b0 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:56:32.0714 0x07b0 usbuhci - ok
20:56:32.0745 0x07b0 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:56:32.0745 0x07b0 usbvideo - ok
20:56:32.0760 0x07b0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
20:56:32.0776 0x07b0 UxSms - ok
20:56:32.0792 0x07b0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
20:56:32.0792 0x07b0 VaultSvc - ok
20:56:32.0823 0x07b0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:56:32.0823 0x07b0 vdrvroot - ok
20:56:32.0870 0x07b0 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
20:56:32.0870 0x07b0 vds - ok
20:56:32.0916 0x07b0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:56:32.0916 0x07b0 vga - ok
20:56:32.0916 0x07b0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:56:32.0932 0x07b0 VgaSave - ok
20:56:32.0932 0x07b0 VGPU - ok
20:56:32.0963 0x07b0 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:56:32.0963 0x07b0 vhdmp - ok
20:56:32.0979 0x07b0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
20:56:32.0994 0x07b0 viaagp - ok
20:56:32.0994 0x07b0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:56:32.0994 0x07b0 ViaC7 - ok
20:56:33.0026 0x07b0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
20:56:33.0026 0x07b0 viaide - ok
20:56:33.0057 0x07b0 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:56:33.0057 0x07b0 vmbus - ok
20:56:33.0072 0x07b0 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
20:56:33.0072 0x07b0 VMBusHID - ok
20:56:33.0104 0x07b0 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:56:33.0104 0x07b0 volmgr - ok
20:56:33.0135 0x07b0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:56:33.0150 0x07b0 volmgrx - ok
20:56:33.0166 0x07b0 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:56:33.0166 0x07b0 volsnap - ok
20:56:33.0197 0x07b0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:56:33.0213 0x07b0 vsmraid - ok
20:56:33.0260 0x07b0 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
20:56:33.0291 0x07b0 VSS - ok
20:56:33.0291 0x07b0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:56:33.0291 0x07b0 vwifibus - ok
20:56:33.0338 0x07b0 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:56:33.0338 0x07b0 vwififlt - ok
20:56:33.0369 0x07b0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
20:56:33.0369 0x07b0 W32Time - ok
20:56:33.0384 0x07b0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:56:33.0384 0x07b0 WacomPen - ok
20:56:33.0416 0x07b0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:56:33.0416 0x07b0 WANARP - ok
20:56:33.0431 0x07b0 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:56:33.0431 0x07b0 Wanarpv6 - ok
20:56:33.0494 0x07b0 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
20:56:33.0525 0x07b0 wbengine - ok
20:56:33.0572 0x07b0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:56:33.0572 0x07b0 WbioSrvc - ok
20:56:33.0618 0x07b0 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:56:33.0618 0x07b0 wcncsvc - ok
20:56:33.0650 0x07b0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:56:33.0650 0x07b0 WcsPlugInService - ok
20:56:33.0665 0x07b0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:56:33.0665 0x07b0 Wd - ok
20:56:33.0681 0x07b0 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:56:33.0681 0x07b0 Wdf01000 - ok
20:56:33.0696 0x07b0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:56:33.0712 0x07b0 WdiServiceHost - ok
20:56:33.0712 0x07b0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:56:33.0728 0x07b0 WdiSystemHost - ok
20:56:33.0759 0x07b0 [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient C:\Windows\System32\webclnt.dll
20:56:33.0774 0x07b0 WebClient - ok
20:56:33.0821 0x07b0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:56:33.0821 0x07b0 Wecsvc - ok
20:56:33.0837 0x07b0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:56:33.0837 0x07b0 wercplsupport - ok
20:56:33.0868 0x07b0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
20:56:33.0868 0x07b0 WerSvc - ok
20:56:33.0884 0x07b0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:56:33.0884 0x07b0 WfpLwf - ok
20:56:33.0899 0x07b0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:56:33.0899 0x07b0 WIMMount - ok
20:56:33.0946 0x07b0 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:56:33.0962 0x07b0 WinDefend - ok
20:56:33.0962 0x07b0 WinHttpAutoProxySvc - ok
20:56:34.0071 0x07b0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:56:34.0086 0x07b0 Winmgmt - ok
20:56:34.0133 0x07b0 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM C:\Windows\system32\WsmSvc.dll
20:56:34.0164 0x07b0 WinRM - ok
20:56:34.0258 0x07b0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:56:34.0274 0x07b0 Wlansvc - ok
20:56:34.0305 0x07b0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:56:34.0305 0x07b0 WmiAcpi - ok
20:56:34.0352 0x07b0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:56:34.0352 0x07b0 wmiApSrv - ok
20:56:34.0445 0x07b0 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:56:34.0461 0x07b0 WMPNetworkSvc - ok
20:56:34.0508 0x07b0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:56:34.0508 0x07b0 WPCSvc - ok
20:56:34.0539 0x07b0 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:56:34.0539 0x07b0 WPDBusEnum - ok
20:56:34.0601 0x07b0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:56:34.0601 0x07b0 ws2ifsl - ok
20:56:34.0617 0x07b0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
20:56:34.0617 0x07b0 wscsvc - ok
20:56:34.0632 0x07b0 WSearch - ok
20:56:34.0710 0x07b0 [ D9B0134913E5EF007AF82A418C503322, 7418DD28C8E968674382F8352AAFFC4DE77887E2B71B8844D615F19432B4C55A ] wuauserv C:\Windows\system32\wuaueng.dll
20:56:34.0773 0x07b0 wuauserv - ok
20:56:34.0788 0x07b0 [ E714A1C0354636837E20CCBF00888EE7, 0E31F0DB0AA318E3B0DACD26C0D3B11519B42F2A996AE580BE67FA8B3C42C436 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:56:34.0788 0x07b0 WudfPf - ok
20:56:34.0835 0x07b0 [ 1023EE888C9B47178C5293ED5336AB69, 62221C80C3F719A585266247482A64F7CB2F5EF69AFA8FA07D563CA2B0A37561 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:56:34.0835 0x07b0 WUDFRd - ok
20:56:34.0882 0x07b0 [ 8D1E1E529A2C9E9B6A85B55A345F7629, 64B637CFE2AF58A4F7CE6D8C3D603F8EFD527500F7137E0A37840313C712CA93 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:56:34.0882 0x07b0 wudfsvc - ok
20:56:34.0913 0x07b0 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:56:34.0913 0x07b0 WwanSvc - ok
20:56:34.0960 0x07b0 [ 6BBF7A3BAB8FFDCCF82057FA2AAE2B7B, 2F667F6170F120F038122A6567C59836D5EC0FC966244DECDF974E0D25509C72 ] XUIF C:\Windows\system32\Drivers\x10ufx2.sys
20:56:34.0960 0x07b0 XUIF - ok
20:56:34.0991 0x07b0 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
20:56:35.0007 0x07b0 yukonw7 - ok
20:56:35.0022 0x07b0 ================ Scan global ===============================
20:56:35.0054 0x07b0 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
20:56:35.0100 0x07b0 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
20:56:35.0116 0x07b0 [ A9F564F254E9DDDE120A7135767EC24B, F255DCB4C7F4F941BA27700D66684AD0BA3DF114D6F298E2A909095B71B11D94 ] C:\Windows\system32\winsrv.dll
20:56:35.0132 0x07b0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:56:35.0147 0x07b0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
20:56:35.0163 0x07b0 [ Global ] - ok
20:56:35.0163 0x07b0 ================ Scan MBR ==================================
20:56:35.0163 0x07b0 [ 6BBCEDBDAD3751D6E23B5C0749D1BD20 ] \Device\Harddisk0\DR0
20:56:36.0848 0x0368 Object required for P2P: [ A51373CABB6A0F48F9296F27ECF837D1 ] QHActiveDefense
20:56:37.0721 0x07b0 \Device\Harddisk0\DR0 - ok
20:56:37.0737 0x07b0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:56:37.0971 0x07b0 \Device\Harddisk1\DR1 - ok
20:56:37.0971 0x07b0 ================ Scan VBR ==================================
20:56:37.0971 0x07b0 [ 85288D2EEFBCE32C0DA0DF3CF0E84BDF ] \Device\Harddisk0\DR0\Partition1
20:56:37.0971 0x07b0 \Device\Harddisk0\DR0\Partition1 - ok
20:56:37.0986 0x07b0 [ 6CB6678952DFE932150F834461B73292 ] \Device\Harddisk1\DR1\Partition1
20:56:37.0986 0x07b0 \Device\Harddisk1\DR1\Partition1 - ok
20:56:37.0986 0x07b0 [ 82F1AF1A0C2CD4CED90D3E7322477CD0 ] \Device\Harddisk1\DR1\Partition2
20:56:37.0986 0x07b0 \Device\Harddisk1\DR1\Partition2 - ok
20:56:38.0018 0x07b0 [ 1D20BA595493DBDFD9D3EE94D6917346 ] \Device\Harddisk1\DR1\Partition3
20:56:38.0018 0x07b0 \Device\Harddisk1\DR1\Partition3 - ok
20:56:38.0018 0x07b0 ================ Scan generic autorun ======================
20:56:38.0158 0x07b0 [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
20:56:38.0236 0x07b0 SDTray - ok
20:56:38.0314 0x07b0 [ 0DEB9763C0990D16A8B3FF446347D8C2, 9726B3BF449C9871D734646D9D2587B6555A660157B4D4F3EDCB191C664566BC ] C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
20:56:38.0345 0x07b0 QHSafeTray - ok
20:56:38.0392 0x07b0 [ 4440CC5EA4F602DFEDE468C5685E404A, 96BBF1C2B1D604F90EB719021E84A576C7B257B37AECDCE8BE9FA6FD1AD14314 ] C:\Program Files\IDT\WDM\sttray.exe
20:56:38.0392 0x07b0 SysTrayApp - ok
20:56:38.0486 0x07b0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:56:38.0517 0x07b0 Sidebar - ok
20:56:38.0548 0x07b0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:56:38.0548 0x07b0 mctadmin - ok
20:56:38.0595 0x07b0 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:56:38.0626 0x07b0 Sidebar - ok
20:56:38.0642 0x07b0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:56:38.0642 0x07b0 mctadmin - ok
20:56:38.0688 0x07b0 [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
20:56:38.0720 0x07b0 SpybotPostWindows10UpgradeReInstall - ok
20:56:39.0016 0x07b0 [ 5C35525CEBE7B59FAFA05D5E98D7EDEF, 456BDD801C621B6DE4B2862F846145C6143B19B45BD6459DD29B045879E76562 ] C:\Program Files\CCleaner\CCleaner.exe
20:56:39.0141 0x07b0 CCleaner Monitoring - ok
20:56:39.0156 0x07b0 Waiting for KSN requests completion. In queue: 175
20:56:39.0671 0x0368 Object send P2P result: true
20:56:40.0170 0x07b0 Waiting for KSN requests completion. In queue: 26
20:56:41.0184 0x07b0 Waiting for KSN requests completion. In queue: 9
20:56:42.0198 0x07b0 Waiting for KSN requests completion. In queue: 9
20:56:43.0212 0x07b0 AV detected via SS2: 360 Total Security, C:\Program Files\360\Total Security\safemon\QHSafeTray.exe ( 8.0.0.1000 ), 0x50000 ( disabled : updated )
20:56:43.0228 0x07b0 Win FW state via NFP2: enabled ( trusted )
20:56:45.0942 0x07b0 ============================================================
20:56:45.0942 0x07b0 Scan finished
20:56:45.0942 0x07b0 ============================================================
20:56:45.0942 0x0670 Detected object count: 0
20:56:45.0942 0x0670 Actual detected object count: 0
21:00:00.0568 0x0498 Deinitialize success
Code:
ATTFilter # AdwCleaner v5.023 - Bericht erstellt am 03/12/2015 um 21:10:05
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Hubacsek - HUBACSEK-PC
# Gestartet von : C:\Users\Hubacsek\Desktop\adwcleaner_5.023.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Hubacsek\AppData\Roaming\Mozilla\Firefox\Profiles\qi4xy49w.default\invalidprefs.js
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\360
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [913 Bytes] ##########
Code:
ATTFilter # AdwCleaner v5.023 - Bericht erstellt am 03/12/2015 um 21:07:56
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-12-03.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x86)
# Benutzername : Hubacsek - HUBACSEK-PC
# Gestartet von : C:\Users\Hubacsek\Desktop\adwcleaner_5.023.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
Datei Gefunden : C:\Users\Hubacsek\AppData\Roaming\Mozilla\Firefox\Profiles\qi4xy49w.default\invalidprefs.js
***** [ DLL ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\360
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [795 Bytes] ##########
|
|
05.12.2015, 13:25
| #2 |
| | 2. Teil der Logs Leider habe ich gelegentlich immernoch das Problem einer hohen CPU-Auslastung. Die zuständigen Prozesse sind jetzt aber svchost und TrustedInstaller. Weiterhin laufen die Streams auf twitch.tv immernoch nicht flüßig und der Rechner friert immer ein, wenn ich mit dem Firefox die Seite facebook.com besuchen möchte. Ich weiß nicht, ob es ein Problem mit Malware/Virus oder ähnliches ist. Mein Virenscanner hat nichts verdächtiges gefunden.
