| |
| |||||||
Log-Analyse und Auswertung: Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und ausWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
26.11.2014, 16:57
| #1 |
| |  Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Hab seit der Installation einer neuen WLan PCI Karte und der Abstinenz von 3 Tagen am PC (In den 5 Tage hat mein Bruder den PC benutzt, Bruder sagt Fehler war schon ganze Zeit da) folgende Fehler: Fenster Blinken ständig, Mauszeiger Ladesymbol erscheint andauerd (Auch wenn ich nichts mache), Computer wacht einfach ab und zu aus dem Energiesparmodus auf. Hab mal nach Prozessen im Taskmanager gesucht, auffällig ist das folgende Anwendungen dauert erscheinen und wieder verschwinden: WerFault.exe wermgr.exe bcmwltry.exe Hier die Logs zu Defooger, Frst + Addition Gmer sagt das er kein Zugriff hat. Defogger: defogger_disable by jpshortstuff (23.02.10.1) Log created at 15:59 on 26/11/2014 (Luginius) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. HKCU  AEMON Tools Lite -> RemovedChecking for services/drivers... -=E.O.F=- FRST: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 Ran by Luginius (administrator) on LUGINIUS-PC on 26-11-2014 16:15:47 Running from C:\Users\Luginius\Desktop Loaded Profile: Luginius (Available profiles: Luginius) Platform: Windows 8.1 Pro N (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2014-10-23] (Broadcom Corporation) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated) HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\...\Run: [Google Update] => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.) AppInit_DLLs: C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil64.dll => C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil64.dll File Not Found AppInit_DLLs-x32: C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil.dll => "C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil.dll" File Not Found ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x081B1B66F8EECF01 HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Luginius\AppData\Roaming\Mozilla\Firefox\Profiles\xdi5evnd.default FF DefaultSearchEngine: Google FF SelectedSearchEngine: Google FF Homepage: google.de FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH) FF Plugin HKU\S-1-5-21-1187133439-2445563951-4204365367-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-1187133439-2445563951-4204365367-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation) FF Extension: Adblock Plus - C:\Users\Luginius\AppData\Roaming\Mozilla\Firefox\Profiles\xdi5evnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-28] Chrome: ======= CHR Profile: C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-25] CHR Extension: (Google Docs) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-25] CHR Extension: (Google Drive) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-25] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-25] CHR Extension: (YouTube) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-25] CHR Extension: (Google Cast) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-10-25] CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-10-25] CHR Extension: (Google-Suche) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-25] CHR Extension: (Google Tabellen) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-25] CHR Extension: (Google Wallet) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-25] CHR Extension: (Google Mail) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed] S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH) S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2014-10-23] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) S3 AR5416; C:\Windows\system32\DRIVERS\athwx.sys [2811296 2012-10-31] (Atheros Communications, Inc.) [File not signed] R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-28] (Disc Soft Ltd) R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-25] (REALiX(tm)) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation) S3 GPU-Z; \??\C:\Users\Luginius\AppData\Local\Temp\GPU-Z.sys [X] U3 axlyrkod; \??\C:\Users\Luginius\AppData\Local\Temp\axlyrkod.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-26 16:15 - 2014-11-26 16:15 - 00013636 _____ () C:\Users\Luginius\Desktop\FRST.txt 2014-11-26 16:15 - 2014-11-26 16:15 - 00000000 ____D () C:\FRST 2014-11-26 15:59 - 2014-11-26 15:59 - 00000548 _____ () C:\Users\Luginius\Desktop\defogger_disable.log 2014-11-26 15:59 - 2014-11-26 15:59 - 00000168 _____ () C:\Users\Luginius\defogger_reenable 2014-11-26 14:16 - 2014-11-26 14:16 - 02118144 _____ (Farbar) C:\Users\Luginius\Desktop\FRST64.exe 2014-11-26 14:16 - 2014-11-26 14:16 - 00380416 _____ () C:\Users\Luginius\Desktop\Gmer-19357.exe 2014-11-26 14:13 - 2014-11-26 14:13 - 00050477 _____ () C:\Users\Luginius\Desktop\Defogger.exe 2014-11-26 14:12 - 2014-11-26 14:27 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-26 14:12 - 2014-11-26 14:12 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-26 14:12 - 2014-11-26 14:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-26 14:12 - 2014-11-26 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-26 14:12 - 2014-11-26 14:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-11-26 14:12 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-26 14:12 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-26 14:12 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-26 14:11 - 2014-11-26 14:12 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Luginius\Desktop\mbam-setup-2.0.3.1025.exe 2014-11-26 09:46 - 2014-11-26 09:46 - 00000122 _____ () C:\Users\Luginius\Desktop\Sixt.txt 2014-11-23 23:17 - 2014-11-23 23:22 - 00000000 ____D () C:\Users\Luginius\Desktop\Für dawid 2014-11-22 11:40 - 2014-11-22 11:41 - 00001098 _____ () C:\Users\Luginius\Desktop\matlab - Verknüpfung.lnk 2014-11-22 02:33 - 2014-11-24 09:26 - 00000064 _____ () C:\Users\Luginius\Desktop\Neues Textdokument.txt 2014-11-22 01:42 - 2014-11-22 01:42 - 00001272 _____ () C:\Users\Luginius\Desktop\Chromecast.lnk 2014-11-22 01:42 - 2014-11-22 01:42 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast 2014-11-21 19:57 - 2014-11-21 20:05 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\TeamViewer 2014-11-21 19:57 - 2014-11-21 19:57 - 00001194 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2014-11-21 19:57 - 2014-11-21 19:57 - 00001182 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-11-21 19:57 - 2014-11-21 19:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-11-21 19:54 - 2014-11-21 19:54 - 06626832 _____ (TeamViewer GmbH) C:\Users\Luginius\Desktop\TeamViewer_Setup_de.exe 2014-11-20 22:24 - 2014-11-13 12:15 - 286582040 _____ (AMD Inc.) C:\Users\Luginius\Desktop\amd-catalyst-14-9-win7-win8.1-64bit-dd-ccc-whql.exe 2014-11-20 22:23 - 2014-11-20 22:24 - 210974816 _____ (AMD Inc.) C:\Users\Luginius\Downloads\amd-catalyst-14-9-win7-win8.1-32bit-dd-ccc-whql.exe 2014-11-20 19:35 - 2014-11-20 19:35 - 00002590 _____ () C:\Users\Luginius\Desktop\Windows 7 USB DVD Download Tool.lnk 2014-11-20 19:35 - 2014-11-20 19:35 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool 2014-11-20 19:35 - 2014-11-20 19:35 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Apps\Windows 7 USB DVD Download Tool 2014-11-20 19:16 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-11-20 19:16 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-11-20 19:16 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll 2014-11-20 19:16 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll 2014-11-20 19:15 - 2014-11-20 19:28 - 00000000 ____D () C:\Program Files (x86)\WinToUSB 2014-11-19 15:22 - 2014-11-19 15:22 - 00000000 ____D () C:\Users\Luginius\Desktop\ATI Winflash 2014-11-19 15:21 - 2014-11-19 15:21 - 01118532 _____ () C:\Users\Luginius\Desktop\ati_winflash_2.6.7.zip 2014-11-18 15:01 - 2013-10-09 10:38 - 00665600 _____ () C:\Users\Luginius\Desktop\atiflash-4.17.exe 2014-11-18 