| |
| |||||||
Log-Analyse und Auswertung: Windows 10: Überprüfung nach nicht autorisierte Nutzung meines KontosWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
20.12.2015, 10:48
| #1 |
 |  Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos Guten Morgen, heute Nacht wurde mein EBAY Konto wegen einer nicht autorisierte Nutzung Ihres Kontos gesperrt. Wollte jetzt mal checken lassen, ob das irgendwie was mit meinem Rechner zu tun hat. Weil Sorgen machen sollte ich mir ja wohl schon... edit: 2Beiträge, weil Logs zu groß. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-12-2015
durchgeführt von Nils ***** (Administrator) auf NILS***** (20-12-2015 10:25:40)
Gestartet von C:\Users\Nils\Desktop
Geladene Profile: Nils ***** (Verfügbare Profile: Nils *****)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [911576 2013-10-30] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\Windows\system32\DptfPolicyLpmServiceHelper.exe [114048 2013-10-18] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2013-12-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [373760 2014-03-18] (shbox.de)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3098424 2015-08-19] (Nota Inc.)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Run: [GoogleChromeAutoLaunch_C4ADFBCF938EA8A55751D81A3B034E26] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [799560 2015-12-11] (Google Inc.)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Run: [BingSvc] => C:\Users\Nils\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8591272 2015-11-16] (Piriform Ltd)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Run: [f.lux] => C:\Users\Nils\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-07-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-07-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{976e7522-f294-47cf-95b8-7d1a26ff0de4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-23] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\khufthkf.default-1441364909669
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-10-23] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2515531439-4214949781-4085983040-1001: @hola.org/vlc,version=1.6.783 -> C:\Users\Nils\AppData\Local\Hola\firefox\app\vlc [Keine Datei]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\khufthkf.default-1441364909669\Extensions\ich@maltegoetz.de.xpi [2015-09-04]
FF Extension: YouTube Center - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\khufthkf.default-1441364909669\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2015-11-24]
FF Extension: Adblock Plus - C:\Users\Nils\AppData\Roaming\Mozilla\Firefox\Profiles\khufthkf.default-1441364909669\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-15]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.comunio.de/login.phtml
CHR StartupUrls: Default -> "hxxp://www.google.de/","hxxp://mysearch.avg.com?cid={F4C3AB5F-C09E-4240-9589-F78061DDA42A}&mid=682284cad2a947d0815fd1482a943905-be33bcd800ed897e8fbf679e3a5f8ee1a6fa51fe&lang=ge/finishurl=hxxp://toolbar.avg.com/p-install?lang=ge&ds=ht011&coid=avgtbdisht&cmpid=&pr=sa&d=2014-06-22 11:58:32&v=18.1.0.443&pid=safeguard&sg=&sap=hp","www.google.com"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=__PARAM__DF&PC=__PARAM__&q={searchTerms}
CHR DefaultSearchKeyword: Default -> bing.com
CHR Session Restore: Default -> ist aktiviert.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.824\_platform_specific\win_x64\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\PepperFlash\19.0.0.226\pepflashplayer.dll ()
CHR Profile: C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-07-30]
CHR Extension: (Google Drive) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (Google-Suche) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]
CHR Extension: (Google Kalender) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-10-12]
CHR Extension: (Avira Browserschutz) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR Extension: (Google Mail) - C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bmkckgpgekmanipelfidlhmkfcjicion] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-10] (Dropbox, Inc.)
R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [117704 2013-10-18] (Intel Corporation)
R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116680 2013-10-18] (Intel Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-10-10] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [827392 2013-09-02] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-10-23] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-10-23] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [100776 2015-07-28] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 AX88772; C:\Windows\System32\drivers\ax88772.sys [111616 2015-10-30] (ASIX Electronics Corp.)
S3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-10-15] (Motorola Solutions, Inc.)
R3 DptfDevDram; C:\Windows\system32\DRIVERS\DptfDevDram.sys [145640 2013-10-18] (Intel Corporation)
R3 DptfDevFan; C:\Windows\system32\DRIVERS\DptfDevFan.sys [50640 2013-10-18] (Intel Corporation)
R3 DptfDevGen; C:\Windows\system32\DRIVERS\DptfDevGen.sys [78504 2013-10-18] (Intel Corporation)
R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [116752 2013-10-18] (Intel Corporation)
R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [289744 2013-10-18] (Intel Corporation)
R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494296 2013-10-18] (Intel Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-28] (REALiX(tm))
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [410880 2015-07-08] (Realsil Semiconductor Corporation)
R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 taphss6; C:\Windows\System32\drivers\taphss6.sys [42184 2015-05-08] (Anchorfree Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-20 10:25 - 2015-12-20 10:25 - 02370048 _____ (Farbar) C:\Users\Nils\Desktop\FRST64.exe
2015-12-20 10:25 - 2015-12-20 10:25 - 00023238 _____ C:\Users\Nils\Desktop\FRST.txt
2015-12-20 10:25 - 2015-12-20 10:25 - 00000000 ____D C:\FRST
2015-12-20 09:55 - 2015-12-20 10:14 - 00000000 ____D C:\Users\Nils\Desktop\WindowsLiveMail_20_12_2015
2015-12-18 15:55 - 2015-12-07 05:57 - 00973664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-12-18 15:55 - 2015-12-07 05:55 - 01281376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-12-18 15:55 - 2015-12-07 05:49 - 00412512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2015-12-18 15:55 - 2015-12-07 05:48 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01092456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01065080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 01020096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00983464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00884256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00823264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00450904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00245848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2015-12-18 15:55 - 2015-12-07 05:48 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2015-12-18 15:55 - 2015-12-07 05:47 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2015-12-18 15:55 - 2015-12-07 05:47 - 00898184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:47 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2015-12-18 15:55 - 2015-12-07 05:47 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2015-12-18 15:55 - 2015-12-07 05:46 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-18 15:55 - 2015-12-07 05:46 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-18 15:55 - 2015-12-07 05:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2015-12-18 15:55 - 2015-12-07 05:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2015-12-18 15:55 - 2015-12-07 05:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2015-12-18 15:55 - 2015-12-07 05:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2015-12-18 15:55 - 2015-12-07 05:09 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2015-12-18 15:55 - 2015-12-07 05:09 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2015-12-18 15:55 - 2015-12-07 05:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2015-12-18 15:55 - 2015-12-07 05:07 - 16984064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-12-18 15:55 - 2015-12-07 05:07 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2015-12-18 15:55 - 2015-12-07 05:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2015-12-18 15:55 - 2015-12-07 05:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2015-12-18 15:55 - 2015-12-07 05:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-12-18 15:55 - 2015-12-07 05:06 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2015-12-18 15:55 - 2015-12-07 05:05 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-12-18 15:55 - 2015-12-07 05:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2015-12-18 15:55 - 2015-12-07 05:04 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-18 15:55 - 2015-12-07 05:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2015-12-18 15:55 - 2015-12-07 05:03 - 13017600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-12-18 15:55 - 2015-12-07 05:02 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-18 15:55 - 2015-12-07 05:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2015-12-18 15:55 - 2015-12-07 05:01 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-12-18 15:55 - 2015-12-07 05:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2015-12-18 15:55 - 2015-12-07 05:00 - 00618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2015-12-18 15:55 - 2015-12-07 05:00 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2015-12-18 15:55 - 2015-12-07 05:00 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-12-18 15:55 - 2015-12-07 05:00 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2015-12-18 15:55 - 2015-12-07 04:59 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-18 15:55 - 2015-12-07 04:59 - 00292352 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-12-18 15:55 - 2015-12-07 04:59 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2015-12-18 15:55 - 2015-12-07 04:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2015-12-18 15:55 - 2015-12-07 04:58 - 24601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-18 15:55 - 2015-12-07 04:58 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-12-18 15:55 - 2015-12-07 04:57 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2015-12-18 15:55 - 2015-12-07 04:57 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2015-12-18 15:55 - 2015-12-07 04:57 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2015-12-18 15:55 - 2015-12-07 04:56 - 00607232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-12-18 15:55 - 2015-12-07 04:56 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 04:55 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-12-18 15:55 - 2015-12-07 04:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-12-18 15:55 - 2015-12-07 04:54 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-12-18 15:55 - 2015-12-07 04:54 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2015-12-18 15:55 - 2015-12-07 04:53 - 19339264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-18 15:55 - 2015-12-07 04:53 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2015-12-18 15:55 - 2015-12-07 04:51 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-12-18 15:55 - 2015-12-07 04:51 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2015-12-18 15:55 - 2015-12-07 04:50 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2015-12-18 15:55 - 2015-12-07 04:49 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2015-12-18 15:55 - 2015-12-07 04:48 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-12-18 15:55 - 2015-12-07 04:47 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-12-18 15:55 - 2015-12-07 04:45 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-12-18 15:55 - 2015-12-07 04:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:55 - 2015-12-07 04:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2015-12-18 15:55 - 2015-12-07 04:44 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-12-18 15:55 - 2015-12-07 04:43 - 02598400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-12-18 15:55 - 2015-12-07 04:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2015-12-18 15:55 - 2015-12-07 04:41 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-12-18 15:55 - 2015-12-07 04:40 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-18 15:55 - 2015-12-07 04:40 - 01995776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2015-12-18 15:55 - 2015-12-07 04:40 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2015-12-18 15:55 - 2015-12-07 04:39 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2015-12-18 15:55 - 2015-12-07 04:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2015-12-18 15:55 - 2015-12-07 04:33 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2015-12-18 15:55 - 2015-12-07 04:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2015-12-18 11:13 - 2015-12-18 11:13 - 00021549 _____ C:\Users\Nils\AppData\Local\recently-used.xbel
2015-12-18 09:33 - 2015-12-18 09:33 - 00000000 ____D C:\Users\Nils\AppData\Roaming\MPC-HC
2015-12-17 15:24 - 2015-12-19 20:58 - 00000000 ____D C:\Users\Nils\Desktop\WebsiteProjektUID
2015-12-16 15:57 - 2015-12-16 16:13 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Foxit Software
2015-12-16 15:57 - 2015-12-16 16:10 - 00000000 ____D C:\ProgramData\Foxit ContentPlatform
2015-12-16 15:55 - 2015-12-16 15:55 - 00000214 _____ C:\Users\Public\Documents\pre_fileassoc.tmp
2015-12-12 10:27 - 2015-12-12 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-09 17:14 - 2015-12-01 08:12 - 02152800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 17:14 - 2015-11-24 13:07 - 01817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 17:14 - 2015-11-24 12:06 - 01540768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 17:14 - 2015-11-24 11:26 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 17:14 - 2015-11-24 11:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2015-12-09 17:14 - 2015-11-24 10:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2015-12-09 17:14 - 2015-11-24 10:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 17:14 - 2015-11-24 10:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2015-12-09 17:14 - 2015-11-24 10:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 17:14 - 2015-11-24 10:26 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 17:14 - 2015-11-24 10:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 17:14 - 2015-11-24 10:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 17:14 - 2015-11-24 09:58 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 17:14 - 2015-11-24 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 17:14 - 2015-11-24 09:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2015-12-09 17:14 - 2015-11-24 09:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 17:14 - 2015-11-24 09:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 17:14 - 2015-11-24 09:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 17:14 - 2015-11-24 09:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 17:14 - 2015-11-24 08:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 17:14 - 2015-11-24 08:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 17:14 - 2015-11-24 08:35 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 17:14 - 2015-11-24 08:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 17:14 - 2015-11-24 08:23 - 13381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 17:14 - 2015-11-24 08:11 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 17:14 - 2015-11-24 08:08 - 12125184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 17:14 - 2015-11-24 08:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-07 19:05 - 2015-12-07 19:05 - 00336259 _____ C:\Users\Nils\Desktop\05-aufgabenblatt.pdf
2015-12-07 19:04 - 2015-12-07 19:04 - 00161964 _____ C:\Users\Nils\Desktop\04-aufgabenblatt.pdf
2015-12-06 14:18 - 2015-12-06 14:18 - 00059072 _____ C:\Users\Nils\Documents\cc_20151206_141813.reg
2015-12-03 19:35 - 2015-12-03 19:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-12-03 19:35 - 2015-12-03 19:35 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-12-03 19:23 - 2015-12-03 19:23 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-12-03 19:23 - 2015-12-03 19:23 - 00000000 ____D C:\Users\Nils\AppData\Local\FluxSoftware
2015-12-03 12:26 - 2015-11-22 11:47 - 07476576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-03 12:26 - 2015-11-22 11:47 - 02653816 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 12:26 - 2015-11-22 11:41 - 01859448 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-12-03 12:26 - 2015-11-22 11:41 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-03 12:26 - 2015-11-22 11:35 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-12-03 12:26 - 2015-11-22 11:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2015-12-03 12:26 - 2015-11-22 11:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2015-12-03 12:26 - 2015-11-22 11:33 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2015-12-03 12:26 - 2015-11-22 11:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2015-12-03 12:26 - 2015-11-22 11:30 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-12-03 12:26 - 2015-11-22 11:30 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-12-03 12:26 - 2015-11-22 11:26 - 00431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-12-03 12:26 - 2015-11-22 11:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2015-12-03 12:26 - 2015-11-22 11:24 - 02772584 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2015-12-03 12:26 - 2015-11-22 11:20 - 00795840 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-12-03 12:26 - 2015-11-22 11:19 - 00440160 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-12-03 12:26 - 2015-11-22 11:14 - 02185840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2015-12-03 12:26 - 2015-11-22 10:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2015-12-03 12:26 - 2015-11-22 10:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2015-12-03 12:26 - 2015-11-22 10:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2015-12-03 12:26 - 2015-11-22 10:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2015-12-03 12:26 - 2015-11-22 10:49 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2015-12-03 12:26 - 2015-11-22 10:45 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-12-03 12:26 - 2015-11-22 10:45 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-03 12:26 - 2015-11-22 10:43 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2015-12-03 12:26 - 2015-11-22 10:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2015-12-03 12:26 - 2015-11-22 10:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-12-03 12:26 - 2015-11-22 10:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2015-12-03 12:26 - 2015-11-22 10:41 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2015-12-03 12:26 - 2015-11-22 10:39 - 02126848 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-03 12:26 - 2015-11-22 10:39 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-03 12:26 - 2015-11-22 10:39 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-12-03 12:26 - 2015-11-22 10:39 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-12-03 12:26 - 2015-11-22 10:39 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-03 12:26 - 2015-11-22 10:38 - 01223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-12-03 12:26 - 2015-11-22 10:38 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-12-03 12:26 - 2015-11-22 10:38 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-12-03 12:26 - 2015-11-22 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2015-12-03 12:26 - 2015-11-22 10:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2015-12-03 12:26 - 2015-11-22 10:37 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2015-12-03 12:26 - 2015-11-22 10:37 - 01395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-12-03 12:26 - 2015-11-22 10:37 - 00515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2015-12-03 12:26 - 2015-11-22 10:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-03 12:26 - 2015-11-22 10:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2015-12-03 12:26 - 2015-11-22 10:34 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2015-12-03 12:26 - 2015-11-22 10:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2015-12-03 12:26 - 2015-11-22 10:32 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-03 12:26 - 2015-11-22 10:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-12-03 12:26 - 2015-11-22 10:31 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-12-03 12:26 - 2015-11-22 10:28 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-03 12:26 - 2015-11-22 10:28 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-12-03 12:26 - 2015-11-22 10:28 - 00948224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-12-03 12:26 - 2015-11-22 10:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2015-12-03 12:26 - 2015-11-22 10:28 - 00686592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-03 12:26 - 2015-11-22 10:27 - 03993600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-12-03 12:26 - 2015-11-22 10:27 - 02049024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-03 12:26 - 2015-11-22 10:27 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2015-12-03 12:26 - 2015-11-22 10:27 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2015-12-03 12:26 - 2015-11-22 10:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-12-03 12:26 - 2015-11-22 10:26 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-12-03 12:26 - 2015-11-22 10:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2015-12-03 12:26 - 2015-11-22 10:26 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2015-12-03 12:26 - 2015-11-22 10:25 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-03 12:26 - 2015-11-22 10:24 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-03 12:26 - 2015-11-22 10:24 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2015-12-03 12:26 - 2015-11-22 10:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2015-12-03 12:26 - 2015-11-22 10:18 - 01505280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-03 12:26 - 2015-11-22 10:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2015-12-03 12:26 - 2015-11-22 10:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2015-12-03 12:26 - 2015-11-22 10:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-12-03 12:26 - 2015-11-22 10:17 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-03 12:26 - 2015-11-22 10:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2015-12-03 12:25 - 2015-11-22 11:00 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2015-12-03 12:25 - 2015-11-22 11:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2015-12-03 12:25 - 2015-11-22 10:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-03 12:25 - 2015-11-22 10:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2015-12-03 12:25 - 2015-11-22 10:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2015-12-03 12:25 - 2015-11-22 10:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2015-12-03 12:25 - 2015-11-22 10:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2015-12-03 12:25 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-03 12:25 - 2015-11-22 10:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2015-12-03 12:25 - 2015-11-22 10:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2015-12-03 12:25 - 2015-11-22 10:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-03 12:25 - 2015-11-22 10:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2015-12-03 12:25 - 2015-11-22 10:52 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2015-12-03 12:25 - 2015-11-22 10:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2015-12-03 12:25 - 2015-11-22 10:52 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2015-12-03 12:25 - 2015-11-22 10:52 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-03 12:25 - 2015-11-22 10:51 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-12-03 12:25 - 2015-11-22 10:51 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-03 12:25 - 2015-11-22 10:51 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2015-12-03 12:25 - 2015-11-22 10:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-03 12:25 - 2015-11-22 10:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2015-12-03 12:25 - 2015-11-22 10:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2015-12-03 12:25 - 2015-11-22 10:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2015-12-03 12:25 - 2015-11-22 10:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2015-12-03 12:25 - 2015-11-22 10:46 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2015-12-03 12:25 - 2015-11-22 10:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2015-12-03 12:25 - 2015-11-22 10:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2015-12-03 12:25 - 2015-11-22 10:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2015-12-03 12:25 - 2015-11-22 10:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-12-03 12:25 - 2015-11-22 10:43 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-03 12:25 - 2015-11-22 10:42 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-12-03 12:25 - 2015-11-22 10:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2015-12-03 12:25 - 2015-11-22 10:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2015-12-03 12:25 - 2015-11-22 10:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-12-03 12:25 - 2015-11-22 10:40 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-12-03 12:25 - 2015-11-22 10:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-12-03 12:25 - 2015-11-22 10:40 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2015-12-03 12:25 - 2015-11-22 10:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 01713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2015-12-03 12:25 - 2015-11-22 10:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2015-12-03 12:25 - 2015-11-22 10:34 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2015-12-03 12:25 - 2015-11-22 10:34 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2015-12-03 12:25 - 2015-11-22 10:34 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2015-12-03 12:25 - 2015-11-22 10:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2015-12-03 12:25 - 2015-11-22 10:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2015-12-03 12:25 - 2015-11-22 10:31 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-12-03 12:25 - 2015-11-22 10:29 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-12-03 12:25 - 2015-11-22 10:28 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-03 12:25 - 2015-11-22 10:28 - 00793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-03 12:25 - 2015-11-22 10:28 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2015-12-03 12:25 - 2015-11-22 10:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2015-12-03 12:25 - 2015-11-22 10:27 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-12-03 12:25 - 2015-11-22 10:27 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-12-03 12:25 - 2015-11-22 10:25 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2015-12-03 12:25 - 2015-11-22 10:24 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2015-12-03 12:25 - 2015-11-22 10:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2015-12-03 12:25 - 2015-11-22 10:23 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-12-03 11:45 - 2015-12-03 11:45 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-02 09:35 - 2015-12-02 09:35 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-02 08:25 - 2015-12-02 08:25 - 00000000 ____D C:\Users\Nils\AppData\Local\ActiveSync
2015-12-02 08:23 - 2015-12-02 08:23 - 00000020 ___SH C:\Users\Nils\ntuser.ini
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-01 23:25 - 2015-12-01 23:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-01 22:47 - 2015-12-20 10:16 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-01 21:36 - 2015-12-01 21:36 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-12-01 21:36 - 2015-12-01 21:36 - 00000000 ____D C:\Users\Default\AppData\Local\Microsoft Help
2015-12-01 21:36 - 2015-12-01 21:36 - 00000000 ____D C:\Users\Default User\AppData\Local\Microsoft Help
2015-12-01 21:33 - 2015-12-01 21:36 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2015-12-01 21:32 - 2015-12-20 10:16 - 00000000 ____D C:\Users\Nils
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Vorlagen
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Startmenü
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Netzwerkumgebung
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Lokale Einstellungen
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Eigene Dateien
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Druckumgebung
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Documents\Eigene Videos
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Documents\Eigene Musik
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Documents\Eigene Bilder
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\AppData\Local\Verlauf
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\AppData\Local\Anwendungsdaten
2015-12-01 21:32 - 2015-12-01 21:32 - 00000000 _SHDL C:\Users\Nils\Anwendungsdaten
2015-12-01 21:30 - 2015-12-20 10:24 - 02003246 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-01 21:30 - 2015-12-01 21:30 - 01909068 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2015-12-01 21:29 - 2015-12-01 21:33 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-01 21:29 - 2015-12-01 21:33 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-01 21:29 - 2015-12-01 21:33 - 00000000 ____D C:\Program Files\Intel
2015-12-01 21:29 - 2015-12-01 21:33 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-01 21:29 - 2015-12-01 21:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_SensorsAlsDriver_01_11_00.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfManager_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevProc_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevPch_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevGen_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevFan_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_DptfDevDram_01011.Wdf
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\WINDOWS\system32\NV
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\WINDOWS\system32\DAX2
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\ProgramData\SetupTPDriver
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-01 21:29 - 2015-12-01 21:29 - 00000000 ____D C:\Program Files\Realtek
2015-12-01 21:29 - 2015-10-10 13:27 - 00072704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-01 21:29 - 2015-10-10 13:27 - 00069120 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-01 21:29 - 2015-07-23 02:10 - 06873928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 03493008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 01059984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 00937800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-01 21:29 - 2015-07-23 02:10 - 00385168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 00074896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-01 21:29 - 2015-07-22 05:29 - 05121613 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-01 21:28 - 2015-12-19 10:09 - 00232504 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-01 21:28 - 2015-12-06 14:10 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-01 21:28 - 2015-12-01 21:28 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2015-12-01 21:28 - 2015-10-30 08:17 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-01 21:26 - 2015-12-01 21:26 - 00000000 ____D C:\Windows.old