__________________Hier noch die angeforderten Logs von Defogger, FRST und Gmer: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:05-12-2015
durchgeführt von Hubacsek (2015-12-05 12:32:06)
Gestartet von C:\Users\Hubacsek\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2015-12-01 15:50:54)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1317350091-3612203622-4277952169-500 - Administrator - Disabled)
Gast (S-1-5-21-1317350091-3612203622-4277952169-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1317350091-3612203622-4277952169-1002 - Limited - Enabled)
Hubacsek (S-1-5-21-1317350091-3612203622-4277952169-1001 - Administrator - Enabled) => C:\Users\Hubacsek
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: 360 Total Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}
AS: 360 Total Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
360 Total Security (HKLM\...\360TotalSecurity) (Version: 8.0.0.1047 - 360 Security Center)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6208.0 - IDT)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.0 - Ghisler Software GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
02-12-2015 21:21:27 Windows Update
02-12-2015 21:28:31 Windows Update
02-12-2015 21:35:39 Windows Update
02-12-2015 21:40:46 Windows Update
02-12-2015 22:30:23 Windows Update
02-12-2015 22:32:00 Windows Modules Installer
03-12-2015 19:15:14 Windows Update
03-12-2015 21:15:24 JRT Pre-Junkware Removal
03-12-2015 23:51:38 Windows Update
04-12-2015 10:21:34 Windows Update
04-12-2015 17:53:21 Windows Update
04-12-2015 17:55:43 Windows Update
04-12-2015 18:53:31 Windows Modules Installer
04-12-2015 23:25:09 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {3000658A-D48F-4D28-840E-B9935E6ED539} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {61343095-385B-4168-B1A6-4FB1FDC672B6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-12-01 17:53 - 2015-10-29 11:29 - 00088184 _____ () C:\Program Files\360\Total Security\deepscan\qutmload.dll
2015-12-01 17:37 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-01 17:37 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-01 17:37 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-01 17:37 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-01 17:37 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-01 17:53 - 2015-10-29 11:29 - 00427640 _____ () C:\Program Files\360\Total Security\MenuEx.dll
2015-12-01 17:53 - 2015-10-29 11:29 - 00578168 _____ () C:\Program Files\360\Total Security\safemon\wdui2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1317350091-3612203622-4277952169-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hubacsek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 192.168.0.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{D6A61556-50EB-47D6-8881-588A480D7E01}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E67EE1BD-BB82-441D-8664-5F441C0EB4B7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{74220084-3BC4-4997-A251-CAC214B76520}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe
FirewallRules: [{C4D92731-2826-4039-BB99-DBC2843F1992}] => (Allow) C:\Program Files\360\Total Security\LiveUpdate360.exe
FirewallRules: [{A5F33432-4057-4950-AC69-948CE974F19D}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{75FBF83D-C1FE-46AE-A568-1355DB1144F5}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{80BE2878-852F-4394-9710-850BAC86D8CB}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{AD120A74-3F68-452C-A5DD-D1C56765E3B2}] => (Allow) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/04/2015 02:06:36 PM) (Source: .NET Runtime Optimization Service) (EventID: 1107) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "ehshell, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (12/03/2015 08:48:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 42.0.0.5780, Zeitstempel: 0x5632d0a4
Name des fehlerhaften Moduls: mozglue.dll, Version: 42.0.0.5780, Zeitstempel: 0x5632ba58
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed50
ID des fehlerhaften Prozesses: 0x168
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/02/2015 09:18:22 PM) (Source: Microsoft Office 14) (EventID: 2001) (User: )
Description: Microsoft Publisher: Rejected Safe Mode action : Publisher konnte zuletzt nicht korrekt gestartet werden. Das Starten von Publisher im abgesicherten Modus hilft Ihnen, ein Startproblem zu korrigieren oder zu isolieren, sodass Sie das Programm erfolgreich starten können. Einige Funktionen können in diesem Modus deaktiviert sein.
Möchten Sie Publisher im abgesicherten Modus starten?.
Rejected Safe Mode action : Microsoft Publisher.
Error: (12/01/2015 11:18:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 42.0.0.5780, Zeitstempel: 0x5632d0a4
Name des fehlerhaften Moduls: mozglue.dll, Version: 42.0.0.5780, Zeitstempel: 0x5632ba58
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ed50
ID des fehlerhaften Prozesses: 0x3b0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/01/2015 11:08:58 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/01/2015 11:08:58 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/01/2015 11:08:58 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/01/2015 11:08:57 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (12/01/2015 11:08:57 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (12/01/2015 11:08:57 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Systemfehler:
=============
Error: (12/05/2015 11:57:53 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/05/2015 11:55:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/05/2015 11:47:54 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 05.12.2015 um 11:46:24 unerwartet heruntergefahren.
Error: (12/04/2015 11:24:17 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {995C996E-D918-4a8c-A302-45719A6F4EA7} -Embedding5{995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (12/04/2015 02:07:31 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet:
%%16405
Error: (12/04/2015 02:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/04/2015 02:04:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (12/04/2015 02:04:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (12/04/2015 02:04:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.
Error: (12/04/2015 01:57:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007000e fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB3035132)
==================== Memory info ===========================
Processor: Pentium(R) Dual-Core CPU T4500 @ 2.30GHz
Prozentuale Nutzung des RAM: 45%
Installierter physikalischer RAM: 3004.87 MB
Verfügbarer physikalischer RAM: 1641.52 MB
Summe virtueller Speicher: 6008.05 MB
Verfügbarer virtueller Speicher: 4529.54 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:244.04 GB) (Free:209.07 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:297.98 GB) NTFS
Drive e: (Volume) (Fixed) (Total:221.62 GB) (Free:181.95 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7ED1EFF2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=244 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=221.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: CB0F1A13)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-12-05 12:45:38
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 HGST_HTS545050A7E380 rev.GG2OAC90 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\Hubacsek\AppData\Local\Temp\pwddykow.sys
---- System - GMER 2.1 ----
SSDT \??\C:\Windows\system32\drivers\qutmipc.sys ZwOpenKeyEx [0x91048620]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwReplaceKey + 1384 82A589B4 4 Bytes JMP 84F11608
.text ntkrnlpa.exe!ZwReplaceKey + 1525 82A58B55 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82A92BB2 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 1383 82A9A268 4 Bytes [20, 86, 04, 91]
---- User code sections - GMER 2.1 ----
.text C:\Windows\Explorer.EXE[2040] ntdll.dll!RtlCreateProcessParametersEx 77747201 5 Bytes JMP 6A0B7EE0 C:\Program Files\360\Total Security\safemon\Safehmpg.dll
.text C:\Windows\Explorer.EXE[2040] kernel32.dll!CreateProcessInternalW 76D608A2 5 Bytes JMP 6BD993E0 C:\Program Files\360\Total Security\safemon\safemon.dll
.text C:\Windows\Explorer.EXE[2040] SHELL32.dll!SHGetItemFromDataObject + 378 75DDEB6C 4 Bytes [20, 81, 0B, 6A]
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!SetScrollRange 76DF8EC5 5 Bytes JMP 6B6CCDCF C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!GetScrollInfo 76E02DA3 7 Bytes JMP 6B6CCD43 C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!SetScrollInfo 76E048DA 7 Bytes JMP 6B6CCD97 C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!GetScrollRange 76E2045A 5 Bytes JMP 6B6CCD7B C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!SetScrollPos 76E204BE 5 Bytes JMP 6B6CCDB3 C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!GetScrollPos 76E20E43 5 Bytes JMP 6B6CCD5F C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!EnableScrollBar 76E219CE 7 Bytes JMP 6B6CCD27 C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\360\Total Security\safemon\QHSafeTray.exe[2224] USER32.dll!ShowScrollBar 76E23C89 5 Bytes JMP 6B6CCDEB C:\Program Files\360\Total Security\safemon\360hipsPopWnd.dll
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!SetScrollRange 76DF8EC5 5 Bytes JMP 00FF6F25 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!GetScrollInfo 76E02DA3 5 Bytes JMP 00FF6EAC C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!SetScrollInfo 76E048DA 5 Bytes JMP 00FF6F62 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!GetScrollRange 76E2045A 5 Bytes JMP 00FF6E43 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!SetScrollPos 76E204BE 5 Bytes JMP 00FF6E18 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!GetScrollPos 76E20E43 5 Bytes JMP 00FF6E81 C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!EnableScrollBar 76E219CE 5 Bytes JMP 00FF6F9C C:\Program Files\CCleaner\CCleaner.exe
.text C:\Program Files\CCleaner\CCleaner.exe[2388] USER32.dll!ShowScrollBar 76E23C89 5 Bytes JMP 00FF6EE5 C:\Program Files\CCleaner\CCleaner.exe
---- Devices - GMER 2.1 ----
Device \FileSystem\Npfs \Device\NamedPipe 360Box.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active
Reg HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\CIT\System\Active@C5E2B196 34
---- EOF - GMER 2.1 ----
Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:30 on 05/12/2015 (Hubacsek)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Hubacsek Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:05-12-2015
durchgeführt von Hubacsek (Administrator) auf HUBACSEK-PC (05-12-2015 12:31:43)
Gestartet von C:\Users\Hubacsek\Desktop
Geladene Profile: Hubacsek (Verfügbare Profile: Hubacsek)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
(Qihu Software Co. Limited) C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SDTray] => C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1473656 2015-10-29] (QIHU 360 SOFTWARE CO. LIMITED)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [495728 2009-10-24] (IDT, Inc.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1317350091-3612203622-4277952169-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1317350091-3612203622-4277952169-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-11-16] (Piriform Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2015-12-01] (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{13D9D5F7-A52E-4936-A1D6-05F979A79410}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{70B74559-A8F6-431D-BFFD-27907F96EC96}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Hubacsek\AppData\Roaming\Mozilla\Firefox\Profiles\qi4xy49w.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-12-04] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files\360\Total Security\safemon\webprotection_firefox
FF Extension: 360 Internet Protection - C:\Program Files\360\Total Security\safemon\webprotection_firefox [2015-12-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [863864 2015-10-29] (QIHU 360 SOFTWARE CO. LIMITED)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; c:\program files\idt\wdm\STacSV.exe [225382 2009-10-24] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker.sys [121936 2015-10-29] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [66128 2015-10-29] (360.cn)
R1 360Box; C:\Windows\System32\DRIVERS\360Box.sys [203856 2015-10-29] (360.cn)
R1 360Camera; C:\Windows\System32\Drivers\360Camera.sys [34888 2015-10-29] (360.cn)
R1 360SelfProtection; C:\Windows\System32\drivers\360SelfProtection.sys [179024 2015-10-29] (360安全中心)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV.sys [174672 2015-10-29] (360.cn)
R1 EfiMon; C:\Windows\System32\Drivers\Efimon.sys [23248 2015-10-29] (360.cn)
R0 HookPort; C:\Windows\System32\Drivers\Hookport.sys [60112 2015-10-29] (360安全中心)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R1 qutmdserv; C:\Windows\System32\DRIVERS\qutmdrv.sys [293840 2015-10-29] (360.cn)
R1 qutmipc; C:\Windows\system32\drivers\qutmipc.sys [53960 2015-10-29] (360.cn)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30848 2015-12-03] ()
R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 pwddykow; \??\C:\Users\Hubacsek\AppData\Local\Temp\pwddykow.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-05 12:30 - 2015-12-05 12:30 - 00000000 _____ C:\Users\Hubacsek\defogger_reenable
2015-12-05 12:29 - 2015-12-05 12:29 - 00050477 _____ C:\Users\Hubacsek\Desktop\Defogger.exe
2015-12-05 12:11 - 2015-12-05 12:11 - 00380416 _____ C:\Users\Hubacsek\Desktop\Gmer-19357.exe
2015-12-05 12:08 - 2015-12-05 12:31 - 00007577 _____ C:\Users\Hubacsek\Desktop\FRST.txt
2015-12-05 12:08 - 2015-12-05 12:09 - 00017954 _____ C:\Users\Hubacsek\Desktop\Addition.txt
2015-12-05 12:01 - 2015-12-05 12:31 - 00000000 ____D C:\FRST
2015-12-05 12:00 - 2015-12-05 12:07 - 01719808 _____ (Farbar) C:\Users\Hubacsek\Desktop\FRST.exe
2015-12-05 11:42 - 2015-12-05 11:42 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-12-04 23:25 - 2015-12-04 23:25 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-04 18:44 - 2015-12-04 18:44 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-12-04 18:44 - 2015-12-04 18:44 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-12-04 18:44 - 2015-12-04 18:44 - 00000000 ____D C:\Windows\system32\Macromed
2015-12-04 18:44 - 2015-12-04 18:44 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\Macromedia
2015-12-04 18:44 - 2015-12-04 18:44 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\Macromedia
2015-12-04 18:37 - 2015-12-04 18:37 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\GWX
2015-12-04 18:02 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-12-04 17:52 - 2015-12-04 18:43 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\Adobe
2015-12-04 17:52 - 2015-12-04 17:52 - 00000000 ____D C:\Users\Hubacsek\AppData\LocalLow\Adobe
2015-12-04 17:52 - 2015-12-04 17:52 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\CEF
2015-12-04 17:47 - 2015-12-04 17:52 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\Adobe