15:00 - 2014-11-18 15:00 - 00242003 _____ () C:\Users\Luginius\Desktop\atiflash_417.zip 2014-11-17 11:22 - 2014-11-17 11:22 - 00001029 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk 2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\Users\Luginius\Documents\PDF Architect 2 2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2 2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2 2014-11-17 11:21 - 2014-11-17 11:24 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2014-11-17 11:21 - 2014-11-17 11:21 - 00001047 _____ () C:\Users\Public\Desktop\PDFCreator.lnk 2014-11-17 11:21 - 2014-11-17 11:21 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\pdfforge 2014-11-17 11:21 - 2014-11-17 11:21 - 00000000 ____D () C:\ProgramData\PDF Architect 2 2014-11-17 11:21 - 2014-11-17 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2014-11-17 11:21 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX 2014-11-17 11:21 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX 2014-11-17 11:21 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX 2014-11-17 11:21 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll 2014-11-17 11:21 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 2014-11-17 11:21 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL 2014-11-17 11:21 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL 2014-11-17 11:21 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL 2014-11-17 11:19 - 2014-11-17 11:19 - 27843432 _____ (pdfforge ) C:\Users\Luginius\Desktop\PDFCreator-1_7_3_setup.exe 2014-11-17 09:15 - 2014-11-24 03:19 - 00000000 ____D () C:\Users\Luginius\Documents\MATLAB 2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Subversion 2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\MathWorks 2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Local\MathWorks 2014-11-16 15:38 - 2014-11-16 15:38 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Logitech 2014-11-16 15:38 - 2014-11-16 15:38 - 00000000 ____D () C:\ProgramData\LogiShrd 2014-11-16 15:37 - 2014-11-19 12:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys 2014-11-16 15:37 - 2014-11-19 12:40 - 00001164 _____ () C:\Windows\LkmdfCoInst.log 2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech 2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\ProgramData\Apple 2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files\Bonjour 2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-11-16 15:30 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files\Logitech Gaming Software 2014-11-16 15:29 - 2014-11-16 15:29 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Logitech 2014-11-16 15:29 - 2014-11-16 15:29 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Logishrd 2014-11-16 15:28 - 2014-11-16 15:28 - 67350808 _____ (Logitech Inc.) C:\Users\Luginius\Desktop\LGS_8.57.145_x64_Logitech.exe 2014-11-16 14:57 - 2014-11-16 14:57 - 01156136 _____ (Ruiware) C:\Users\Luginius\Desktop\wpsetup.exe 2014-11-13 12:18 - 2014-11-17 09:20 - 00000000 ____D () C:\Users\Luginius\Desktop\Dawid 2014-11-13 12:12 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2014-11-13 12:12 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-11-13 12:12 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-11-13 12:12 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2014-11-13 12:12 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2014-11-13 12:12 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2014-11-13 12:12 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2014-11-13 12:12 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2014-11-13 12:12 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll 2014-11-13 12:12 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll 2014-11-13 12:12 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-11-13 12:12 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2014-11-13 12:12 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-11-13 12:12 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2014-11-13 12:12 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys 2014-11-13 12:12 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys 2014-11-13 12:12 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys 2014-11-13 12:12 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2014-11-13 12:12 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll 2014-11-13 12:12 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll 2014-11-13 12:11 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-11-13 12:11 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-11-13 12:11 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-11-13 12:11 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-11-13 12:11 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-11-13 12:11 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-11-13 12:11 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-11-13 12:11 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-11-13 12:11 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-11-13 12:11 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-11-13 12:11 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2014-11-13 12:11 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2014-11-13 12:11 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-11-13 12:11 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-11-13 12:11 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-11-13 12:11 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-11-13 12:11 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-11-13 12:11 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2014-11-13 12:11 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-11-13 12:11 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-11-13 12:11 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-11-13 12:11 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2014-11-13 12:11 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-11-13 12:11 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-11-13 12:11 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-11-13 12:11 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll 2014-11-13 12:11 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2014-11-13 12:11 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-11-13 12:11 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-11-13 12:11 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-11-13 12:11 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-11-13 12:11 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2014-11-13 12:11 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2014-11-13 12:11 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-11-13 12:11 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-11-13 12:11 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-11-13 12:11 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-11-13 12:11 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-11-13 12:11 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-11-13 12:11 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-11-13 12:10 - 2014-11-05 00:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-11-13 12:10 - 2014-11-04 01:10 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2014-11-13 12:10 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe 2014-11-13 12:10 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-11-13 12:10 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe 2014-11-13 12:10 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll 2014-11-13 12:10 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-11-13 12:10 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-11-13 12:10 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-11-13 12:10 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2014-11-13 12:10 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-11-13 12:10 