2015-12-01 21:25 - 2015-12-01 21:25 - 22572632 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 21125408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 02001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00809312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00803840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00791552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00630632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-12-01 21:25 - 2015-12-01 21:25 - 00540752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2015-12-01 21:25 - 2015-12-01 21:25 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00408128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00405048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2015-12-01 21:25 - 2015-12-01 21:25 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-12-01 21:25 - 2015-12-01 21:25 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2015-12-01 21:25 - 2015-12-01 21:25 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2015-12-01 21:25 - 2015-12-01 21:25 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2015-12-01 21:25 - 2015-12-01 21:25 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2015-12-01 21:24 - 2015-12-01 21:24 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-01 21:19 - 2015-12-01 21:19 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-01 21:19 - 2015-12-01 21:19 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-01 21:19 - 2015-12-01 21:19 - 00000000 ____D C:\Program Files\MSBuild
2015-12-01 21:19 - 2015-12-01 21:19 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-01 21:19 - 2015-12-01 21:19 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-01 21:19 - 2015-10-23 17:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-12-01 21:19 - 2015-10-23 17:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-12-01 21:19 - 2015-10-23 17:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-12-01 21:19 - 2015-10-23 17:46 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-12-01 21:19 - 2015-10-23 17:46 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-12-01 21:19 - 2015-10-23 17:45 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-12-01 21:17 - 2015-12-01 21:17 - 00000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2015-12-01 18:29 - 2015-12-01 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-20 10:25 - 2015-10-30 07:28 - 00000000 ____D C:\Windows
2015-12-20 10:24 - 2015-10-30 19:35 - 00861178 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-20 10:24 - 2015-10-30 19:35 - 00190886 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-20 10:24 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF
2015-12-20 10:19 - 2015-09-04 12:04 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-20 10:18 - 2014-12-19 13:29 - 00000062 _____ C:\Users\Nils\AppData\Roaming\sp_data.sys
2015-12-20 10:17 - 2015-08-10 14:42 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2015-12-20 10:16 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-20 10:16 - 2015-10-10 16:22 - 00001238 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-20 10:16 - 2015-09-04 12:04 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-20 10:16 - 2014-12-20 10:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-20 09:59 - 2015-10-21 15:25 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-12-19 20:27 - 2015-10-10 16:22 - 00001242 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-19 18:25 - 2014-12-19 15:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-19 10:27 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-19 10:27 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-19 10:21 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-18 22:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-18 22:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-18 22:41 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2015-12-18 16:39 - 2014-12-20 10:27 - 00000000 ____D C:\Users\Nils\AppData\Roaming\MyPhoneExplorer
2015-12-17 16:39 - 2014-12-19 14:48 - 00001803 _____ C:\Users\Nils\Desktop\Musik.txt
2015-12-17 11:20 - 2015-09-04 12:05 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-16 21:31 - 2015-09-15 11:03 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Kodi
2015-12-16 09:47 - 2015-04-23 12:17 - 00000000 ____D C:\Users\Nils\AppData\Roaming\FileZilla
2015-12-16 09:47 - 2015-04-14 12:39 - 00000600 _____ C:\Users\Nils\AppData\Local\PUTTY.RND
2015-12-13 11:19 - 2015-09-16 11:34 - 00000000 ___RD C:\Users\Nils\3D Objects
2015-12-12 20:48 - 2014-12-19 14:49 - 00000000 ___RD C:\Users\Nils\Desktop\ALLES
2015-12-12 10:27 - 2015-10-10 16:22 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-10 14:13 - 2015-04-17 14:54 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-10 14:13 - 2015-04-17 14:54 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-10 14:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-10 10:38 - 2015-03-04 19:35 - 00000000 ____D C:\Users\Nils\Documents\Dokumente NILS*****
2015-12-09 17:59 - 2015-10-21 15:25 - 00003870 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-09 17:55 - 2015-04-17 14:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 17:55 - 2015-01-09 19:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 17:54 - 2014-12-21 15:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 17:50 - 2014-12-21 15:24 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-06 14:10 - 2015-06-10 11:12 - 00000000 ____D C:\Users\Nils\AppData\Local\CrashDumps
2015-12-05 10:51 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache
2015-12-04 16:14 - 2015-09-04 12:04 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 16:14 - 2015-09-04 12:04 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 16:14 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-03 09:15 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-02 13:13 - 2015-01-29 12:13 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Mp3tag
2015-12-02 12:02 - 2014-12-23 18:05 - 00000000 ___RD C:\Users\Nils\Dropbox
2015-12-02 11:34 - 2014-12-19 15:01 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Dropbox
2015-12-02 11:31 - 2015-08-10 14:30 - 00003628 _____ C:\WINDOWS\System32\Tasks\ASUS Smart Gesture Launcher
2015-12-02 11:29 - 2014-09-29 16:16 - 00003614 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2015-12-02 11:29 - 2014-09-29 16:16 - 00003458 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2015-12-02 09:32 - 2014-12-19 13:29 - 00000000 ____D C:\Users\Nils\AppData\Local\Packages
2015-12-02 08:38 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-02 08:27 - 2015-07-31 21:12 - 00002402 _____ C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-02 08:27 - 2015-07-31 21:12 - 00000000 ___RD C:\Users\Nils\OneDrive
2015-12-02 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-02 08:24 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-02 08:23 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-02 08:23 - 2015-08-01 11:49 - 00000451 _____ C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-12-02 08:23 - 2014-12-04 05:49 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-01 23:25 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows NT
2015-12-01 23:16 - 2015-07-31 20:28 - 00030483 _____ C:\WINDOWS\diagwrn.xml
2015-12-01 23:16 - 2015-07-31 20:28 - 00030483 _____ C:\WINDOWS\diagerr.xml
2015-12-01 23:12 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Registration
2015-12-01 23:11 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-01 22:47 - 2015-10-10 16:22 - 00003756 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2015-12-01 22:47 - 2015-10-10 16:22 - 00003532 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2015-12-01 22:47 - 2015-07-31 21:04 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2015-12-01 22:47 - 2015-07-28 11:04 - 00002236 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-01 22:47 - 2015-07-28 11:00 - 00002280 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (*****)
2015-12-01 22:47 - 2015-07-08 13:52 - 00002664 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-12-01 22:47 - 2015-05-15 13:13 - 00002954 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-12-01 22:47 - 2015-01-05 13:06 - 00003046 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-12-01 22:47 - 2015-01-05 13:06 - 00002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-12-01 22:47 - 2014-12-19 14:52 - 00002524 _____ C:\WINDOWS\System32\Tasks\GyazoUpdateTaskMachine
2015-12-01 22:47 - 2014-12-19 13:34 - 00002880 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2515531439-4214949781-4085983040-1001
2015-12-01 22:47 - 2014-09-29 16:16 - 00002658 _____ C:\WINDOWS\System32\Tasks\Update Checker
2015-12-01 22:47 - 2014-09-29 16:16 - 00002366 _____ C:\WINDOWS\System32\Tasks\AsusVibeSchedule
2015-12-01 22:47 - 2014-09-29 16:16 - 00002272 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-12-01 22:47 - 2014-09-29 16:16 - 00002266 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ColorU
2015-12-01 22:47 - 2014-09-29 16:16 - 00002250 _____ C:\WINDOWS\System32\Tasks\ASUS Splendid ACMON
2015-12-01 22:20 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media
2015-12-01 22:19 - 2015-10-30 08:24 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-01 21:36 - 2015-11-09 10:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkscape 0.91
2015-12-01 21:36 - 2015-10-30 07:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-01 21:36 - 2015-10-26 19:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-12-01 21:36 - 2015-09-15 11:01 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-01 21:36 - 2015-09-04 12:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-01 21:36 - 2015-08-31 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-01 21:36 - 2015-08-01 10:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-01 21:36 - 2015-07-28 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-01 21:36 - 2015-07-10 10:05 - 00000000 ____D C:\Users\Default.migrated
2015-12-01 21:36 - 2015-07-01 08:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-01 21:36 - 2015-06-03 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreePDF
2015-12-01 21:36 - 2015-05-26 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-12-01 21:36 - 2015-05-22 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-12-01 21:36 - 2015-05-18 09:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.4
2015-12-01 21:36 - 2015-05-10 15:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2015-12-01 21:36 - 2015-05-08 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-01 21:36 - 2015-04-20 19:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-12-01 21:36 - 2015-04-03 18:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-01 21:36 - 2015-01-16 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2015-12-01 21:36 - 2015-01-09 19:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-12-01 21:36 - 2014-12-22 16:05 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPSON Software
2015-12-01 21:36 - 2014-12-20 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiKTeX 2.9
2015-12-01 21:36 - 2014-12-20 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ghostscript
2015-12-01 21:36 - 2014-12-19 14:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MP3Gain
2015-12-01 21:36 - 2014-12-19 14:55 - 00000000 ____D C:\Users\Nils\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2015-12-01 21:36 - 2014-12-19 14:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2015-12-01 21:36 - 2013-12-13 05:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-01 21:33 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-01 21:33 - 2015-01-21 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-12-01 21:33 - 2015-01-03 14:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2015-12-01 21:33 - 2014-12-29 22:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ambulant
2015-12-01 21:33 - 2014-12-20 10:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Texmaker
2015-12-01 21:33 - 2014-09-29 16:11 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2015-12-01 21:33 - 2014-09-29 16:05 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-12-01 21:33 - 2013-12-13 05:11 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-12-01 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2015-12-01 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2015-12-01 21:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\ADFS
2015-12-01 21:30 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-01 21:29 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help
2015-12-01 21:28 - 2015-10-30 19:55 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-01 21:28 - 2015-10-30 08:24 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-01 21:26 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-01 21:26 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-01 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-01 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-01 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-01 21:19 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-01 21:19 - 2015-10-30 08:19 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-01 21:19 - 2015-10-30 08:19 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-01 21:19 - 2015-10-30 08:19 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-01 21:19 - 2015-10-30 08:19 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-01 21:19 - 2015-10-30 08:19 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-01 21:19 - 2015-10-30 08:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-01 21:19 - 2015-10-30 08:18 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-01 21:19 - 2015-10-30 08:18 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-01 21:19 - 2015-10-30 08:18 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-01 21:19 - 2015-10-30 08:18 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-01 21:19 - 2015-10-30 08:18 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-01 21:19 - 2015-10-30 08:18 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-01 21:09 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-01 18:29 - 2015-08-01 15:03 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-12-01 18:29 - 2015-08-01 15:03 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-12-01 18:29 - 2015-08-01 15:03 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-12-01 18:29 - 2015-08-01 15:03 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-12-01 01:33 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 01:33 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-28 11:54 - 2015-11-09 10:34 - 00000000 ____D C:\Users\Nils\.gimp-2.8
2015-11-28 11:42 - 2015-11-09 10:35 - 00000000 ____D C:\Users\Nils\AppData\Local\gtk-2.0
2015-11-26 12:48 - 2015-10-31 10:17 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-23 16:21 - 2014-12-19 19:12 - 00000000 ____D C:\ProgramData\Oracle
2015-11-23 16:19 - 2015-08-31 10:56 - 00110176 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2015-11-23 16:19 - 2015-08-28 11:48 - 00000000 ____D C:\Users\Nils\.oracle_jre_usage
2015-11-23 16:19 - 2015-04-20 19:08 - 00000000 ____D C:\Program Files\Java
2015-11-23 16:19 - 2015-01-01 20:04 - 00000000 ____D C:\Program Files (x86)\Java
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-02-11 17:09 - 2015-02-11 17:09 - 0000021 _____ () C:\Users\Nils\AppData\Roaming\my_intel.sys
2015-10-26 12:54 - 2015-10-26 12:54 - 0000600 _____ () C:\Users\Nils\AppData\Roaming\PUTTY.RND
2014-12-19 13:29 - 2015-12-20 10:18 - 0000062 _____ () C:\Users\Nils\AppData\Roaming\sp_data.sys
2015-04-14 12:39 - 2015-12-16 09:47 - 0000600 _____ () C:\Users\Nils\AppData\Local\PUTTY.RND
2015-12-18 11:13 - 2015-12-18 11:13 - 0021549 _____ () C:\Users\Nils\AppData\Local\recently-used.xbel
2014-12-25 12:12 - 2014-12-25 12:12 - 0007605 _____ () C:\Users\Nils\AppData\Local\Resmon.ResmonCfg
2015-12-01 21:29 - 2015-12-01 21:29 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-12-13 05:09 - 2012-09-07 12:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-12-13 05:09 - 2009-07-22 11:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-12-13 05:09 - 2012-09-07 12:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Einige Dateien in TEMP:
====================
C:\Users\Nils\AppData\Local\Temp\avgnt.exe
C:\Users\Nils\AppData\Local\Temp\FoxitUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-19 11:45
==================== Ende von FRST.txt ============================
|
|
20.12.2015, 10:48
| #2 |
| | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines KontosCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-12-2015
durchgeführt von Nils ***** (2015-12-20 10:26:09)
Gestartet von C:\Users\Nils\Desktop
Windows 10 Home (X64) (2015-12-01 22:26:59)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2515531439-4214949781-4085983040-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2515531439-4214949781-4085983040-503 - Limited - Disabled)
Gast (S-1-5-21-2515531439-4214949781-4085983040-501 - Limited - Disabled)
Nils ***** (S-1-5-21-2515531439-4214949781-4085983040-1001 - Administrator - Enabled) => C:\Users\Nils
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.8 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 1.0.2 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.5 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0021 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
Druckerdeinstallation für EPSON Universal Print Driver (HKLM\...\EPSON Universal Print Driver) (Version: - SEIKO EPSON Corporation)
f.lux (HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Flux) (Version: - )
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.14) (Version: 9.14 - Artifex Software Inc.)
Gyazo 3.1.6 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2105 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.6.0.1038 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java SE Development Kit 8 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180510}) (Version: 8.0.510.16 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.7.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.7.0 - )
Kodi (HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MiKTeX 2.9 (HKLM\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Mp3tag v2.70 (HKLM-x32\...\Mp3tag) (Version: v2.70 - Florian Heidenreich)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: 1.90 - Ghostgum Software Pty Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Software Updater (HKLM-x32\...\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87}) (Version: 4.3.7 - SEIKO EPSON CORPORATION) <==== ACHTUNG
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2515531439-4214949781-4085983040-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
16-12-2015 10:41:18 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {045EDB09-A530-4CEE-9672-4F7A2ACCF8F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {065AD88C-109E-4AB6-A799-B95C90DF46A1} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {12DDF096-917A-4427-AC03-647FDA02505B} - System32\Tasks\Driver Booster SkipUAC (Nils *****) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {2409E0E3-5AF2-4F41-86EF-9014D9F66154} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {40268C84-A09D-402C-8152-118DFF311920} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {4137644B-4208-45C0-98CE-38D08C7C8591} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {414EFF5E-8202-4996-9F98-8B2DBDC6AC8D} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4F3D7E3C-21A4-4B4B-AA24-DBFAC6B9C642} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-08-19] ()
Task: {53FFFD95-D483-4B1E-ACB0-791DE09A3F1E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)
Task: {5638933C-A767-4268-A96A-C4063601B5A1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {6A38D824-E1A2-43F0-B079-0E3523FE270C} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {7BC5BA5D-EA1D-4743-8832-D5EDFBA283AC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {81AA5578-A013-4EDE-8EED-8FAA15DC388B} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {8E64E979-4B7E-4F46-AFB2-350EDC4F6936} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2014-02-11] (ASUS)
Task: {8FA20ABB-0BFB-4966-9F9D-E9E3662BD09C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {90D7723A-49BE-4E1D-9013-A55124AF0CD2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {934907B4-1CE0-4F0F-8433-AC726B01CDB6} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe
Task: {9882940C-DF00-4DEC-818F-4E9B9B971A1C} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2013-10-07] (ASUS)
Task: {9AF268F7-448B-424D-AA83-3641A913AC3D} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2013-11-27] ()
Task: {9E699088-EDA1-4675-94A2-320DC4663993} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-10-07] (ASUSTeK Computer Inc.)
Task: {AD4895A3-4C28-45DD-AC9C-F947C11D925D} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-10] (Dropbox, Inc.)
Task: {B99CA7D4-F845-40FF-AF9E-DD42730D58C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {C71E9353-4C69-4D20-9342-2E29C03FBC9C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
Task: {D0F29222-33AD-4D1A-BBE5-BF89F005B608} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {D7818F25-AE07-444E-A436-22AA462F2FA0} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {DBE766C7-9A56-4220-8074-351FD7BB90C2} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-06-30] (AsusTek)
Task: {DE6616F1-9B8A-44E6-B9B4-B8D70490BB52} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86) [2015-12-20] ()
Task: {E137E7E7-A2F6-41A0-AE5F-BE318301B6B4} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {E49A694B-C720-4A5A-98D6-2D2CC503F62D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {E6FF8A20-E61D-4589-BB23-14F64C9EEBE4} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86) [2015-12-20] ()
Task: {F5FAFF97-7DC2-40C4-B979-4EE48DE34A1B} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-10] (Dropbox, Inc.)
Task: {FE8C3874-285E-47C0-8660-41BA8AEE478C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-04] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-08-01 10:42 - 2015-07-23 05:02 - 00011920 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-12-01 21:29 - 2015-07-23 02:10 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-03 15:26 - 2012-06-21 06:25 - 00113152 _____ () C:\WINDOWS\System32\redmon64.dll
2015-12-03 12:26 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-12-03 12:26 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-18 15:55 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2015-12-18 15:55 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-18 15:55 - 2015-12-07 04:37 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-18 15:55 - 2015-12-07 04:33 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-18 15:55 - 2015-12-07 04:34 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-18 15:55 - 2015-12-07 04:36 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-02-11 17:08 - 2014-02-11 17:08 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2015-12-17 11:20 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 11:20 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2013-10-08 20:41 - 2013-10-08 20:41 - 00037968 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2013-09-09 18:23 - 2013-09-09 18:23 - 00162816 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2014-09-29 16:02 - 2013-10-23 13:44 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\Control Panel\Desktop\\Wallpaper -> c:\users\nils\pictures\desktop\sky-winter-road-trees-snow-natural-scenery.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: Bluetooth Device Monitor => 2
MSCONFIG\Services: Bluetooth OBEX Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: LavasoftTcpService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: SearchProtectionService => 2
HKLM\...\StartupApproved\Run: => "BTMTrayAgent"
HKLM\...\StartupApproved\Run: => "DptfPolicyLpmServiceHelper"
HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"
HKLM\...\StartupApproved\Run: => "SmartAudio"
HKLM\...\StartupApproved\Run: => "Eraser"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "FreePDF Assistant"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_C4ADFBCF938EA8A55751D81A3B034E26"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "Web Companion"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2515531439-4214949781-4085983040-1001\...\StartupApproved\Run: => "Dropbox Update"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EC66BB3C-C764-45E7-BF2B-072CFC340C12}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4EC2367F-195B-4E7C-9768-C950F225AA22}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{8DF886FA-0340-47A8-9BB2-48D9988B17B8}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{22D05C97-A665-4849-97FE-49D5DD5EC4E4}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{857EC1F7-F9E1-4E6B-80D1-B41E2FECB3BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{21C36519-1963-45E7-9302-9A8E102EB3F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D13573BA-20CF-4FA6-BCC4-1913188D9A90}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F43F95CA-CE54-4D35-BE24-B2C0DE000C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{C4FA2E3E-D88C-4944-A4A3-C3AA6297A8DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{88338613-88F6-420A-8729-F9339EF2B016}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{334035BD-7856-4870-AE38-45AA7A9B81AE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D3B950A8-1A70-4311-B556-FAD9A0F7AB61}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C0BB1118-63CC-4549-A953-CCAEDA76A18F}] => (Allow) LPort=2869
FirewallRules: [{8494CC76-8DA2-49AE-9194-94150D54FCB6}] => (Allow) LPort=1900
FirewallRules: [{18FEF79D-EBFA-491F-9673-0EF5712685EE}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{C4847EB0-1755-4616-AAF0-D75D18228129}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{DB5C6215-24C1-4C0C-9AB4-BBB11C61DA42}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2302AC7F-AE0B-45A4-AC7E-F86F733B39D4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{7286A835-35D4-41FA-BCCE-480A59F110BC}C:\users\nils\desktop\eclipse\eclipse.exe] => (Allow) C:\users\nils\desktop\eclipse\eclipse.exe
FirewallRules: [UDP Query User{0E793B8A-26B2-4FB3-89EF-B471BAF0F001}C:\users\nils\desktop\eclipse\eclipse.exe] => (Allow) C:\users\nils\desktop\eclipse\eclipse.exe
FirewallRules: [TCP Query User{B8205F4D-F71F-43E0-98D0-CCB0C8C8B00C}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{B3F01CBD-CEDF-4FFF-BC1C-81C3FE7359E4}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{5E5F6D9F-66CA-4F89-B096-3B67C529D3CF}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{834AF989-0EAB-439E-9029-2AB345C0BC72}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/20/2015 09:53:43 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/19/2015 08:45:38 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/19/2015 12:06:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: NvStreamNetworkService.exe, Version: 4.1.1977.6980, Zeitstempel: 0x55a97f26
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.20, Zeitstempel: 0x56540c3b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002e609
ID des fehlerhaften Prozesses: 0xe00
Startzeit der fehlerhaften Anwendung: 0xNvStreamNetworkService.exe0
Pfad der fehlerhaften Anwendung: NvStreamNetworkService.exe1
Pfad des fehlerhaften Moduls: NvStreamNetworkService.exe2
Berichtskennung: NvStreamNetworkService.exe3
Vollständiger Name des fehlerhaften Pakets: NvStreamNetworkService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NvStreamNetworkService.exe5
Error: (12/18/2015 05:51:17 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/18/2015 04:39:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53e94294
Name des fehlerhaften Moduls: MSVBVM60.DLL, Version: 6.0.98.15, Zeitstempel: 0x49b01fc3
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00105cc8
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/18/2015 04:39:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53e94294
Name des fehlerhaften Moduls: MSVBVM60.DLL, Version: 6.0.98.15, Zeitstempel: 0x49b01fc3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00105cc8
ID des fehlerhaften Prozesses: 0x21f0
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/17/2015 03:53:14 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (12/16/2015 04:00:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53e94294
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x00d7f4e8
ID des fehlerhaften Prozesses: 0x1fa8
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/16/2015 04:00:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MyPhoneExplorer.exe, Version: 1.8.0.6, Zeitstempel: 0x53e94294
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00d7f4e8
ID des fehlerhaften Prozesses: 0x1fa8
Startzeit der fehlerhaften Anwendung: 0xMyPhoneExplorer.exe0
Pfad der fehlerhaften Anwendung: MyPhoneExplorer.exe1
Pfad des fehlerhaften Moduls: MyPhoneExplorer.exe2
Berichtskennung: MyPhoneExplorer.exe3
Vollständiger Name des fehlerhaften Pakets: MyPhoneExplorer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MyPhoneExplorer.exe5
Error: (12/16/2015 02:00:05 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Systemfehler:
=============
Error: (12/20/2015 10:16:42 AM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: Fehler im Anwendungshost-Hilfsdienst beim Zugriff auf das Verlaufsstammverzeichnis "C:\inetpub\history". Das Verzeichnis ist nicht vorhanden, oder die Berechtigungen für das Verzeichnis lassen den Zugriff des Verzeichnisdiensts auf das Verzeichnis nicht zu. Das Konfigurationsverlaufsfeature wird deaktiviert und erneut aktiviert, nachdem das Problem behoben wurde. Stellen Sie zum Beheben des Problems sicher, dass das Verzeichnis vorhanden ist und dass die Gruppe "Administratoren" über Lese- und Schreibzugriff auf das Verzeichnis verfügt. Das Datenfeld enthält die Fehlernummer.
Error: (12/20/2015 10:16:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_42f9a erreicht.
Error: (12/20/2015 10:16:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _42f9a erreicht.
Error: (12/20/2015 10:16:25 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _42f9a" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/20/2015 10:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_42f9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/20/2015 10:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _42f9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/20/2015 10:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_42f9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/20/2015 10:16:15 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_42f9a" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/20/2015 10:16:15 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/20/2015 09:59:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2015-12-19 10:09:41.241
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-12 16:06:38.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-10 14:13:47.004
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-10 09:46:48.652
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-06 11:25:22.172
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-03 16:15:26.386
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-01 22:47:22.197
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-01 21:38:27.589
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-12-01 21:28:47.425
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-3517U CPU @ 1.90GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 6029.56 MB
Verfügbarer physikalischer RAM: 3979.93 MB
Summe virtueller Speicher: 6989.56 MB
Verfügbarer virtueller Speicher: 4915.7 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:227.53 GB) (Free:52.1 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 7BD8376F)
Partition: GPT.