2015-12-04 14:29 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-04 14:29 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-04 14:29 - 2015-10-30 23:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-04 14:29 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-04 14:29 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-04 14:29 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-04 14:29 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-04 14:29 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-04 14:29 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-04 14:29 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-04 14:29 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-04 14:29 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-04 14:29 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-04 14:29 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-04 14:29 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-04 14:29 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-04 14:29 - 2015-10-30 23:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-04 14:29 - 2015-10-30 23:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-04 14:29 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-04 14:29 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-04 14:29 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-04 14:29 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-04 14:29 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-04 14:29 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-04 14:29 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-04 14:29 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-04 14:29 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-04 14:29 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-04 14:29 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-04 14:29 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-04 14:29 - 2015-10-30 23:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-04 14:29 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-04 14:29 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-04 14:29 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-04 14:28 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-12-04 14:28 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-04 14:28 - 2015-07-30 18:57 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-04 14:28 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-12-04 14:24 - 2012-05-14 05:33 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-12-04 14:21 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-12-04 14:16 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-12-04 10:36 - 2015-12-04 10:36 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-12-04 10:36 - 2015-12-04 10:36 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-12-04 10:36 - 2015-12-04 10:36 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-12-04 10:36 - 2015-12-04 10:36 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-12-04 10:36 - 2015-12-04 10:36 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-12-04 10:36 - 2015-12-04 10:36 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-12-04 10:36 - 2015-12-04 10:36 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-12-04 10:36 - 2015-12-04 10:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-12-04 10:34 - 2015-12-04 10:34 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-12-04 10:34 - 2015-12-04 10:34 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-12-04 10:32 - 2015-12-04 10:32 - 01158144 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 01080832 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00604160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00187392 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-12-04 10:32 - 2015-12-04 10:32 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-12-04 10:29 - 2015-12-04 10:29 - 01505280 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-12-04 10:25 - 2015-12-04 10:25 - 00000000 ____D C:\bedbeed3b046ffba49c8dbd874ce5f
2015-12-04 01:06 - 2015-01-09 00:44 - 00419936 _____ C:\Windows\system32\locale.nls
2015-12-04 00:51 - 2012-06-02 15:34 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-12-04 00:50 - 2012-07-26 04:39 - 00047720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-12-04 00:50 - 2012-07-26 04:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-12-04 00:50 - 2012-07-26 04:20 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-12-04 00:50 - 2012-07-26 04:20 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-12-04 00:50 - 2012-07-26 04:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-12-04 00:50 - 2012-07-26 04:20 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-12-04 00:50 - 2012-07-26 03:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-12-04 00:50 - 2012-07-26 03:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-12-04 00:50 - 2012-07-26 03:32 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-12-04 00:50 - 2012-06-02 15:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-12-04 00:49 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-12-04 00:49 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-12-04 00:49 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-12-04 00:49 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-12-04 00:47 - 2012-03-01 06:46 - 00019824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-12-04 00:47 - 2012-03-01 06:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-12-04 00:33 - 2015-01-09 03:48 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-12-04 00:33 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-12-04 00:33 - 2015-01-09 03:48 - 00027136 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-12-04 00:31 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-12-04 00:31 - 2015-01-29 04:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-12-04 00:31 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2015-12-04 00:31 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-12-04 00:31 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-12-04 00:31 - 2012-07-04 20:45 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-12-04 00:30 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-12-04 00:30 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-12-04 00:30 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-12-04 00:30 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-12-04 00:30 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-12-04 00:30 - 2013-02-12 04:32 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-12-04 00:28 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-12-04 00:28 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-12-04 00:28 - 2011-06-16 05:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-12-04 00:27 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-12-04 00:27 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-12-04 00:27 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-12-04 00:27 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-12-04 00:27 - 2015-08-05 18:41 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-12-04 00:27 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-12-04 00:27 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-12-04 00:27 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-12-04 00:27 - 2013-01-24 05:47 - 00196328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-12-04 00:27 - 2012-11-02 06:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-12-04 00:27 - 2011-02-18 06:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-12-04 00:26 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-12-04 00:26 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-12-04 00:26 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-12-04 00:26 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-12-04 00:26 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-12-04 00:25 - 2014-06-16 02:44 - 00730048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-12-04 00:25 - 2014-06-16 02:44 - 00219072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-12-04 00:25 - 2014-06-16 02:40 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-12-04 00:25 - 2014-03-04 10:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-12-04 00:25 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-12-04 00:24 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-12-04 00:24 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-12-04 00:24 - 2015-10-29 18:49 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-12-04 00:24 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-12-04 00:24 - 2015-06-11 18:57 - 00919552 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-12-04 00:24 - 2015-06-11 18:15 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-12-04 00:24 - 2015-06-11 18:15 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-12-04 00:24 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-12-04 00:24 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-12-04 00:24 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-12-04 00:24 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-12-04 00:24 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-12-04 00:24 - 2012-08-21 21:12 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-12-04 00:23 - 2015-10-13 17:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-12-04 00:23 - 2015-10-13 17:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-12-04 00:23 - 2015-07-15 18:59 - 00078784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-12-04 00:23 - 2015-07-15 18:55 - 01159168 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-12-04 00:23 - 2015-07-15 18:54 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-12-04 00:23 - 2011-12-30 06:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-12-04 00:23 - 2011-05-24 11:44 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-12-04 00:22 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-12-04 00:22 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-12-04 00:22 - 2015-10-20 01:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-12-04 00:22 - 2015-10-20 01:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-12-04 00:22 - 2015-10-20 01:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-12-04 00:22 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-12-04 00:22 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-12-04 00:22 - 2015-10-20 01:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-12-04 00:22 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-12-04 00:22 - 2015-10-20 01:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-12-04 00:22 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-12-04 00:22 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-12-04 00:22 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-12-04 00:22 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-12-04 00:22 - 2015-10-20 00:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-12-04 00:22 - 2015-10-20 00:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-12-04 00:22 - 2015-10-20 00:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-12-04 00:22 - 2013-05-10 04:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-12-04 00:21 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-12-04 00:21 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-12-04 00:21 - 2015-09-02 03:48 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-12-04 00:21 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-12-04 00:21 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-12-04 00:21 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-12-04 00:21 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-12-04 00:20 - 2015-10-13 05:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-12-04 00:20 - 2015-04-11 04:07 - 00054656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-12-04 00:20 - 2015-03-04 05:16 - 00249784 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-12-04 00:20 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-12-04 00:20 - 2014-01-28 03:07 - 00185344 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-12-04 00:20 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-12-04 00:20 - 2013-03-19 04:33 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-12-04 00:19 - 2015-11-03 18:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-04 00:19 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-12-04 00:19 - 2014-02-04 03:07 - 00234432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-12-04 00:19 - 2014-02-04 03:07 - 00149440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-12-04 00:19 - 2014-02-04 03:07 - 00027072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-12-04 00:19 - 2014-02-04 03:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-12-04 00:19 - 2012-10-03 17:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-12-04 00:19 - 2012-10-03 17:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-12-04 00:19 - 2012-10-03 17:40 - 00499712 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-12-04 00:19 - 2012-10-03 16:21 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-12-04 00:18 - 2015-07-22 18:53 - 00937984 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-12-04 00:18 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-12-04 00:18 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-12-04 00:18 - 2015-07-22 17:38 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-12-04 00:16 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-12-04 00:16 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-12-04 00:16 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-12-04 00:16 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-12-04 00:16 - 2015-06-17 18:39 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-12-04 00:16 - 2012-06-06 06:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-12-04 00:16 - 2011-05-04 05:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-12-04 00:16 - 2011-05-04 05:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-12-04 00:16 - 2011-05-04 05:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-12-04 00:16 - 2011-05-04 05:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-12-04 00:16 - 2011-05-04 05:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-12-04 00:16 - 2011-05-04 05:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-12-04 00:16 - 2011-05-04 05:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-12-04 00:16 - 2011-05-04 05:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-12-04 00:16 - 2011-05-04 05:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-12-04 00:15 - 2014-06-18 02:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-12-04 00:15 - 2014-01-24 03:18 - 01212352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-12-04 00:15 - 2012-07-04 22:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-12-04 00:15 - 2012-07-04 22:14 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-12-04 00:15 - 2012-07-04 22:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-12-04 00:14 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-12-04 00:14 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-12-04 00:14 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-12-04 00:14 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-12-04 00:14 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-12-04 00:14 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-12-04 00:14 - 2015-04-18 03:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-12-04 00:14 - 2013-07-25 09:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-12-04 00:13 - 2015-10-01 18:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-12-04 00:13 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-12-04 00:13 - 2015-10-01 18:50 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-12-04 00:13 - 2015-10-01 18:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-12-04 00:13 - 2015-10-01 18:50 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-12-04 00:13 - 2015-10-01 17:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-12-04 00:13 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-12-04 00:13 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-12-04 00:13 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-12-04 00:13 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-12-04 00:13 - 2015-04-13 04:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-12-04 00:13 - 2014-08-01 12:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-12-04 00:13 - 2014-06-06 10:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-12-04 00:13 - 2014-04-05 03:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-12-04 00:13 - 2014-04-05 03:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-12-04 00:13 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-12-04 00:13 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-12-04 00:13 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-12-04 00:12 - 2014-12-19 03:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-12-04 00:12 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-12-04 00:12 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-12-04 00:12 