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-11-13 12:10 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-11-13 12:10 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll 2014-11-13 12:10 - 2014-10-31 05:53 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2014-11-13 12:10 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll 2014-11-13 12:10 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-11-13 12:10 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-11-13 12:10 - 2014-10-31 05:49 - 00537088 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-11-13 12:10 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll 2014-11-13 12:10 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-11-13 12:10 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-11-13 12:10 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2014-11-13 12:10 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2014-11-13 12:10 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-11-13 12:10 - 2014-10-31 05:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2014-11-13 12:10 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-11-13 12:10 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-11-13 12:10 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2014-11-13 12:10 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2014-11-13 12:10 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-11-13 12:10 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll 2014-11-13 12:10 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe 2014-11-13 12:10 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-11-13 12:10 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe 2014-11-13 12:10 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll 2014-11-13 12:10 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-11-13 12:10 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-11-13 12:10 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-11-13 12:10 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-11-13 12:10 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-11-13 12:10 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-11-13 12:10 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-11-13 12:10 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll 2014-11-13 12:10 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-11-13 12:10 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll 2014-11-13 12:10 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-11-13 12:10 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2014-11-13 12:10 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll 2014-11-13 12:10 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2014-11-13 12:10 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-11-13 12:10 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-11-13 12:10 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-11-13 12:10 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2014-11-13 12:10 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2014-11-13 12:10 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2014-11-13 12:10 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll 2014-11-13 12:10 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-11-13 12:10 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-11-13 12:10 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-13 12:10 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-13 12:10 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-13 12:10 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2014-11-13 12:10 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll 2014-11-13 12:10 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-13 12:10 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-13 12:10 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-13 12:10 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll 2014-11-13 12:10 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-13 12:10 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-13 12:10 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-13 12:10 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-11-13 12:10 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-11-13 12:10 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2014-11-13 12:10 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2014-11-13 12:10 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2014-11-13 12:10 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2014-11-13 12:10 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-11-13 12:10 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys 2014-11-13 12:10 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2014-11-13 12:10 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-11-13 12:10 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-11-13 12:10 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2014-11-13 12:10 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll 2014-11-13 12:10 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2014-11-13 12:10 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2014-11-13 12:10 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2014-11-13 12:10 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2014-11-13 12:10 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-11-13 12:10 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2014-11-13 12:10 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-11-13 12:10 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-11-13 12:10 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-11-13 12:10 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-11-13 12:10 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-11-13 12:10 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-11-13 12:10 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-11-13 12:10 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-11-13 12:10 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-11-13 12:10 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll 2014-11-13 12:10 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-11-13 12:10 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2014-11-13 12:10 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-11-13 12:10 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-11-13 12:10 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml 2014-11-13 12:10 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll 2014-11-13 12:10 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll 2014-11-13 12:10 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2014-11-13 12:10 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2014-11-13 12:10 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll 2014-11-13 12:10 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll 2014-11-13 12:10 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS 2014-11-13 12:10 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-11-13 12:10 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-11-13 12:10 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll 2014-11-13 12:10 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll 2014-11-13 12:10 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll 2014-11-13 12:10 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll 2014-11-13 12:10 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll 2014-11-13 12:10 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-11-13 12:10 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2014-11-13 12:10 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2014-11-13 12:10 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-11-13 12:10 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2014-11-13 12:10 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2014-11-13 12:10 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-11-13 12:10 