========================================================
Disk: 1 (Size: 22.4 GB) (Disk ID: 68368B3B)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
29.12.2015, 21:53
| #3 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.12.2015, 09:41
| #4 |
| | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines KontosCode:
ATTFilter 09:29:43.0477 0x1d24 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
09:29:43.0477 0x1d24 UEFI system
09:29:45.0921 0x1d24 ============================================================
09:29:45.0921 0x1d24 Current date / time: 2015/12/30 09:29:45.0921
09:29:45.0921 0x1d24 SystemInfo:
09:29:45.0921 0x1d24
09:29:45.0921 0x1d24 OS Version: 10.0.10586 ServicePack: 0.0
09:29:45.0921 0x1d24 Product type: Workstation
09:29:45.0921 0x1d24 ComputerName: NILS*****
09:29:45.0921 0x1d24 UserName: Nils *****
09:29:45.0921 0x1d24 Windows directory: C:\WINDOWS
09:29:45.0921 0x1d24 System windows directory: C:\WINDOWS
09:29:45.0921 0x1d24 Running under WOW64
09:29:45.0921 0x1d24 Processor architecture: Intel x64
09:29:45.0921 0x1d24 Number of processors: 4
09:29:45.0921 0x1d24 Page size: 0x1000
09:29:45.0921 0x1d24 Boot type: Normal boot
09:29:45.0921 0x1d24 ============================================================
09:29:45.0981 0x1d24 KLMD registered as C:\WINDOWS\system32\drivers\72207470.sys
09:29:46.0063 0x1d24 System UUID: {A340224A-49E6-B66E-5B1A-6E2CBED2AE67}
09:29:46.0361 0x1d24 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:29:46.0362 0x1d24 Drive \Device\Harddisk1\DR1 - Size: 0x5976F6000 ( 22.37 Gb ), SectorSize: 0x200, Cylinders: 0xB67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:29:46.0366 0x1d24 ============================================================
09:29:46.0366 0x1d24 \Device\Harddisk0\DR0:
09:29:46.0366 0x1d24 GPT partitions:
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {70DF9F1A-A8A3-4E2B-B74F-E421544B49A7}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xA3800
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {AE8C0D5D-531B-4153-97C9-7785403BE972}, Name: EFI system partition, StartLBA 0xA4000, BlocksNum 0x32000
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6D56AEA2-466E-4EA4-AC4C-808EE1CE8782}, Name: Microsoft reserved partition, StartLBA 0xD6000, BlocksNum 0x40000
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {06349BD7-979B-4C4A-9D3D-B96CD6FC90E5}, Name: Basic data partition, StartLBA 0x116000, BlocksNum 0x1C70D9A4
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {13793A1C-A8FD-4C0B-B013-88B76D1D230B}, Name: , StartLBA 0x1C824000, BlocksNum 0x192800
09:29:46.0367 0x1d24 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0F7FBF27-520D-4D05-93E8-F9A0D4B3CDD4}, Name: Basic data partition, StartLBA 0x1C9B6800, BlocksNum 0x133C800
09:29:46.0367 0x1d24 MBR partitions:
09:29:46.0367 0x1d24 \Device\Harddisk1\DR1:
09:29:46.0367 0x1d24 GPT partitions:
09:29:46.0368 0x1d24 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {B8CB5058-C187-4719-BAF0-379CA2D4C97E}, UniqueGUID: {4613EE39-4727-4347-8134-173F590F716F}, Name: HFS, StartLBA 0x801000, BlocksNum 0x24BA000
09:29:46.0368 0x1d24 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {D3BFE2DE-3DAF-11DF-BA40-E3A556D89593}, UniqueGUID: {BAF68103-B7F7-42E7-825C-23F3C9FE5AD4}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x800000
09:29:46.0368 0x1d24 MBR partitions:
09:29:46.0368 0x1d24 ============================================================
09:29:46.0370 0x1d24 C: <-> \Device\Harddisk0\DR0\Partition4
09:29:46.0370 0x1d24 ============================================================
09:29:46.0370 0x1d24 Initialize success
09:29:46.0370 0x1d24 ============================================================
09:30:08.0910 0x18a0 ============================================================
09:30:08.0910 0x18a0 Scan started
09:30:08.0910 0x18a0 Mode: Manual; SigCheck; TDLFS;
09:30:08.0910 0x18a0 ============================================================
09:30:08.0910 0x18a0 KSN ping started
09:30:11.0249 0x18a0 KSN ping finished: true
09:30:11.0545 0x18a0 ================ Scan system memory ========================
09:30:11.0545 0x18a0 System memory - ok
09:30:11.0545 0x18a0 ================ Scan services =============================
09:30:11.0622 0x18a0 [ DF1C3D7E6C7929AD83BE22852B5B08CB, 9ECF6211CCD30273A23247E87C31B3A2ACDA623133CEF6E9B3243463C0609C5F ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:30:11.0676 0x18a0 1394ohci - ok
09:30:11.0686 0x18a0 [ 2C5B3035B86770ADD2FE9BFBAF5B35A4, 19E16F9144FE3E33B5FF248CF0040AB079ACAE22290B1369CC72AE4CB5FE3A90 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:30:11.0705 0x18a0 3ware - ok
09:30:11.0721 0x18a0 [ 6B6C39AB2CD7BEB6CFF624522E5449DE, 740D99D2C525FB4F81FB2754281CECEA5FF13DD2120081306728FE33859F28F2 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:30:11.0747 0x18a0 ACPI - ok
09:30:11.0752 0x18a0 [ 0B570E1A6A35D36BE772E4FBA590A4BD, 13A27E40E907138D6BBAE43A996CFDB84D4DC2FD2B8B69CF7EF8A531B8478031 ] acpials C:\WINDOWS\system32\DRIVERS\acpials.sys
09:30:11.0766 0x18a0 acpials - ok
09:30:11.0773 0x18a0 [ 7EADED8087C392876521F7EBCE846EF4, 99BF1BD948F97C1ECBC049C7F949B71D73D0B41FB505B2F75B208E655F7DC8A3 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:30:11.0788 0x18a0 acpiex - ok
09:30:11.0792 0x18a0 [ C498887123327CDFD73A05E7A2780920, B45392C46254FCB8D79B6C3A82C8D894063199E6167D8E5F7EA7D60C75CD16EA ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:30:11.0806 0x18a0 acpipagr - ok
09:30:11.0810 0x18a0 [ C8DBE6EFFCF014CAA010B9BDDAC833EC, 96FC29340C62A6B0910DCCBF8945F32089FC300F45B451A540B8854D53734298 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:30:11.0824 0x18a0 AcpiPmi - ok
09:30:11.0828 0x18a0 [ 17039DBEB3B7B9ADCDB4B4533AA9771F, A4D38B144639A20B8B31E4F35FB776A028DB502FAC849FC73EECEB3CCD91830B ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:30:11.0842 0x18a0 acpitime - ok
09:30:11.0849 0x18a0 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:30:11.0859 0x18a0 AdobeARMservice - ok
09:30:11.0887 0x18a0 [ F7D0CD345D2DA42E7042ABCD73662403, 03183F90A994D69066F15C3DFC1D7D7514AEAF46A5AAC059B1FB327F8C30A35C ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:30:11.0935 0x18a0 ADP80XX - ok
09:30:11.0955 0x18a0 [ 70148EFA9A562E7185B75BBE7D376BF7, 8200E3349A1AFA1040B3D956A17BAF3CDC784A1A3CA396125E7872B36C03D84A ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:30:11.0990 0x18a0 AFD - ok
09:30:11.0998 0x18a0 [ 870F1A2C936F92B5D053DF7EC75B352F, D617524FD5886D6D3BC2EFBBB5EA310E906454CD7CA7257C3D7BDEA8C4F2DA71 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:30:12.0021 0x18a0 agp440 - ok
09:30:12.0029 0x18a0 [ 3DF7751D5DC6525E7DC6617FBB45054F, 8E6D4C809DB3B66E7558C4829E01F5C227EE614AC82F33FD99DCC629770D1BE3 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:30:12.0052 0x18a0 ahcache - ok
09:30:12.0057 0x18a0 [ 19707ECBCEA71080A85DB2336580DB39, A09AE69C9DE2F3765417F212453B6927C317A94801AE68FBA6A8E8A7CB16CED7 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
09:30:12.0072 0x18a0 AJRouter - ok
09:30:12.0078 0x18a0 [ AA91A5E156D0364ABA7B01658C2EB014, F61055D581745023939C741CAB3370074D1416BB5A0BE0BD47642D5A75669E12 ] ALG C:\WINDOWS\System32\alg.exe
09:30:12.0095 0x18a0 ALG - ok
09:30:12.0099 0x18a0 [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv C:\WINDOWS\system32\ambakdrv.sys
09:30:12.0112 0x18a0 ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:30:14.0474 0x18a0 Detect skipped due to KSN trusted
09:30:14.0474 0x18a0 ambakdrv - ok
09:30:14.0482 0x18a0 [ B70F0F2F54B4A4DB6E9C830454752F5A, C882DEAC30812E5FA4479A8CB688603C6AF269EF08236688F4C5E7EBED1D4572 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:30:14.0510 0x18a0 AmdK8 - ok
09:30:14.0518 0x18a0 [ 35E890482C9728DD5C552B85DA8A5AB2, 1E0EB7D902AB4C38E23CAFC0BEA250E7F6E180E8814385B4F29730BFC373A191 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:30:14.0540 0x18a0 AmdPPM - ok
09:30:14.0545 0x18a0 [ 5B30BCFE6E02E45D3EE268FF001BC5E0, 9901DB728885CE36911F79998629B2DD42D56AF9633B5277834F498CC59B0346 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:30:14.0565 0x18a0 amdsata - ok
09:30:14.0577 0x18a0 [ F20B30F35A5C7888441B4DCA001ECF8E, 695A5BC1F18B65992EB06A202AD3CBFA17228E76DDFD1AE6977FD315724F75C2 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:30:14.0602 0x18a0 amdsbs - ok
09:30:14.0609 0x18a0 [ AFE838D7576C581D6483529621AB10CC, 14476A04CC64E7A0F1BBFDACCBD7A87F384BE1877C27656DBB973AF3975D4AE2 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:30:14.0626 0x18a0 amdxata - ok
09:30:14.0632 0x18a0 [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv C:\WINDOWS\system32\ammntdrv.sys
09:30:14.0657 0x18a0 ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:30:16.0992 0x18a0 Detect skipped due to KSN trusted
09:30:16.0992 0x18a0 ammntdrv - ok
09:30:16.0995 0x18a0 [ 7CD08E63219E00BB206077F5BA708677, E8F4031E5E524C60D5853B5DE3AC37E45F28B490665F0CD2016754EDCFA4B2F2 ] amwrtdrv C:\WINDOWS\system32\amwrtdrv.sys
09:30:17.0006 0x18a0 amwrtdrv - detected UnsignedFile.Multi.Generic ( 1 )
09:30:19.0353 0x18a0 Detect skipped due to KSN trusted
09:30:19.0353 0x18a0 amwrtdrv - ok
09:30:19.0381 0x18a0 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
09:30:19.0410 0x18a0 AntiVirMailService - ok
09:30:19.0422 0x18a0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
09:30:19.0431 0x18a0 AntiVirSchedulerService - ok
09:30:19.0453 0x18a0 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
09:30:19.0469 0x18a0 AntiVirService - ok
09:30:19.0498 0x18a0 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
09:30:19.0530 0x18a0 AntiVirWebService - ok
09:30:19.0530 0x18a0 [ ADFFD587A8CBDCEB0566521ACEF707DB, 17CF539B17FAAF4CC4306B6D2BBD36D80C93FB49A614293D7351A92445C6C1D0 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
09:30:19.0563 0x18a0 AppHostSvc - ok
09:30:19.0570 0x18a0 [ 2BBD3A492B93C7E669D01EE88977D7DE, 311EA890E555E144F4B0DDC3112B2EB5CB848DEA4F33A300942494D8989473E0 ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:30:19.0588 0x18a0 AppID - ok
09:30:19.0593 0x18a0 [ 7A55F9237F726D1667073A47B0D1B90F, 7C2D9AA84F1D4CC6C1FAF6848DF9479A534E01029C4387E8C0647745F1E74603 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:30:19.0615 0x18a0 AppIDSvc - ok
09:30:19.0620 0x18a0 [ 56E219DF92BE16F62308F884739BE022, FE189EE8A52BC5A0E6B76C632021F84F60307A182F2A67C0C0C7CAA72DEFC723 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:30:19.0637 0x18a0 Appinfo - ok
09:30:19.0651 0x18a0 [ 610499A73DF3599608EBB6B3F9929052, A9CA49C4A39A825916AB3791090BCFC7044FDB6B2C3538E01F0CFBC2A9931152 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:30:19.0680 0x18a0 AppReadiness - ok
09:30:19.0725 0x18a0 [ BF58041024FEF96B48F7D691003B4BCB, FAD25702256AA8E668F082E16C2C05FD7FA907DCA88787BF36121D1B073350C9 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:30:19.0809 0x18a0 AppXSvc - ok
09:30:19.0818 0x18a0 [ E3FE8F610B1CC12BC3B2E6BC43DC97E2, 0E18542CF2095A9ADA1759AB8F986E78B0A50A3C6B2AD4EACD80A23D832A2C6D ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:30:19.0836 0x18a0 arcsas - ok
09:30:19.0840 0x18a0 [ 28C27484043BDE86B91D1428673B7D2A, 137CDC07F269BEDD5767921CC9D98F13294BEAA2B18C7C3696F106D31835DAB3 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
09:30:19.0840 0x18a0 ASLDRService - ok
09:30:19.0840 0x18a0 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:30:19.0863 0x18a0 ASMMAP64 - ok
09:30:19.0880 0x18a0 [ 00B0FDD484914F388B5441285FDE24CB, 90AA8A12BB235BFC3A924F0E23BCEE8742817E3BC5A85E49D8AF8B52E8158ECB ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:30:19.0891 0x18a0 aspnet_state - ok
09:30:19.0891 0x18a0 [ 5E00748A1AD246CAECBBB7553BED36CC, DAD2C93F0894E7BB5E5D8D767D8286A909086B49172C504A01097C3A180998C6 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
09:30:19.0914 0x18a0 AsyncMac - ok
09:30:19.0918 0x18a0 [ 492B99D2E3D5D7BFD5F0AE1BE7BD37DD, A3F6BFC4FDC1933FBF3145019B118689A414108B04F43E2563946B2673C89324 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:30:19.0932 0x18a0 atapi - ok
09:30:19.0936 0x18a0 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:30:19.0943 0x18a0 ATKGFNEXSrv - ok
09:30:19.0946 0x18a0 [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:30:19.0950 0x18a0 ATKWMIACPIIO - ok
09:30:19.0950 0x18a0 [ 9BD46423250EE6D39A2647B7BB89BFC3, 4D8499F5E170E42C22932FA519444A8A37190D7DFA0F449F016436ADEBC85865 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
09:30:19.0978 0x18a0 ATP - ok
09:30:19.0980 0x18a0 [ 890BF20BDF500E4E84720EA84448EDDF, EF5EECA20FFB6B78277CE551877479DB79E91DB23B46530C1D0E746F0F51FBBF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:30:20.0012 0x18a0 AudioEndpointBuilder - ok
09:30:20.0036 0x18a0 [ FAC1E762CB49992381691B00D2069B3E, 9973814BB259A370E6A17EDFB785CED9C634721E6D6FE069667B669AE60EB5F6 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:30:20.0084 0x18a0 Audiosrv - ok
09:30:20.0092 0x18a0 [ CF233C89DEFF6BCA1F65BE3DA0C1A306, B718A59CFC0E3A9ED4E8C690390F54C96828C5A4C2790C2E98075DB4484240D6 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
09:30:20.0103 0x18a0 avgntflt - ok
09:30:20.0109 0x18a0 [ 4764D299855174D6B5C7DA853B490029, 6E2C8E25DC3C38EEAAA1221E515AC06C2EDC0A71CF2F7762E8DFCC55938D59B3 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
09:30:20.0126 0x18a0 avipbb - ok
09:30:20.0130 0x18a0 [ 79F7741A773FF194EEC64A8161AE26D5, 3DDEA5FBDCB74A2BACC895A44C8C2A947F09E2649ED61D781E99DD61DBFACA5D ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys
09:30:20.0131 0x18a0 avkmgr - ok
09:30:20.0147 0x18a0 [ E477AF94ACCCF99A0E56D71D450DCCCB, C97756A4E82EC7EF8268967B10DEBAAEDB746B2846CA2BFD68E1B7DBBAE7901A ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys
09:30:20.0160 0x18a0 avnetflt - ok
09:30:20.0160 0x18a0 [ 8BD8C0778FD6BBC2BC2363A9BE086F4C, 75008A1DB4694E2526BE09660BD094CE24891E8B4AD30694F12437DDEAE0F33B ] AX88772 C:\WINDOWS\System32\drivers\ax88772.sys
09:30:20.0182 0x18a0 AX88772 - ok
09:30:20.0189 0x18a0 [ 7062CE507814D5306DCA5D6A15B7B6B6, 9D60506003A66C2E516B1FCB70CC5B26FB3A9948B95D97C828DD0328E76F2C91 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:30:20.0208 0x18a0 AxInstSV - ok
09:30:20.0223 0x18a0 [ 6447BA6FA709514B6C803D159B4C7D1E, 549DDCEAD93DF333F6BBD56A9258A867E4DA219741C00D48C68F8F230A87B11A ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:30:20.0241 0x18a0 b06bdrv - ok
09:30:20.0257 0x18a0 [ 7228CA6320ABA120DAAA69C740B73943, 852D7A095BF0393338AC5480EF84B9E8FA3D03340390869686F74B301744D4F5 ] Backupper Service C:\Program Files (x86)\AOMEI Backupper\ABService.exe
09:30:20.0263 0x18a0 Backupper Service - ok
09:30:20.0268 0x18a0 [ B4AC08B1D04D0CE085435E5CD0E663C5, 61E641388E5692B2EB351E44BA1DB86B5305DD105EE56865D59072CA9407C8AC ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:30:20.0280 0x18a0 BasicDisplay - ok
09:30:20.0280 0x18a0 [ 25B5BB369DEE2BAE4BF459C978FF9035, DBC2157B2AC0BC92B4011CE5E01F2DCDAAE71E37D9D21102503C6455FAAC4DCA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:30:20.0300 0x18a0 BasicRender - ok
09:30:20.0306 0x18a0 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
09:30:20.0321 0x18a0 bcmfn - ok
09:30:20.0325 0x18a0 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:30:20.0341 0x18a0 bcmfn2 - ok
09:30:20.0352 0x18a0 [ F8F398A4AF7E0917320BC2B2CD812888, 02B9A6EA0AA750CA9B62AB09E99956C35E252A12B22C2CBFDC4E941ED5870591 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:30:20.0376 0x18a0 BDESVC - ok
09:30:20.0380 0x18a0 [ 5A88834AEE15D97695FAE0837B73B3E4, 03035FB51DE218B8EDB15129A0376DDED0C7E7B6DA58DD95B12E4E5C8D852ED8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:30:20.0397 0x18a0 Beep - ok
09:30:20.0418 0x18a0 [ 8EA08141590CB9331FA773FB430E91E4, 0507499EF423CC9EE9AC18C2B5CBF9965E69481C69DC96E361C2184C53C3F404 ] BFE C:\WINDOWS\System32\bfe.dll
09:30:20.0455 0x18a0 BFE - ok
09:30:20.0480 0x18a0 [ 64582C924C48175D52AED0D0E64AB413, 75DC6BC01D26A4BABEDB8013F0C106780F0991CA63075798C7C24B66022F58E3 ] BITS C:\WINDOWS\System32\qmgr.dll
09:30:20.0531 0x18a0 BITS - ok
09:30:20.0531 0x18a0 [ DA2C6F7ACE392193C424FEA975C5BFFB, 668F91F3E5F8EA170C10823D6959E0EDB32434C51FAA68BEA782EDDF5618690E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:30:20.0554 0x18a0 bowser - ok
09:30:20.0560 0x18a0 [ 62C0D7CD771F26198F76F56B81D8A5B5, 3505DA8B68486D393BF7DCE5F463EA7F88387E6F06BC8175F3514BD6AFE25C37 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:30:20.0600 0x18a0 BrokerInfrastructure - ok
09:30:20.0601 0x18a0 [ DA4C9335434E71D6CC86A3CA567769CC, 9FE5EE3CC91CADBF952446E0A9A79A8834B03C8D4C47D6E9257AF64B2C17F518 ] Browser C:\WINDOWS\System32\browser.dll
09:30:20.0622 0x18a0 Browser - ok
09:30:20.0626 0x18a0 [ CAEC7BC11AF69A181AF7932E636E09E4, 503C69045F1E025CBEE2405043BB71CC58478985ECAF6587F73FCB57860F5709 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:30:20.0630 0x18a0 BthAvrcpTg - ok
09:30:20.0630 0x18a0 [ 7F2165B51C19A5F59BCA94E0A1B1E0D3, 09F0A23554761C5559BED50941BCC40519F88003B6D655527F514D5F9D4CB469 ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
09:30:20.0661 0x18a0 BthEnum - ok
09:30:20.0661 0x18a0 [ 5F2B4B32E986C058525D3BA2A475A16C, CEC5BB0B025DD9525CFBBEDF6EB6F63336534798495A4F95763CE112DF915088 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:30:20.0678 0x18a0 BthHFEnum - ok
09:30:20.0682 0x18a0 [ 5406289E8AE2CB52FC408154E0A64BA7, 0A3795F2E6E2B51198452CF69A99159D8E11650E95F41DF0B575CB72F9C6C6B5 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:30:20.0699 0x18a0 bthhfhid - ok
09:30:20.0701 0x18a0 [ BAB101E7826BE287F79C4BA721621989, E6DD25C89267FE87253B8226292F2894F5E702075D3B23B09339D3B28744C060 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:30:20.0732 0x18a0 BthHFSrv - ok
09:30:20.0742 0x18a0 [ C4D7018C3F40BA9448E470EE10EF0CA4, 38C0BB2C5DC3B01C43AB47013D1C9F92E092C6815579C4802787C845C7792779 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
09:30:20.0768 0x18a0 BthLEEnum - ok
09:30:20.0773 0x18a0 [ A76F20CCCA31895A1DA78A875E50F946, ECD4B3670DA5984AA24F4354457B4E45983938A89FF6DB03B556A633B4B37E3C ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:30:20.0788 0x18a0 BTHMODEM - ok
09:30:20.0793 0x18a0 [ 09C3DB1B137B269A822F941D867A6BB6, CC99FBD76DA19D951864D4967EA9F3C048811E9BB7BBB67B724FC82A50B14516 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
09:30:20.0810 0x18a0 BthPan - ok
09:30:20.0831 0x18a0 [ 6D75ECFB3891B61B81225F36A0C408B8, F0A08B40DBED7CB134671AA01AB0E5EEB7B1FE31331C857616E0204A3C8F08ED ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
09:30:20.0872 0x18a0 BTHPORT - ok
09:30:20.0880 0x18a0 [ 7A177E18AA6A6A6365E6351C2BF8EDAE, A35224A20014B1215A6824AE5E17B8869A775EA272EF7F25EAFFA18733F8D09D ] bthserv C:\WINDOWS\system32\bthserv.dll
09:30:20.0894 0x18a0 bthserv - ok
09:30:20.0899 0x18a0 [ F001B81D47CEBF96E60CE971FFCC45C4, EE419B557C52B0F1704B5D58E7FA9A996B33E78CC02EA4CA1D28CAB8CFD77D95 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
09:30:20.0913 0x18a0 BTHUSB - ok
09:30:20.0931 0x18a0 [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\WINDOWS\system32\DRIVERS\btmhsf.sys
09:30:20.0989 0x18a0 btmhsf - ok
09:30:20.0994 0x18a0 [ BF89BDBA5D3A0B4256D3F6FC8D31880D, 940F3BF55B88261C9E9A951A092331559FC5B24FE3BA0F1E1AB3450D2CA364C1 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
09:30:21.0007 0x18a0 buttonconverter - ok
09:30:21.0013 0x18a0 [ C24C27FDF93B85A4EFCF25F830253AA2, 35C87518BB59663B57C2361A13AD4E57E37392598F1EB9F07F86CA5A6321AF5A ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
09:30:21.0038 0x18a0 CapImg - ok
09:30:21.0044 0x18a0 [ 7F9C7226D743B232907ED2537B8A574F, 2211AFC30E8F8FA03020DB48EE14914CD31E50BB6A63FF20AC7C6FA481E72C18 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:30:21.0059 0x18a0 cdfs - ok
09:30:21.0067 0x18a0 [ 0A92DC116CFC7F6BE8167DD25CB925CC, 50CAC7BE14FF69B10C029E049F7C441A5572540F027F95F940B185C76C689409 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
09:30:21.0091 0x18a0 CDPSvc - ok
09:30:21.0098 0x18a0 [ 82D97776BF982AA143BDC7DFB5054EA8, 954F56728371E6B3514586DCEAF15C4727BAED6CAFBF788654C4E03BD702942C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:30:21.0115 0x18a0 cdrom - ok
09:30:21.0122 0x18a0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:30:21.0143 0x18a0 CertPropSvc - ok
09:30:21.0149 0x18a0 [ 6FED735D3B808D51C725C886E8F53116, 7DABDFA995C1323E222D7D5AE7F3AE28E11703E21430EA7B7B16B12DF0102B86 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
09:30:21.0158 0x18a0 CGVPNCliService - ok
09:30:21.0160 0x18a0 [ 0505C1D991D0F9D47F3353BB98597C7E, 3B801CCF4980256327A4A9FBD98007DA1E3ACE9C94E5A4C23AB21303B46E8B5A ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:30:21.0160 0x18a0 circlass - ok
09:30:21.0180 0x18a0 [ 8B4B39C507ABA09AAFE8E3932D1B392C, 734700155A658BC08FC96E8F99A01DE7F7251D7DDEFA79D258B2EEB370BA7AA8 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:30:21.0201 0x18a0 CLFS - ok
09:30:21.0220 0x18a0 [ BE10905777246CA6AA74F48FE9236517, D51B13FB176D82665C91B59B3C6E229CE746E20ED1BB20DADF6184C7A29E69AF ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
09:30:21.0247 0x18a0 ClipSVC - ok
09:30:21.0257 0x18a0 [ 95832B049E2833B9F5189823CDF946C7, 72773A42A89220B4A6AC72D1633B16F11191A44D876A44FAB5CEFB717CE3223D ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:30:21.0271 0x18a0 CmBatt - ok
09:30:21.0287 0x18a0 [ 80977779A19947939D680A4899E829EC, 6D510B1EFA39D79D0A8B3CD4F00937A4DDC1411664B001D4ABC546C98345F630 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:30:21.0312 0x18a0 CNG - ok
09:30:21.0317 0x18a0 [ 58D640BC2294C71BDE0953F12D4B432F, 0B3B7659FCB97791A2A1F895C8E6F9078F855C94C13EB47464492588C4B02B85 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
09:30:21.0327 0x18a0 cnghwassist - ok