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-12-04 00:12 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-12-04 00:12 - 2012-12-07 13:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-12-04 00:12 - 2012-12-07 13:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-12-04 00:12 - 2012-12-07 11:46 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-12-04 00:12 - 2012-12-07 11:46 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-12-04 00:11 - 2015-09-23 14:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-12-04 00:11 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-12-04 00:11 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-12-04 00:11 - 2014-12-11 18:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-12-04 00:11 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-12-04 00:11 - 2012-09-25 23:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-12-04 00:11 - 2012-03-17 08:27 - 00056176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-12-04 00:11 - 2011-12-16 08:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-12-04 00:11 - 2011-11-17 06:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-12-04 00:10 - 2015-09-18 18:47 - 00023384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-12-04 00:10 - 2015-09-18 18:44 - 01120768 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-12-04 00:10 - 2015-09-18 18:44 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-12-04 00:10 - 2015-09-18 18:44 - 00587776 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-12-04 00:10 - 2015-09-18 18:44 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-12-04 00:10 - 2015-09-18 18:44 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-12-04 00:10 - 2015-09-18 18:35 - 00999936 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-12-04 00:10 - 2015-02-18 08:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-12-04 00:10 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-12-04 00:10 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-12-04 00:10 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-12-04 00:09 - 2015-06-25 10:48 - 00105408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-12-04 00:09 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-12-04 00:09 - 2015-06-25 10:44 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-12-04 00:09 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-12-04 00:09 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-12-04 00:09 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-12-04 00:09 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-12-04 00:09 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-12-04 00:09 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-12-04 00:09 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-12-04 00:09 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-12-04 00:09 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-12-04 00:09 - 2012-04-26 05:45 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-12-04 00:09 - 2012-04-26 05:41 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-12-04 00:09 - 2012-01-04 09:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-12-04 00:08 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-12-04 00:08 - 2015-10-01 18:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-12-04 00:08 - 2015-07-15 03:55 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-12-04 00:08 - 2015-02-25 04:03 - 00514560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-12-04 00:08 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2015-12-04 00:08 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-12-04 00:08 - 2012-10-09 18:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-12-04 00:08 - 2012-10-09 18:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-04 00:07 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-04 00:07 - 2015-10-20 18:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-04 00:07 - 2015-10-20 18:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-04 00:07 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-04 00:07 - 2015-10-20 18:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-04 00:07 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-12-04 00:07 - 2015-05-09 04:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-12-04 00:07 - 2015-05-09 04:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-12-04 00:07 - 2015-05-09 04:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-12-04 00:07 - 2015-05-09 04:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-12-04 00:07 - 2015-05-09 04:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 04:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 02:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 02:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 02:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-12-04 00:07 - 2015-05-09 02:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-12-04 00:07 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-12-04 00:07 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-12-04 00:07 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-12-04 00:07 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-12-04 00:07 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-12-04 00:07 - 2014-12-19 02:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-12-04 00:07 - 2014-12-06 04:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-12-04 00:07 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-04 00:07 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-12-04 00:07 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-12-04 00:07 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-12-04 00:07 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-12-04 00:07 - 2012-10-03 17:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-12-04 00:07 - 2012-10-03 17:42 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-12-04 00:06 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-12-04 00:06 - 2015-02-03 04:12 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-12-04 00:06 - 2015-02-03 04:11 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-12-04 00:06 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-12-04 00:06 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-12-04 00:06 - 2015-02-03 04:11 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-12-04 00:06 - 2015-02-03 04:11 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-12-04 00:06 - 2015-02-03 04:10 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-12-04 00:06 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-12-04 00:06 - 2015-02-03 04:00 - 00593920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-12-04 00:06 - 2014-10-31 23:22 - 00521384 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-12-04 00:06 - 2014-06-28 01:21 - 00455752 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-12-04 00:06 - 2014-06-28 01:21 - 00409272 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-12-04 00:06 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-12-04 00:06 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-12-04 00:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-12-04 00:06 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-12-04 00:06 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-12-04 00:06 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-12-04 00:06 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-12-04 00:06 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-12-04 00:06 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-12-04 00:06 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-12-04 00:06 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-12-04 00:06 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-12-04 00:06 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-12-04 00:06 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-12-04 00:05 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-04 00:05 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-12-04 00:05 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-12-04 00:05 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-12-03 23:31 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-12-03 23:31 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-12-03 23:31 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-12-03 23:31 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-12-03 23:31 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-12-03 23:26 - 2012-02-17 06:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-12-03 23:26 - 2012-02-17 05:13 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-12-03 21:24 - 2015-12-03 21:25 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-03 21:23 - 2015-12-03 21:23 - 22908888 _____ (Malwarebytes ) C:\Users\Hubacsek\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-03 21:23 - 2015-12-03 21:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-03 21:23 - 2015-12-03 21:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-03 21:23 - 2015-12-03 21:23 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2015-12-03 21:23 - 2015-10-05 09:50 - 00094936 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-03 21:23 - 2015-10-05 09:50 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-03 21:23 - 2015-10-05 09:50 - 00023256 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-03 21:18 - 2015-12-03 21:18 - 00000553 _____ C:\Users\Hubacsek\Downloads\JRT.txt
2015-12-03 21:13 - 2015-12-03 21:13 - 01599336 _____ (Malwarebytes) C:\Users\Hubacsek\Downloads\JRT.exe
2015-12-03 21:07 - 2015-12-03 21:10 - 00000000 ____D C:\AdwCleaner
2015-12-03 21:05 - 2015-12-03 21:05 - 01736704 _____ C:\Users\Hubacsek\Downloads\adwcleaner_5.023.exe
2015-12-03 21:00 - 2015-12-03 21:00 - 00448512 _____ (OldTimer Tools) C:\Users\Hubacsek\Downloads\TFC.exe
2015-12-03 20:55 - 2015-12-03 21:00 - 00194122 _____ C:\TDSSKiller.3.1.0.7_03.12.2015_20.55.16_log.txt
2015-12-03 20:54 - 2015-12-03 20:54 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Hubacsek\Downloads\tdsskiller.exe
2015-12-03 20:50 - 2015-12-03 20:50 - 00000000 ____D C:\Program Files\CCleaner
2015-12-03 20:49 - 2015-12-03 20:50 - 06801752 _____ (Piriform Ltd) C:\Users\Hubacsek\Downloads\ccsetup512.exe
2015-12-03 20:48 - 2015-12-03 23:22 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\CrashDumps
2015-12-03 20:37 - 2015-12-03 20:48 - 00000000 ____D C:\ProgramData\RogueKiller
2015-12-03 20:37 - 2015-12-03 20:37 - 00030848 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-12-03 20:36 - 2015-12-03 20:36 - 20826184 _____ C:\Users\Hubacsek\Downloads\RogueKiller.exe
2015-12-03 20:31 - 2015-12-03 20:32 - 00002590 _____ C:\Users\Hubacsek\Downloads\Rkill.txt
2015-12-03 20:30 - 2015-12-03 20:30 - 02032072 _____ (Bleeping Computer, LLC) C:\Users\Hubacsek\Downloads\rkill.exe
2015-12-03 19:15 - 2013-04-26 05:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-12-02 22:33 - 2015-12-02 22:33 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-12-02 22:33 - 2015-12-02 22:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-12-01 23:06 - 2015-12-04 18:34 - 00408320 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-01 23:03 - 2015-12-05 12:08 - 00000000 __SHD C:\$360Section
2015-12-01 22:14 - 2015-12-01 22:14 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\HP
2015-12-01 22:12 - 2015-12-01 22:12 - 00000000 ____D C:\ProgramData\HP
2015-12-01 22:12 - 2010-06-14 21:31 - 00264552 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinksts5512LM.dll
2015-12-01 22:12 - 2010-06-14 21:31 - 00213352 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpinkcoi5512.dll
2015-12-01 21:54 - 2015-12-01 21:54 - 00108824 _____ C:\Users\Hubacsek\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-01 21:00 - 2015-12-01 21:00 - 00000000 ____D C:\Windows\system32\SPReview
2015-12-01 21:00 - 2015-12-01 21:00 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-12-01 20:59 - 2015-12-01 20:59 - 00000000 ____D C:\Windows\system32\EventProviders
2015-12-01 20:55 - 2015-12-01 20:55 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-01 20:55 - 2015-12-01 20:55 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-01 20:39 - 2011-10-15 06:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-12-01 20:36 - 2011-05-03 05:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-12-01 20:30 - 2011-08-17 05:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-12-01 20:30 - 2011-08-17 05:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-12-01 20:30 - 2010-11-20 13:16 - 00204288 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2015-12-01 20:30 - 2010-11-20 13:16 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2015-12-01 20:30 - 2010-11-20 13:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2015-12-01 20:27 - 2011-08-27 05:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-12-01 20:19 - 2011-06-15 09:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\system32\odbcjt32.dll
2015-12-01 20:19 - 2011-06-15 09:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-12-01 20:19 - 2011-06-15 09:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-12-01 20:19 - 2011-06-15 09:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-12-01 20:19 - 2011-06-15 09:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-12-01 20:16 - 2011-04-29 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-12-01 20:16 - 2011-04-29 03:46 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-12-01 20:16 - 2011-04-29 03:46 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-12-01 20:11 - 2011-02-23 05:47 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-12-01 20:06 - 2011-03-03 06:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-12-01 20:06 - 2011-03-03 06:38 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-12-01 20:06 - 2011-03-03 06:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-12-01 20:03 - 2011-03-11 06:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-12-01 20:03 - 2011-03-11 06:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-12-01 20:01 - 2011-02-12 06:35 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-12-01 20:01 - 2010-11-20 13:17 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\WFS.exe
2015-12-01 19:56 - 2010-12-23 06:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-12-01 19:56 - 2010-12-23 06:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-12-01 19:56 - 2010-12-23 06:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-12-01 19:49 - 2010-11-20 13:32 - 05066752 _____ (Microsoft Corporation) C:\Windows\system32\AuthFWSnapin.dll
2015-12-01 19:49 - 2010-11-20 13:30 - 00245632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2015-12-01 19:49 - 2010-11-20 13:30 - 00143744 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-12-01 19:49 - 2010-11-20 13:30 - 00117120 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-12-01 19:49 - 2010-11-20 13:30 - 00116096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msdsm.sys
2015-12-01 19:49 - 2010-11-20 13:29 - 00520064 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-12-01 19:49 - 2010-11-20 13:29 - 00080256 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-12-01 19:49 - 2010-11-20 13:29 - 00014208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hwpolicy.sys