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2014-11-13 12:10 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll 2014-11-13 12:10 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll 2014-11-10 21:18 - 2014-11-10 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-11-10 16:43 - 2014-11-10 16:44 - 00000000 ____D () C:\Users\Luginius\Desktop\Vati 2014-11-10 16:42 - 2014-11-25 15:52 - 00000000 ____D () C:\Users\Luginius\Desktop\Lukas 2014-11-10 13:07 - 2014-11-10 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic 2014-11-10 13:07 - 2014-11-10 13:07 - 00000000 ____D () C:\Program Files (x86)\Tinypic 2014-11-10 11:30 - 2014-11-10 11:30 - 00027568 _____ () C:\Users\Luginius\Downloads\Kuendigungen_und_Mahnungen.zip 2014-11-07 18:20 - 2014-11-07 18:20 - 00000000 ____D () C:\Users\Luginius\Documents\Benutzerdefinierte Office-Vorlagen 2014-11-07 16:38 - 2014-11-07 16:59 - 00000000 ____D () C:\Users\Luginius\f4 2014-11-07 16:34 - 2014-11-07 16:34 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f4 2014-11-07 16:34 - 2014-11-07 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\f4 2014-11-07 16:34 - 2014-11-07 16:34 - 00000000 ____D () C:\Program Files (x86)\f4 2014-11-06 22:10 - 2014-11-10 10:27 - 00000000 ____D () C:\Users\Luginius\Desktop\Lars Wichtig! 2014-11-06 09:49 - 2014-11-26 09:48 - 00000072 _____ () C:\Users\Public\LMDebug.log 2014-11-04 11:24 - 2014-11-04 13:40 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Winamp 2014-11-04 11:24 - 2014-11-04 11:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp 2014-11-04 11:24 - 2014-11-04 11:24 - 00000000 ____D () C:\Program Files (x86)\Winamp 2014-11-03 20:08 - 2014-11-26 14:26 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner 2014-11-03 17:56 - 2014-11-03 17:56 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\AMD 2014-11-03 17:56 - 2014-11-03 17:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI Kombustor 3 2014-11-03 17:56 - 2014-11-03 17:56 - 00000000 ____D () C:\Program Files\MSI Kombustor 3 2014-11-01 12:34 - 2014-11-01 12:34 - 00000000 ____D () C:\Users\Luginius\Documents\Larian Studios 2014-10-31 19:09 - 2014-10-31 19:09 - 00000000 ____D () C:\Program Files (x86)\GPU-Z 2014-10-29 23:46 - 2014-10-29 23:46 - 00007629 _____ () C:\Users\Luginius\AppData\Local\Resmon.ResmonCfg 2014-10-29 20:52 - 2014-10-29 20:52 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-10-29 20:52 - 2014-10-29 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2014-10-28 13:52 - 2014-10-28 13:52 - 00001176 _____ () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-10-28 13:48 - 2014-10-28 13:48 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-10-28 12:58 - 2014-10-28 12:58 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys 2014-10-28 12:58 - 2014-10-28 12:58 - 00002508 _____ () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk 2014-10-28 12:58 - 2014-10-28 12:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2014-10-28 12:57 - 2014-10-28 12:58 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite 2014-10-28 12:57 - 2014-10-28 12:57 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\DAEMON Tools Lite 2014-10-28 12:56 - 2014-10-28 12:57 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite 2014-10-28 12:37 - 2014-10-28 12:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2014-10-28 12:37 - 2014-10-28 12:37 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2014-10-28 12:37 - 2014-10-28 12:37 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server 2014-10-28 12:36 - 2014-10-28 12:37 - 00000000 ____D () C:\Program Files\Microsoft SQL Server 2014-10-28 12:36 - 2014-10-28 12:36 - 00000000 ____D () C:\Windows\PCHEALTH 2014-10-28 12:35 - 2014-11-25 10:55 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Microsoft Help 2014-10-28 12:35 - 2014-10-28 12:36 - 00000000 ____D () C:\Program Files\Microsoft Office 2014-10-28 12:35 - 2014-10-28 12:35 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2014-10-28 12:35 - 2014-10-28 12:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office 2014-10-28 12:35 - 2014-10-28 12:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2014-10-28 12:34 - 2014-10-28 12:39 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-28 12:34 - 2014-10-28 12:34 - 00000000 __RHD () C:\MSOCache 2014-10-27 23:10 - 2014-11-23 13:27 - 00110080 ___SH () C:\Users\Luginius\Desktop\Thumbs.db 2014-10-27 16:26 - 2014-10-27 16:26 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\EPSON 2014-10-27 16:26 - 2014-10-27 16:26 - 00000000 _____ () C:\Users\Luginius\Sti_Trace.log 2014-10-27 16:06 - 2014-10-27 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-10-27 16:06 - 2007-12-07 02:08 - 00108032 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_ILMCDE.DLL 2014-10-27 16:06 - 2007-12-07 02:01 - 00081408 _____ (SEIKO EPSON CORPORATION) C:\Windows\system32\E_IBCBCDE.DLL 2014-10-27 16:06 - 2005-02-02 12:05 - 00008704 _____ (SEIKO EPSON CORP.) C:\Windows\system32\E_GCINST.DLL 2014-10-27 16:05 - 2014-10-27 16:06 - 00000000 ____D () C:\ProgramData\EPSON 2014-10-27 16:05 - 2014-10-27 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Scan 2014-10-27 16:05 - 2014-10-27 16:05 - 00000000 ____D () C:\Program Files (x86)\epson 2014-10-27 16:05 - 2007-03-27 00:00 - 00101376 _____ (SEIKO EPSON CORP.) C:\Windows\system32\esxcwiad.dll 2014-10-27 16:02 - 2014-10-27 16:02 - 00000040 _____ () C:\Autoconfig.ini 2014-10-27 16:02 - 2014-10-27 16:02 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers 2014-10-27 16:02 - 2013-06-01 06:13 - 01571160 ____N () C:\Windows\TotalUninstaller.exe 2014-10-27 16:01 - 2013-05-10 10:48 - 00162136 _____ () C:\Windows\system32\spe__ci.exe 2014-10-27 16:01 - 2012-11-17 09:28 - 00000357 _____ () C:\Windows\system32\spe__l.smt 2014-10-27 16:01 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\system32\spe__l.dll 2014-10-27 16:01 - 2010-10-20 09:46 - 00089600 _____ (SS) C:\Windows\system32\spe__ci.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-26 15:59 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius 2014-11-26 15:58 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru 2014-11-26 14:47 - 2014-10-23 20:58 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\ClassicShell 2014-11-26 14:47 - 2014-10-23 14:07 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1187133439-2445563951-4204365367-1001 2014-11-26 14:42 - 2014-10-25 15:29 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA.job 2014-11-26 14:36 - 2014-10-25 15:26 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-11-26 14:30 - 2014-03-18 11:04 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-26 14:30 - 2014-03-18 10:29 - 00764340 _____ () C:\Windows\system32\perfh007.dat 2014-11-26 14:30 - 2014-03-18 10:29 - 00159160 _____ () C:\Windows\system32\perfc007.dat 2014-11-26 14:24 - 2014-10-25 15:26 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-11-26 14:24 - 2014-03-18 02:53 - 00019824 _____ () C:\Windows\PFRO.log 2014-11-26 14:24 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-26 12:44 - 2014-10-23 16:15 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{83AC5851-DE9F-41F1-B659-2881A7321403} 2014-11-26 09:53 - 2014-10-23 14:01 - 01052570 _____ () C:\Windows\WindowsUpdate.log 2014-11-26 09:53 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-11-26 09:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-11-26 09:37 - 2014-10-25 15:26 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-26 09:29 - 2013-08-22 15:44 - 00482920 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-26 04:31 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-11-25 16:26 - 2014-10-23 22:34 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\vlc 2014-11-24 02:41 - 2014-10-25 15:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core.job 2014-11-22 01:42 - 2014-10-25 15:26 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Google 2014-11-20 21:51 - 2014-10-25 15:18 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-11-20 