09:30:21.0340 0x18a0 [ 14F9883588398A1BDE49C75098C75DE6, D9D82DE89FAFE60BC902683BC44C7555533A030150FD5E5A35A24542FACC5CAD ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
09:30:21.0361 0x18a0 CompositeBus - ok
09:30:21.0361 0x18a0 COMSysApp - ok
09:30:21.0361 0x18a0 [ 02B8E49148DE5E0A2F6FDF28CE94A6AC, EEA405823F441CA604BEAA44EB71A1D20BC80E124FF7B27380D0201AAF2E0849 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:30:21.0388 0x18a0 condrv - ok
09:30:21.0391 0x18a0 [ DE6DF2C34718EADCFF8776E597F2104D, 35D03E95853CEAC69F674FB09C819A4698EBEDFD8AC0474F0ADF02741492401E ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
09:30:21.0434 0x18a0 CoreMessagingRegistrar - ok
09:30:21.0460 0x18a0 [ BB812787B838A74943DEF209350C3883, 2C168F48A68644AA3CB6167BEC2A260E3E9C78D0766A15AA0FAA39CDBD7FA040 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:30:21.0488 0x18a0 cphs - ok
09:30:21.0490 0x18a0 [ 2CE0D74AED86A372997E9D77AE10B9F5, 1AFAA22C68FD0B81F73CE0EB763AD77AB97E78916752843A5056E1352F0FEA82 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:30:21.0510 0x18a0 CryptSvc - ok
09:30:21.0515 0x18a0 [ 2619DC483579DB9FE804044C1ADFFD1A, 23A5420288735A980917091532BE7BB36EB51660AA4555C615AF736357EB02EC ] dam C:\WINDOWS\system32\drivers\dam.sys
09:30:21.0525 0x18a0 dam - ok
09:30:21.0530 0x18a0 dbupdate - ok
09:30:21.0531 0x18a0 dbupdatem - ok
09:30:21.0556 0x18a0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:30:21.0602 0x18a0 DcomLaunch - ok
09:30:21.0609 0x18a0 [ 620921E77351FB651632322AD2C195C4, 5A98971995D7A2B5AE6BEA69344FCC6687B582FEF74BDA206D32FB2E6CEB0478 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
09:30:21.0630 0x18a0 DcpSvc - ok
09:30:21.0650 0x18a0 [ 6129EA4294C5C69E4665801E95B16AB2, CE419186CF0F57434426FF925A09F13BE87639679CBB5F2074B0E1A243349D27 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:30:21.0684 0x18a0 defragsvc - ok
09:30:21.0696 0x18a0 [ D12B9B6A6C4885824876422AACC89954, 5853ED5CAF84B7AAFF3EDC5C71FE23EB121DB681D81267D77118424BA9AB6F88 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:30:21.0723 0x18a0 DeviceAssociationService - ok
09:30:21.0729 0x18a0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:30:21.0750 0x18a0 DeviceInstall - ok
09:30:21.0754 0x18a0 [ 5BF8BD9B19D665452494C8D56DF4B28D, E5FC649207EF42C04B6737D442FECD3383E82F8998B140319FF400773F1D0978 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
09:30:21.0761 0x18a0 DevQueryBroker - ok
09:30:21.0761 0x18a0 [ C9478D7DB7BE5D7ACE65CB1167F07320, D5082D09EE62E34A195768040B741E22ACC9421CFF315423D77A63ABF8F5E39E ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:30:21.0790 0x18a0 Dfsc - ok
09:30:21.0796 0x18a0 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
09:30:21.0807 0x18a0 dg_ssudbus - ok
09:30:21.0817 0x18a0 [ 5841A361D28069DFC82E1E98040FDC3F, 3A48DB7ADE90654242CB54DAD07F5FF0CD5CABF372C50D5B2C4D7AED068986E1 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:30:21.0841 0x18a0 Dhcp - ok
09:30:21.0846 0x18a0 [ 9F5AC03F5A0000DD96FA29CD68A6605B, 6964E077635E65DA902CA6C69E704A9DCD5856D22BA75E1CF823E63E62266AF7 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
09:30:21.0851 0x18a0 diagnosticshub.standardcollector.service - ok
09:30:21.0898 0x18a0 [ 7AE76C7BC60B53999AD07F6A8AFF15C0, 8DC5DA1FAE508D03433C051C877657038BA346707D37FDBC2FE74B4C1F3509A0 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:30:21.0955 0x18a0 DiagTrack - ok
09:30:21.0969 0x18a0 [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
09:30:21.0970 0x18a0 DigitalWave.Update.Service - ok
09:30:21.0988 0x18a0 [ 4904B152E4942BF700F2D73228B4D477, 0E5646DCA05A24C71F057C9F9F64AE992D338DA72DF3126175C2FA178854C30F ] disk C:\WINDOWS\system32\drivers\disk.sys
09:30:22.0001 0x18a0 disk - ok
09:30:22.0001 0x18a0 [ 49F069E2D22F33955A69D44DFD1B5179, 739C52C7B961BA683E8C7CCDB0E95423C17561B2F1F506BAE923DC53DB96B067 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
09:30:22.0030 0x18a0 DmEnrollmentSvc - ok
09:30:22.0030 0x18a0 [ 0197AE4B9790A4E73751CACFAA480126, 86BBB398F1A93754B2C329271F13A88FD2F285F30225C38F068F565CCA14EB9F ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:30:22.0056 0x18a0 dmvsc - ok
09:30:22.0060 0x18a0 [ 5EF8EC71A7A91F3DF7798BEFE6786B0E, A3A56B43C72926881C66B7A17C9EAA35C2D9603C8D3849438838536BCD3F4633 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
09:30:22.0075 0x18a0 dmwappushservice - ok
09:30:22.0084 0x18a0 [ 570BB222E3AFC4407636B53F6EABFA70, D0194A128370BB0A337B61402F9EEDD6F7942ADB19BF672D0F92DA2DA563D0DD ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:30:22.0090 0x18a0 Dnscache - ok
09:30:22.0113 0x18a0 [ 1B15297A3A2CAB6BD586676154F389D8, 623D5F5FC8622B7D9AEEEB1787E6846C1570F0EEF94341239440B616D09D672A ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:30:22.0135 0x18a0 dot3svc - ok
09:30:22.0142 0x18a0 [ 316C2D8B8E3C0727969F1C3790EF7193, 631F8578FDB26578C8436E4B9C4DF21E1F58FCFE6DA66E5769AAC3739005D465 ] DPS C:\WINDOWS\system32\dps.dll
09:30:22.0162 0x18a0 DPS - ok
09:30:22.0169 0x18a0 [ 79C60E0B41DFD9CB4648D37971A8218B, 258C839F6D364200B4A56B42E8155C67617B78EE6FEDCBBF13BC21A075BD959C ] DptfDevDram C:\WINDOWS\system32\DRIVERS\DptfDevDram.sys
09:30:22.0179 0x18a0 DptfDevDram - ok
09:30:22.0185 0x18a0 [ 616F4B6DA531C98D961FE88C84755293, 825FA636B0978C801A64B2DDAE6C72A5302AEDE6C0ED4211A422964E0F3AD2F3 ] DptfDevFan C:\WINDOWS\system32\DRIVERS\DptfDevFan.sys
09:30:22.0190 0x18a0 DptfDevFan - ok
09:30:22.0190 0x18a0 [ C746C457E035E05B1B093157D299B781, 18948E1FC6E8379E9F987B106A7469358A0546ADDB0DB87E0D5E9789DFBA57CA ] DptfDevGen C:\WINDOWS\system32\DRIVERS\DptfDevGen.sys
09:30:22.0210 0x18a0 DptfDevGen - ok
09:30:22.0210 0x18a0 [ AE037B2DB9939F4F7DD0A66B75BCE63D, 130D095C21D8A5F33C26DEE5487F19A331E9C51AC3F2AE45899E88BD150373A6 ] DptfDevPch C:\WINDOWS\system32\DRIVERS\DptfDevPch.sys
09:30:22.0227 0x18a0 DptfDevPch - ok
09:30:22.0242 0x18a0 [ 3E8D052C6DB66F9CCCB74BD2745122C4, 0B73E18778228F749B8265C0EAF76BD8F40286CD09DAFEE14E19E1533E66F2F4 ] DptfDevProc C:\WINDOWS\system32\DRIVERS\DptfDevProc.sys
09:30:22.0256 0x18a0 DptfDevProc - ok
09:30:22.0260 0x18a0 [ EA2498A29131E284CF1F9609BB4A44F4, 5B705C44FF1B0BDED889F7F54081FA9692BFF78346DE203132F97D89630D8EC6 ] DptfManager C:\WINDOWS\system32\DRIVERS\DptfManager.sys
09:30:22.0280 0x18a0 DptfManager - ok
09:30:22.0280 0x18a0 [ 6E467BC0B40D7479516BA330DDA97B1D, 5AB59CF6B4E739A7040B03DE7009986501344BF6F13DBBB96CAF5BC0FB6CB46B ] DptfParticipantProcessorService C:\WINDOWS\system32\DptfParticipantProcessorService.exe
09:30:22.0306 0x18a0 DptfParticipantProcessorService - ok
09:30:22.0311 0x18a0 [ 6C469C846EF4F256622C21A428E2E14E, CBCDD357221DAE0D09A4A6D4CBD32CD838D091C40ADE357D5010822D6633E9A2 ] DptfPolicyConfigTDPService C:\WINDOWS\system32\DptfPolicyConfigTDPService.exe
09:30:22.0321 0x18a0 DptfPolicyConfigTDPService - ok
09:30:22.0325 0x18a0 [ 25FA06D3B49D6ADF8E874FFCDCD76B50, 9AF09B96ED79D94EA36581ABE6CC73313A72891779774B15860D018BEA2BBA0F ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
09:30:22.0340 0x18a0 drmkaud - ok
09:30:22.0346 0x18a0 [ 16EE6701115BECF8C657D9D6E123F6A1, 16E115B5245C3C988F8B58B90D30F183021C7C7792D3D1C74BEC606E49672B2A ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:30:22.0367 0x18a0 DsmSvc - ok
09:30:22.0373 0x18a0 [ 120BECF7452992DAEBD3878BFE5B2412, A1FE8FC039835A5B59ABD789F5C1BFEA2C091A29978CE386C9880E13178930E5 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
09:30:22.0390 0x18a0 DsSvc - ok
09:30:22.0430 0x18a0 [ A2512BC5F2ABD84D8B3CB0D76ADB749A, 14A1FBF606ED537B9E1B7A939C010A2BA9D609D147FB89AE52D116E59A21D99E ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:30:22.0488 0x18a0 DXGKrnl - ok
09:30:22.0495 0x18a0 [ 0CDF6B61D7F7FFCD195AF0113B9B2C16, 828D3FA31742B54075EAED2E67BBB5166D2EF4F84B791077E96DC0BD5557F11E ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:30:22.0512 0x18a0 Eaphost - ok
09:30:22.0581 0x18a0 [ 491275B864B704B54EC08168344E0F38, B4849400C3F819CF7809A2001EA2ECB527022483F7DFE31C3930F951EAFE50CE ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:30:22.0682 0x18a0 ebdrv - ok
09:30:22.0691 0x18a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] EFS C:\WINDOWS\System32\lsass.exe
09:30:22.0701 0x18a0 EFS - ok
09:30:22.0701 0x18a0 [ CEF108FCE06892CFA5F1B49527D4BF49, FA337584024B6E6EE4AF519F57FFA4C0FCA19EDC148FF309336C4CCA8F9C9CE8 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:30:22.0719 0x18a0 EhStorClass - ok
09:30:22.0724 0x18a0 [ 5B1EAAE3001A7A320C106FC3859F4111, 700BA2C7D4DFAFFEB78D3804B310A4EE5B4295C84600442665693FF661673951 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:30:22.0742 0x18a0 EhStorTcgDrv - ok
09:30:22.0748 0x18a0 [ E34DEFC09F2843C2C24C2248F1ABE6D8, 1FD67EB5820A1D2F4402DE9D95DE288DB69D421A8473074FF23491D7CA8B5ACE ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
09:30:22.0763 0x18a0 embeddedmode - ok
09:30:22.0772 0x18a0 [ 062152DD5B225518A991DFCD8536770C, 5C8EF4E0C7DE3B24387FF239A8D0CDA39C2376826F16EAFF09739A6C7EDA01E0 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
09:30:22.0796 0x18a0 EntAppSvc - ok
09:30:22.0801 0x18a0 [ 7A2705148A4BB3CA255F81624338B461, 68AC8F8D2DD8AA4E8F2224A0054DE2AF67EA199217E87CD3C7299B021048F14F ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:30:22.0812 0x18a0 ErrDev - ok
09:30:22.0828 0x18a0 [ 17BE4A35829B37C742084DC02D48E5F0, 7FDA62B56DF585C3F2C6FFB10AC7C0D8F70FA921C4DEA47B2789745CFE2618CE ] EventSystem C:\WINDOWS\system32\es.dll
09:30:22.0856 0x18a0 EventSystem - ok
09:30:22.0866 0x18a0 [ DFE8A33FBCF6F38182631A4D6097B92D, F9D06780830E74FD5309E6DC5C3EEDB9334A8AE284F381FA91EF2729297F8632 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:30:22.0890 0x18a0 exfat - ok
09:30:22.0890 0x18a0 [ 03DE0EC072C5EBD5B018CAD83F1E522A, 9D0B30A2870FBA20B95017CE3A4205F2DD53FE169A0D16715E962D83DE040FB3 ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:30:22.0922 0x18a0 fastfat - ok
09:30:22.0931 0x18a0 [ 952F10D2116B91BA433842D07879AE7A, 9E1EC0C719877EF198AA4DDBE896E9DDEAD360AAC1FC6DF305E7C5C73C7A761D ] Fax C:\WINDOWS\system32\fxssvc.exe
09:30:22.0971 0x18a0 Fax - ok
09:30:22.0975 0x18a0 [ 9D299AE86D671488926126A84DF77BFD, C076EEDD0524B7D88BC56C97089E0A836CC1AD725E1A544CC4F8DDBB6670C366 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:30:22.0987 0x18a0 fdc - ok
09:30:22.0991 0x18a0 [ 47D09B8C312658ACE433E46DDF51C3A5, E76948DA0F51C7DC6D69B7E36D63CE6E98FDE619FA30E91637F75B5084107D22 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:30:23.0008 0x18a0 fdPHost - ok
09:30:23.0012 0x18a0 [ 177AC945B20C81400A1525ED7B49A425, FD215A2E718EA38A95D985F53AB3DD44B50C2549AA67F44BA98C4709E492051F ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:30:23.0029 0x18a0 FDResPub - ok
09:30:23.0036 0x18a0 [ 3E78BEC276DA5A062E4D55F3291B3463, 62983457F506C70D1F89F527AB61C1C0F4D1B002631256A2708F9AF092A8C95E ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:30:23.0054 0x18a0 fhsvc - ok
09:30:23.0059 0x18a0 [ 8F12AB59336143B680F71B217B495AD2, A28F62F065C68CC1A7EEF0CA52F83C3284B001565D8E154BF8568DE4A525104E ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
09:30:23.0074 0x18a0 FileCrypt - ok
09:30:23.0078 0x18a0 [ 92ECCFA58C8195B8EA33ED942469D4E6, 8DB12E8CF80ECA22182F9A1F4CA922336A430297F1F596F204ECF4D9D19F30D9 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:30:23.0081 0x18a0 FileInfo - ok
09:30:23.0081 0x18a0 [ 87C51FDD50C17882BA93E28BBABB9847, 8987D80FB77D1D3F9E89B491B1287B027DA26FFC4E4BA7B01E07D4D4FC69E236 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:30:23.0110 0x18a0 Filetrace - ok
09:30:23.0114 0x18a0 [ E99261DD76D1C9E05AF575939CAE5AC5, A789724FD2E22AFB2F921836F5C19A21D17F4BBD604771E2908C2651BD31989C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:30:23.0127 0x18a0 flpydisk - ok
09:30:23.0138 0x18a0 [ 25D7A58625E1453E40D36825DE74E4F1, 74119803D35E3C3CC349B44C6CD9EDF6B797F88584B847F0BF9EED542719B86B ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:30:23.0156 0x18a0 FltMgr - ok
09:30:23.0190 0x18a0 [ 4387DE200BF8DD0E2EE828E655434B9A, 9148D65E54663EEC139E754091F47ABF439A637BEA83F600D30736522DAA845D ] FontCache C:\WINDOWS\system32\FntCache.dll
09:30:23.0256 0x18a0 FontCache - ok
09:30:23.0261 0x18a0 [ E79DAC43A5E191FC4DDB04197A704BFA, 2FA6C8B5B2DFE66C05828E3F55DFD6268A8210E9BD083F2D09367AD59AF1C6C1 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:30:23.0261 0x18a0 FontCache3.0.0.0 - ok
09:30:23.0277 0x18a0 [ B4175E8BE60B099686FF55CA7D692316, 3158FC5B4D1A2F1FC1346754392AE24AE58999B9061B1CE78A65E785BFFADD52 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:30:23.0280 0x18a0 FsDepends - ok
09:30:23.0280 0x18a0 [ CC71372CEB811A72F1DC99089C5CBF53, BB9DDE74D60E534A6F8A51B63DDBB441245F06A00A0AFD37DBBE86255690946D ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:30:23.0308 0x18a0 Fs_Rec - ok
09:30:23.0324 0x18a0 [ 421497634C86EF4B8F86D0EBC076728F, E0D1449555D8849364E00AA747DBC820EF914A9F5B796E35070072FCBC532ADE ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:30:23.0349 0x18a0 fvevol - ok
09:30:23.0350 0x18a0 [ B9981A4CB9F728B3312A3885BFAA7204, 12FB2EB2E5D2A912769823DD9C1B33DB358CD0B7FBFC788529EF83DD584334F8 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:30:23.0371 0x18a0 gagp30kx - ok
09:30:23.0375 0x18a0 [ 77555B11B264991DDC26872FFCF1AB97, D5F230EEF74EB869F771F8A4AB19C1E6C845BB0EF4A1234882EBDA4FDC431E44 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:30:23.0387 0x18a0 gencounter - ok
09:30:23.0390 0x18a0 [ F3AC9652D88BF87BA6596CBEA28CE10F, 115F3C0A5B9903B17ADEA80E1825FE927B7361F5BDDF80CE3685EF2D327EDF4F ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
09:30:23.0407 0x18a0 genericusbfn - ok
09:30:23.0433 0x18a0 [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
09:30:23.0465 0x18a0 GfExperienceService - ok
09:30:23.0471 0x18a0 [ F802FBABF0C4DF1BAA733187B2E476F5, E2533284CEBBB872196B013DD1FBBCA794DB1CAAA37D64849BD9264ECDD2CEE6 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:30:23.0493 0x18a0 GPIOClx0101 - ok
09:30:23.0523 0x18a0 [ B55458A83395A2CFD4E745E9EC4AB5F2, EAB06B089D8A7DBC9AE2A1C919B489911690D341013A5F8F906819C68431CA85 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:30:23.0581 0x18a0 gpsvc - ok
09:30:23.0581 0x18a0 [ D011B0ADB15F4815310CE1BF4780B33E, 3860630917F83A89FE7A6407CC544505FA4BD754619CF273DD630ABFBAAE42EE ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
09:30:23.0602 0x18a0 GpuEnergyDrv - ok
09:30:23.0608 0x18a0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:30:23.0617 0x18a0 gupdate - ok
09:30:23.0621 0x18a0 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:30:23.0629 0x18a0 gupdatem - ok
09:30:23.0636 0x18a0 [ 84BC034B6BB763733C1949B7B9BAF976, 18C2C0F15BAFA46197F0BB629C4F585D893C2A78324CA198F88A04527D524F23 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:30:23.0649 0x18a0 HDAudBus - ok
09:30:23.0653 0x18a0 [ 6B8CB114B8E64C0636EB49F7B914D1FC, 1AD7A43CC5CD99DCEF60C61242B6843D4AD925CE93BA5D75CD8395C7125EF5A7 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:30:23.0660 0x18a0 HidBatt - ok
09:30:23.0660 0x18a0 [ D1AD197CCDAAC0CB4819DA1D6EB17BAE, C370F974D0A1F7B60F47EAFF57B6CCABE82913187F8BFEE169B8237AE91247B1 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:30:23.0689 0x18a0 HidBth - ok
09:30:23.0691 0x18a0 [ 64909DECCFCC6FB5D9A5BAFDCCB31FEE, E19C91FD8D5102A8C4F6C6FF70CA058BB272FEC1B6E9CBA3A473C49948E6AC7E ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:30:23.0691 0x18a0 hidi2c - ok
09:30:23.0710 0x18a0 [ F510F7B7BF61DEAAC04E65C3B65E8D59, 11566086B06FB08B6A179E3068E022DA381C762DC8962D1E1D63DC646DD4D301 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
09:30:23.0711 0x18a0 hidinterrupt - ok
09:30:23.0729 0x18a0 [ 90F3ED42D423C942BA5EA54E2FFE7AC7, BF7DE0C8141CD20A6235657BA897A019ABEFF6A01AA3FB202C73C33433CDEAF8 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:30:23.0777 0x18a0 HidIr - ok
09:30:23.0780 0x18a0 [ 46DE2EF6382DD9613CB506760648F262, 419555220794380134A64E1956B83B2FD1D1B6E403C5FC729A9107E14A12E968 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:30:23.0780 0x18a0 hidserv - ok
09:30:23.0797 0x18a0 [ 7222DC0F811BBD1B4B4A7C28B7C31AE5, B161D32B2EDD4BB110C80918A36B05D7990CE76567BE59FD1C3C07D53C3AFE03 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
09:30:23.0811 0x18a0 HIDSwitch - ok
09:30:23.0811 0x18a0 [ 128DEDDD61915DBA4D451D91D21F0513, 961A0DDA02B0879989300C15E4FF9022882A4CD895D65335C263AC0DD1918314 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:30:23.0834 0x18a0 HidUsb - ok
09:30:23.0843 0x18a0 [ 2FEF4D90C0CAED258C93CFF72A8FFD71, 56473D90E9FE52849067D080FD88B29C0BBE76E5266657E2ABD6366B7A4E9474 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:30:23.0865 0x18a0 HomeGroupListener - ok
09:30:23.0871 0x18a0 [ E2145534FB853921788F52701BED0CAB, DF71F842772FAC21DD8994C97F578A78AC43D06C5F26F752FB69B47DFE3BB112 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:30:23.0906 0x18a0 HomeGroupProvider - ok
09:30:23.0911 0x18a0 [ FF442DCDCE1F6E9FAA9C8AD0CD1D199B, A239414E97B310C9545995B0E723B5E792B08D71F651450EB006AD4D1765E4F7 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:30:23.0928 0x18a0 HpSAMD - ok
09:30:23.0953 0x18a0 [ A403DAE4B083EB96BC6CEDB47639B4F8, 6F5709CEA93789C075E4BE4041EC43C94910617DA4123DEE178E74E4A9B26708 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:30:23.0989 0x18a0 HTTP - ok
09:30:24.0021 0x18a0 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
09:30:24.0032 0x18a0 HWiNFO32 - ok
09:30:24.0037 0x18a0 [ CBA5E88A0F0475B7F49653BB72150BEF, 0F03560D9C30E069D117A555AEE729C81E6BCAE443FA25172D0E9E6903695C67 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:30:24.0047 0x18a0 hwpolicy - ok
09:30:24.0051 0x18a0 [ D668FAB4B0397B426EE3D41683B9A1C0, 66F3E3B2ABC3C9B25A0DADBF09818547ED301230374AC5302B4794629A95DDF8 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:30:24.0051 0x18a0 hyperkbd - ok
09:30:24.0071 0x18a0 [ 53FDD9E69189E546DE4740F8C4D8AB2F, 45ED5B229ED5FD0CEE8BF52EFF88FD8B1889BF348ED7187926F290B3AD48A76D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:30:24.0091 0x18a0 i8042prt - ok
09:30:24.0091 0x18a0 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
09:30:24.0111 0x18a0 iai2c - ok
09:30:24.0111 0x18a0 [ 59A20F5AD9F4AE54098154359519408E, E27B7389C9D123CDDA4EC9CBDB06C4AA5000012391F940EE1492419B593608FE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
09:30:24.0141 0x18a0 iaLPSS2i_I2C - ok
09:30:24.0141 0x18a0 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:30:24.0163 0x18a0 iaLPSSi_GPIO - ok
09:30:24.0169 0x18a0 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:30:24.0180 0x18a0 iaLPSSi_I2C - ok
09:30:24.0204 0x18a0 [ E5A15FEDEBDFB8E12CB94DBF01833775, 9C751A1FD8A5CEC8DD9FE8AE46E86A514C67F07EED04AB23A26A36F400DF8EA4 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
09:30:24.0222 0x18a0 iaStorA - ok
09:30:24.0239 0x18a0 [ 6B0029A0253098CCE28EACCFDB9E7208, E33AD69644E1683A971DA1169B704FBCFD9F715E9550816058E420BB5DE4D946 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:30:24.0271 0x18a0 iaStorAV - ok
09:30:24.0271 0x18a0 [ 9652E1E35A92D8C75710C17A63B15796, 72F8C4A49B874226DEE9B7C9704F0E0A98DAA2DF4EAE2F2258E8324ACBD242E4 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:30:24.0310 0x18a0 iaStorV - ok
09:30:24.0310 0x18a0 [ FFADF691F7BF727AF5C863454A372723, FCF5A5595E8C9C937BE9F1C3AB5D9BD0EFE82DE1298D12085E0CCD84A186D2F2 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
09:30:24.0341 0x18a0 ibbus - ok
09:30:24.0341 0x18a0 [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex C:\WINDOWS\system32\DRIVERS\ibtfltcoex.sys
09:30:24.0369 0x18a0 ibtfltcoex - ok
09:30:24.0371 0x18a0 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:30:24.0393 0x18a0 ICCS - ok
09:30:24.0400 0x18a0 [ 80BF2990E01E774D64F6E13F30661942, ADFEA2280D29F2C7B0A556C61709301D6327C288064FF5A4D29358403DF41DCE ] icssvc C:\WINDOWS\System32\tetheringservice.dll
09:30:24.0411 0x18a0 icssvc - ok
09:30:24.0411 0x18a0 IEEtwCollectorService - ok
09:30:24.0500 0x18a0 [ CEFA6BDB4789F3DA003ACBDCC64F5877, 0FE78AEFA9A75B4A99AD6B73AC3252E4C6DFA9D306FEC02D26C1FD574108BFBA ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:30:24.0600 0x18a0 igfx - ok
09:30:24.0600 0x18a0 [ 75909533EECD0CD9D5974B59474AA6C0, F81D0F949F1F01D09C91735C79288395B82C27B8FB78804752E5A678D7EF3860 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:30:24.0631 0x18a0 igfxCUIService1.0.0.0 - ok
09:30:24.0654 0x18a0 [ 12F8D27ED8623DDDC09A549EDADCBAC9, D3A3F0588D9CAF1027D8BC14601E2A6AB7E5924A2C23C90D38A9E14538DB02A9 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:30:24.0691 0x18a0 IKEEXT - ok
09:30:24.0691 0x18a0 [ B1F193AB8FB72E9FC34B3A39314ED872, 408E98D9C8ABB928090DD9E5D1BB227EFBC997BF168437BAEF0461EB0D1DAE3D ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
09:30:24.0719 0x18a0 intaud_WaveExtensible - ok
09:30:24.0808 0x18a0 [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:30:24.0901 0x18a0 IntcAzAudAddService - ok
09:30:24.0929 0x18a0 [ 8AEEE0F4D210B61F917CFEA9653973C4, F09389C2A3E1DED402C08BF1A30BD79A342B0E55AD4996CF2E5189A004E6E62F ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:30:24.0955 0x18a0 IntcDAud - ok
09:30:24.0975 0x18a0 [ C7BB17877A0F2BF70ABD5AF2FEDFA580, 4238FED3BBF94EE29DEC05A55D65023BAD7407F5B53E411E434D839E6E187256 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:30:25.0016 0x18a0 Intel(R) Capability Licensing Service TCP IP Interface - detected UnsignedFile.Multi.Generic ( 1 )
09:30:27.0353 0x18a0 Detect skipped due to KSN trusted
09:30:27.0353 0x18a0 Intel(R) Capability Licensing Service TCP IP Interface - ok
09:30:27.0359 0x18a0 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
09:30:27.0368 0x18a0 Intel(R) ME Service - ok