2015-12-01 19:49 - 2010-11-20 13:24 - 00271664 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2015-12-01 19:49 - 2010-11-20 13:23 - 00144768 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 02983424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 02755072 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01712640 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01667584 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01128448 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01115136 _____ (Microsoft Corporation) C:\Windows\system32\RacEngn.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01086976 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 01063936 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00974336 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00811520 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\sqlsrv32.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00551424 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00412160 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00380416 _____ (Microsoft Corporation) C:\Windows\system32\sxs.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00376832 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00351232 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00335872 _____ (Microsoft Corporation) C:\Windows\system32\WinSATAPI.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00270848 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00269824 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\spwizui.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00228352 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\spp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00171008 _____ (Microsoft Corporation) C:\Windows\system32\umrdp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\tspubwmi.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2015-12-01 19:49 - 2010-11-20 13:21 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 02494464 _____ (Microsoft Corporation) C:\Windows\system32\netshell.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00988160 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00932352 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\NaturalLanguage6.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\qmgr.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00563712 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00547840 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-12-01 19:49 - 2010-11-20 13:20 - 00330240 _____ (Microsoft Corporation) C:\Windows\system32\QAGENTRT.DLL
2015-12-01 19:49 - 2010-11-20 13:20 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\prncache.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 02291712 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 02151936 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 01698816 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00954752 _____ (Microsoft Corporation) C:\Windows\system32\mfc40.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00954288 _____ (Microsoft Corporation) C:\Windows\system32\mfc40u.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00732160 _____ (Microsoft Corporation) C:\Windows\system32\imapi2fs.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00155136 _____ (Microsoft Corporation) C:\Windows\system32\hgprint.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2015-12-01 19:49 - 2010-11-20 13:19 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 02522624 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 01828352 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\certmgr.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 01334272 _____ (Microsoft Corporation) C:\Windows\system32\CertEnroll.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00863744 _____ (Microsoft Corporation) C:\Windows\system32\diagperf.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00854016 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00762880 _____ (Microsoft Corporation) C:\Windows\system32\azroles.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00546304 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00494592 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-12-01 19:49 - 2010-11-20 13:18 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00339968 _____ (Microsoft Corporation) C:\Windows\system32\appmgr.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\drvstore.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00252928 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\dps.dll
2015-12-01 19:49 - 2010-11-20 13:18 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\dot3api.dll
2015-12-01 19:49 - 2010-11-20 13:17 - 03367424 _____ (Microsoft Corporation) C:\Windows\system32\WinSAT.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 02616320 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 01203200 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\lpksetup.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\spinstall.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00317440 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\cmd.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00280576 _____ (Microsoft Corporation) C:\Windows\system32\spreview.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\lsm.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00161280 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00080896 _____ C:\Windows\system32\RDVGHelper.exe
2015-12-01 19:49 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\PushPrinterConnections.exe
2015-12-01 19:49 - 2010-11-20 13:16 - 00776192 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-12-01 19:49 - 2010-11-20 11:24 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-12-01 19:49 - 2010-11-20 11:22 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\rdpdd.dll
2015-12-01 19:49 - 2010-11-20 11:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\1394ohci.sys
2015-12-01 19:49 - 2010-11-20 09:44 - 00388096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2015-12-01 19:49 - 2010-11-20 09:44 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2015-12-01 19:49 - 2010-11-05 03:20 - 00146852 _____ C:\Windows\system32\systemsf.ebd
2015-12-01 19:49 - 2010-11-05 02:58 - 00297808 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2015-12-01 19:49 - 2010-11-05 02:58 - 00049488 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2015-12-01 19:49 - 2010-11-05 02:53 - 00295264 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2015-12-01 19:49 - 2010-11-05 02:53 - 00099176 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2015-12-01 19:48 - 2010-11-20 13:36 - 01077248 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2015-12-01 19:48 - 2010-11-20 13:36 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\NAPHLPR.DLL
2015-12-01 19:48 - 2010-11-20 13:36 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\NAPCRYPT.DLL
2015-12-01 19:48 - 2010-11-20 13:30 - 00175360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmbus.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00173440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00160128 _____ (Microsoft Corporation)
|
|
05.12.2015, 13:25
| #3 |
| | FRST.txt Teil 2Code:
ATTFilter C:\Windows\system32\Drivers\vhdmp.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00153984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00140160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scsiport.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00130432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpio.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00085376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sbp2port.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00053120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00040704 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vmstorfl.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsc.sys
2015-12-01 19:48 - 2010-11-20 13:30 - 00028032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msahci.sys
2015-12-01 19:48 - 2010-11-20 13:29 - 02217856 _____ (Microsoft Corporation) C:\Windows\system32\bootres.dll
2015-12-01 19:48 - 2010-11-20 13:29 - 00332160 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-12-01 19:48 - 2010-11-20 13:29 - 00274304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2015-12-01 19:48 - 2010-11-20 13:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\halmacpi.dll
2015-12-01 19:48 - 2010-11-20 13:29 - 00194432 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2015-12-01 19:48 - 2010-11-20 13:29 - 00137088 _____ (Microsoft Corporation) C:\Windows\system32\halacpi.dll
2015-12-01 19:48 - 2010-11-20 13:29 - 00043392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winhv.sys
2015-12-01 19:48 - 2010-11-20 13:29 - 00022400 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-12-01 19:48 - 2010-11-20 13:21 - 02202624 _____ (Microsoft Corporation) C:\Windows\system32\SensorsCpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 02157568 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 02146304 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 01624064 _____ (Microsoft Corporation) C:\Windows\system32\WMPEncEn.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 01326592 _____ (Microsoft Corporation) C:\Windows\system32\wlanpref.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 01227776 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 01003008 _____ (Microsoft Corporation) C:\Windows\system32\WMNetMgr.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00933376 _____ (Microsoft Corporation) C:\Windows\system32\Vault.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00907776 _____ (Microsoft Corporation) C:\Windows\system32\sdengin2.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00782336 _____ (Microsoft Corporation) C:\Windows\system32\webservices.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\wpccpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00755200 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00750080 _____ (Microsoft Corporation) C:\Windows\system32\sdcpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00697344 _____ (Microsoft Corporation) C:\Windows\system32\SmiEngine.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00638976 _____ (Microsoft Corporation) C:\Windows\system32\VAN.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00600064 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00577024 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\scrptadm.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00463360 _____ (Microsoft Corporation) C:\Windows\system32\wiaservc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00458752 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\shwebsvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\wiadefui.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\wlangpui.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00410624 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\wlanui.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\termmgr.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00352768 _____ (Microsoft Corporation) C:\Windows\system32\spwizeng.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\wmpeffects.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\shsvcs.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\raschap.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\sharemediacpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\srchadmin.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00299520 _____ (Microsoft Corporation) C:\Windows\system32\wmpdxm.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\srrstr.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\scansetting.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\tapisrv.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\taskbarcpl.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\wavemsp.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\SndVolSSO.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\wpdwcn.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00198144 _____ (Microsoft Corporation) C:\Windows\system32\sysclass.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\vaultsvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\wmpsrcwp.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00181760 _____ (Microsoft Corporation) C:\Windows\system32\tcpipcfg.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\scecli.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\vdsbas.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\syncui.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00154624 _____ (Microsoft Corporation) C:\Windows\system32\tscfgwmi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00151040 _____ (Microsoft Corporation) C:\Windows\system32\vdsutil.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\remotepg.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\twext.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\recovery.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00134656 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00125952 _____ (Microsoft Corporation) C:\Windows\system32\sdrsvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\uxlib.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\sppnp.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00111104 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\wkssvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\QUTIL.DLL
2015-12-01 19:48 - 2010-11-20 13:21 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\UserAccountControlSettings.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\TabSvc.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\regapi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00051200 _____ (Twain Working Group) C:\Windows\twain_32.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\samcli.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\RpcRtRemote.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wtsapi32.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\rtutils.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\vpnikeapi.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\sisbkup.dll
2015-12-01 19:48 - 2010-11-20 13:21 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 02504192 _____ (Microsoft Corporation) C:\Windows\system32\WMVCORE.DLL
2015-12-01 19:48 - 2010-11-20 13:20 - 02130944 _____ (Microsoft Corporation) C:\Windows\system32\networkmap.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 01750528 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 01661440 _____ (Microsoft Corporation) C:\Windows\system32\networkexplorer.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 01644032 _____ (Microsoft Corporation) C:\Windows\system32\netcenter.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\pla.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\onexui.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\OobeFldr.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\PerfCenterCPL.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\powercpl.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00395264 _____ (Microsoft Corporation) C:\Windows\system32\prnfldr.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\nshipsec.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00297472 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\netdiagfx.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\OnLineIDCpl.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00199168 _____ (Microsoft Corporation) C:\Windows\system32\onex.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\qcap.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00175616 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ocsetapi.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\QAGENT.DLL
2015-12-01 19:48 - 2010-11-20 13:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-12-01 19:48 - 2010-11-20 13:20 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\netiohlp.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00165376 _____ (Microsoft Corporation) C:\Windows\system32\provsvc.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\netjoin.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\prntvpt.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\netid.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\olepro32.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\nci.dll