21:51 - 2014-10-25 15:18 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-11-20 19:18 - 2013-08-22 15:45 - 00021817 _____ () C:\Windows\setupact.log 2014-11-19 12:45 - 2014-10-25 22:25 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server 2014-11-17 02:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache 2014-11-17 02:37 - 2014-10-25 15:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA 2014-11-17 02:37 - 2014-10-25 15:29 - 00003728 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core 2014-11-16 15:30 - 2014-10-23 16:29 - 00000000 ____D () C:\ProgramData\Package Cache 2014-11-16 12:31 - 2014-10-25 15:26 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-16 12:31 - 2014-10-25 15:26 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-11-15 11:44 - 2014-08-07 15:19 - 00000000 ____D () C:\Users\Luginius\Desktop\Treiber 2014-11-13 19:33 - 2014-10-25 00:36 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender 2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender 2014-11-13 18:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData 2014-11-13 18:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel 2014-11-13 18:54 - 2014-10-25 00:18 - 00000000 ____D () C:\Windows\system32\MRT 2014-11-13 18:52 - 2014-10-25 00:18 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-11-12 11:23 - 2014-10-23 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-11-10 16:43 - 2014-10-23 21:30 - 00000000 ____D () C:\Users\Luginius\Desktop\Programme 2014-11-10 16:42 - 2014-10-23 21:30 - 00000000 ____D () C:\Users\Luginius\Desktop\OC Programme 2014-11-10 10:16 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Adobe 2014-11-07 17:05 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Packages 2014-11-04 13:08 - 2014-10-23 21:34 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner 2014-11-03 11:51 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-30 13:16 - 2014-10-23 22:40 - 00000000 ____D () C:\Program Files (x86)\FreeTime 2014-10-30 12:25 - 2014-10-24 23:38 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-10-29 20:52 - 2014-10-23 22:25 - 00000000 ____D () C:\ProgramData\Freemake 2014-10-29 20:52 - 2014-10-23 22:25 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-10-28 12:37 - 2014-03-18 10:45 - 00000000 ____D () C:\Windows\ShellNew 2014-10-28 12:37 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-10-28 12:35 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Common Files\System 2014-10-28 12:35 - 2013-08-22 14:25 - 00000167 _____ () C:\Windows\win.ini 2014-10-27 16:04 - 2014-10-23 23:06 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Samsung 2014-10-27 16:02 - 2014-10-23 23:09 - 00000000 ____D () C:\ProgramData\Samsung 2014-10-27 16:02 - 2014-10-23 23:06 - 00000000 ____D () C:\Program Files (x86)\Samsung Some content of TEMP: ==================== C:\Users\Luginius\AppData\Local\Temp\130585673333078917.exe C:\Users\Luginius\AppData\Local\Temp\13058567349064114830.exe C:\Users\Luginius\AppData\Local\Temp\AskPIP_FF_.exe C:\Users\Luginius\AppData\Local\Temp\FreemakeVideoConverterFull.exe C:\Users\Luginius\AppData\Local\Temp\Installer.exe C:\Users\Luginius\AppData\Local\Temp\ochelper.dll C:\Users\Luginius\AppData\Local\Temp\ochelper.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-14 11:38 ==================== End Of Log ============================ Addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 Ran by Luginius at 2014-11-26 16:16:14 Running from C:\Users\Luginius\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) AIDA64 Extreme v4.70 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 4.70 - FinalWire Ltd.) AMD Catalyst Install Manager (HKLM\...\{C2956908-53A3-88FC-B795-B16508296FC4}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Broadcom Wireless Utility (HKLM\...\Broadcom Wireless Utility) (Version: 5.100.196.18 - Broadcom Corporation) ChromecastApp (HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CPUID CPU-Z 1.71 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) CrystalDiskInfo 6.2.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.2.1 - Crystal Dew World) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) EPSON-Drucker-Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation) f4 3.0.3 (HKLM-x32\...\f4) (Version: 3.0.3 - MAXqda) Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden HWiNFO64 Version 4.46 (HKLM\...\HWiNFO64_is1) (Version: 4.46 - Martin Malík - REALiX) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org) Mozilla Firefox 33.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 de)) (Version: 33.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla) MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD) MSI Kombustor 3.5.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version: - MSI Co., LTD) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PDF Architect 2 (HKLM-x32\...\PDF Architect 2) (Version: 2.0.24.16092 - pdfforge GmbH) PDF Architect 2 View Module (HKLM-x32\...\{D691E998-CF53-4F6C-AC20-E4284660E0E7}) (Version: 2.1.6.19758 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge) RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder) Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.04.00 - Samsung Electronics Co., Ltd.) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) Texmaker (HKLM-x32\...\Texmaker) (Version: - ) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-1187133439-2445563951-4204365367-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File CustomCLSID: HKU\S-1-5-21-1187133439-2445563951-4204365367-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-1187133439-2445563951-4204365367-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 13-11-2014 17:51:34 Windows Update 15-11-2014 17:04:11 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 15-11-2014 17:04:28 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 17-11-2014 08:14:35 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert 20-11-2014 18:35:19 Installed Windows 7 USB/DVD Download Tool 21-11-2014 19:08:16 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert 26-11-2014 08:52:44 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0CD277E4-853F-4FE2-B092-4B7A56828488} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {0FF646E4-1679-4520-B316-F12C5ED4E0CD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {1668ECAF-2D58-4826-98DC-CC5EC523BE19} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-11-13] (Microsoft Corporation) Task: {843086D7-68DD-46F6-B2D7-992400C2774A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.) Task: {B0501D65-CFC3-42AA-B09C-9C390E13275E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.) Task: {C0F78BE1-8705-40EF-A8D9-F07CEE287A48} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.) Task: {C1F6F70F-D344-4AA9-A405-1301D1F4B8DB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-25] (Google Inc.) Task: {CE518698-03C9-4AB0-9CA9-FAE062565813} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {EE770C95-0829-4AF4-8808-D973DBA4ECA5} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] () Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core.job => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA.job => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2014-10-27 16:01 - 2011-04-11 06:26 - 00034304 _____ () C:\Windows\System32\spe__l.dll 2014-09-15 17:13 - 2014-09-15 17:13 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 00817152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2014-02-11 06:08 - 2014-02-11 06:08 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2014-09-15 17:13 - 2014-09-15 17:13 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll 2014-09-15 17:13 - 2014-09-15 17:13 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2014-11-10 21:18 - 2014-11-10 21:18 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) ========================= Accounts: ========================== Administrator (S-1-5-21-1187133439-2445563951-4204365367-500 - Administrator - Disabled) Gast (S-1-5-21-1187133439-2445563951-4204365367-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1187133439-2445563951-4204365367-1004 - Limited - Enabled) Luginius (S-1-5-21-1187133439-2445563951-4204365367-1001 - Administrator - Enabled) => C:\Users\Luginius ==================== Faulty Device Manager Devices ============= Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. Name: Controller der Familie Realtek PCIe GBE Description: Controller der Familie Realtek PCIe GBE Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Realtek Service: RTL8168 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (11/26/2014 04:16:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0xdc4 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0xc60 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0xe64 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WLTRAY.EXE, Version: 5.100.196.18, Zeitstempel: 0x4f6821a2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0x858 Startzeit der fehlerhaften Anwendung: 0xWLTRAY.EXE0 Pfad der fehlerhaften Anwendung: WLTRAY.EXE1 Pfad des fehlerhaften Moduls: WLTRAY.EXE2 Berichtskennung: WLTRAY.EXE3 Vollständiger Name des fehlerhaften Pakets: WLTRAY.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WLTRAY.EXE5 Error: (11/26/2014 04:16:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WLTRAY.EXE, Version: 5.100.196.18, Zeitstempel: 0x4f6821a2 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebd22 Ausnahmecode: 0xc015000f Fehleroffset: 0x00000000000a7f00 ID des fehlerhaften Prozesses: 0x2bc Startzeit der fehlerhaften Anwendung: 0xWLTRAY.EXE0 Pfad der fehlerhaften Anwendung: WLTRAY.EXE1 Pfad des fehlerhaften Moduls: WLTRAY.EXE2 Berichtskennung: WLTRAY.EXE3 Vollständiger Name des fehlerhaften Pakets: WLTRAY.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WLTRAY.EXE5 Error: (11/26/2014 04:16:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0xdc8 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0x11d8 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0x13a0 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: bcmwltry.exe, Version: 5.100.196.18, Zeitstempel: 0x4f6821e5 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0xb18 Startzeit der fehlerhaften Anwendung: 0xbcmwltry.exe0 Pfad der fehlerhaften Anwendung: bcmwltry.exe1 Pfad des fehlerhaften Moduls: bcmwltry.exe2 Berichtskennung: bcmwltry.exe3 Vollständiger Name des fehlerhaften Pakets: bcmwltry.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: bcmwltry.exe5 Error: (11/26/2014 04:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: WLTRAY.EXE, Version: 5.100.196.18, Zeitstempel: 0x4f6821a2 Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eebf2e Ausnahmecode: 0xe0434f4d Fehleroffset: 0x000000000000606c ID des fehlerhaften Prozesses: 0x2bc Startzeit der fehlerhaften Anwendung: 0xWLTRAY.EXE0 Pfad der fehlerhaften Anwendung: WLTRAY.EXE1 Pfad des fehlerhaften Moduls: WLTRAY.EXE2 Berichtskennung: WLTRAY.EXE3 Vollständiger Name des fehlerhaften Pakets: WLTRAY.EXE4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WLTRAY.EXE5 System errors: ============= Error: (11/26/2014 02:23:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (11/26/2014 09:29:50 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 25.11.2014 um 16:38:19 unerwartet heruntergefahren. Error: (11/26/2014 04:30:57 AM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/26/2014 04:30:27 AM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/26/2014 04:26:13 AM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/26/2014 04:25:43 AM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/25/2014 04:47:11 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (11/25/2014 03:52:34 PM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (11/25/2014 03:52:04 PM) (Source: DCOM) (EventID: 10010) (User: Luginius-PC) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (11/25/2014 11:38:42 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Microsoft Office Sessions: ========================= Error: (11/26/2014 04:16:21 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606cdc401d0098bef11b2aeC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll2cf27bb8-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606cc6001d0098bed858ea1C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll2b667ea6-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:16 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606ce6401d0098bebf9e29bC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll29da3812-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:15 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WLTRAY.EXE5.100.196.184f6821a2KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606c85801d0098be409818fC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXEC:\Windows\system32\KERNELBASE.dll296cf5aa-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:14 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WLTRAY.EXE5.100.196.184f6821a2ntdll.dll6.3.9600.1727853eebd22c015000f00000000000a7f002bc01d0098bdc77c3faC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXEC:\Windows\SYSTEM32\ntdll.dll28971aa4-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:13 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606cdc801d0098be9b4e3c0C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll284cf15d-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606c11d801d0098be828e68bC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll2609614e-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:07 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606c13a001d0098be69b59a7C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll247c499d-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:04 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: bcmwltry.exe5.100.196.184f6821e5KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606cb1801d0098be50ec067C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exeC:\Windows\system32\KERNELBASE.dll22ef6238-757f-11e4-9c1c-a4b77e81811d Error: (11/26/2014 04:16:02 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: WLTRAY.EXE5.100.196.184f6821a2KERNELBASE.dll6.3.9600.1727853eebf2ee0434f4d000000000000606c2bc01d0098bdc77c3faC:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXEC:\Windows\system32\KERNELBASE.dll21baae41-757f-11e4-9c1c-a4b77e81811d CodeIntegrity Errors: =================================== Date: 2014-11-26 04:26:04.409 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-19 22:03:58.387 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-11-17 02:30:31.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8320 Eight-Core Processor Percentage of memory in use: 10% Total physical RAM: 16329.33 MB Available physical RAM: 14568.55 MB Total Pagefile: 18761.33 MB Available Pagefile: 16740.39 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:145.97 GB) (Free:98.08 GB) NTFS Drive d: () (Fixed) (Total:552.15 GB) (Free:467.18 GB) NTFS Drive e: (Filme & Musik) (Fixed) (Total:258.79 GB) (Free:98.68 GB) NTFS Drive f: (Spiele & Programme) (Fixed) (Total:439.85 GB) (Free:25.14 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive i: (LUKASNICKEL) (Removable) (Total:14.55 GB) (Free:6.31 GB) NTFS Drive k: (Programme) (Fixed) (Total:399.87 GB) (Free:343.8 GB) NTFS Drive l: (Spiele) (Fixed) (Total:349.87 GB) (Free:157.99 GB) NTFS Drive m: (Filme) (Fixed) (Total:349.87 GB) (Free:189.77 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: CF468F23) Partition: GPT Partition Type. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4DE20AC2) Partition 1: (Active) - (Size=439.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=258.8 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ======================================================== Disk: 3 (MBR Code: Windows XP) (Size: 14.6 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=14.5 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 5. Attempted reading MBR returned 0 bytes. Could not read MBR for disk 6. ==================== End Of Log ============================ |