09:30:27.0372 0x18a0 [ ECDB27420D3A98424666904525A8562A, BDA98C3C95F2AD79945EF8213D5C65064052C09C82DD36F0D6724E1D21DCC30A ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:30:27.0387 0x18a0 intelide - ok
09:30:27.0391 0x18a0 [ 8FF1978643EFD219C5BA49690191D701, 6FD78A8490107C80090D7125644B8C910855374BE1373D1D6B199307C79680BA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:30:27.0406 0x18a0 intelpep - ok
09:30:27.0412 0x18a0 [ B61B60F36E1C8022FA8166ABF0F66B07, 23161F1DA51D44D936329E62DF4C2DAEE3DDD4B3D62CC501A888C0E149788968 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:30:27.0428 0x18a0 intelppm - ok
09:30:27.0433 0x18a0 [ CA0D42029AFFC4514D295E1EF823D02D, F2A05CB2B2E8C843FD02DC37E86F23CF928A4B2F9044424A60DE4E82B87DF5C3 ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
09:30:27.0446 0x18a0 IoQos - ok
09:30:27.0452 0x18a0 [ 6E3F9D95235DFC9417384080A216F310, 6F13D72661038A91CFABB360621F4B169D78955C3EAD64956A7C825ABAEC5121 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:30:27.0468 0x18a0 IpFilterDriver - ok
09:30:27.0489 0x18a0 [ 6E75B731A8A7EFED0821327B08DAB46D, A77B746447824BD3C68B82D7329B82D62098B2409F8AEE4738FA23CB1561E629 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:30:27.0535 0x18a0 iphlpsvc - ok
09:30:27.0540 0x18a0 [ 4F527ECB5EAB47D8EAF34A469666C469, 8FFBEEF42515B6A7758BE579ED69E3911856CBF7710D9785011332C5E3DFE495 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:30:27.0555 0x18a0 IPMIDRV - ok
09:30:27.0560 0x18a0 [ 9E5E8F2A1996F23B7E9687846AA81B01, 29E59384A4F92B3B4F2974942C91A12380113C13D3800900B5F44E2355D05455 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:30:27.0561 0x18a0 IPNAT - ok
09:30:27.0579 0x18a0 [ C317EB660138BC9CBFE37CCDE56351AE, F3AF6C573419D7F65C96A4841D4F056CA281CD5AFACDC7A5F586A390DC6E615B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:30:27.0594 0x18a0 IRENUM - ok
09:30:27.0599 0x18a0 [ 531994A6D9399D9B74BE12B5BB58A81E, 6D5CF540C777F4828E1D4C5FE58EE41E6C2F5F399C554DC85F19D1E52229B094 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:30:27.0609 0x18a0 isapnp - ok
09:30:27.0617 0x18a0 [ 68D5354A4A9692EEC24664C60F47D4A2, 92124E98B6E286B6127DC6D0BFACC9C6D293D58EAE2B47B45532714CE6A6D0CD ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:30:27.0621 0x18a0 iScsiPrt - ok
09:30:27.0641 0x18a0 [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
09:30:27.0653 0x18a0 iumsvc - ok
09:30:27.0657 0x18a0 [ DD1F43B86AD84E53203F92FD3EF3AEB6, 9DE2BA80B315E56DF2E74EAA65F4ECB8324DFC19E30EB56EDDF08340AB100E87 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
09:30:27.0670 0x18a0 iwdbus - ok
09:30:27.0676 0x18a0 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:30:27.0686 0x18a0 jhi_service - ok
09:30:27.0690 0x18a0 [ 701D7DB13B0815E7076EF4CB4CE981F8, 02585661656C0069AC318B82DE83DAC660451A0B970FDBCA0F7A8B4CBF7D93A9 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:30:27.0707 0x18a0 kbdclass - ok
09:30:27.0711 0x18a0 [ 884EBBDDBF5968003B40185BD96FF0E6, E3934D0FF0BEDDF5526AF529F7D15BA8BE479383894975B1AF1A1818C394A6E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:30:27.0724 0x18a0 kbdhid - ok
09:30:27.0728 0x18a0 [ 6C6F4A5FC5A2343995D1B0F111D5CF06, 62282992D3B1634C7BBDD1BCFC13F77FC806AD85B2C667FA09D73355825D19A8 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
09:30:27.0738 0x18a0 kbfiltr - ok
09:30:27.0742 0x18a0 [ 6B3A0C7902811E6372643447E41F7048, 30667B56A306CFD5D15BC46F8E7D9E167612E71B6C8F554406E706A6330F5B94 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
09:30:27.0760 0x18a0 kdnic - ok
09:30:27.0765 0x18a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] KeyIso C:\WINDOWS\system32\lsass.exe
09:30:27.0775 0x18a0 KeyIso - ok
09:30:27.0782 0x18a0 [ 982C795DE20CED7AEDD2E7899B5D9BC1, 9F4E7536DB253CD83AA2AB89E9F3311714CD70F13AFD16F9B4D4CD86A70FC164 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:30:27.0794 0x18a0 KSecDD - ok
09:30:27.0801 0x18a0 [ 7D8B9214692C4D0F1646215D9984E19A, DC73503A8CA67F4E167DEA69AADDEA5F2D756E1C1F4FF42B6ECEA7E637BB80AB ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:30:27.0815 0x18a0 KSecPkg - ok
09:30:27.0819 0x18a0 [ E9BB0023D730701BB5D9839B44F5E6B5, 19D4BAC09424D331922472CFD2D0E32BEFA9188A6AF194C8D1F93FD77CE36691 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:30:27.0835 0x18a0 ksthunk - ok
09:30:27.0845 0x18a0 [ 71DE1AD9B23661EEC4F2A6EAA5A7D33D, 3219AEF3D6AE5933AE669FD2ED9ED95A8780612E39F31DB3DB9ED6B6244C5F7B ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:30:27.0861 0x18a0 KtmRm - ok
09:30:27.0880 0x18a0 [ 8BBB2B4429AF340481520C20C17FC5B6, 9E32815349195FC4B1BE213600FD407F2EAEEC8368289EB3E6B769125A739C08 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:30:27.0902 0x18a0 LanmanServer - ok
09:30:27.0910 0x18a0 [ 1F5D48B1DA1B812BD2411CA44D75DD32, D1BDB8142CB13E8C6DD6F42E07C9D19BBBF6410D5122A04C01B34B95B442DD95 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:30:27.0921 0x18a0 LanmanWorkstation - ok
09:30:27.0937 0x18a0 [ 02C54C5C7EBE371EC0C59795ED22213F, 712AFE0EDF40436124F3FD55ED9B5A3A33A8761A58F4D482BB65229741B1C270 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
09:30:27.0951 0x18a0 lfsvc - ok
09:30:27.0951 0x18a0 [ 01BF128CC327A2E53898F732AF52B3DB, D62ACDA69D9942F9CEF400874DBB6EAF9811D9657CBFEF89174F88D76BB8D8EA ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
09:30:27.0968 0x18a0 LicenseManager - ok
09:30:27.0974 0x18a0 [ EC34EED89C34B27C292166B725AC7A7B, 58F1BA0CB7743314AC012A82F8CE4072CBDD05D9570C52BC18DC551882F5B1BA ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
09:30:27.0989 0x18a0 lltdio - ok
09:30:27.0999 0x18a0 [ 2C23283A0815B048C06D8C0ED76AAD95, 4335546939C1A98CFE9A4403CC82D79CC713439E4DFD1F4760FDD867305151E0 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:30:28.0022 0x18a0 lltdsvc - ok
09:30:28.0026 0x18a0 [ CB6365E995F4DB856866500EDD8F61C1, 717ED387F245CAC68217B0F393D7B8AB3805721AB2C4D2D43430FE6E740F0856 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:30:28.0040 0x18a0 lmhosts - ok
09:30:28.0050 0x18a0 [ 3714AC47F8675E7B67DDC0D6625406FD, 7467197EDD43CAAF9557625C1A6E5AC11ADA7C02D87196E367385CBB76606359 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:30:28.0050 0x18a0 LMS - ok
09:30:28.0073 0x18a0 [ 961F28D879D345BFA50AF51285C90F2E, F9931A436651F695B746BC0C07E833D9C9F64126746DF976E691E6CAE26DAC9B ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:30:28.0090 0x18a0 LSI_SAS - ok
09:30:28.0090 0x18a0 [ 6BFB8D1B3407518BE06B6F81F92FA0F5, DE0818DCC0D8D1D30A29AB167C65461A78100ABE2368637CEB9D0ED2B4E88D8E ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
09:30:28.0112 0x18a0 LSI_SAS2i - ok
09:30:28.0118 0x18a0 [ BE0E47988D78F731DEC2C0CB03E765CB, CA0015E87A3962611DBF714253FA618A6568346BAE640884432C1D44DE4C8684 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
09:30:28.0137 0x18a0 LSI_SAS3i - ok
09:30:28.0142 0x18a0 [ F99BF02BE9219986817BF094981EEB18, 4303C772366065885C5D937B2E9AC0BF80C84BFB2737716055AD57BF6AADD673 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:30:28.0159 0x18a0 LSI_SSS - ok
09:30:28.0177 0x18a0 [ FFAA37FBBDD161E8C200C83B40F7872E, 0637B3119FC220CB8E23EE6694A9F1F25CF8D61008B14F6E30FDC17DCF9E077E ] LSM C:\WINDOWS\System32\lsm.dll
09:30:28.0210 0x18a0 LSM - ok
09:30:28.0210 0x18a0 [ 2FCF837196082864F66CFD9CAB256275, 8BE01C3BCBC1E6E5D1FD7F49E936482E61ACB805F397AB81B8D39C2F0F1083BD ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:30:28.0239 0x18a0 luafv - ok
09:30:28.0244 0x18a0 [ 88B38A7435DFA9B7E8F94F5D5FE999D2, FF4EBB6CE013D0EA62FEDA5FBBD1205D9A6F684E701F40039A95A4EF4145DC16 ] MapsBroker C:\WINDOWS\System32\moshost.dll
09:30:28.0251 0x18a0 MapsBroker - ok
09:30:28.0251 0x18a0 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:30:28.0270 0x18a0 MBAMProtector - ok
09:30:28.0295 0x18a0 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:30:28.0338 0x18a0 MBAMService - ok
09:30:28.0347 0x18a0 [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
09:30:28.0363 0x18a0 MBAMSwissArmy - ok
09:30:28.0368 0x18a0 [ 08DECFCB9BA97786165A69AB1015BC30, EDC8C8447B57BD412E2DEBCA9B5B1B58C19D40105DC7CE9520DE214081696B05 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
09:30:28.0381 0x18a0 MBAMWebAccessControl - ok
09:30:28.0385 0x18a0 [ 2ED29B635F35E31A1C0D3DDB7DD2AD03, F70CC20B98C2DBCD13B0D509D92B3BC3828D1B88F3ACD60C860E163064844181 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:30:28.0401 0x18a0 megasas - ok
09:30:28.0415 0x18a0 [ 22E3CB85870879CBAE13C5095A8B12E3, 5FA5A8EFBA117089CFDBE09743A16BC3A7CC2042C96ABA1F57901747493106BF ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:30:28.0444 0x18a0 megasr - ok
09:30:28.0451 0x18a0 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
09:30:28.0465 0x18a0 MEIx64 - ok
09:30:28.0469 0x18a0 [ F2C23E25636BCA3543E6AD7858E861B7, 0CAB0A037471B4858CE9477E49BF50A5E3E6685E05F8A4BD2D9238551D5073A6 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
09:30:28.0470 0x18a0 MessagingService - ok
09:30:28.0506 0x18a0 [ D41920FBFFF2BBCBBC69A5B383AD022E, E66218A8303422EA10C19BA12343740B9A1A70B11B39E185E805B4F74CD2B75E ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
09:30:28.0541 0x18a0 mlx4_bus - ok
09:30:28.0547 0x18a0 [ 64BD0C87064EA20C2D3DC4199F9C239C, ED69706277A58ED2C5F2B1B4E9A4A9C7C20173D46EB57FB31D8B63340BA23193 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
09:30:28.0550 0x18a0 MMCSS - ok
09:30:28.0550 0x18a0 [ 8D4B46FA84A3A3702EDADD37FAC6EDBA, E3B9E12BD324FE637C365FDC5E490C41889047004D4FC8F7D78339484F2F717B ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:30:28.0579 0x18a0 Modem - ok
09:30:28.0583 0x18a0 [ 78FEC1BDB168370F131BFBFEA0A04E9D, E07B1BC429C2CFBD6162F89A6502C67A4BAD904ADC05D3505D87A0B2BCE1061B ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:30:28.0596 0x18a0 monitor - ok
09:30:28.0600 0x18a0 [ D1CC0833CFBC4222A95CAA5D0C8C78FF, 54F04374C6D3EFF5C1B794C069870458F10757E5773AEE911957089EAF51EC8D ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:30:28.0616 0x18a0 mouclass - ok
09:30:28.0620 0x18a0 [ C2E05EC6B80BCF5AE362DA873E1BCE64, 4ABE5CA2005A54E92259EDB52205A5C59BDB83026FC0CD7CBB1E3A003C2B535B ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:30:28.0633 0x18a0 mouhid - ok
09:30:28.0638 0x18a0 [ D5B7668A8F6C67C51FA5C6C513396D6C, 35985AD89344A8464BD78B8DA6A772E4E60A2EB93072AC23673A86EFD0B2270A ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:30:28.0650 0x18a0 mountmgr - ok
09:30:28.0651 0x18a0 [ A48479D7010ED54BB6AE3D5937A36C53, AE23673ABAB297DEFFC58A756C0667CA8F335BECCD31BF8E81BF1AEAAB9E86E8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:30:28.0668 0x18a0 MozillaMaintenance - ok
09:30:28.0672 0x18a0 [ 5FBCB85D127BE21E3A9DAF11A13C00EA, D00AB99CC813E26B0BD2D39161D4138AB89A06B3E3A28712F2D5BCA60905BEC4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:30:28.0693 0x18a0 mpsdrv - ok
09:30:28.0714 0x18a0 [ 3B3906F069DB567C3D092F195FEA5F87, 1EAD704AD8E81D083FE3D458B529F8ECBE99569EFD20F7B520339F054E2F6515 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:30:28.0753 0x18a0 MpsSvc - ok
09:30:28.0760 0x18a0 [ 37C9EC0398BFC22C616711E41AE157D5, C8DD6B6B47513696CD4BD376C5D9F82C0F52F5A351FFAFE149E3B13C4684D40E ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:30:28.0780 0x18a0 MRxDAV - ok
09:30:28.0792 0x18a0 [ 61F9F27A8C3D7BCD287FE98A440421CE, 773208951BD0B8C0B9510F4C317484D5FCF36D09310D4E20F2BDB85D61088BA5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:30:28.0800 0x18a0 mrxsmb - ok
09:30:28.0821 0x18a0 [ CCAD845F4D21D0E0E0468205EE865473, 8F93B61F407BCE5910A7A9F01F8A51FDB7A3C4F03E59C144C1D4FD974D10C2D4 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:30:28.0841 0x18a0 mrxsmb10 - ok
09:30:28.0850 0x18a0 [ 0F47A6C09F0A7FB5513D322A2B9BE4EC, 00A17CB55D232E11F3D24D0B43FE4FA9E55F7EF5E5607B26ED84C13108AAC4FA ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:30:28.0864 0x18a0 mrxsmb20 - ok
09:30:28.0871 0x18a0 [ A934DF064C503A31683DD7EECDBD327A, 3ED943A2CFE9BB00898A4FCE08D3A5C814FE6E546FC10E9F30E6C2619B1AD162 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
09:30:28.0888 0x18a0 MsBridge - ok
09:30:28.0894 0x18a0 [ 807A6636828E5F43C10A01474B8907EE, F275645F4F0D0A796C33C03EA7FA563A0B890AB3A93E5F99C5EA166F91D249B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:30:28.0918 0x18a0 MSDTC - ok
09:30:28.0924 0x18a0 [ D123343DDB02E372B02BF2C4293F835F, 8E02D9F7E5DA717B64538444B3FE1C55AA4B0F26F51DA20947E971D27EA09D12 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:30:28.0938 0x18a0 Msfs - ok
09:30:28.0942 0x18a0 [ B3358F380BA3F29F56BE0F7734C24D5F, 229D9E72C429AC51BF6E7C8306218620CB1AA50FE39BA6C11ED0F643E7AF90E5 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:30:28.0957 0x18a0 msgpiowin32 - ok
09:30:28.0961 0x18a0 [ B2044D5D125F249680508EC0B2AAEFAC, 9631FF42DA5A7CEE1F2607AA8972EF0A67616F0EEEBC95F97B1C8F5A577ED5C4 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:30:28.0972 0x18a0 mshidkmdf - ok
09:30:28.0975 0x18a0 [ 36ABE7FC80BED4FE44754AE5CFB51432, FB89DF3A50C52B69D4E831A370157D1901810093A0D7D7120A120FC5C6E14BF5 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:30:28.0986 0x18a0 mshidumdf - ok
09:30:28.0990 0x18a0 [ 59307FEAFC9E72EEEC56B7FD7D294F4C, 56576635870FC68980977FFA0E7F8E8D69A7981DECF5B52D0B2A82E3BA6685EA ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:30:28.0991 0x18a0 msisadrv - ok
09:30:28.0991 0x18a0 [ 236A38F5CB0A23BF0ACCD70ED0BD7F70, 8106B528458E6C8E4437D9064D58F10FF195E67CD308AEBBD5F860AD2D59DCC4 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:30:29.0029 0x18a0 MSiSCSI - ok
09:30:29.0030 0x18a0 msiserver - ok
09:30:29.0030 0x18a0 [ E9457EDFEBC774199F907395C6D09CA2, C3655CE83F4AD1258382722E9A99C33FDD3AA40B62CFEB8DFDD141E254E6DCE2 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
09:30:29.0049 0x18a0 MSKSSRV - ok
09:30:29.0054 0x18a0 [ C85D79735641D27C5821C35ECDDC2334, C1BAFD98122B04665870171C143EC119181351D10777A83680A63BF305703FF3 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
09:30:29.0071 0x18a0 MsLldp - ok
09:30:29.0075 0x18a0 [ EF75184B64356850D0F04D049C253526, 325476F53372BD70201347F044C8EFEC0DB939E1926454B6DCC0CF7864969650 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
09:30:29.0086 0x18a0 MSPCLOCK - ok
09:30:29.0089 0x18a0 [ 543933D166C618E7588EA77707EC1683, 84A65D277E28FDD7CE2345188891093AC88B577E4C528AD39AB629E341199688 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
09:30:29.0102 0x18a0 MSPQM - ok
09:30:29.0112 0x18a0 [ 182711E9DDF70121A20EBB61B2DFB9E8, 70606503F6280EA3175B9AEC8370A8F461575755DA86EF6E9C9D04EAD61481FA ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:30:29.0121 0x18a0 MsRPC - ok
09:30:29.0121 0x18a0 [ E887FFDD6734C496407E9219225CB6FF, 0EC9A79224BCE5D0A782E62CC38E3494E8FB65DFC07C66D25C5A1A351121C27D ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:30:29.0146 0x18a0 mssmbios - ok
09:30:29.0151 0x18a0 [ 83A2AB75951000D681FABDB80C07AEFC, 3B2F582F097E3F934C4587B27CB05525350F36924B74CA6BCD364878FA8EC273 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
09:30:29.0165 0x18a0 MSTEE - ok
09:30:29.0168 0x18a0 [ 4FA0483896FC16583851EFB733FCB083, BB59243ABE32FBE92EC1B04D24239BE2DF7C2354A407C2EFF97623F07DCBDA35 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:30:29.0170 0x18a0 MTConfig - ok
09:30:29.0186 0x18a0 [ 60F88248608315E13391C2F1C3B4473F, 99E8B74118A01FC281A1C6B323EFD1A8EA1997B81A013442205066F55327D555 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:30:29.0198 0x18a0 Mup - ok
09:30:29.0203 0x18a0 [ 218705233D02776AE4D19CC37D985C1B, 3D92925867B6B8FFAF78E4080139DCB3D45E1E6E1D0AFB6A4FE248B002BD8471 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:30:29.0220 0x18a0 mvumis - ok
09:30:29.0235 0x18a0 [ 536A0806CE2061A2157E65D4D8ABF30C, F9893F66505E3F748365CD4625B34357531804BDFE33E57285C0106C03F7916C ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:30:29.0267 0x18a0 NativeWifiP - ok
09:30:29.0274 0x18a0 [ A340A4B27CC7DEDDF953B7E2C9699747, 4C5AB23BD0C69B17E9BD29CAFEDC100A6EFC78BAB645B007FCAE4318C459D345 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:30:29.0293 0x18a0 NcaSvc - ok
09:30:29.0303 0x18a0 [ 7467BD76D6ED5981E6C3DBFEB50F0F4D, 237E1C2E15D5F3BAC49B09E1CD0EAE56A6998AE1FF560A4F7A7EFFEB46884798 ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:30:29.0311 0x18a0 NcbService - ok
09:30:29.0332 0x18a0 [ 476466DC3AB2327E2DBFAEC11798E2EE, 9ACD74720664CF3F239601DF0BE80AC443AF0FBF666CBB8509169364FB22B95D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:30:29.0364 0x18a0 NcdAutoSetup - ok
09:30:29.0368 0x18a0 [ B57CE307DA101C739885B7CC0678077F, F7F45DB6D306060F0FE0E59F39C3B95F6A9B6173930F22C5C41B2003895D6642 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
09:30:29.0370 0x18a0 ndfltr - ok
09:30:29.0410 0x18a0 [ AFAECF904F1C343EBD50F91BC8D0DBE8, FABAE70F62895708415B8E176A880D2D20D46D9A14C3D41D371B905CE4D64BA0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:30:29.0450 0x18a0 NDIS - ok
09:30:29.0456 0x18a0 [ 202260E7CDD731A32AF62ABD1ABEE008, 0E019FAE09B2659CC3267756DB962CCD69172BA67E3288B491F7B455287A5392 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
09:30:29.0470 0x18a0 NdisCap - ok
09:30:29.0476 0x18a0 [ A1D473D0CF10561F29B58EA7C5412A92, 3DBFC1D769E03E30C87FF4F30A9B523A69A7E0CD4EB87F8A9ECE190FEB84C569 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
09:30:29.0493 0x18a0 NdisImPlatform - ok
09:30:29.0498 0x18a0 [ 1A0AE283B8DE6BB76412A0F8213D45AC, 91AFFDC7A9277EB59CD54021049BEA715078F90470B8A12F3E9F1386DF068D2D ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:30:29.0515 0x18a0 NdisTapi - ok
09:30:29.0520 0x18a0 [ A74EE2D2C0BFF5EC3A6185791868C4CA, A346320DEBEAE890575B4C6594FB3A3A9890A0E86881ADD8376E442282C88D38 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
09:30:29.0533 0x18a0 Ndisuio - ok
09:30:29.0537 0x18a0 [ 32A9BD1342640D48AD85C8B3E812B984, B702B05A0180472139B35B105DD3B6B6F75AEDC9DD1EE342FB576259076455AE ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:30:29.0551 0x18a0 NdisVirtualBus - ok
09:30:29.0557 0x18a0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
09:30:29.0590 0x18a0 NdisWan - ok
09:30:29.0600 0x18a0 [ 6A6A8CF5EE61801375A38EBB871D4057, AE8EFF18D82BBE83101B380189A6889822891A993EB865E2E81C1D2F60B77C4C ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:30:29.0618 0x18a0 ndiswanlegacy - ok
09:30:29.0623 0x18a0 [ 50AEF8EF0064A91ABB08D858D039C9DE, 16F1CBE1EC3778D157CC054261068C8D7F8A72D85853CB70178F8DF81D238C8F ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
09:30:29.0642 0x18a0 ndproxy - ok
09:30:29.0649 0x18a0 [ D358DF634F52247CB43F0781218F4D6E, D375E9E681551467FC5F7AB2AC053C9F22AAC541C0BCBA57090211F45009342C ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:30:29.0665 0x18a0 Ndu - ok
09:30:29.0670 0x18a0 [ 026618ECF6C4BEBDCB7885D42EC0DBE4, 8E7E13361DCF8748FA3AD518B3DE0A3DCE932316EE32E5529E75785BC5395AD1 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
09:30:29.0682 0x18a0 NetBIOS - ok
09:30:29.0692 0x18a0 [ F51C02D992A8D6BC5EC4D990F227D4C7, DBBDA422BFA82219403689637BE8D6B0D0A893895143E807FA5A007C166454CB ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:30:29.0714 0x18a0 NetBT - ok
09:30:29.0719 0x18a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:30:29.0731 0x18a0 Netlogon - ok
09:30:29.0740 0x18a0 [ 7FD4C3D32DAE890608F44074A3437CD8, 5B7D9E9AEE26896B818F3C5DBE4C96A33D43CE2CF7716B95AAB7203611C03BFE ] Netman C:\WINDOWS\System32\netman.dll
09:30:29.0763 0x18a0 Netman - ok
09:30:29.0779 0x18a0 [ A059F75402710535A90A8D043674A514, E98536DF74A2B75FDBA6B866DC1909544292DFE5E14F984941470FBA6E8D810C ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:30:29.0812 0x18a0 netprofm - ok
09:30:29.0820 0x18a0 [ 01C759FD50DFD46E30CC56B2B672B1A7, 88F46C89DCE1869D9932E809A24718B50C3B0161A1DD63DED899C0AFA8C7CFF5 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
09:30:29.0840 0x18a0 NetSetupSvc - ok
09:30:29.0850 0x18a0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:30:29.0873 0x18a0 NetTcpPortSharing - ok
09:30:29.0957 0x18a0 [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64 C:\WINDOWS\System32\drivers\NETwew01.sys
09:30:30.0153 0x18a0 NETwNe64 - ok
09:30:30.0168 0x18a0 [ 91B32D7036700BEED5343E1F6A7122CC, 8123CA398A79F0E69126F962AA29C2464FAB50182E961CB6A6ADB6CEA09A6732 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
09:30:30.0206 0x18a0 NgcCtnrSvc - ok
09:30:30.0224 0x18a0 [ 4547118EADA9FDBB054A211CD01866BB, 51656BDAD78B4CC452B2AE06061247BECD07307BB31B9D6AA615917EC97342E0 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
09:30:30.0258 0x18a0 NgcSvc - ok
09:30:30.0272 0x18a0 [ 1B8F07B59F7DAE02264FB8A16088C467, 1795DA9F72C34A9F47D9AAF5E95D40C3296948EB89D9600679AB4660671A5C65 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:30:30.0302 0x18a0 NlaSvc - ok
09:30:30.0308 0x18a0 [ 465DC580170CD844206D7E3EF1DBF2A1, 5A14001029BE154C708CCA34449B280905DB79978FC7F0BE0CF20B20E47752CF ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:30:30.0327 0x18a0 Npfs - ok
09:30:30.0333 0x18a0 [ 29395C214D2CD4C81F73166AB988A797, 3631EB2EA17E455ECD151C0BC9A3DF6EC87C75B15DC9B607CFB68D7C463E04B7 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:30:30.0346 0x18a0 npsvctrig - ok
09:30:30.0353 0x18a0 [ AF8B7848E102A83AAECCD24B181CEBE5, B2AAE3567EE3A7975CDFCB3FE41D33C74D4486BFF35FF56E0516A01C744BA52B ] nsi C:\WINDOWS\system32\nsisvc.dll
09:30:30.0370 0x18a0 nsi - ok
09:30:30.0375 0x18a0 [ 2871225495F832A8C8A7DD1A17EDB3DC, 2F6664C7F5FB2341B2AAF3C5A258FA0D7AEEE447562D7F39FD5A4EE905C18C6D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:30:30.0395 0x18a0 nsiproxy - ok
09:30:30.0454 0x18a0 [ EFEFC245B884B1BE0401931398DCD707, 43A7BDB9BF523791EC41E76F51E7DC56EFC55CCDA0D130ECFCD9990C43D67587 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
09:30:30.0543 0x18a0 NTFS - ok