2015-12-01 19:48 - 2010-11-20 13:20 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\ntlanman.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 01066496 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00856576 _____ (Microsoft Corporation) C:\Windows\system32\FirewallControlPanel.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2015-12-01 19:48 - 2010-11-20 13:19 - 00828928 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00592384 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00481792 _____ (Microsoft Corporation) C:\Windows\system32\mscms.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00429056 _____ (Microsoft Corporation) C:\Windows\system32\localsec.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\mspbda.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\ipsmsnap.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\imapi2.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00350208 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2015-12-01 19:48 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\mtxclu.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00268800 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00266752 _____ (Microsoft Corporation) C:\Windows\system32\MediaMetadataHandler.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\MSAC3ENC.DLL
2015-12-01 19:48 - 2010-11-20 13:19 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\iTVData.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\MMDevAPI.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mstask.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\fvecpl.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\iasrad.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\msutb.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\ifsutil.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\logoncli.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\fde.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\msvfw32.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\imm32.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL
2015-12-01 19:48 - 2010-11-20 13:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\migisol.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\Windows\system32\fms.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\mciavi32.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00078848 _____ (Microsoft Corporation) C:\Windows\system32\iasacct.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\KMSVC.DLL
2015-12-01 19:48 - 2010-11-20 13:19 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\hbaapi.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\fdeploy.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\mimefilt.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2015-12-01 19:48 - 2010-11-20 13:19 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\msasn1.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 03727872 _____ (Microsoft Corporation) C:\Windows\system32\accessibilitycpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 01400320 _____ (Microsoft Corporation) C:\Windows\system32\DxpTaskSync.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\DiagCpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 01040384 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00740864 _____ (Microsoft Corporation) C:\Windows\system32\batmeter.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00685056 _____ (Microsoft Corporation) C:\Windows\system32\dsuiext.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00665600 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayCpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00630784 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00537600 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00438272 _____ (Microsoft Corporation) C:\Windows\system32\AdmTmpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\biocpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00418816 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\DXP.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00333824 _____ (Microsoft Corporation) C:\Windows\system32\dot3ui.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\azroleui.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\dpx.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\audiodev.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\clusapi.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\defaultlocationcpl.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00214016 _____ (Microsoft Corporation) C:\Windows\system32\dot3svc.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairingFolder.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\efscore.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\activeds.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00196608 _____ (Microsoft Corporation) C:\Windows\system32\dskquoui.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\adsldp.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\autoplay.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\cfgmgr32.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\cscobj.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\bcdsrv.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\cabview.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\AuxiliaryDisplayServices.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dnscmmc.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\dwmredir.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\dot3cfg.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2015-12-01 19:48 - 2010-11-20 13:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acppage.dll
2015-12-01 19:48 - 2010-11-20 13:17 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 01131008 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\mblctr.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00586752 _____ (Microsoft Corporation) C:\Windows\system32\dfrgui.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\FXSSVC.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\wisptis.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\wimserv.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\slui.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\wusa.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00314368 _____ (Microsoft Corporation) C:\Windows\system32\SndVol.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeResults.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\eudcedit.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\diskraid.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00270336 _____ (Microsoft Corporation) C:\Windows\system32\sethc.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\wsqmcons.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\msconfig.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\taskmgr.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\recdisc.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\PkgMgr.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00197632 _____ (Microsoft Corporation) C:\Windows\system32\ocsetup.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00179712 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\PresentationSettings.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00157184 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\setupugc.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\setupcl.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00098816 _____ (Microsoft) C:\Windows\system32\Robocopy.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\nslookup.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\isoburn.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\w32tm.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\rdpsign.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\tzutil.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\proquota.exe
2015-12-01 19:48 - 2010-11-20 13:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\userinit.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00905216 _____ (Microsoft Corporation) C:\Windows\system32\mmsys.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\bthprops.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\autoconv.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\autochk.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00658944 _____ (Microsoft Corporation) C:\Windows\system32\autofmt.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00649216 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\TabletPC.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00516096 _____ (Microsoft Corporation) C:\Windows\system32\main.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\PhotoScreensaver.scr
2015-12-01 19:48 - 2010-11-20 13:16 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2015-12-01 19:48 - 2010-11-20 13:16 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\intl.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\sysdm.cpl
2015-12-01 19:48 - 2010-11-20 13:16 - 00320000 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2015-12-01 19:48 - 2010-11-20 13:16 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\bcdedit.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\ssText3d.scr
2015-12-01 19:48 - 2010-11-20 13:16 - 00281088 _____ (Microsoft Corporation) C:\Windows\system32\unimdm.tsp
2015-12-01 19:48 - 2010-11-20 13:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2015-12-01 19:48 - 2010-11-20 13:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdmaud.drv
2015-12-01 19:48 - 2010-11-20 13:16 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\bcdboot.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00119808 _____ (Microsoft Corporation) C:\Windows\system32\aitagent.exe
2015-12-01 19:48 - 2010-11-20 13:16 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\WSTPager.ax
2015-12-01 19:48 - 2010-11-20 11:24 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpdr.sys
2015-12-01 19:48 - 2010-11-20 11:22 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-12-01 19:48 - 2010-11-20 11:07 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-12-01 19:48 - 2010-11-20 11:00 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-12-01 19:48 - 2010-11-20 10:59 - 00035968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\winusb.sys
2015-12-01 19:48 - 2010-11-20 10:50 - 00190976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2015-12-01 19:48 - 2010-11-20 10:14 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\vmicsvc.exe
2015-12-01 19:48 - 2010-11-20 09:42 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-12-01 19:48 - 2010-11-20 09:39 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2015-12-01 19:48 - 2010-11-05 03:11 - 00312168 _____ (Microsoft Corporation) C:\Windows\system32\MCEWMDRMNDBootstrap.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2015-12-01 19:47 - 2010-11-20 13:21 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2015-12-01 19:47 - 2010-11-20 13:21 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2015-12-01 19:47 - 2010-11-20 13:21 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmdev.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00436736 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmnet.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\wbemcomn.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00350720 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\sqlcese30.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\unattend.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\wdscore.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\sqmapi.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wmpps.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\wiavideo.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\wmpshell.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\sppinst.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\srvcli.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\resutils.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\tlscsp.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\spbcd.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\unimdmat.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\vfwwdm32.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\sppuinotify.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\rdpd3d.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\umb.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\wkscli.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\WavDest.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\wshbth.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\shimgvw.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\wiarpc.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\wdiasqmmodule.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\utildll.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\wsdchngr.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TRAPI.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\rdprefdrvapi.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shgina.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\spopk.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\schedcli.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\syssetup.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\tsbyuv.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\wshirda.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\shunimpl.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\riched32.dll
2015-12-01 19:47 - 2010-11-20 13:21 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\rdpcfgex.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 01160192 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00427520 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceStatus.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00283136 _____ (Microsoft Corporation) C:\Windows\system32\qdv.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00236544 _____ (Microsoft Corporation) C:\Windows\system32\pdh.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceSyncProvider.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\mydocs.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-12-01 19:47 - 2010-11-20 13:20 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\olethk32.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\QCLIPROV.DLL
2015-12-01 19:47 - 2010-11-20 13:20 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\napdsnap.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00060928 _____ (Microsoft Corporation) C:\Windows\system32\ncryptui.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\odbcconf.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\PrintIsolationProxy.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\profprov.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\netutils.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\perfts.dll
2015-12-01 19:47 - 2010-11-20 13:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\nrpsrv.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\FXSTIFF.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\MFPlay.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mprapi.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00122880 _____ (Microsoft Corporation) C:\Windows\system32\iasrecst.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\fphc.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00082944 _____ (Radius Inc.) C:\Windows\system32\iccvid.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\Mcx2Svc.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\inetmib1.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\iyuv_32.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\luainstall.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\FXSMON.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\mciqtz32.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\msvidc32.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\msdmo.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\msyuv.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\HotStartUserAgent.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\lsmproxy.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\muifontsetup.dll