|
26.11.2014, 19:48
| #2 |
| /// the machine /// TB-Ausbilder    | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
26.11.2014, 20:51
| #3 |
| | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus TDSSKiller.3.0.0.41_26.11.2014_20.46.10_log:
__________________Code:
ATTFilter 20:46:10.0407 0x0c48 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:46:10.0407 0x0c48 UEFI system
20:47:32.0884 0x0c48 ============================================================
20:47:32.0884 0x0c48 Current date / time: 2014/11/26 20:47:32.0884
20:47:32.0884 0x0c48 SystemInfo:
20:47:32.0884 0x0c48
20:47:32.0884 0x0c48 OS Version: 6.3.9600 ServicePack: 0.0
20:47:32.0884 0x0c48 Product type: Workstation
20:47:32.0884 0x0c48 ComputerName: LUGINIUS-PC
20:47:32.0885 0x0c48 UserName: Luginius
20:47:32.0885 0x0c48 Windows directory: C:\Windows
20:47:32.0885 0x0c48 System windows directory: C:\Windows
20:47:32.0885 0x0c48 Running under WOW64
20:47:32.0885 0x0c48 Processor architecture: Intel x64
20:47:32.0885 0x0c48 Number of processors: 8
20:47:32.0885 0x0c48 Page size: 0x1000
20:47:32.0885 0x0c48 Boot type: Normal boot
20:47:32.0885 0x0c48 ============================================================
20:47:33.0312 0x0c48 KLMD registered as C:\Windows\system32\drivers\96135204.sys
20:47:34.0020 0x0c48 System UUID: {E3236DB9-011E-5B81-825E-BCA9E5334A87}
20:47:34.0559 0x0c48 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8BD5E00 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:47:34.0564 0x0c48 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:47:35.0031 0x0c48 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:47:35.0368 0x0c48 Drive \Device\Harddisk3\DR3 - Size: 0x3A3380000 ( 14.55 Gb ), SectorSize: 0x200, Cylinders: 0x76B, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:47:35.0371 0x0c48 ============================================================
20:47:35.0371 0x0c48 \Device\Harddisk0\DR0:
20:47:35.0371 0x0c48 GPT partitions:
20:47:35.0372 0x0c48 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9CBDE1A9-2BEF-4CD5-B93A-B7C77BAF6EC8}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
20:47:35.0372 0x0c48 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D18FC8E5-ADBA-4830-8538-739698543825}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
20:47:35.0372 0x0c48 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A4113394-F689-402F-BC15-06082F9AE7A1}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
20:47:35.0372 0x0c48 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {01E0DF34-AFFA-4B2E-BEFC-93122A4173ED}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0x123F0000
20:47:35.0372 0x0c48 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {EF3653FB-4FFF-4332-84E1-0A5CE036E191}, Name: Basic data partition, StartLBA 0x124F8800, BlocksNum 0x4504D000
20:47:35.0372 0x0c48 MBR partitions:
20:47:35.0372 0x0c48 \Device\Harddisk1\DR1:
20:47:35.0372 0x0c48 MBR partitions:
20:47:35.0372 0x0c48 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x36FB1000
20:47:35.0372 0x0c48 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x36FB1800, BlocksNum 0x20593800
20:47:35.0372 0x0c48 \Device\Harddisk2\DR2:
20:47:35.0372 0x0c48 GPT partitions:
20:47:35.0372 0x0c48 \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {96474B7D-5548-11E4-826F-6CF04979C201}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
20:47:35.0372 0x0c48 \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {E75CAF8F-F680-4CEE-AFA3-B001E56EFC2D}, UniqueGUID: {96474B7E-5548-11E4-826F-6CF04979C201}, Name: Speicherpool, StartLBA 0x40800, BlocksNum 0x746C6000
20:47:35.0372 0x0c48 MBR partitions:
20:47:35.0373 0x0c48 \Device\Harddisk3\DR3:
20:47:35.0374 0x0c48 MBR partitions:
20:47:35.0374 0x0c48 \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x1F80, BlocksNum 0x1D17C80
20:47:35.0374 0x0c48 ============================================================
20:47:35.0375 0x0c48 C: <-> \Device\Harddisk0\DR0\Partition4
20:47:35.0404 0x0c48 E: <-> \Device\Harddisk1\DR1\Partition2
20:47:35.0438 0x0c48 F: <-> \Device\Harddisk1\DR1\Partition1
20:47:35.0510 0x0c48 D: <-> \Device\Harddisk0\DR0\Partition5
20:47:35.0510 0x0c48 ============================================================
20:47:35.0510 0x0c48 Initialize success
20:47:35.0510 0x0c48 ============================================================
20:48:46.0253 0x0f1c ============================================================
20:48:46.0253 0x0f1c Scan started
20:48:46.0253 0x0f1c Mode: Manual; SigCheck; TDLFS;
20:48:46.0253 0x0f1c ============================================================
20:48:46.0253 0x0f1c KSN ping started
20:48:48.0733 0x0f1c KSN ping finished: true
20:48:49.0953 0x0f1c ================ Scan system memory ========================
20:48:49.0953 0x0f1c System memory - ok
20:48:49.0953 0x0f1c ================ Scan services =============================
20:48:50.0081 0x0f1c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:48:50.0146 0x0f1c 1394ohci - ok
20:48:50.0188 0x0f1c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:48:50.0198 0x0f1c 3ware - ok
20:48:50.0237 0x0f1c [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:48:50.0260 0x0f1c ACPI - ok
20:48:50.0274 0x0f1c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:48:50.0284 0x0f1c acpiex - ok
20:48:50.0287 0x0f1c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:48:50.0311 0x0f1c acpipagr - ok
20:48:50.0314 0x0f1c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:48:50.0337 0x0f1c AcpiPmi - ok
20:48:50.0341 0x0f1c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:48:50.0355 0x0f1c acpitime - ok
20:48:50.0414 0x0f1c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:48:50.0421 0x0f1c AdobeARMservice - ok
20:48:50.0459 0x0f1c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
20:48:50.0486 0x0f1c ADP80XX - ok
20:48:50.0520 0x0f1c [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:48:50.0546 0x0f1c AeLookupSvc - ok
20:48:50.0589 0x0f1c [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
20:48:50.0619 0x0f1c AFD - ok
20:48:50.0636 0x0f1c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:48:50.0645 0x0f1c agp440 - ok
20:48:50.0649 0x0f1c [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
20:48:50.0681 0x0f1c ahcache - ok
20:48:50.0705 0x0f1c [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
20:48:50.0740 0x0f1c ALG - ok
20:48:50.0766 0x0f1c [ F17B1902DFCED1C24DB57492A7896FF8, 966AB1A072A8AF98D7EDD2A388D919B50FC41A06E1C51B04B2C2F54F1BA7F0D5 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:48:50.0834 0x0f1c AMD External Events Utility - ok
20:48:50.0871 0x0f1c AMD FUEL Service - ok
20:48:50.0893 0x0f1c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:48:50.0920 0x0f1c AmdK8 - ok
20:48:50.0942 0x0f1c [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\Windows\system32\drivers\amdkmafd.sys
20:48:50.0951 0x0f1c amdkmafd - ok
20:48:51.0387 0x0f1c [ 81FCDBBA547919D59DC134ED717658B4, 9A95C4400CAE00F25EE10BAE8949CF7317954742EB6F0831AAAEA4A2C220E56B ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
20:48:51.0774 0x0f1c amdkmdag - ok
20:48:51.0819 0x0f1c [ AF6B384E03D15471EDCEDDDEBAA363B2, 2D8CFA26D69A8FF0FAC6EBA2E5A62977B21ECBA0C65458072FEC4A886B3EDD73 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
20:48:51.0861 0x0f1c amdkmdap - ok
20:48:51.0882 0x0f1c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:48:51.0905 0x0f1c AmdPPM - ok
20:48:51.0928 0x0f1c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:48:51.0937 0x0f1c amdsata - ok
20:48:51.0978 0x0f1c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:48:51.0992 0x0f1c amdsbs - ok
20:48:51.0996 0x0f1c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:48:52.0004 0x0f1c amdxata - ok