09:30:30.0553 0x18a0 [ 6DBD703320484C37CEA9E4E2D266A8CE, 85D6F73C0E3FDE16829C9BC0D13DD89E64183EAE02F84607F6B8440CB7F366E6 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:30:30.0567 0x18a0 Null - ok
09:30:30.0805 0x18a0 [ DF0BB2C179476D312B7BC0056CEC50A6, 64CC3201FA903E0EC9C99BE167C439C14A4C9AC2A88898B64789EEB381DB97B6 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:30:31.0062 0x18a0 nvlddmkm - ok
09:30:31.0115 0x18a0 [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:30:31.0163 0x18a0 NvNetworkService - ok
09:30:31.0169 0x18a0 [ 2328DC3622412EE112868645DA013075, 361A3D2FDE53F5EAF3068A64F7848020C62B256C3F08BE5F863544A0747DD2D6 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
09:30:31.0175 0x18a0 nvpciflt - ok
09:30:31.0182 0x18a0 [ 604D27CC38CC23493F218D0BB834B3FF, EF5E5759CCF16DD97271C82DAF47FB2086EBCA5DE7D05177B70CA1197B95F41E ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:30:31.0202 0x18a0 nvraid - ok
09:30:31.0208 0x18a0 [ 8B50D897657AB4A15FD9E251BBF7D107, 36036130DD46D9BF105AC7176E219F3BE7D1168A660A0F8DFF76F61FBFA4B417 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:30:31.0228 0x18a0 nvstor - ok
09:30:31.0231 0x18a0 [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:30:31.0231 0x18a0 NvStreamKms - ok
09:30:31.0352 0x18a0 [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
09:30:31.0479 0x18a0 NvStreamSvc - ok
09:30:31.0507 0x18a0 [ DFCCA437717EACA8418F47992A41B39A, E587A629B894EE6A16AC414747D492FFC6B6E9F051B40F7D25F0D4406E2FF919 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
09:30:31.0530 0x18a0 nvsvc - ok
09:30:31.0530 0x18a0 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
09:30:31.0554 0x18a0 nvvad_WaveExtensible - ok
09:30:31.0559 0x18a0 [ 31F990B2B6B91E9D7A667405CE12FCB1, 907E095D1E83CDAFF34BE789FC41CDD7BB4DEE23261E1D03C1CF0D4D030534AC ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:30:31.0573 0x18a0 nv_agp - ok
09:30:31.0581 0x18a0 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:30:31.0611 0x18a0 odserv - ok
09:30:31.0611 0x18a0 [ 7F3A0D052B8E00E730316210B1DD092F, 14BD026EA759F6C81ED6B4DBB04E0584B7F6456725503FC73CD4347B7743005F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
09:30:31.0652 0x18a0 OneSyncSvc - ok
09:30:31.0663 0x18a0 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:30:31.0681 0x18a0 ose - ok
09:30:31.0692 0x18a0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:30:31.0717 0x18a0 p2pimsvc - ok
09:30:31.0729 0x18a0 [ 4A5634915AF62C983E08425905D0C04C, 09BC3F7AD9F79C5FF59520933D06FE155AC21CD0ABAFE66B81C9F87D83A2339F ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:30:31.0757 0x18a0 p2psvc - ok
09:30:31.0763 0x18a0 [ 7D0FC96264C0F8F2C1321E33E8EB646C, 82A06437B9B096BCCF5CE31BDF3539696E2E41DFA9870C358566EEE2F7D3B447 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:30:31.0781 0x18a0 Parport - ok
09:30:31.0787 0x18a0 [ 24AC0FD10325FBC2303B29A5F237AEB0, D94B26A36EBE4EFE8EA270FA6600811206830480BE953809F74FAB80628DF879 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:30:31.0791 0x18a0 partmgr - ok
09:30:31.0812 0x18a0 [ 0ECA2ADD5FBCE73183A68935C71B40B7, 08CC5F2F10D1DD1A1396CC29196314003491D3AF3DE59CADB281F252577F1860 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:30:31.0821 0x18a0 PcaSvc - ok
09:30:31.0846 0x18a0 [ 1D4E995955BDAE781C46CB97AE1CFB58, FF7475F19782CA253AA839DDB86E5AC20C5785D5CC1DD57D9FECBE4F5A5C0BFB ] pci C:\WINDOWS\system32\drivers\pci.sys
09:30:31.0865 0x18a0 pci - ok
09:30:31.0869 0x18a0 [ 2B4D98DF0CA57FB9536DBC80D2449D1F, AB34FA8585A20854369C0FAEB18BF5C7734D7E3C791F644B0576E40D609FCD09 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:30:31.0879 0x18a0 pciide - ok
09:30:31.0885 0x18a0 [ F4D5793BF2E58AF15C6CF2FEEF9E73EB, 9B5A40AF8838063F8F0A2B1480B39A2711AAE78BD972CDA60CCA0EB2BA211A87 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:30:31.0898 0x18a0 pcmcia - ok
09:30:31.0930 0x18a0 [ 22A53744CEEADFFFD33BA010FAD95229, 30B775EC9795105B8BF785BD63115C160955E7EFF74B995D3EC288138D1825A3 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:30:31.0941 0x18a0 pcw - ok
09:30:31.0947 0x18a0 [ 48F3A3222CF340FE31535CB6D49C6D6F, 5F8904871219FA6C1BD74747583855B0FBCE42F340A3BE10270D8D3F02766E9D ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:30:31.0958 0x18a0 pdc - ok
09:30:31.0975 0x18a0 [ E2F8376F9731D12A009C522036C6073A, 5B8B68D3C013AAA8ED368C97042984C35E8D023542DBA404E7A03E89F2357E66 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:30:32.0011 0x18a0 PEAUTH - ok
09:30:32.0011 0x18a0 [ 1398A85E59698067CBBE1D66A9C13ADF, E3609F183068BFAED756B2F9237181D60A6F6D78691248B8BF5B0AEB6A367E3D ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
09:30:32.0035 0x18a0 percsas2i - ok
09:30:32.0040 0x18a0 [ 35F7C7AD709D909D618D9EDF987FC3ED, EE713E33688E74C5A2546CC58EBD8EA8F8116F25E42DCF8DA21DCBC7C7590E0E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
09:30:32.0055 0x18a0 percsas3i - ok
09:30:32.0088 0x18a0 [ 0DAF7B7D85F7AF38E29161460899C63F, F2609F2BD02C714857F5D5E6EF580643429C54E175AA72D38467F8F3A4E7F59F ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:30:32.0090 0x18a0 PerfHost - ok
09:30:32.0129 0x18a0 [ 8C5737B889752EC37B49D730C24FB80B, 0101AEBE3870B59BE69DBF20FDD307BEDB10A6DB21750E57B9BD3B1961386979 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
09:30:32.0176 0x18a0 PhoneSvc - ok
09:30:32.0185 0x18a0 [ 940BD7A32391F325A1A4285F91FAF7AC, A0FE4B8705B268E1978D9C66EB39B3DBBCB2A70F02F380C7062FE72E92DDF964 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
09:30:32.0205 0x18a0 PimIndexMaintenanceSvc - ok
09:30:32.0240 0x18a0 [ A546F72EFFE5CBBC98003A0CA19DA0F8, 89AE396676A37D851F46427E421E8E8ED5B4BADC33023F1E215CC352A4110F44 ] pla C:\WINDOWS\system32\pla.dll
09:30:32.0303 0x18a0 pla - ok
09:30:32.0311 0x18a0 [ 15BA68662CED4B0618010A54478E18E5, 1B913BFA7AA11F3A82D80E95FC4857B810D341F9E68545710F90EBE44DAC1DF8 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:30:32.0330 0x18a0 PlugPlay - ok
09:30:32.0334 0x18a0 [ 6BF7093B27EA90FD9222845D19C1BE5F, CF8A6764BB6B369258F21FD303E4CAE08632195620A0BD66B62F62F5D7B762B8 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:30:32.0348 0x18a0 PNRPAutoReg - ok
09:30:32.0359 0x18a0 [ 334131C162B118EF49930D41B0E17825, 10EF08870B6E118AED2E0E3F45E06BA8A485439823BE98F44E34E7D2B65AA2EF ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:30:32.0382 0x18a0 PNRPsvc - ok
09:30:32.0393 0x18a0 [ 5A91C28F99043215121499257468C4BD, 816D2AEBA29B8A050747E01CE11EB12A05C1CDDF91835C44BBB6A7B9D348B15A ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:30:32.0420 0x18a0 PolicyAgent - ok
09:30:32.0427 0x18a0 [ AE3B1056FC1795F18D990C4908A6ECBF, 1C41F7714EBF54DF358D9B19D6AFE7281D3EABE20038B568A12031B76E1D50D9 ] Power C:\WINDOWS\system32\umpo.dll
09:30:32.0444 0x18a0 Power - ok
09:30:32.0451 0x18a0 [ 5BA6B9AD03B81546BA64E488C4EF9D17, C43442577685FA1A7C32094B2F14FC92BA6B511FD9FDBA6FD82473A1B165FC61 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
09:30:32.0468 0x18a0 PptpMiniport - ok
09:30:32.0537 0x18a0 [ 959F94AD1255BC749884EDDD14EC29C4, 2CD6DA9778EA36FA0B4080F6DB1C634712238E014E47546403CD3CDB35A1DCA8 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:30:32.0670 0x18a0 PrintNotify - ok
09:30:32.0679 0x18a0 [ 21AECFF3EB5748CBE12538A2500EFDE5, A1679F21363E99E3698B9C6F7E7E3BB2877D47089BC381AF0C51B1DD8B24325B ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:30:32.0694 0x18a0 Processor - ok
09:30:32.0705 0x18a0 [ A08AAC62EF7A1E291B3E895B5864BB86, 340E6648F9A5F4B7543FDEC5BDAFBDA3DE319B8F998FF2EF60D02EE5EF3D56CB ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:30:32.0728 0x18a0 ProfSvc - ok
09:30:32.0735 0x18a0 [ 596FB6C5A72F34B7566930985E543806, 870B43783DB4CF845FA72BC5E40CE76BE6DFC66FE9E9B4B0A52D6B7FE7EA65FC ] Psched C:\WINDOWS\system32\drivers\pacer.sys
09:30:32.0750 0x18a0 Psched - ok
09:30:32.0759 0x18a0 [ E84F66BA185934C166F8DF0FA8F88455, 2E0380E98DA29B3F43FB3FE0E1ECA52B3C9AEF54CE982D5514F70FAE81758449 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:30:32.0783 0x18a0 QWAVE - ok
09:30:32.0787 0x18a0 [ CFBA9C976CBF6796E5DC39EF59984021, A1C956AD828FC70ED92D702516E0F88A4BDAF8C93C571D7CA20F1695FD8E70C2 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:30:32.0801 0x18a0 QWAVEdrv - ok
09:30:32.0804 0x18a0 [ 7B2AD8C55217B514C14281AB97B4E21D, A1E295897B864B9C0177FF1C502EB060084A1783C0E7E53636291F901C2E2AA8 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:30:32.0819 0x18a0 RasAcd - ok
09:30:32.0824 0x18a0 [ E15A9CE1E2E7D1C8DF97A4FC1FFE6289, 44B53418D6BC51ACC567CF6917A0981889B44AE420489C9C03F5A30418B37267 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
09:30:32.0846 0x18a0 RasAgileVpn - ok
09:30:32.0853 0x18a0 [ 2976970887157CBB05747CBCD0793354, 43499D90B6340BD679CA51FDAB4ABCD0CF7E995367876716B7879422D206D677 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:30:32.0872 0x18a0 RasAuto - ok
09:30:32.0877 0x18a0 [ 381B8F2311A0375676B635EA5E7C8AB0, F64697F75894844E72F260E9E88CCFE6B882BC89F6124DCA187771A29C3EF929 ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
09:30:32.0898 0x18a0 Rasl2tp - ok
09:30:32.0900 0x18a0 [ 3655D86C5E2982B131FC0935DE24F98F, 0386B31FECDDED77450609A807097B2307361CB59B236DEC41037BDC95897463 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:30:32.0950 0x18a0 RasMan - ok
09:30:32.0955 0x18a0 [ 3369023EB5790A75BA7DABA14B75D922, 36B63D5B74FDC932AAF1A876514024602D2F3EAF2CA33D1247CBA1E52FDB0418 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:30:32.0971 0x18a0 RasPppoe - ok
09:30:32.0977 0x18a0 [ 1E32A8CD65C4AD0A827CFEB13034DA29, 5D9A92E13020D994CCD39F701BACAFE2177A40A9CC89649441B91E3F3DECD911 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
09:30:32.0997 0x18a0 RasSstp - ok
09:30:33.0009 0x18a0 [ 2B648363E4C5E34B469C58596F377DD9, 30F82770468BBA562CEA0E9E39B24ACEFBE022343D0180C82E2ACE8957B73E44 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:30:33.0028 0x18a0 rdbss - ok
09:30:33.0034 0x18a0 [ D0221C13960E274CC539D72D5A842ED0, A5A961506B9D7429D97D0635FD69E74736C0E8405487E1D22BB5CD978A60044C ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:30:33.0046 0x18a0 rdpbus - ok
09:30:33.0053 0x18a0 [ 1DC2CC74B51E4DC4CD5A20C1021E4010, 46B7D17EE27439F2191504D1C6F6C70B2540BD4F2261DBB1F4BE783BEA99B04C ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:30:33.0069 0x18a0 RDPDR - ok
09:30:33.0076 0x18a0 [ 177DF954D0DEC0465A380C75F6E7F65F, 6B30C78223029BD5DBA586BF961968F85762209BA55CD031460A215B20F93AB2 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:30:33.0086 0x18a0 RdpVideoMiniport - ok
09:30:33.0090 0x18a0 [ 5D1680871054D2B0B8A971BC8AB3B837, 9CAB0B2E3857829D34A82A78B120D07E292D4D5060168D964295EB23339B7DE7 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:30:33.0109 0x18a0 rdyboost - ok
09:30:33.0131 0x18a0 [ 341E6830DA70F65730300DAB4CB0B490, 341EC8DB5E39963EF89E726F08730AFB2356C3BAD71CCE9EECCAB4D9B31C4863 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
09:30:33.0167 0x18a0 ReFSv1 - ok
09:30:33.0170 0x18a0 [ 8355BCA85B0928382DFCDD02FCD1681A, F306F038DA09C8D2095C311818E2F991B55BCD96B40B95D2A53A60EA6AC37014 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:30:33.0210 0x18a0 RemoteAccess - ok
09:30:33.0210 0x18a0 [ 2C82F4DCABAB389CEBB1C9E86C715C9C, 70354621D3D467616A419A818C54D2C89EA013C5050BA9944E3A7A4F25CAD6BA ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:30:33.0239 0x18a0 RemoteRegistry - ok
09:30:33.0262 0x18a0 [ AD43141CE6D5074DA1D28B5BCD4E4507, C1A9AA856DD4FEE00BBA329C150E0CBCD1CE13ED0BB7B4AC9B152321CD854212 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
09:30:33.0301 0x18a0 RetailDemo - ok
09:30:33.0320 0x18a0 [ 60BFD9EE962C87747A0EB648634281ED, 3E8610F597405944BFD42EE8C397818850BC7D97ACC14AC43B6E3632A1FB916C ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
09:30:33.0343 0x18a0 RFCOMM - ok
09:30:33.0349 0x18a0 [ 176D8470B15CD9080861594F9A33FA01, CFB66D7FEB9465985C2866D64EA03B7E7BE830DCF6C02B3FE2244D7F7E5343E2 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:30:33.0364 0x18a0 RpcEptMapper - ok
09:30:33.0368 0x18a0 [ 1A563653DAEDFE4CA81936E0D2FD8B56, 308B0DFEBA63333D407093C449A08ABFECE118C9274100809356BDAF7FA32EB6 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:30:33.0370 0x18a0 RpcLocator - ok
09:30:33.0402 0x18a0 [ B339861C6A2A86FBCA67C2006B461473, 228ADC8A8603C0A4342C6CBC6F2CC919271D42391365061AF660E0D7151C66A4 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:30:33.0431 0x18a0 RpcSs - ok
09:30:33.0447 0x18a0 [ 0AC5FCDC29ED97ECDEF1276425EE2059, 8A12D1732D4AA18A9ED8416F4D4A49B81CE7C4C86ABCEE8FF28A16EA61993CFE ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
09:30:33.0467 0x18a0 rspndr - ok
09:30:33.0479 0x18a0 [ E377E1F54FDA4BAFF4414E8364C760FE, C11E8BCC424A0FE3B4CDF29C3AC0145F4A086E9C99F7E380F17890542F3E1C66 ] RTSUER C:\WINDOWS\system32\Drivers\RtsUer.sys
09:30:33.0500 0x18a0 RTSUER - ok
|
|
30.12.2015, 09:42
| #5 |
| | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines KontosCode:
ATTFilter 09:30:33.0504 0x18a0 [ 044890BB0D6CF1E23C1087234D320509, FA6C79D24BE4ACCFAC617D2850B922BFAA7C2766AE625C725F3ACF43C934EFAF ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:30:33.0514 0x18a0 s3cap - ok
09:30:33.0519 0x18a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] SamSs C:\WINDOWS\system32\lsass.exe
09:30:33.0530 0x18a0 SamSs - ok
09:30:33.0536 0x18a0 [ 530F797129776AA7E81994783A97E2AD, F131EF036702C6E741E5A6851AE07E81043CE8BAEED0768838C0F31CE14FEC1A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:30:33.0553 0x18a0 sbp2port - ok
09:30:33.0561 0x18a0 [ 0C12493B333B96797AFC5F3C7831C051, BEE786D7ED14221B1A9450060597393AC44116D776B913E045B5F6066D720F74 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:30:33.0570 0x18a0 SCardSvr - ok
09:30:33.0590 0x18a0 [ 40110802D217FE1CB581D9A70B1FD16F, CCB920593CCC6663676039F3F731536DFEF535C3F715F6DB6F34D0D733BEF89B ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:30:33.0613 0x18a0 ScDeviceEnum - ok
09:30:33.0618 0x18a0 [ 9B6B1D4DB35A3D9BEAF023BC95E1F49D, CA44124CA3E9958FB77A891CD234A993B63E8AC6632AE801CDEC6666267E7C7E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:30:33.0621 0x18a0 scfilter - ok
09:30:33.0641 0x18a0 [ 5A459E0585FF3A980D10604B6D4BA03D, 3DF9CB96258A44458DF98EA4C6D57342D1207B7BFB94174461B347BE3B5CA317 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:30:33.0704 0x18a0 Schedule - ok
09:30:33.0712 0x18a0 [ 4E9158CECF77A029AB98E8FBB43FCED5, AFF8BDB8F8F8DDF4FC0D65712E031DC360856CD3CE5C8A4C8FF960388F37462F ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:30:33.0733 0x18a0 SCPolicySvc - ok
09:30:33.0742 0x18a0 [ E1137E39C3BB3EF9AF2243745D901D60, 0BE86E4E48DA6D25AF0E71F09E55A5C4E525C61831EDC5135DEB240CCD02335D ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:30:33.0759 0x18a0 sdbus - ok
09:30:33.0767 0x18a0 [ 811EC0B1221402FCED0BA37E112BF627, 366EB8AF04C603BED6CF53652CC937099B247D5DD8C58D699D0D8DA22F8FDD51 ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
09:30:33.0785 0x18a0 SDRSVC - ok
09:30:33.0791 0x18a0 [ DE6D7DC78D956928F59F7415A0F41E13, C0F8EEED29BF63A0D8FB5A0286C1C768BFEF598EC52715D910B5BB1A76231805 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:30:33.0804 0x18a0 sdstor - ok
09:30:33.0808 0x18a0 [ 286450F698EBD81A8AC1B22CF6BABF11, ED05C2723FCD399FD085AE7AB1178D24F9745A4F31DD711DE896D15412B82BA2 ] seclogon C:\WINDOWS\system32\seclogon.dll
09:30:33.0823 0x18a0 seclogon - ok
09:30:33.0828 0x18a0 [ B7B9EEBCB7466338403A75D15AC120D7, B8F79DA71F8CD0F30983F7D92B625A431C212DD543DE2B3DC03EC5A68C41B00D ] SENS C:\WINDOWS\System32\sens.dll
09:30:33.0846 0x18a0 SENS - ok
09:30:33.0875 0x18a0 [ D14DD7D766664F880FECF44CE6017966, ECF966E3ACF4EBD5A3259468A076619A539E35F1B97AB6A98FBD7882F1FBBBAB ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
09:30:33.0943 0x18a0 SensorDataService - ok
09:30:33.0952 0x18a0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] SensorsAlsDriver C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:30:33.0971 0x18a0 SensorsAlsDriver - ok
09:30:33.0981 0x18a0 [ A74C62AE99A015CD6275F0D8D8843886, DF08E0BB1160E054C6B000BC5F62DEF77C6D9E4B5679AD013C313BA14207B589 ] SensorService C:\WINDOWS\system32\SensorService.dll
09:30:34.0006 0x18a0 SensorService - ok
09:30:34.0011 0x18a0 [ 7363A65C738F5A5292D7BDBE55D8C3C2, C53C10A0AE58613DFCC91E62E004D9B188E4793C2A19B4BE871A705EEE77048E ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:30:34.0030 0x18a0 SensrSvc - ok
09:30:34.0030 0x18a0 [ 67585C295FF2D221679E376B68893B35, 4B5E9A8DA8C6F7B1F7129F80A0603503D467E5650306FB4C309977D74037E46B ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:30:34.0047 0x18a0 SerCx - ok
09:30:34.0054 0x18a0 [ B8C4852CBCAAC1374C08EC7445443824, DDE577A81B3E11B5B56096317BC47AA6E286573042407B96A9D29BE981F3FA4D ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:30:34.0068 0x18a0 SerCx2 - ok
09:30:34.0072 0x18a0 [ D3A103944A8FCD78FD48B2B19092790C, 252DB8395DA8639E748658D3BE7863C1700E27AA5C41BB700CFCE193FE3F04E9 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:30:34.0089 0x18a0 Serenum - ok
09:30:34.0094 0x18a0 [ 88D58E1DAA6C5062DD3A26273106961F, D1E2FF37C888245BD0BABCD7C6B76AD5A87415B68FEFE37B5FA29AE3342AE50B ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:30:34.0108 0x18a0 Serial - ok
09:30:34.0110 0x18a0 [ 0F5B43074AE731D2C6F061241C9D84A6, 05CFEB30A4FC11441552D37687608C8C2FD6DC2F2266AE9D6526753E26283DE6 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:30:34.0110 0x18a0 sermouse - ok
09:30:34.0140 0x18a0 [ CD90E445F6458512A5BA884D561EFCF1, E792FAB8AFF4126C1977024060842D788A06475139782896AFD7B39C85FCDF3F ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:30:34.0167 0x18a0 SessionEnv - ok
09:30:34.0171 0x18a0 [ D9FE59276BD56A9643C32D5FACE2F251, 591862D868A545F468496DE97DEE42C9DB3AFBFC0881CBA79EB6641A254AF033 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:30:34.0171 0x18a0 sfloppy - ok
09:30:34.0197 0x18a0 [ 2C7B006EB0B5479ED389D0CA5DE6AB83, 2E7C6E3E99A2668CB361A31567A4DB81021530E78213B39983D14197DB72E43C ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:30:34.0211 0x18a0 SharedAccess - ok
09:30:34.0243 0x18a0 [ AE6E4D3172FBF45B944668CB3998B8A8, E7D7F98CB464C236A17069987F7B678D7688D9D577334151EF09DF5C6F22AFFC ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:30:34.0285 0x18a0 ShellHWDetection - ok
09:30:34.0289 0x18a0 [ ABBE803FE0BDAE0E5BE74DDEFBE62F23, 5009F489F7A6D66628C23A0FA3D7632399D0AD72BD11A1B70D7E768ED507377D ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:30:34.0298 0x1840 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
09:30:34.0308 0x18a0 SiSRaid2 - ok
09:30:34.0313 0x18a0 [ 6043DF55CFE3C7ACF477645FA64DEA98, 0E18EF8EC589841BC319C17FBABA7383FD247C9441ABF64A0D830976F3E611AE ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:30:34.0329 0x18a0 SiSRaid4 - ok
09:30:34.0334 0x18a0 [ B922D32039A3B5991E64429EC4EE52A9, 5EB7EB1F6D2C25F06044D8CA9F3BA0471FB40C8C96432BDC2C80CC36DC49BA0B ] smphost C:\WINDOWS\System32\smphost.dll
09:30:34.0352 0x18a0 smphost - ok
09:30:34.0367 0x18a0 [ 0BA53B01A02848A1545E2A743FF17B2F, ADAD55B9E0172BD7FBA92C5CD4870419FE9EF16F907DA1EEF2A9AE6492DE1909 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
09:30:34.0390 0x18a0 SmsRouter - ok
09:30:34.0407 0x18a0 [ 0B6BECB2651EF947249CDC3715E8B9CC, EB7281AF3529DE16FE8CD0C0C0C8877641865A5864D58628DBAB865B510B0D0B ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:30:34.0410 0x18a0 SNMPTRAP - ok
09:30:34.0442 0x18a0 [ 1A6CB30F0EFC1632E6F1B852CA892583, 0E6BDCEE837AEC3D02C437478143C75550C94A50E36895DDB095F54A2FA18E2A ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:30:34.0467 0x18a0 spaceport - ok
09:30:34.0473 0x18a0 [ E1C158F6C00359278727A2CEE5D2ED71, 1591F942C6DD99D3BA7FD4D72D957864117B2263F205468A15F1D1417C6F799D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:30:34.0487 0x18a0 SpbCx - ok
09:30:34.0506 0x18a0 [ DC520253EC32B515E7792DB05DB43EB2, 8A614286522CA637EF0D58F79143146D5FB40DCD0CA1333752989BCD51DE00C0 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:30:34.0546 0x18a0 Spooler - ok
09:30:34.0707 0x18a0 [ 7C58AFEC26E9F7730A8AA7FD40225937, 546EAD8889F2A1BB6DCCB7781976B975F34DA1C9047F95FEAA52CF38EC60C6DD ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:30:34.0987 0x18a0 sppsvc - ok
09:30:35.0011 0x18a0 [ ACC1709EC7FE6EB8999DBC91C50C2B34, 83ABF51751A264291C53A32B86239A607361E56CB045CD2CBE6E41DBB8A01F54 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:30:35.0046 0x18a0 srv - ok
09:30:35.0068 0x18a0 [ AFBCFC946FAE7483E27BD316D03F94A5, CC9478EA717E85C38304957E923997821DFE2A995D7C8DF98C15267D952BEFBE ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:30:35.0126 0x18a0 srv2 - ok
09:30:35.0138 0x18a0 [ 107C1EBE79710E4A759449BD6604245A, 963D693F4E61EDC7B3AA9006CC274D56E577CE0035A61DDB2A6DE72116D5C52B ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:30:35.0166 0x18a0 srvnet - ok
09:30:35.0176 0x18a0 [ 8C1786C073A496B8C0C8A5450A4FFD5B, 13BF3B42A63CE6C461259D4CE767FB0DE1F10433512A11D2B2C033E36E652542 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:30:35.0207 0x18a0 SSDPSRV - ok
09:30:35.0216 0x18a0 [ 217A982201052EFC8C3C0C88D229791C, 11509E3446ED7B75C9A05CDC4A7AF18926CB463E0D98BAE1CD5DB43E88F94F90 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:30:35.0243 0x18a0 SstpSvc - ok
09:30:35.0253 0x18a0 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
09:30:35.0268 0x18a0 ssudmdm - ok
09:30:35.0333 0x18a0 [ 58863C57E4598C4F9DA967C5C36CFA5D, BB34FBC324E84E05128258CE3755241ECB63F7F2AE7F96716AC373931FAF92A8 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
09:30:35.0444 0x18a0 StateRepository - ok
09:30:35.0454 0x18a0 [ CCDA497C880AD16D87EDFAEFCFB2EDF5, 622599AA35ACFF0375DA252210BE42E7E90F30EDFEFF2F62FDB14AE6E45B5F88 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:30:35.0470 0x18a0 stexstor - ok