2015-12-01 19:47 - 2010-11-20 13:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msrle32.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00179200 _____ (Microsoft Corporation) C:\Windows\system32\ActionQueue.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\EhStorAPI.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\dot3msm.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00094208 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\avifil32.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\cabinet.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\amstream.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\cca.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\CertPolEng.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsauth.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\AzSqlExt.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\elsTrans.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\bitsperf.dll
2015-12-01 19:47 - 2010-11-20 13:18 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\C_ISCII.DLL
2015-12-01 19:47 - 2010-11-20 13:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\browseui.dll
2015-12-01 19:47 - 2010-11-20 13:17 - 00182784 _____ (Microsoft Corporation) C:\Windows\system32\RelPost.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\iscsicli.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00133632 _____ (Microsoft Corporation) C:\Windows\system32\diskpart.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\MdSched.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\mobsync.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00095232 _____ (Microsoft Corporation) C:\Windows\system32\logagent.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\cmstp.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\tabcal.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\MuiUnattend.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00066048 _____ C:\Windows\system32\PrintBrmUi.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\findstr.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\manage-bde.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\PnPUnattend.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\djoin.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\repair-bde.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\MultiDigiMon.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\takeown.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\runonce.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\unlodctr.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\qwinsta.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netiougc.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\netcfg.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\qprocess.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\msg.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\quser.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\tskill.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\tsdiscon.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\ReAgentc.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\tscon.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\qappsrv.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\logoff.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\shadow.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\rwinsta.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\reset.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\query.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\LogonUI.exe
2015-12-01 19:47 - 2010-11-20 13:17 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00878592 _____ (Microsoft Corporation) C:\Windows\system32\Bubbles.scr
2015-12-01 19:47 - 2010-11-20 13:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\Mystify.scr
2015-12-01 19:47 - 2010-11-20 13:16 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\Ribbons.scr
2015-12-01 19:47 - 2010-11-20 13:16 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\bitsadmin.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\VBICodec.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\powercfg.cpl
2015-12-01 19:47 - 2010-11-20 13:16 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\desk.cpl
2015-12-01 19:47 - 2010-11-20 13:16 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\BdeHdCfg.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\Kswdmcap.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\kstvtune.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00065024 _____ (Microsoft Corporation) C:\Windows\bfsvc.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ksxbar.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\g711codc.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\vbisurf.ax
2015-12-01 19:47 - 2010-11-20 13:16 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\chgport.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\chglogon.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\chgusr.exe
2015-12-01 19:47 - 2010-11-20 13:16 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\change.exe
2015-12-01 19:47 - 2010-11-20 13:07 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2015-12-01 19:47 - 2010-11-20 13:07 - 00007680 _____ (Microsoft Corporation) C:\Windows\system32\spwizres.dll
2015-12-01 19:47 - 2010-11-20 13:06 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-01 19:47 - 2010-11-20 13:05 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\RDPENCDD.dll
2015-12-01 19:47 - 2010-11-20 13:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\pifmgr.dll
2015-12-01 19:47 - 2010-11-20 13:03 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\vmicres.dll
2015-12-01 19:47 - 2010-11-20 13:03 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\vmbusres.dll
2015-12-01 19:47 - 2010-11-20 13:03 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\vmstorfltres.dll
2015-12-01 19:47 - 2010-11-20 13:00 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2015-12-01 19:47 - 2010-11-20 13:00 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2015-12-01 19:47 - 2010-11-20 13:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDSG.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdlk41a.dll
2015-12-01 19:47 - 2010-11-20 13:00 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDCZ1.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUQ.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDTUF.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDSF.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDPO.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDNEPR.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDINBEN.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGR1.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDGKL.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUS.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDUGHR1.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTURME.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAJIK.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMON.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDMAORI.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDLT1.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTEL.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINTAM.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINORI.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINMAR.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINKAN.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDINHIN.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBULG.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBLR.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00006144 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-12-01 19:47 - 2010-11-20 13:00 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\KBDGEO.DLL
2015-12-01 19:47 - 2010-11-20 12:57 - 00002560 _____ (Microsoft Corporation) C:\Windows\system32\dpnaddr.dll
2015-12-01 19:47 - 2010-11-20 12:56 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\BlbEvents.dll
2015-12-01 19:47 - 2010-11-20 11:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbrpm.sys
2015-12-01 19:47 - 2010-11-20 11:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RDPCDD.sys
2015-12-01 19:47 - 2010-11-20 11:21 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\RDPREFDD.dll
2015-12-01 19:47 - 2010-11-20 11:21 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdpipe.sys
2015-12-01 19:47 - 2010-11-20 11:07 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndiswan.sys
2015-12-01 19:47 - 2010-11-20 11:07 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-12-01 19:47 - 2010-11-20 11:06 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-01 19:47 - 2010-11-20 11:06 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-12-01 19:47 - 2010-11-20 11:06 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndisuio.sys
2015-12-01 19:47 - 2010-11-20 11:00 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2015-12-01 19:47 - 2010-11-20 11:00 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\umbus.sys
2015-12-01 19:47 - 2010-11-20 11:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD2.sys
2015-12-01 19:47 - 2010-11-20 11:00 - 00025856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBCAMD.sys
2015-12-01 19:47 - 2010-11-20 10:59 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hdaudbus.sys
2015-12-01 19:47 - 2010-11-20 10:59 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2015-12-01 19:47 - 2010-11-20 10:50 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\CompositeBus.sys
2015-12-01 19:47 - 2010-11-20 10:50 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-12-01 19:47 - 2010-11-20 10:50 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sffp_sd.sys
2015-12-01 19:47 - 2010-11-20 10:24 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\scfilter.sys
2015-12-01 19:47 - 2010-11-20 10:19 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2015-12-01 19:47 - 2010-11-20 10:14 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\VmbusCoinstaller.dll
2015-12-01 19:47 - 2010-11-20 10:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\VmdCoinstall.dll
2015-12-01 19:47 - 2010-11-20 10:14 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\IcCoinstall.dll
2015-12-01 19:47 - 2010-11-20 10:14 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\vmictimeprovider.dll
2015-12-01 19:47 - 2010-11-20 10:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VMBusHID.sys
2015-12-01 19:47 - 2010-11-20 10:14 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\vmbuspipe.dll
2015-12-01 19:47 - 2010-11-20 10:14 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vms3cap.sys
2015-12-01 19:47 - 2010-11-20 09:54 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-12-01 19:47 - 2010-11-20 09:47 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpipmi.sys
2015-12-01 19:47 - 2010-11-20 09:42 - 00078336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2015-12-01 19:47 - 2010-11-20 09:39 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdi.sys
2015-12-01 19:47 - 2010-11-20 09:38 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdrom.sys
2015-12-01 19:47 - 2010-11-20 06:23 - 00053600 _____ C:\Windows\system32\dosx.exe
2015-12-01 19:47 - 2010-11-10 02:45 - 00010429 _____ C:\Windows\system32\ScavengeSpace.xml
2015-12-01 19:47 - 2010-11-05 03:20 - 00105559 _____ C:\Windows\system32\RacRules.xml
2015-12-01 17:56 - 2015-12-05 12:08 - 00000000 ____D C:\ProgramData\360Quarant
2015-12-01 17:55 - 2015-12-05 12:06 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\360safe
2015-12-01 17:55 - 2015-12-01 17:55 - 00000000 ____D C:\Windows\Tasks\360Disabled
2015-12-01 17:54 - 2015-12-05 11:59 - 00000000 ____D C:\Users\Hubacsek\AppData\LocalLow\360WD
2015-12-01 17:54 - 2015-12-01 17:54 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\360TotalSecurity
2015-12-01 17:54 - 2015-12-01 17:54 - 00000000 ____D C:\ProgramData\360TotalSecurity
2015-12-01 17:54 - 2015-10-29 11:29 - 00053960 _____ (360.cn) C:\Windows\system32\Drivers\qutmipc.sys
2015-12-01 17:53 - 2015-12-03 18:53 - 00000000 _RSHD C:\360SANDBOX
2015-12-01 17:53 - 2015-12-01 23:04 - 00000000 ____D C:\ProgramData\360safe
2015-12-01 17:53 - 2015-12-01 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2015-12-01 17:53 - 2015-12-01 17:53 - 00000000 ____D C:\Program Files\360
2015-12-01 17:53 - 2015-10-29 11:29 - 00293840 _____ (360.cn) C:\Windows\system32\Drivers\qutmdrv.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00203856 _____ (360.cn) C:\Windows\system32\Drivers\360Box.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00179024 _____ (360安全中心) C:\Windows\system32\Drivers\360SelfProtection.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00174672 _____ (360.cn) C:\Windows\system32\Drivers\BAPIDRV.SYS
2015-12-01 17:53 - 2015-10-29 11:29 - 00121936 _____ (360.cn) C:\Windows\system32\Drivers\360AntiHacker.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00066128 _____ (360.cn) C:\Windows\system32\Drivers\360AvFlt.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00060112 _____ (360安全中心) C:\Windows\system32\Drivers\hookport.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00034888 _____ (360.cn) C:\Windows\system32\Drivers\360Camera.sys
2015-12-01 17:53 - 2015-10-29 11:29 - 00023248 _____ (360.cn) C:\Windows\system32\Drivers\efimon.sys
2015-12-01 17:51 - 2015-12-04 17:57 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-01 17:51 - 2015-12-01 17:51 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-01 17:51 - 2015-12-01 17:51 - 00000000 ____D C:\Program Files\Adobe
2015-12-01 17:49 - 2015-12-04 17:53 - 00000000 ____D C:\ProgramData\Adobe
2015-12-01 17:41 - 2015-12-01 17:53 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-01 17:37 - 2015-12-03 20:48 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2015-12-01 17:37 - 2015-12-01 20:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-12-01 17:37 - 2015-12-01 17:37 - 00002135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-12-01 17:37 - 2015-12-01 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-12-01 17:37 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2015-12-01 17:36 - 2015-12-01 17:36 - 41743992 _____ C:\Users\Hubacsek\Downloads\360TS_Setup_8.0.0.1047.exe
2015-12-01 17:33 - 2015-12-01 17:33 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Hubacsek\Downloads\spybot-2.4.40.exe
2015-12-01 17:29 - 2015-12-01 17:35 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\Mozilla
2015-12-01 17:29 - 2015-12-01 17:29 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\Mozilla
2015-12-01 17:28 - 2015-12-01 17:28 - 00001121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-01 17:28 - 2015-12-01 17:28 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2015-12-01 17:28 - 2015-12-01 17:28 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-12-01 17:18 - 2015-12-01 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2015-12-01 17:18 - 2015-12-01 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-01 17:17 - 2015-12-01 17:17 - 00000000 ____D C:\Windows\PCHEALTH
2015-12-01 17:17 - 2015-12-01 17:17 - 00000000 ____D C:\Program Files\Microsoft Synchronization Services
2015-12-01 17:17 - 2015-12-01 17:17 - 00000000 ____D C:\Program Files\Microsoft Sync Framework
2015-12-01 17:17 - 2015-12-01 17:17 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-12-01 17:16 - 2015-12-01 17:16 - 00000000 ____D C:\Program Files\Microsoft Visual Studio 8
2015-12-01 17:15 - 2015-12-01 17:15 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-12-01 17:14 - 2015-12-01 17:17 - 00000000 ____D C:\Program Files\Microsoft Office
2015-12-01 17:14 - 2015-12-01 17:14 - 00000000 __RHD C:\MSOCache
2015-12-01 17:14 - 2015-12-01 17:14 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\Microsoft Help
2015-12-01 17:14 - 2015-12-01 17:14 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\GHISLER
2015-12-01 17:09 - 2015-12-01 17:10 - 00000000 ____D C:\totalcmd
2015-12-01 17:09 - 2015-12-01 17:09 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2015-12-01 17:09 - 2015-12-01 17:09 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2015-12-01 17:09 - 2015-12-01 17:09 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\GHISLER
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\UC.PIF
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\RAR.PIF