09:30:35.0486 0x18a0 [ 75476CAA8FA0A4E573948CDE8C7F0304, 68C4405CACA77AEED71761875A9AF60BCFBDD39E356BEA1BA8226E099BAA5FA4 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:30:35.0521 0x18a0 stisvc - ok
09:30:35.0527 0x18a0 [ BF8EA6FC3358C2F69678E3E94F764F84, D274DAD7B5756DD49CA44277C73497F1EC465C8E365CC730CD194932C3825920 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:30:35.0540 0x18a0 storahci - ok
09:30:35.0545 0x18a0 [ 32FF460DA8C1F370F5C08B7654899B73, 0C9D5D38D033109BA672ABAFEF0F0CD295E9FFA108ACFCA9044429D9B2CA9057 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:30:35.0561 0x18a0 storflt - ok
09:30:35.0567 0x18a0 [ CC21DB3EF619B9480FE31A4EFE92CBEB, 256EFCA2F231F41D34250E1460BF88894D943EAE83A0B153FCADE700AB4DE11E ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:30:35.0579 0x18a0 stornvme - ok
09:30:35.0585 0x18a0 [ 390B8A75768E2689586539C224520895, D72F52E6D7AC5DC318FF9C1DF1F4E8A435D65B6BB59D7F1642222EC026BC54DB ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
09:30:35.0600 0x18a0 storqosflt - ok
09:30:35.0615 0x18a0 [ B1305CDD98D5FC49863279D4B51DB510, 4B745E8D14591CA69429CA579467B9528B94C54EBD2FCFD446000C9C1BCB3B07 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:30:35.0648 0x18a0 StorSvc - ok
09:30:35.0654 0x18a0 [ 770A92D9D3A0BF61C97C3AFCB36847D9, 21A8CC3F8E63B971C4FF8DDED5C7032E093A7B0F16E2128A9BD2E890BA76A1D9 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
09:30:35.0666 0x18a0 storufs - ok
09:30:35.0670 0x18a0 [ 736A2418E3E7F3DB3CF6EB0A55D1D581, 2D3BBC4E0C7B51EDE7479A978E4BCD5F47A7257745179F01D2D9ECFD83CCCC82 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:30:35.0683 0x18a0 storvsc - ok
09:30:35.0686 0x18a0 [ FA8F6E3AD3F92B35D2673CC9FD20429C, 62F81CBACF7E16FEF9DE3BE95FA5C9BDB51BAE4667AE5AE71399864A390FF6D5 ] svsvc C:\WINDOWS\system32\svsvc.dll
09:30:35.0703 0x18a0 svsvc - ok
09:30:35.0707 0x18a0 [ BD98B0225BCD49E8A62F4F8EE1D1F613, CDAD11969B2DA417079547724BECC3DB4FC4711B3C01590EB0D02774B69B6D90 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:30:35.0721 0x18a0 swenum - ok
09:30:35.0734 0x18a0 [ 22E539A9B96C66A713583EC017562616, 210DA61DFC7AA9AD23277D9CC0239B781F4EABD322D0803AEC9434D68B81FABD ] swprv C:\WINDOWS\System32\swprv.dll
09:30:35.0766 0x18a0 swprv - ok
09:30:35.0773 0x18a0 [ CAE4B27B469C583131EA5AAE622F5D76, 3979006EB22489D1AAD2EC2E9F32C286EEDCDB83B37B97E58BA831263EC33B84 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
09:30:35.0787 0x18a0 Synth3dVsc - ok
09:30:35.0812 0x18a0 [ 34A3EB84B2A830E6F450B8F885AE4E6E, E61AC6D17B815CB71F26D71CA3CCAFD9E66A170E3ED2E64A4F20D097A0C683B5 ] SysMain C:\WINDOWS\system32\sysmain.dll
09:30:35.0866 0x18a0 SysMain - ok
09:30:35.0878 0x18a0 [ AF2C8D7C1D4DCFD5C31501F009DF42B7, 3DDF9353F014EE99B031BBC969620CA07647FBB8D78EB4697C8D633021B46B11 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:30:35.0902 0x18a0 SystemEventsBroker - ok
09:30:35.0909 0x18a0 [ 6979A147C0D5C5CAB621ADC394D32B80, C30B8E3D271A1591D965559EA4A11A1BE63A34D832ED53B26CE91799C888DF77 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:30:35.0927 0x18a0 TabletInputService - ok
09:30:35.0932 0x18a0 [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901 C:\WINDOWS\System32\drivers\tap0901.sys
09:30:35.0945 0x18a0 tap0901 - ok
09:30:35.0951 0x18a0 [ C3551EAD202937423422E91E25B996B9, 714BBADEB88788D93C480A2411E44796CA1006FB5CF3E73A46BCFA23EFA3681E ] taphss6 C:\WINDOWS\System32\drivers\taphss6.sys
09:30:35.0963 0x18a0 taphss6 - ok
09:30:35.0973 0x18a0 [ 86B62FC8CB89946446F9B24FE49A66FD, 7B095310D1C78B82E5ACAC4713E101DD1323A3CF6FB39218C2E78ABE2B0385B5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:30:35.0997 0x18a0 TapiSrv - ok
09:30:36.0040 0x18a0 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:30:36.0115 0x18a0 Tcpip - ok
09:30:36.0151 0x18a0 [ 892F30506DCCF230C5A57019C1D8D31B, 52C83A963E2D05770B6A281E8E559C8203E102D6B4C9C37801B1F58CB4B92D2F ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
09:30:36.0229 0x18a0 Tcpip6 - ok
09:30:36.0239 0x18a0 [ 17F37EC9042D84561C550620643D9A85, B01620BA319A1383D403E6E50C7724879520F3267654556D975CAFFF91A82C78 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:30:36.0240 0x18a0 tcpipreg - ok
09:30:36.0263 0x18a0 [ 91D3F2A6253EF83EFBD7903028F58C4D, C15768CCCF734093B0F8A5E76882B35927B716E4F14D91ACEE897E1C078D43D1 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:30:36.0281 0x18a0 tdx - ok
09:30:36.0285 0x18a0 [ E730D0EB1B84EBC98423FC8D285EDBC0, 442DD433F9D22304E64EC7ACFC4E04892D4D92D8AC545A3530FC932A2EEC4767 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:30:36.0300 0x18a0 terminpt - ok
09:30:36.0324 0x18a0 [ 14307D4801C8CEF0A615907C09E886B3, C7F34C294D70DE689F673E0B5E9253B27EFEBBE6FA38B68B3B0B0374A896407E ] TermService C:\WINDOWS\System32\termsrv.dll
09:30:36.0371 0x18a0 TermService - ok
09:30:36.0378 0x18a0 [ D009D1BC14FD5F2AC93D1878735F6C39, D8BCE505B66E05BC00075E46B38359CA4D0FA484EB7981A74221885E8A1FFB87 ] Themes C:\WINDOWS\system32\themeservice.dll
09:30:36.0401 0x18a0 Themes - ok
09:30:36.0410 0x18a0 [ 5F27DE2082E16D4C1D6C627C8ECBD341, 08DA3EB3EF2B2006B6F9F2C8C149DF55DE6738975D556206A814096CAB5C1411 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
09:30:36.0436 0x18a0 TieringEngineService - ok
09:30:36.0451 0x18a0 [ FC971E1D1B5900C231591A7720FCD8B8, DF58C350977019E4A8F381FB35702E9BEA89F6A8C6BF36C56376D36BC8FE630F ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
09:30:36.0483 0x18a0 tiledatamodelsvc - ok
09:30:36.0490 0x18a0 [ 4BA0AB760971A0109A3442BD8B4F9AA0, 681171ECE155B7B1048525AA9BF14E4FDB437EE6BD91B6C5C9FFE122757D6BEB ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:30:36.0508 0x18a0 TimeBroker - ok
09:30:36.0515 0x18a0 [ 169B0A246067457FEF8A18EED7EED9D5, BF5AC0CB29E1E456253B881CD0608B578D7343E9DFE1738A14598D1DFFE1AB66 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
09:30:36.0530 0x18a0 TPM - ok
09:30:36.0531 0x18a0 [ AA84AF93CE5AF1F05838B51D20295419, 85B3EE773C691EEDFA080CD9C59D31CB58A5BC577AEE91A929F5DFBE1368AB6D ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:30:36.0552 0x18a0 TrkWks - ok
09:30:36.0558 0x18a0 [ E50DD57F496CED8873FA3E7D38BCCD42, 36B95F6F2CF48078C6B19FB452C87BB07E95C8804A5C6B526D349AC6227CAB26 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:30:36.0574 0x18a0 TrustedInstaller - ok
09:30:36.0580 0x18a0 [ 48E828C66AB016E48F2CB4DD585315FD, 063809B610F6B177B65D62D12605FB94F108DB26A9FD3067E6D6C51F0D92E774 ] tsusbflt C:\WINDOWS\system32\drivers\TsUsbFlt.sys
09:30:36.0580 0x18a0 tsusbflt - ok
09:30:36.0600 0x18a0 [ 267C76EE60736EA5A1811A53FA02AABE, 28D4C4CB972534204B8336D0403B70E4EFE4F8369ABDE7401FFCCF7D4E3EA165 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:30:36.0616 0x18a0 TsUsbGD - ok
09:30:36.0620 0x18a0 [ 8CE72F094B822AD5EE9C3A3AFC0C16B6, 827CCD849544E1DA364B03DBC82A848D2F93AD32BA14ED52709C609BC70CE5CA ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
09:30:36.0646 0x18a0 tunnel - ok
09:30:36.0651 0x18a0 [ 1A9A77ACDAC29C39F50D2A492FD0DB16, E21F2E2BA6EABE0F6B5A1930DDB2CE5A921389A58C08A2D3F66D245E8698E6B4 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
09:30:36.0670 0x18a0 tzautoupdate - ok
09:30:36.0677 0x18a0 [ 42C546414F80BD6C0137FC3A106F8A69, 067FFCAF0059935851888BD984E848E4E1A6CC1941A8F4534067CCF0B2A3B2E6 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:30:36.0692 0x18a0 uagp35 - ok
09:30:36.0698 0x18a0 [ 1686DBC81748B096232B15F16C302985, 63D72D1838C42A95599AF3C0B19A069E310ADB091208011D7D6FBAC968D1A59A ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:30:36.0714 0x18a0 UASPStor - ok
09:30:36.0718 0x18a0 [ 3995CC3DEDED258768B8EBC2F4C0DC73, 130E99EF13EB494B8BB6A8E037DD8D59C195190EA3C27CA9E3A695AF4349DC7C ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
09:30:36.0736 0x18a0 UcmCx0101 - ok
09:30:36.0739 0x1840 Object send P2P result: true
09:30:36.0740 0x1840 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
09:30:36.0741 0x18a0 [ 1C95F7CE37D9EFB90EBE987A9712356C, B9EE7743ADA50276F05D735C5C29E44039D630A7DC93766A0EAF400DA037E4AF ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
09:30:36.0750 0x18a0 UcmUcsi - ok
09:30:36.0766 0x18a0 [ AED081772091C98173905E2DF28C223B, 08541CF3354EBB634BD590E0019128F70A6FCA9075B7E785A9E9BD82EC234DD3 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
09:30:36.0787 0x18a0 Ucx01000 - ok
09:30:36.0791 0x18a0 [ DCA34A111C29E4578DF2B8CEA3C7CDBD, 86BCE4C8EC228724D5896067A85A4768B6069D10A482ECC51A8F828DBD3880C9 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
09:30:36.0791 0x18a0 UdeCx - ok
09:30:36.0815 0x18a0 [ 718A956AE00CE086F381044AB66CC29C, E4EED1600C72CECE1D4507827C329A93D356BBA027470FCF6C4B5C1651DED643 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:30:36.0839 0x18a0 udfs - ok
09:30:36.0841 0x18a0 [ BA760F8E66428BA9FF1E8BFBC6248136, BE7DCBB293B12672CB3653E640C46F669BD738D320F34F4FA4A26F6B248561F0 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:30:36.0841 0x18a0 UEFI - ok
09:30:36.0862 0x18a0 [ 5F0D997E6FC5A418D7673148CEF72887, 6C142CB8F06E5958045451253C9188CE876A84D08266FFD7F64AAE09964D8431 ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
09:30:36.0877 0x18a0 Ufx01000 - ok
09:30:36.0883 0x18a0 [ 2B1DABA97DDF5365FC66EE7DEDD86A13, 2FF3355862938B37EE63FCA149415CE5032BF54747B07517BB21460733B65AD8 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
09:30:36.0897 0x18a0 UfxChipidea - ok
09:30:36.0940 0x18a0 [ DB630FC660443D63EBAB2C830C298EFE, 7698772FF9C988DF752DF3FAF1B154E923EBA425B92F288ABB6EF0805ABD3296 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
09:30:36.0950 0x18a0 ufxsynopsys - ok
09:30:36.0967 0x18a0 [ 63451BD694651307254B8DD37A3D79C7, C781E2D876AF42D5972CCDCF86B7A59F6AF8AF0C6350647F3FA1B209119B5EF9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:30:36.0984 0x18a0 UI0Detect - ok
09:30:36.0989 0x18a0 [ 6DE78C04BF32ECA7AF3064F53687C9A5, 164D3BB24EBA3EAF613799928063FE75220A4E583D985F53A895017782C18600 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:30:37.0001 0x18a0 uliagpkx - ok
09:30:37.0007 0x18a0 [ 67D1E0E6E4D5D33AF0AEF0E33B4DA0F4, BA2E6F16B6B3B54C943F1E7B9F79A6D1332A7ED228D754CC5AE70E3CD78B1F37 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:30:37.0021 0x18a0 umbus - ok
09:30:37.0021 0x18a0 [ 11680607944A719EF20E0E740785712A, 1567C2B3AAD702DCC2DC9C6B7B92EE5B681C06701A39DAC3AA7E2BE9E1E04F47 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:30:37.0037 0x18a0 UmPass - ok
09:30:37.0046 0x18a0 [ FD949725D9EB52C0B87435CDE1134668, 96E2B3D3379E9AE225E5A4C5251207F1E7DA573901F4F026758EDE9FAEF4F2C5 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:30:37.0067 0x18a0 UmRdpService - ok
09:30:37.0095 0x18a0 [ 87E291D9CC3ECE9AA56ABFD8063C4050, 781958969DB79454C91156473B4DA363F6D540D99974C2924ED81604CF45C3E0 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
09:30:37.0140 0x18a0 UnistoreSvc - ok
09:30:37.0166 0x18a0 UnlockerDriver5 - ok
09:30:37.0180 0x18a0 [ B85A8CF2BE74DFF1E80097AC94584112, B1DBACC33A4143FEE2CF54E567590A69580312AD7A053BCC85B487C4D451FBDA ] upnphost C:\WINDOWS\System32\upnphost.dll
09:30:37.0210 0x18a0 upnphost - ok
09:30:37.0210 0x18a0 [ 2410A0C20D21A25E6C01979FA886BE90, DD3F92D8CF110D47B9E36BA0EB10EB34C0FDD28FE0D57E4B60F9326703388F75 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
09:30:37.0232 0x18a0 UrsChipidea - ok
09:30:37.0237 0x18a0 [ 6E59CE43B6BA5AA1ADCF36A4DBBB92BB, 647D66775A90F67D803043DE8C8AE8BC2F7A042A8DCF9C95BF5458C79609481B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
09:30:37.0248 0x18a0 UrsCx01000 - ok
09:30:37.0252 0x18a0 [ E8A59FA109A22FC07E44BDFCC9727DBD, 0DC5928C0FF7E5B38917660D6EFECCC22172DB0BB9B23216F33E750790529C16 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
09:30:37.0260 0x18a0 UrsSynopsys - ok
09:30:37.0260 0x18a0 [ D8A44550ECE102B6443F5D54DCE7DAB3, 97F5AE7B17DAC4A4F3186C77116BC8E49874FB0018C99D8E2CDA29D89E8B0912 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:30:37.0290 0x18a0 usbccgp - ok
09:30:37.0290 0x18a0 [ 66B3D22DAB5312FF238ABF5C6D9F8FAB, 4A644AFC1C27D692D352BEB8801398A00EA5B4055476063AF905A0A46DDBF8BB ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:30:37.0311 0x18a0 usbcir - ok
09:30:37.0317 0x18a0 [ 3E4F20DB902D2E2914F3FF3DB9772200, F3D32BE06A26164B5F6E8DB67160D1DBBDC6D14666EEF84EA43C78CB7706E31C ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:30:37.0329 0x18a0 usbehci - ok
09:30:37.0343 0x18a0 [ 41F7F00D76904416EF1F9EFA1A4C37A2, 7A4250EB2E2E0037B3AE1480C13B229ECFF5C575E68E4F934EE011DB1833B46A ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:30:37.0374 0x18a0 usbhub - ok
09:30:37.0389 0x18a0 [ 12A0B486EA13DF46C27B90CC2CE92FE5, 643D8B906F02FBC0802B3468C24D6C6A0BDB07FEA894B68E0F404AB5287C4409 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:30:37.0400 0x18a0 USBHUB3 - ok
09:30:37.0400 0x18a0 [ DAB35CCA86F5FBE77D870A40089BC4A1, 4A47D59D882D0F2B93F2EE7F10995E7D68B58009434E2CBD04C659E0D1F059D8 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:30:37.0420 0x18a0 usbohci - ok
09:30:37.0420 0x18a0 [ 21162F65C7756AAECAEBED9E67D0A5FE, DE3B43964171DB5B0464DA5E7A674A5D200A8695E6EF1AE2030681066ABA2688 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:30:37.0448 0x18a0 usbprint - ok
09:30:37.0453 0x18a0 [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:30:37.0465 0x18a0 usbscan - ok
09:30:37.0470 0x18a0 [ CA6369870F91F3D367D26278E0AD0DDF, 651B97E73AFC615C80DE2076872DEB49DCD775B5C9988AB4AC0A0162DAB09F70 ] usbser C:\WINDOWS\System32\drivers\usbser.sys
09:30:37.0484 0x18a0 usbser - ok
09:30:37.0490 0x18a0 [ 37C2CD8587BF7F785381EB7B26916B52, E8F65BF7BBDEF82BD97629921A1148304CA44DCD03E079E28D75D04244B71C39 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:30:37.0504 0x18a0 USBSTOR - ok
09:30:37.0510 0x18a0 [ 8B3E458A8851F9A3B2109B1680EE1159, 753AC8F82F65564F00EA2F60B43E4B815FEAABE0DA35B6356210A5F4B1CA3EFC ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:30:37.0525 0x18a0 usbuhci - ok
09:30:37.0533 0x18a0 [ 4B13B61CBB9CC3CB373C60B930D648F5, C79D10A1BF2B6BF141DD37A90BCCA0E1F2AF31B5028BB21537A8EE6EED630F5B ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
09:30:37.0551 0x18a0 usbvideo - ok
09:30:37.0551 0x18a0 [ 325727F01F03C504CF788618A13DC266, 9F685113F714ADBC6DCD423CCD205F71E00D1AA9B5DD045B95E61E53B0F8E9AF ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:30:37.0581 0x18a0 USBXHCI - ok
09:30:37.0610 0x18a0 [ ED06681482E0B9B4D573684CD5FB18F5, 1CCFBD37F8B895900B860AAF107130C5890C01F5327A4AEBB910F6B2BB0BA61D ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
09:30:37.0674 0x18a0 UserDataSvc - ok
09:30:37.0702 0x18a0 [ CA902510DAF327CCFA59BCBFC00B3BAE, 3282993B28B64E2D7D4C94E5B2643431C96BF1AB30B48C30BED565F457D02B45 ] UserManager C:\WINDOWS\System32\usermgr.dll
09:30:37.0746 0x18a0 UserManager - ok
09:30:37.0757 0x18a0 [ 05F4CB5991D897E4253BF61FA5E828F8, 25B5B6751B4455491E9A050DF5C12F788B5677F70FB4844E0BF851090AC1F74C ] UsoSvc C:\WINDOWS\system32\usocore.dll
09:30:37.0783 0x18a0 UsoSvc - ok
09:30:37.0787 0x18a0 [ 889459F1FDDC5EC58B437AA6C436F33F, 8ACC32C88D81943A8A90FDAF4772C3EDE06CAB5F489F59525BEA7AAB99DAAE73 ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:30:37.0791 0x18a0 VaultSvc - ok
09:30:37.0791 0x18a0 [ E1BE37312785A71862516F66B3FD24CE, D248C513DBEACB192653C6E46809209F341771B146544BBF43B86369280B4F8B ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:30:37.0813 0x18a0 vdrvroot - ok
09:30:37.0830 0x18a0 [ 67A6E949395A09914AD8B38FE14B8D15, 593F2FAA880B2E0468F98BD58B5214A170E5890907B25294D7A47C66505A3D45 ] vds C:\WINDOWS\System32\vds.exe
09:30:37.0868 0x18a0 vds - ok
09:30:37.0877 0x18a0 [ C0BB7F0C789AC778549DCC20B18A8DC0, 6C985B008488EB9766C4CE6709C37AF6ECCEDA7A69EB45627B1871D891D925DF ] veracrypt C:\WINDOWS\system32\drivers\veracrypt.sys
09:30:37.0897 0x18a0 veracrypt - ok
09:30:37.0905 0x18a0 [ E42C0F2850735FF9D908B9DB581E6314, E2204A56BF37FC57CD2ED96E3F908882D72B4BFF1BFB97C5172C851F1E4F9650 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:30:37.0920 0x18a0 VerifierExt - ok
09:30:37.0930 0x18a0 [ EC15FD6A28757793E2DA394CD94ABD52, DC758BBEE9C6952D7B3F7171EF67B037B4068E88189A2C4A894122D1D1209468 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:30:37.0964 0x18a0 vhdmp - ok
09:30:37.0968 0x18a0 [ D0C9632C350F46786643A069251BC249, CF65BA0D3F3D2B821C10E2D4F53F5B6BF6236CA9767419392A561CFA79254C3B ] vhf C:\WINDOWS\System32\drivers\vhf.sys
09:30:37.0980 0x18a0 vhf - ok
09:30:37.0985 0x18a0 [ E886CB75DA2B6EB35469EF10135624C7, 3AFC59A0709B984F517A918D5BBEBEB1C80001BEC87C133447DCEAEDE00E516D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:30:37.0997 0x18a0 vmbus - ok
09:30:38.0001 0x18a0 [ 46D2EC27820EC0F798F85821E53C2942, D298A7D6AC16F76A069F843C8DD323ECB340D361733CB9B076BCDE8FC5F1FEFC ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:30:38.0012 0x18a0 VMBusHID - ok
09:30:38.0025 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
09:30:38.0054 0x18a0 vmicguestinterface - ok
09:30:38.0067 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:30:38.0092 0x18a0 vmicheartbeat - ok
09:30:38.0100 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:30:38.0120 0x18a0 vmickvpexchange - ok
09:30:38.0141 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:30:38.0166 0x18a0 vmicrdv - ok
09:30:38.0178 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:30:38.0204 0x18a0 vmicshutdown - ok
09:30:38.0216 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:30:38.0240 0x18a0 vmictimesync - ok
09:30:38.0240 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
09:30:38.0279 0x18a0 vmicvmsession - ok
09:30:38.0292 0x18a0 [ 9AFCCEBFC4D311B62EF0C5457FBB405C, 965736DD97D7BF23AA62D4DFB4563534B252E26C66A3FDD1461024FD2315C53A ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:30:38.0318 0x18a0 vmicvss - ok
09:30:38.0323 0x18a0 [ B9265F47E7A354BAAA0AF5CBA3F8F7CE, F836E7BEDC7CAB1C01225164D171A0210D8F909F52992E4C0BF3C92B365BCD52 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:30:38.0335 0x18a0 volmgr - ok
09:30:38.0340 0x18a0 [ BEE9C8B72AB752B794F69C2B9B3678AA, 49A5093C26F3CDCD60577F7F2D7F936C7B2BD010B27F2C49A7B6AA41E42DF98D ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:30:38.0361 0x18a0 volmgrx - ok
09:30:38.0378 0x18a0 [ E1F91A727A04C9F8199D04FF3BBBF63C, 076CAEE621DBF7DE24ED92BA239C440879FDB674CF3213DF3E35AEC03D0D2031 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:30:38.0399 0x18a0 volsnap - ok
09:30:38.0405 0x18a0 [ F7B1B1101271E31F43CC76E890704F51, 2282D82B220C3D13FF980ED8E40443C83816D3DA9557EACEA137873F92BB9CF4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:30:38.0417 0x18a0 vpci - ok
09:30:38.0424 0x18a0 [ D48ED0A08BD2FD25A833E6AC99623091, 6CA7580878D3893E14B4938023A00CDFC9BE215A0CE4ED59A94F95DFD9FDF4D8 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:30:38.0443 0x18a0 vsmraid - ok
09:30:38.0475 0x18a0 [ 4CF5A1E0C4FCA956ACD6C654E2A8610E, 57F3C7200C25E8717AF92AF2ED7615C6605179D3514B432220FA6EA94CAB4F2E ] VSS C:\WINDOWS\system32\vssvc.exe
09:30:38.0539 0x18a0 VSS - ok
09:30:38.0540 0x18a0 [ 6990D4AFDF545669D4E6C232F26DE1FB, 9B8F99A035188FD96BA79E935E8EF387BEA2223ECA0B74CF64AB993DABAA5722 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:30:38.0575 0x18a0 VSTXRAID - ok
09:30:38.0581 0x18a0 [ 1EE11F0508C58EF081F4176E66D6970B, 9069B3FC8850C7CF617909C6DBFC3753FEB59A9E708379CC57190F4097FB374E ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:30:38.0594 0x18a0 vwifibus - ok
09:30:38.0600 0x18a0 [ 938E4EF58E42D252B742B0E243011B90, AC0C21FBAF15924CB271CA43ACB7A86287936C78B4852BCFC59EC7EC703E036C ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
09:30:38.0616 0x18a0 vwififlt - ok
09:30:38.0621 0x18a0 [ 3BE5AAC930447FD18D4A8255A2FEC95C, A517357188FE4A5BD98A3CDB2165ACCE96CCE4BE2B90DDBEAF70B6DDF393F506 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
09:30:38.0636 0x18a0 vwifimp - ok
09:30:38.0650 0x18a0 [ 48C1A256591297C43ECFC4E30D144EAA, 8E66833ED2CEB6D7E499EB2E4282B4F9DFA28B6D21757BB88EC52FD069D7FACE ] W32Time C:\WINDOWS\system32\w32time.dll
09:30:38.0686 0x18a0 W32Time - ok
09:30:38.0693 0x18a0 [ CDA9A00B16808D7A5BBB66287B89EE21, B25F98F26B0153E5DD5C744539CB6ACAFAA13E0F7B5D140C1844158B79BC9006 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
09:30:38.0700 0x18a0 w3logsvc - ok
09:30:38.0717 0x18a0 [ 00C27B64C758C111E5D78A70DE6CA2B6, C99761B9B671B3A1FF1C52796CCA3F4F825BF50D9657D13B551E849CDD82055D ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:30:38.0720 0x18a0 WacomPen - ok
09:30:38.0741 0x18a0 [ D76D1AC4F2C642D09A68227D129A4726, D14D6C4D94E9660848C74B220359683D91A4A3D70750E781A20B6D86D46794CE ] WalletService C:\WINDOWS\system32\WalletService.dll
09:30:38.0761 0x18a0 WalletService - ok
09:30:38.0761 0x18a0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:30:38.0793 0x18a0 wanarp - ok
09:30:38.0798 0x18a0 [ 8CB53620B2C2F0641DD7563EA0FDF491, D62FE75C908409A54949F0E3C39558DC7A8F11AF7496ED7B0872D80D08CB67A7 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:30:38.0810 0x18a0 wanarpv6 - ok
09:30:38.0828 0x18a0 [ 1430B095A4DF52C04BDBC31C861C9324, B686C97D13CE966D44A7695BE78A4501F96CF8E69B24AFFE6C8E643132BB8861 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
09:30:38.0858 0x18a0 WAS - ok
09:30:38.0891 0x18a0 [ 2598BBF11C9E7D0885DCA52E7FD5BCBD, 46B1FB080A2CD88C89A0EB8BA2594A1FA2C341ED77A6C6835CBFFE42907FAC55 ] wbengine C:\WINDOWS\system32\wbengine.exe
09:30:38.0957 0x18a0 wbengine - ok
09:30:38.0975 0x18a0 [ 6950271D0C75A33BD05F7155EF1B2DD4, C6959972D490710CA7539EA8F51B5CC1FA64FF9799242075719C4FD394B6F9C7 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:30:39.0000 0x18a0 WbioSrvc - ok
09:30:39.0025 0x18a0 [ 39E07EE74F50C39C1EB315152F03199C, 053562C2656A76265AE09045952A4C9473BE2B4426D9ECC1A025ED4BC204AC25 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:30:39.0050 0x18a0 Wcmsvc - ok