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\PKZIP.PIF
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\PKUNZIP.PIF
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\LHA.PIF
2015-12-01 17:09 - 2012-05-23 08:00 - 00000545 _____ C:\Windows\ARJ.PIF
2015-12-01 17:03 - 2015-12-01 17:03 - 00000000 ____D C:\Windows\system32\x64
2015-12-01 17:03 - 2015-12-01 17:03 - 00000000 ____D C:\Windows\system32\Lang
2015-12-01 17:03 - 2009-09-08 16:27 - 01002008 _____ (Intel Corporation) C:\Windows\system32\igxpun.exe
2015-12-01 17:00 - 2015-12-04 13:59 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-12-01 17:00 - 2015-12-01 17:00 - 00000000 ____D C:\Windows\system32\appraiser
2015-12-01 16:59 - 2015-12-01 17:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-01 16:58 - 2015-12-05 11:55 - 01498506 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 16:58 - 2009-10-24 06:46 - 12353648 _____ (IDT, Inc.) C:\Windows\system32\idtcpl.cpl
2015-12-01 16:58 - 2009-10-24 06:46 - 03317760 _____ (IDT, Inc.) C:\Windows\system32\stlang.dll
2015-12-01 16:58 - 2009-10-24 06:46 - 00918528 _____ (IDT, Inc.) C:\Windows\system32\stapo.dll
2015-12-01 16:58 - 2009-10-24 06:46 - 00497664 ____N (IDT, Inc.) C:\Windows\system32\stapi32.dll
2015-12-01 16:58 - 2009-10-24 06:46 - 00421376 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt.sys
2015-12-01 16:58 - 2009-10-24 06:46 - 00405504 _____ (IDT, Inc.) C:\Windows\system32\stcplx.dll
2015-12-01 16:58 - 2009-10-24 06:46 - 00225382 _____ (IDT, Inc.) C:\Windows\system32\stacsv.exe
2015-12-01 16:58 - 2009-10-24 06:46 - 00176128 _____ (IDT, Inc.) C:\Windows\system32\st326187.dll
2015-12-01 16:58 - 2009-10-24 06:46 - 00082944 _____ (IDT, Inc.) C:\Windows\system32\IDTPIMA.exe
2015-12-01 16:58 - 2009-10-19 11:42 - 00273408 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO.dll
2015-12-01 16:58 - 2009-09-11 18:06 - 00000548 _____ C:\Windows\system32\Drivers\SamSfPa.dat
2015-12-01 16:58 - 2009-07-04 14:28 - 00347648 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EEP32A.dll
2015-12-01 16:58 - 2009-07-04 14:28 - 00164864 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EED32A.dll
2015-12-01 16:58 - 2009-07-04 14:28 - 00073216 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EEL32A.dll
2015-12-01 16:58 - 2009-07-04 14:28 - 00059392 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\EEG32A.dll
2015-12-01 16:57 - 2015-12-01 16:58 - 00000000 ____D C:\Program Files\IDT
2015-12-01 16:57 - 2015-12-01 16:57 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-12-01 16:57 - 2015-05-21 14:18 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-12-01 16:57 - 2015-01-28 00:28 - 01167520 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-12-01 16:52 - 2015-12-01 16:52 - 00001413 _____ C:\Users\Hubacsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-12-01 16:52 - 2015-12-01 16:52 - 00000000 ____D C:\Users\Hubacsek\AppData\Local\VirtualStore
2015-12-01 16:51 - 2015-12-05 12:30 - 00000000 ____D C:\Users\Hubacsek
2015-12-01 16:51 - 2015-12-01 16:51 - 00000020 ___SH C:\Users\Hubacsek\ntuser.ini
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Vorlagen
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Startmenü
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Netzwerkumgebung
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Lokale Einstellungen
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Eigene Dateien
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Druckumgebung
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Documents\Eigene Videos
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Documents\Eigene Musik
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Documents\Eigene Bilder
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\AppData\Local\Verlauf
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\AppData\Local\Anwendungsdaten
2015-12-01 16:51 - 2015-12-01 16:51 - 00000000 _SHDL C:\Users\Hubacsek\Anwendungsdaten
2015-12-01 16:51 - 2009-07-14 09:56 - 00000000 ____D C:\Users\Hubacsek\AppData\Roaming\Media Center Programs
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\Default User
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Users\All Users
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Programme
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-12-01 16:47 - 2015-12-01 16:47 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-12-01 16:42 - 2015-12-01 16:42 - 00000000 ____D C:\Windows\CSC
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-05 12:01 - 2009-07-14 03:37 - 00000000 ____D C:\Windows
2015-12-05 11:56 - 2009-07-14 05:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 11:56 - 2009-07-14 05:34 - 00014016 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 11:55 - 2009-07-14 09:47 - 00654166 _____ C:\Windows\system32\perfh007.dat
2015-12-05 11:55 - 2009-07-14 09:47 - 00130006 _____ C:\Windows\system32\perfc007.dat
2015-12-05 11:55 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2015-12-05 11:54 - 2009-10-14 04:07 - 00000000 ____D C:\Windows\Panther
2015-12-05 11:48 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-04 19:35 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2015-12-04 18:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\tracing
2015-12-04 18:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Dism
2015-12-04 18:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-12-04 18:31 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-12-04 13:59 - 2009-07-14 09:56 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-04 13:59 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-04 00:47 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2015-12-02 21:42 - 2009-07-14 05:53 - 00008692 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-01 22:59 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-01 21:31 - 2009-07-14 03:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-12-01 21:21 - 2009-07-14 09:56 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
2015-12-01 21:21 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-12-01 21:21 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-12-01 21:21 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-01 21:21 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\DVD Maker
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\sysprep
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\Setup
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\oobe
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\migwiz
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\manifeststore
2015-12-01 21:21 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\servicing
2015-12-01 21:18 - 2009-07-14 03:05 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\msclmd.dll
2015-12-01 18:57 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-01 17:17 - 2009-07-14 09:56 - 00000000 ____D C:\Windows\ShellNew
2015-12-01 17:17 - 2009-07-14 05:52 - 00000000 ____D C:\Program Files\MSBuild
2015-12-01 17:00 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\AppCompat
2015-12-01 16:47 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-01 16:47 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Windows NT
2015-12-01 16:40 - 2009-07-14 05:52 - 00028672 _____ C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-04 14:57
==================== Ende vom FRST.txt ============================
|
|
05.12.2015, 17:47
| #4 |
| /// the machine /// TB-Ausbilder    | Hohe CPU-Auslastung ohne geöffnete Programme hi, ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.12.2015, 22:38
| #5 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Danke für die schnelle Antwort, ich habe die Prozesse mit dem Process Explorer in den letzten 2 Stunden beobachtet. Dabei ist mir im Ruhezustand nichts ungewöhnliches aufgefallen. Die CPU-Auslastung betrug 5-10%, davon waren etwa 2% der Process Explorer. Das einzige Problem das auftrat, war der eingefrorene Bildschirm beim Laden von facebook.com. Dabei war der Prozess svchhost.exe mit einer Auslastung von 50% aktiv. Ich habe die drei Screenshots angehangen. Die Screenshots stammen von drei unterschiedlichen Zeitpunkten. Dazwischen lagen jeweils Systemneustarts. Mein Bildschirm ist etwa 15 Sekunden eingefroren. Danach öffnet der Browser die Startseite von facebook. Beim nächsten laden der Seite gibt es keine Probleme. Nach dem Systemneustart habe ich wieder den gefrorenen Bildschirm beim ersten Laden. Ich halte das jetzt unter Beobachtung und poste weitere Befunde. Die conhost.exe, msiexec.exe und trustedinstaller.exe sind nicht mehr negativ aufgefallen. |
|
06.12.2015, 22:34
| #6 |
| /// the machine /// TB-Ausbilder | Hohe CPU-Auslastung ohne geöffnete Programme Zeitgleich mit den nächsten Screens der svchost bitte folgendes: Kopiere folgenden Text in Deinen Editor und speicher ihn auf dem Desktop als "list.bat". Wähle dazu unter Speichern als "Alle Dateitypen". Code:
ATTFilter @echo off
tasklist /SVC /FI "IMAGENAME eq svchost.exe" > c:\list.txt
notepad c:\list.txt
exit
__________________ --> Hohe CPU-Auslastung ohne geöffnete Programme |
|
07.12.2015, 16:22
| #7 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Das Problem des eingefrorenen Bildschirms beim Aufrufen von facebook.com ist nicht mehr aufgetreten. Die gelegentliche hohe Auslastung durch svchost.exe kann ich aber weiterhin beobachten. Hier der Inhalt des Fensters: Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 660 DcomLaunch, PlugPlay, Power
svchost.exe 780 RpcEptMapper, RpcSs
svchost.exe 840 Audiosrv, Dhcp, eventlog,
HomeGroupProvider, lmhosts, wscsvc
svchost.exe 940 AudioEndpointBuilder, CscService, Netman,
PcaSvc, SysMain, UxSms, Wlansvc
svchost.exe 972 AeLookupSvc, Appinfo, BITS, Browser,
EapHost, gpsvc, iphlpsvc, LanmanServer,
MMCSS, ProfSvc, Schedule, SENS,
ShellHWDetection, Themes, Winmgmt, wuauserv
svchost.exe 1236 EventSystem, fdPHost, netprofm, nsi,
WdiServiceHost
svchost.exe 1452 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
svchost.exe 1712 BFE, DPS, MpsSvc
svchost.exe 1844 DiagTrack
svchost.exe 1892 FDResPub, SSDPSRV, upnphost
svchost.exe 3148 WinDefend
svchost.exe 1264 p2pimsvc, p2psvc, PNRPsvc
|
|
08.12.2015, 20:00
| #8 |
| /// the machine /// TB-Ausbilder | Hohe CPU-Auslastung ohne geöffnete Programme Auf dem Screen sehe ich aber nix merkwürdiges.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.12.2015, 21:55
| #9 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Vielen Dank für die Hilfe. |
|
10.12.2015, 08:45
| #10 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Leider bin ich die Probleme nicht losgeworden. Seit heute kann ich die Auslastung durch svchhost wieder dauerhaft beobachten. Hier meine Screens und Lists: List1: Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 672 DcomLaunch, PlugPlay, Power
svchost.exe 796 RpcEptMapper, RpcSs
svchost.exe 864 Audiosrv, Dhcp, eventlog,
HomeGroupProvider, lmhosts, wscsvc
svchost.exe 944 AudioEndpointBuilder, CscService, Netman,
PcaSvc, SysMain, UxSms, WdiSystemHost,
Wlansvc
svchost.exe 980 Appinfo, BITS, Browser, EapHost, gpsvc,
iphlpsvc, LanmanServer, MMCSS, ProfSvc,
Schedule, SENS, ShellHWDetection, Themes,
Winmgmt, wuauserv
svchost.exe 1248 EventSystem, fdPHost, FontCache, netprofm,
nsi, WdiServiceHost, WinHttpAutoProxySvc
svchost.exe 1460 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
svchost.exe 1680 BFE, DPS, MpsSvc
svchost.exe 1876 DiagTrack
svchost.exe 2044 FDResPub, SSDPSRV, upnphost
svchost.exe 2000 StiSvc
svchost.exe 2984 p2pimsvc, p2psvc, PNRPsvc
svchost.exe 6048 WinDefend
Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 664 DcomLaunch, PlugPlay, Power
svchost.exe 796 RpcEptMapper, RpcSs
svchost.exe 852 Audiosrv, Dhcp, eventlog,
HomeGroupProvider, lmhosts, wscsvc
svchost.exe 944 AudioEndpointBuilder, CscService, Netman,
PcaSvc, SysMain, UxSms, WdiSystemHost,
Wlansvc
svchost.exe 984 AeLookupSvc, Appinfo, BITS, Browser,
EapHost, gpsvc, iphlpsvc, LanmanServer,
ProfSvc, Schedule, SENS, ShellHWDetection,
Themes, Winmgmt, wuauserv
svchost.exe 1300 EventSystem, fdPHost, FontCache, netprofm,
nsi, WdiServiceHost, WinHttpAutoProxySvc
svchost.exe 1496 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
svchost.exe 1764 BFE, DPS, MpsSvc
svchost.exe 1900 DiagTrack
svchost.exe 1948 FDResPub, SSDPSRV, upnphost
svchost.exe 2352 StiSvc
svchost.exe 3764 p2pimsvc, p2psvc, PNRPsvc
svchost.exe 5632 WinDefend
|
|
11.12.2015, 01:00
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hohe CPU-Auslastung ohne geöffnete Programme Hi Schrauber ist zZ nicht verfügbar, ich spring für ihn ein. Bitte prüf auf alle, v.a. alle wichtigen, Windows Updates und installier diese. Gerade wenn ein Patchday ansteht, dreht svchost.exe bei manchen Rechnern am Rad und lutscht an der CPU.
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
11.12.2015, 14:29
| #12 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Hi, ich habe nach Updates suchen lassen und es sind keine verfügbar. Trotzdem habe ich immmernoch die permanente CPU-Auslastung. Die Auslastung habe ich nur, wenn ich per WLAN mit meinem Netzwerk verbunden bin und Internetzugriff habe. Hier die neuen Screens und Logs: Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 680 DcomLaunch, PlugPlay, Power
svchost.exe 796 RpcEptMapper, RpcSs
svchost.exe 868 Audiosrv, Dhcp, eventlog,
HomeGroupProvider, wscsvc
svchost.exe 944 AudioEndpointBuilder, CscService, Netman,
PcaSvc, SysMain, UxSms, WdiSystemHost,
Wlansvc
svchost.exe 984 AeLookupSvc, Appinfo, BITS, Browser,
EapHost, gpsvc, iphlpsvc, LanmanServer,
MMCSS, ProfSvc, Schedule, SENS,
ShellHWDetection, Themes, Winmgmt, wuauserv
svchost.exe 1336 EventSystem, fdPHost, FontCache, netprofm,
nsi, WdiServiceHost, WinHttpAutoProxySvc
svchost.exe 1524 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
svchost.exe 1836 BFE, DPS, MpsSvc
svchost.exe 2012 DiagTrack
svchost.exe 248 FDResPub, SSDPSRV, upnphost
svchost.exe 2008 StiSvc
svchost.exe 3876 p2pimsvc, p2psvc, PNRPsvc
svchost.exe 5452 WinDefend
|
|
11.12.2015, 14:48
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hohe CPU-Auslastung ohne geöffnete Programme Was macht denn der CCleaner da unterhalb von svchost?  Ist das die Überwachung? Schalt die Überwachung vom CCleaner mal komplett ab. Notfall das Teil deinstallieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.12.2015, 16:28
| #14 |
| | Hohe CPU-Auslastung ohne geöffnete Programme Ich habe den CCleaner abgeschaltet und runtergeworfen. Das Problem besteht weiterhin. Code:
ATTFilter Abbildname PID Dienste
========================= ======== ============================================
svchost.exe 676 DcomLaunch, PlugPlay, Power
svchost.exe 796 RpcEptMapper, RpcSs
svchost.exe 876 Audiosrv, Dhcp, eventlog,
HomeGroupProvider, wscsvc
svchost.exe 960 AudioEndpointBuilder, CscService, Netman,
PcaSvc, SysMain, TabletInputService, UxSms,
Wlansvc
svchost.exe 996 AeLookupSvc, Appinfo, BITS, Browser,
EapHost, gpsvc, iphlpsvc, LanmanServer,
MMCSS, ProfSvc, Schedule, SENS,
ShellHWDetection, Themes, Winmgmt, wuauserv
svchost.exe 1240 EventSystem, fdPHost, FontCache, netprofm,
nsi, WdiServiceHost, WinHttpAutoProxySvc
svchost.exe 1416 CryptSvc, Dnscache, LanmanWorkstation,
NlaSvc
svchost.exe 1764 BFE, DPS, MpsSvc
svchost.exe 1940 DiagTrack
svchost.exe 1980 FDResPub, SSDPSRV, upnphost
svchost.exe 1972 StiSvc
svchost.exe 1020 WinDefend
svchost.exe 1540 p2pimsvc, p2psvc, PNRPsvc
|
|
13.12.2015, 20:32
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Hohe CPU-Auslastung ohne geöffnete ProgrammeCode:
ATTFilter svchost.exe 996 AeLookupSvc, Appinfo, BITS, Browser,
EapHost, gpsvc, iphlpsvc, LanmanServer,
MMCSS, ProfSvc, Schedule, SENS,
ShellHWDetection, Themes, Winmgmt, wuauserv
Wann genau ist die Last denn sofort? Sofort nach dem Starten? Und das dauerhaft?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Hohe CPU-Auslastung ohne geöffnete Programme |
| administrator, autorun, browser, defender, desktop, detected, dxgkrnl, einstellungen, file, firefox, generic, harddisk, installation, monitor, object, ordner, programm, programme, prozesse, registry, required, rootkit, security, server, tunnel, updates, windows, wmp |
Linear-Darstellung