09:30:39.0071 0x18a0 [ 53A036CED1270F2459E708A05922FD49, 2F281A72E4B0408DE6C8153F5988C9AA38591FB1E72558767D389637D0666A85 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:30:39.0103 0x18a0 wcncsvc - ok
09:30:39.0107 0x18a0 [ 965B6197A659782B6A0F68411A180AAD, 5541AB78B71E4FA655BCBF2D80D574B2A3B4AA8871F65D26620BDE549FA5459A ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:30:39.0122 0x18a0 WcsPlugInService - ok
09:30:39.0126 0x18a0 [ 069D3D6E20AD753B34FCE856F0436869, CF8C12295DDAA56E7350019AADBA533D7857CFB3F20DEE14E557963645A9331B ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:30:39.0137 0x18a0 WdBoot - ok
09:30:39.0156 0x18a0 [ 6CC727E94CD84E9720FDCDA8089CABCC, BCF66056B06DED6BC2D329E910FCD3E685D627BAD3B5D7F4B0E970B45CD9CEF4 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:30:39.0184 0x18a0 Wdf01000 - ok
09:30:39.0195 0x1840 Object send P2P result: true
09:30:39.0195 0x1840 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
09:30:39.0195 0x18a0 [ E3E97151A1D1E87BB2D5371F66C5F169, 0ED0B9852FE0533816F5EE2F06045B3964A00FD749A7011DB3C663AB6FA369E2 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:30:39.0219 0x18a0 WdFilter - ok
09:30:39.0225 0x18a0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:30:39.0244 0x18a0 WdiServiceHost - ok
09:30:39.0249 0x18a0 [ 75DC67553051103547B693898CB32D08, 4FCF2C3DBBE85461364B1F3A3F3629B52C8664487D30142D15937A4C96EF6A8F ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:30:39.0268 0x18a0 WdiSystemHost - ok
09:30:39.0285 0x18a0 [ E70DDD8E2245CC67547B0861983912D8, 64C73B1496FFF1F6BB3D877CB5BE54DE35C303AE234B11FC90038DC4F73241D9 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
09:30:39.0320 0x18a0 wdiwifi - ok
09:30:39.0320 0x18a0 [ 07B043160399AF4009054E2EA3464BF4, 8D652D7CD75F8FB2B5414155355F0C970015914E1AC6522DBB8387BB8662F542 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:30:39.0341 0x18a0 WdNisDrv - ok
09:30:39.0341 0x18a0 WdNisSvc - ok
09:30:39.0357 0x18a0 [ 9972D395DBD05D91DA5EDADEB9325680, 9382D846793F285721A1A0FED42F914035A53D856B902FADB0B7144C471BDA91 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:30:39.0381 0x18a0 WebClient - ok
09:30:39.0389 0x18a0 [ B6BF579761489720BCE787F723F596E5, 879B17F6A4F23F5E85A09126B7B407955DDCEB1BA4A8FFC0A418B7F47311C056 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:30:39.0411 0x18a0 Wecsvc - ok
09:30:39.0416 0x18a0 [ 10C9CF8771A2A87F575F9FB56821474E, 15E3DFFE9CF6777F67E426ECF797D2DF743EA152DEE336DCC9C2F92A0E6EB9A3 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:30:39.0433 0x18a0 WEPHOSTSVC - ok
09:30:39.0438 0x18a0 [ 357C083FE35D030D991D163AAF622A06, F301852D49DBDEF0D28F56CD74CBDC71CA003EBD07D3F46EA5C870DC1BD07896 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:30:39.0459 0x18a0 wercplsupport - ok
09:30:39.0466 0x18a0 [ 2235AF716D15D9DFE4C59DC2AC0C440C, 2DCFCEBEA77E7E40CEF9A785BE1A794B390B36E40FBCF49B494F9CEA3F6A28C4 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:30:39.0488 0x18a0 WerSvc - ok
09:30:39.0495 0x18a0 [ C11272713719922DE5711094333BD166, 61D4F07E02AECF04964FF51EEA31069A2B0EAA549AD2B29B5FD3E1E6BB543593 ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
09:30:39.0508 0x18a0 WFPLWFS - ok
09:30:39.0514 0x18a0 [ 205A1FAE910F5C493D236245850BB62A, DBA4D1D734BAA3CDEB8A7F9C81A8DAA88CEA55AF5C4C5908E76FB8E522C5EC8A ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:30:39.0521 0x18a0 WiaRpc - ok
09:30:39.0521 0x18a0 [ EF536C54AB9281FDC4E83B07279FCFC4, 22E4F133170682EE14413CA8FDC2DBE73AB31960D6ACB728A6B398229FDDFD3B ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:30:39.0550 0x18a0 WIMMount - ok
09:30:39.0551 0x18a0 WinDefend - ok
09:30:39.0551 0x18a0 [ D8966A76408107224C6013993135DD78, 6159F69BC26FF817078E68C70E6DFC9075FEBF9EF9F4F046C7A65BC377544AE6 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
09:30:39.0574 0x18a0 WindowsTrustedRT - ok
09:30:39.0579 0x18a0 [ 8B102A7B6CE326FD4208CC7C2D183343, E47C1D76CBFD2A382C3A7BB048D752FB6DD4616FADDEB1C3ADD5DDAE149742AF ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
09:30:39.0589 0x18a0 WindowsTrustedRTProxy - ok
09:30:39.0610 0x18a0 [ 1859EEE0BAFDF8F20B7B3C40708B1CD3, C17792B9B41D384751A601A3B2CC3C35089257C6D4B63FC5CC0ABC7A34814688 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:30:39.0648 0x18a0 WinHttpAutoProxySvc - ok
09:30:39.0654 0x18a0 [ 4A53441C1C4D2878BEF27E381138BB2D, C221E74491E6FD2AF472B53876B46788D5CF62F4E645457F3B3816FD0ED2BAA1 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
09:30:39.0660 0x18a0 WinMad - ok
09:30:39.0682 0x18a0 [ 1033C37122C7404C3B926ADF84874832, 163B3A7112F13AE7BB2655A28C6B19AF9B263F2AD2FF1B75314BE3E2B9118903 ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:30:39.0702 0x18a0 Winmgmt - ok
09:30:39.0755 0x18a0 [ 703D0F62C5AA4D08EE8756516C0D125D, 02015A5E62490C11EC968160C528C2AFD1D7194AACA27F407B06EB462657511F ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:30:39.0850 0x18a0 WinRM - ok
09:30:39.0850 0x18a0 [ 260907CE034FE327AC99BDA4153AB22F, B96501F43248713C2E153B9D22B78D51412A3C6989A2FB5F53A406C6CDC98D30 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
09:30:39.0879 0x18a0 WINUSB - ok
09:30:39.0884 0x18a0 [ 40A3E8D729F458B2C9A8BD9380FF83D5, CD42FFC138969EF8C9588FD113F0B9A98FBA282D46A5B6BCFA765F55ED6E97A1 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
09:30:39.0901 0x18a0 WinVerbs - ok
09:30:39.0950 0x18a0 [ EF0A5EFFBC78F7677D3591BB58AC5A52, 0860B9D0F1A1FFE14F1A0FDFD3B66C90CED90092D9CF9AA35D6D6D088E2DC4A9 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:30:40.0040 0x18a0 WlanSvc - ok
09:30:40.0089 0x18a0 [ 58A8B8B2A343829602AC105F66988583, 46D142A3A7D74F6383B8D7E642E796535CE15BEDAF82AEFB4BEF46F0355411FD ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:30:40.0172 0x18a0 wlidsvc - ok
09:30:40.0179 0x18a0 [ 8F010BF65238F3F822D22BA12831796E, 2CA830F259B742D2F5CDD0437960BF512D40FB4A4C2342E3BABB38D468F79694 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:30:40.0191 0x18a0 WmiAcpi - ok
09:30:40.0201 0x18a0 [ 74ACA5A7880C1F0BB9D60E32E1705A70, A89817BCCBFF94D7394614DA81D1C6C4F53AF47A539E674EEF6DC3FC496BF702 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:30:40.0219 0x18a0 wmiApSrv - ok
09:30:40.0222 0x18a0 WMPNetworkSvc - ok
09:30:40.0230 0x18a0 [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:30:40.0245 0x18a0 Wof - ok
09:30:40.0288 0x18a0 [ 4090C6738AA92B428220857B4D44F638, 4A3EE47494051E5BA8393F2AC8226EF434DA3AA1895CF4BADC9BC1BC378647C6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:30:40.0366 0x18a0 workfolderssvc - ok
09:30:40.0372 0x18a0 [ 22C52D7EE7C7D0E02C8EFD8CAE8E3A71, 126605A12CEC9CC07DE3050F12E43CECABEAF0D00DF12300AF70F34700F7FE8E ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:30:40.0384 0x18a0 wpcfltr - ok
09:30:40.0389 0x18a0 [ D282ECA35ADAC7A93D6B4943E775010B, A76A9698A95646FA63AC18DFFA02B744D7C6043934CBF6C37832ED2E6B21F570 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:30:40.0405 0x18a0 WPDBusEnum - ok
09:30:40.0410 0x18a0 [ 1C08E424CBDD5065BB7266F8C048C1B1, 0452C85EDA6CBAB75C2617886C5D8117ED25D91F1BE0F8377B08D55B6629B028 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:30:40.0420 0x18a0 WpdUpFltr - ok
09:30:40.0424 0x18a0 [ 2C6EEFFBB7FB1C51CCD3737C77AB9109, 8C2ED309FAF4312512E7BCCBBC51B1353603A3499077A1DE21991F0692AF1620 ] WpnService C:\WINDOWS\system32\WpnService.dll
09:30:40.0431 0x18a0 WpnService - ok
09:30:40.0431 0x18a0 [ 638B43D39A3D0B47024555CF1095E6F1, C7EA0A6ED227A5256EB02CA76FEC538DF196B8DC38DA2A567757D2B221C9473E ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:30:40.0457 0x18a0 ws2ifsl - ok
09:30:40.0465 0x18a0 [ FB45052D7C13963465DFF8D56746B10B, 21B0DC0D383061CEF079586AE8E2FD5E8BBA22B8494666F14D5A8591275943E5 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:30:40.0471 0x18a0 wscsvc - ok
09:30:40.0489 0x18a0 WSearch - ok
09:30:40.0568 0x18a0 [ A904D7950ED275273357AA7B1EAE445F, 0E41EA26A923FCE7072CC7DDDDB852E54C95992E01A79C67D1D544B1CB1E18DA ] WSService C:\WINDOWS\System32\WSService.dll
09:30:40.0674 0x18a0 WSService - ok
09:30:40.0730 0x18a0 [ C2D78B6667E0341802C4F38E9C02F93D, D2639EF935C5C5BCFECF1BDACC1BA480786A810084EEB62B7C5A0E57618FCCE1 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:30:40.0811 0x18a0 wuauserv - ok
09:30:40.0826 0x18a0 [ A928F25CB62232F413EE655352856E10, 1D2B278A24DDDE8792ADE7649FF90A98E186B79F13AA296C30E4180293BE906A ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:30:40.0840 0x18a0 WudfPf - ok
09:30:40.0840 0x18a0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:30:40.0865 0x18a0 WUDFRd - ok
09:30:40.0871 0x18a0 [ 1336DA39FE006EAB2733CA4DE5B3560C, F0D6C71ADCB66D4D14EC6D09FD43F5521A3A8CA53F248DFD01696FB4F033BE77 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:30:40.0880 0x18a0 wudfsvc - ok
09:30:40.0880 0x18a0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:30:40.0912 0x18a0 WUDFWpdFs - ok
09:30:40.0919 0x18a0 [ A932391623D5CEC4EF4A2A17D3CEBFCD, 54AA17F385347DED262BDA84F2D99106DC5D9BF8765D647BD76265356193BDFA ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:30:40.0938 0x18a0 WUDFWpdMtp - ok
09:30:40.0965 0x18a0 [ 2D7E3C2913AAE063774795E6790BCC48, 686CF1CE1CF2553236E0983CBF283D841FB5FBB998C33D97FBB5D7A83EF83867 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:30:41.0018 0x18a0 WwanSvc - ok
09:30:41.0041 0x18a0 [ 7443938BC4B8DCE1D8E6C51BC3F9DBFE, F2D41BFB2303AEAE39A33E6873A9C07DEF9090CA6D5602B2D232C59D1899D620 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
09:30:41.0086 0x18a0 XblAuthManager - ok
09:30:41.0112 0x18a0 [ FACC53D144952319038FAE7442FCC045, 8BCA4ADC5162FC12AF2A88A8A570DA9DAB80AE9B62C873A2121EBAF8AA9FBA98 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
09:30:41.0164 0x18a0 XblGameSave - ok
09:30:41.0173 0x18a0 [ 80BC02A73A3949A7AEF34791206C7D7F, 41E547EFC722D3E01CD8E261FA233D8C799FC59A9C5320B7FD65B09831373CDB ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
09:30:41.0193 0x18a0 xboxgip - ok
09:30:41.0219 0x18a0 [ 69E727F94BEA64E66C284F3C482F33E6, B3E0F287E7A251E0FC17C41089C45737027E54F0213BDE847356AC882B4D3700 ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
09:30:41.0274 0x18a0 XboxNetApiSvc - ok
09:30:41.0280 0x18a0 [ 1F1EF8E701859581251B52035C1C1CEF, 3A7D3EC619A7F45FBB04EDA6963E3C55DC50358CF2D71ED66EE4BB07ACC0EE3C ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
09:30:41.0292 0x18a0 xinputhid - ok
09:30:41.0320 0x18a0 ================ Scan global ===============================
09:30:41.0320 0x18a0 [ D923EC03E24F7633DED3F2D46AD59A28, C635DB4483E24BE0188583E63B06D0F37BDE7AD944E4D0246A7D19CBC3EA3A6B ] C:\WINDOWS\system32\basesrv.dll
09:30:41.0320 0x18a0 [ E2899695BD30B5F93EC626EBBEF2CB69, B190D2903A109D2C146D881F90769060A0E971942F4AA61AEAD81861032D89C3 ] C:\WINDOWS\system32\winsrv.dll
09:30:41.0343 0x18a0 [ 09E92888FFF86F3334E59778724DCA6F, 2344763B52395EF565A9DE5F55BEDCA026AD2E8072FFD06F826BF366B3BA2AB4 ] C:\WINDOWS\system32\sxssrv.dll
09:30:41.0356 0x18a0 [ 2AB2C72D88CE2BC73E6F708D0B1A9657, 8DF9D8C83BC2078D88FE7B2E9CDD5ABA9A2075F40D30CD344595DA217ECCCB3B ] C:\WINDOWS\system32\services.exe
09:30:41.0366 0x18a0 [ Global ] - ok
09:30:41.0366 0x18a0 ================ Scan MBR ==================================
09:30:41.0368 0x18a0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:30:41.0399 0x18a0 \Device\Harddisk0\DR0 - ok
09:30:41.0402 0x18a0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:30:41.0459 0x18a0 \Device\Harddisk1\DR1 - ok
09:30:41.0460 0x18a0 ================ Scan VBR ==================================
09:30:41.0463 0x18a0 [ DB9A9F40051E6B69DEA5DAEC8A243EFC ] \Device\Harddisk0\DR0\Partition1
09:30:41.0464 0x18a0 \Device\Harddisk0\DR0\Partition1 - ok
09:30:41.0466 0x18a0 [ B895DB604A7198C443F738AFC60A75DD ] \Device\Harddisk0\DR0\Partition2
09:30:41.0467 0x18a0 \Device\Harddisk0\DR0\Partition2 - ok
09:30:41.0469 0x18a0 [ A5787CEE6F1E805B2E389D113CDC16DC ] \Device\Harddisk0\DR0\Partition3
09:30:41.0469 0x18a0 \Device\Harddisk0\DR0\Partition3 - ok
09:30:41.0472 0x18a0 [ 7CAAAA5EF7CE987446EB5FE9416949F7 ] \Device\Harddisk0\DR0\Partition4
09:30:41.0474 0x18a0 \Device\Harddisk0\DR0\Partition4 - ok
09:30:41.0477 0x18a0 [ 75FCD1DBB0F30C378CD8139EC236A779 ] \Device\Harddisk0\DR0\Partition5
09:30:41.0478 0x18a0 \Device\Harddisk0\DR0\Partition5 - ok
09:30:41.0480 0x18a0 [ B6EE3E507E26D128B9F23D4A10A693E0 ] \Device\Harddisk0\DR0\Partition6
09:30:41.0482 0x18a0 \Device\Harddisk0\DR0\Partition6 - ok
09:30:41.0484 0x18a0 [ 4442C0A6C04745FB6E5882AD4133A05F ] \Device\Harddisk1\DR1\Partition1
09:30:41.0484 0x18a0 \Device\Harddisk1\DR1\Partition1 - ok
09:30:41.0487 0x18a0 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition2
09:30:41.0487 0x18a0 \Device\Harddisk1\DR1\Partition2 - ok
09:30:41.0488 0x18a0 ================ Scan generic autorun ======================
09:30:41.0491 0x18a0 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\Windows\system32\rundll32.exe
09:30:41.0513 0x18a0 Logitech Download Assistant - ok
09:30:41.0535 0x18a0 [ 8802D3239441C08BF1F8A20E3457AE25, 277F1DBBC907F0E69C6FDB494D1D084FE9C18DE77E1C5E52395A964B0AA85EA1 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
09:30:41.0558 0x18a0 cAudioFilterAgent - ok
09:30:41.0580 0x18a0 [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
09:30:41.0629 0x1840 Object send P2P result: true
09:30:41.0629 0x1840 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
09:30:41.0657 0x18a0 SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
09:30:43.0990 0x18a0 Detect skipped due to KSN trusted
09:30:43.0990 0x18a0 SmartAudio - ok
09:30:43.0997 0x18a0 [ 1837EDFE746F910B0FFF4B86C2DB2B5E, D18223B7AA539491D2735B67D140EE5196D5F3B022B698E83F1E3FB20D114E9E ] C:\Windows\system32\DptfPolicyLpmServiceHelper.exe
09:30:44.0006 0x18a0 DptfPolicyLpmServiceHelper - ok
09:30:44.0065 0x1840 Object send P2P result: true
09:30:44.0067 0x1840 Object required for P2P: [ 4764D299855174D6B5C7DA853B490029 ] avipbb
09:30:44.0068 0x18a0 [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:30:44.0147 0x18a0 NvBackend - ok
09:30:44.0156 0x18a0 [ 0DCB89B1F3689BC6262FF30BBD603171, 594E6E07BC6B161469848A477F28211B70E759A8D369276810F622EE00D97783 ] C:\WINDOWS\system32\rundll32.exe
09:30:44.0179 0x18a0 ShadowPlay - ok
09:30:44.0244 0x18a0 [ 07CF5B01CD55D63E986B63D63539C32A, 88DC0B9D534E570F96D6D6938C99660B7EA19B4C2AF3E6DF261C60915DEDAC5C ] C:\Program Files (x86)\ASUS\APRP\APRP.EXE
09:30:44.0370 0x18a0 ASUSPRP - detected UnsignedFile.Multi.Generic ( 1 )
09:30:46.0040 0x1ce4 Object required for P2P: [ 7C58AFEC26E9F7730A8AA7FD40225937 ] sppsvc
09:30:46.0490 0x1840 Object send P2P result: true
09:30:46.0490 0x1840 Object required for P2P: [ E477AF94ACCCF99A0E56D71D450DCCCB ] avnetflt
09:30:46.0680 0x18a0 Detect skipped due to KSN trusted
09:30:46.0680 0x18a0 ASUSPRP - ok
09:30:46.0721 0x18a0 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
09:30:46.0744 0x18a0 avgnt - ok
09:30:46.0749 0x18a0 Dropbox - ok
09:30:46.0760 0x18a0 [ 793D7221E5EC69EA615349A13B702B8C, 1545C9634A6599FE4B35419B1B40932797FE2E7DF0B5F27D6698810CC075CF86 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:30:46.0780 0x18a0 SunJavaUpdateSched - ok
09:30:46.0960 0x18a0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:30:47.0180 0x18a0 OneDriveSetup - ok
09:30:47.0351 0x18a0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\SysWOW64\OneDriveSetup.exe
09:30:47.0507 0x18a0 OneDriveSetup - ok
09:30:47.0581 0x18a0 [ 0DEEC48955C21BE596C5D9907A0707E7, 5F6E321B00DE7A56048B7E9389D314B59AB11DF47691F5C9734B084213E8BC20 ] C:\Program Files (x86)\Gyazo\GyStation.exe
09:30:47.0651 0x18a0 Gyazo - ok
09:30:47.0669 0x18a0 [ 77C01F1850E55373280A1B865D824F58, EE1535A11A49BF578FC4D00096508FFD0C4E20EC164B3ABB92ED6E2800F831C8 ] C:\Users\Nils\AppData\Local\Microsoft\BingSvc\BingSvc.exe
09:30:47.0684 0x18a0 BingSvc - ok
09:30:47.0706 0x18a0 [ 44A9229022A519ED45294A1934C05EEC, 6DEF0DB5F9B50E9B0AFEE1CF50066BEB4FB7E15E2DC829A499509925660D6992 ] C:\Users\Nils\AppData\Local\FluxSoftware\Flux\flux.exe
09:30:47.0734 0x18a0 f.lux - ok
09:30:47.0740 0x18a0 [ 0A81DF13C4AEAC053C0DCE6240DC05D4, 13900D6FA1E9221236E79567DB0C6143AB7FECD4431CA295C33A039D1170E06B ] C:\Program Files\CyberGhost 5\CyberGhost.exe
09:30:47.0764 0x18a0 CyberGhost - ok
09:30:47.0765 0x18a0 Waiting for KSN requests completion. In queue: 462
09:30:48.0491 0x1ce4 Object send P2P result: true
09:30:48.0495 0x1ce4 Object required for P2P: [ 34A3EB84B2A830E6F450B8F885AE4E6E ] SysMain
09:30:48.0766 0x18a0 Waiting for KSN requests completion. In queue: 441
09:30:48.0919 0x1840 Object send P2P result: true
09:30:48.0928 0x1840 Object required for P2P: [ A403DAE4B083EB96BC6CEDB47639B4F8 ] HTTP
09:30:49.0776 0x18a0 Waiting for KSN requests completion. In queue: 309
09:30:50.0088 0x1558 Object required for P2P: [ 793D7221E5EC69EA615349A13B702B8C ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:30:50.0777 0x18a0 Waiting for KSN requests completion. In queue: 306
09:30:50.0939 0x1ce4 Object send P2P result: true
09:30:50.0947 0x1ce4 Object required for P2P: [ C0BB7F0C789AC778549DCC20B18A8DC0 ] veracrypt
09:30:51.0367 0x1840 Object send P2P result: true
09:30:51.0368 0x1840 Object required for P2P: [ 9A2A2F3C69B9A30B6E78536F6D258BAD ] iai2c
09:30:51.0786 0x18a0 Waiting for KSN requests completion. In queue: 239
09:30:52.0520 0x1558 Object send P2P result: true
09:30:52.0786 0x18a0 Waiting for KSN requests completion. In queue: 232
09:30:53.0402 0x1ce4 Object send P2P result: true
09:30:53.0404 0x1ce4 Object required for P2P: [ 4CF5A1E0C4FCA956ACD6C654E2A8610E ] VSS
09:30:53.0796 0x18a0 Waiting for KSN requests completion. In queue: 213
09:30:53.0800 0x1840 Object send P2P result: true
09:30:53.0800 0x1840 Object required for P2P: [ 59A20F5AD9F4AE54098154359519408E ] iaLPSS2i_I2C
09:30:54.0796 0x18a0 Waiting for KSN requests completion. In queue: 212
09:30:55.0797 0x18a0 Waiting for KSN requests completion. In queue: 212
09:30:55.0838 0x1ce4 Object send P2P result: true
09:30:56.0253 0x1840 Object send P2P result: true
09:30:56.0260 0x1840 Object required for P2P: [ 807A6636828E5F43C10A01474B8907EE ] MSDTC
09:30:56.0797 0x18a0 Waiting for KSN requests completion. In queue: 70
09:30:57.0797 0x18a0 Waiting for KSN requests completion. In queue: 70
09:30:58.0680 0x1840 Object send P2P result: true
09:30:58.0812 0x18a0 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
09:30:58.0814 0x18a0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x62100 ( disabled : updated )
09:30:58.0817 0x18a0 Win FW state via NFP2: enabled ( trusted )
09:31:01.0175 0x18a0 ============================================================
09:31:01.0175 0x18a0 Scan finished
09:31:01.0175 0x18a0 ============================================================
09:31:01.0182 0x0d6c Detected object count: 0
09:31:01.0182 0x0d6c Actual detected object count: 0
War wieder zu groß, deshalb als 2 Teile. Soweit ich das gelesen habe, soll man das ja lieber so, als z.B. ne .zip Anhang. |
|
30.12.2015, 19:00
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2  
Schritt 3 ESET Online Scanner
__________________ --> Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos |
|
30.12.2015, 20:20
| #7 |
| | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines KontosCode:
ATTFilter # AdwCleaner v5.026 - Bericht erstellt am 30/12/2015 um 19:10:06
# Aktualisiert am 21/12/2015 von Xplode
# Datenbank : 2015-12-30.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Nils ***** - NILS*****
# Gestartet von : C:\Users\Nils\Desktop\AdwCleaner_5.026.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
***** [ Internetbrowser ] *****
[-] [C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mystart.incredibar.com/mb178
[-] [C:\Users\Nils\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : bmkckgpgekmanipelfidlhmkfcjicion
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1568 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 30.12.2015 Suchlaufzeit: 19:13 Protokolldatei: Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.30.04 Rootkit-Datenbank: v2015.12.26.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Nils ***** Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 381098 Abgelaufene Zeit: 12 Min., 42 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=20f74cbf08159243a1e579622b90715c
# end=init
# utc_time=2015-12-30 06:16:12
# local_time=2015-12-30 07:16:12 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27426
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=20f74cbf08159243a1e579622b90715c
# end=updated
# utc_time=2015-12-30 06:32:01
# local_time=2015-12-30 07:32:01 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=20f74cbf08159243a1e579622b90715c
# engine=27426
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-30 07:18:57
# local_time=2015-12-30 08:18:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 5276625 5317280 0 0
# scanned=279901
# found=0
# cleaned=0
# scan_time=2815
|
|
30.12.2015, 22:00
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos Wir haben es geschafft! Die Logs sehen für mich im Moment sauber aus. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.  Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.   Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.  Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Kauf-Empfehlung:  ESET Smart Security Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Windows 10: Überprüfung nach nicht autorisierte Nutzung meines Kontos |
| administrator, antivirus, avira, canon, cid, computer, defender, dnsapi.dll, driver booster, ebay, explorer, flash player, ftp, geforce, google, home, homepage, mozilla, mp3, nvidia, prozesse, registry, rundll, scan, svchost.exe, system, windows, winlogon.exe |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