20:48:52.0013 0x0f1c [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
20:48:52.0019 0x0f1c AODDriver4.3 - ok
20:48:52.0024 0x0f1c [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
20:48:52.0059 0x0f1c AppID - ok
20:48:52.0087 0x0f1c [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:48:52.0107 0x0f1c AppIDSvc - ok
20:48:52.0127 0x0f1c [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo C:\Windows\System32\appinfo.dll
20:48:52.0150 0x0f1c Appinfo - ok
20:48:52.0171 0x0f1c [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\Windows\System32\appmgmts.dll
20:48:52.0204 0x0f1c AppMgmt - ok
20:48:52.0234 0x0f1c [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
20:48:52.0267 0x0f1c AppReadiness - ok
20:48:52.0316 0x0f1c [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
20:48:52.0379 0x0f1c AppXSvc - ok
20:48:52.0479 0x0f1c [ 9D738A8242AF0F718F87C5162A3717A7, 96698273DF834BACA9F7E8EE48EF7838DD8B80E062D0730AA9F99FBA5A941F61 ] AR5416 C:\Windows\system32\DRIVERS\athwx.sys
20:48:52.0554 0x0f1c AR5416 - detected UnsignedFile.Multi.Generic ( 1 )
20:48:55.0081 0x0f1c Detect skipped due to KSN trusted
20:48:55.0081 0x0f1c AR5416 - ok
20:48:55.0096 0x0f1c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:48:55.0107 0x0f1c arcsas - ok
20:48:55.0116 0x0f1c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
20:48:55.0124 0x0f1c atapi - ok
20:48:55.0236 0x0f1c [ B04BF12AEBFB5E71971B4EDA4EDFC196, BCFC79ED014F3E835957D6FD5985DF97A9F2BFD9E762594C48AB8299240FF667 ] athr C:\Windows\system32\DRIVERS\athwnx.sys
20:48:55.0357 0x0f1c athr - ok
20:48:55.0395 0x0f1c [ 8523AA8BD207F937E8C047F8713D4788, EB131C38F51DEDCE2445648CAAE7B7F04F0009EB823A77D1D08B2E9CA8EC9B7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
20:48:55.0420 0x0f1c AtiHDAudioService - ok
20:48:55.0450 0x0f1c [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:48:55.0479 0x0f1c AudioEndpointBuilder - ok
20:48:55.0528 0x0f1c [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:48:55.0556 0x0f1c Audiosrv - ok
20:48:55.0594 0x0f1c [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:48:55.0642 0x0f1c AxInstSV - ok
20:48:55.0683 0x0f1c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:48:55.0704 0x0f1c b06bdrv - ok
20:48:55.0727 0x0f1c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:48:55.0753 0x0f1c BasicDisplay - ok
20:48:55.0757 0x0f1c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:48:55.0777 0x0f1c BasicRender - ok
20:48:55.0800 0x0f1c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
20:48:55.0805 0x0f1c bcmfn2 - ok
20:48:55.0853 0x0f1c [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:48:55.0884 0x0f1c BDESVC - ok
20:48:55.0895 0x0f1c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
20:48:55.0924 0x0f1c Beep - ok
20:48:55.0957 0x0f1c [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll
20:48:56.0005 0x0f1c BFE - ok
20:48:56.0055 0x0f1c [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
20:48:56.0104 0x0f1c BITS - ok
20:48:56.0119 0x0f1c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:48:56.0137 0x0f1c bowser - ok
20:48:56.0195 0x0f1c [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:48:56.0230 0x0f1c BrokerInfrastructure - ok
20:48:56.0256 0x0f1c [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll
20:48:56.0288 0x0f1c Browser - ok
20:48:56.0292 0x0f1c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:48:56.0300 0x0f1c BthAvrcpTg - ok
20:48:56.0305 0x0f1c [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:48:56.0314 0x0f1c BthHFEnum - ok
20:48:56.0328 0x0f1c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:48:56.0355 0x0f1c bthhfhid - ok
20:48:56.0359 0x0f1c [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:48:56.0380 0x0f1c BTHMODEM - ok
20:48:56.0402 0x0f1c [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
20:48:56.0458 0x0f1c bthserv - ok
20:48:56.0486 0x0f1c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:48:56.0502 0x0f1c cdfs - ok
20:48:56.0520 0x0f1c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:48:56.0532 0x0f1c cdrom - ok
20:48:56.0548 0x0f1c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:48:56.0589 0x0f1c CertPropSvc - ok
20:48:56.0608 0x0f1c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
20:48:56.0627 0x0f1c circlass - ok
20:48:56.0660 0x0f1c [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:48:56.0677 0x0f1c CLFS - ok
20:48:56.0687 0x0f1c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:48:56.0712 0x0f1c CmBatt - ok
20:48:56.0745 0x0f1c [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\Windows\system32\Drivers\cng.sys
20:48:56.0768 0x0f1c CNG - ok
20:48:56.0785 0x0f1c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:48:56.0817 0x0f1c CompositeBus - ok
20:48:56.0820 0x0f1c COMSysApp - ok
20:48:56.0824 0x0f1c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
20:48:56.0833 0x0f1c condrv - ok
20:48:56.0856 0x0f1c [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:48:56.0891 0x0f1c CryptSvc - ok
20:48:56.0917 0x0f1c [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\Windows\system32\drivers\csc.sys
20:48:56.0960 0x0f1c CSC - ok
20:48:57.0000 0x0f1c [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\Windows\System32\cscsvc.dll
20:48:57.0038 0x0f1c CscService - ok
20:48:57.0056 0x0f1c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
20:48:57.0065 0x0f1c dam - ok
20:48:57.0111 0x0f1c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:48:57.0152 0x0f1c DcomLaunch - ok
20:48:57.0198 0x0f1c [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll
20:48:57.0240 0x0f1c defragsvc - ok
20:48:57.0270 0x0f1c [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
20:48:57.0303 0x0f1c DeviceAssociationService - ok
20:48:57.0331 0x0f1c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:48:57.0365 0x0f1c DeviceInstall - ok
20:48:57.0391 0x0f1c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:48:57.0437 0x0f1c Dfsc - ok
20:48:57.0474 0x0f1c [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
20:48:57.0482 0x0f1c dg_ssudbus - ok
20:48:57.0516 0x0f1c [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:48:57.0550 0x0f1c Dhcp - ok
20:48:57.0568 0x0f1c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
20:48:57.0578 0x0f1c disk - ok
20:48:57.0592 0x0f1c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:48:57.0623 0x0f1c dmvsc - ok
20:48:57.0691 0x0f1c [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:48:57.0727 0x0f1c Dnscache - ok
20:48:57.0754 0x0f1c [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
20:48:57.0780 0x0f1c dot3svc - ok
20:48:57.0797 0x0f1c [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
20:48:57.0844 0x0f1c DPS - ok
20:48:57.0870 0x0f1c [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:48:57.0878 0x0f1c drmkaud - ok
20:48:57.0909 0x0f1c [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:48:57.0925 0x0f1c DsmSvc - ok
20:48:57.0957 0x0f1c [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\System32\drivers\dtsoftbus01.sys
20:48:57.0968 0x0f1c dtsoftbus01 - ok
20:48:58.0039 0x0f1c [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:48:58.0087 0x0f1c DXGKrnl - ok
20:48:58.0106 0x0f1c [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
20:48:58.0124 0x0f1c Eaphost - ok
20:48:58.0217 0x0f1c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:48:58.0312 0x0f1c ebdrv - ok
20:48:58.0335 0x0f1c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
20:48:58.0344 0x0f1c EFS - ok
20:48:58.0349 0x0f1c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:48:58.0358 0x0f1c EhStorClass - ok
20:48:58.0373 0x0f1c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:48:58.0383 0x0f1c EhStorTcgDrv - ok
20:48:58.0399 0x0f1c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:48:58.0427 0x0f1c ErrDev - ok
20:48:58.0483 0x0f1c [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
20:48:58.0533 0x0f1c EventSystem - ok
20:48:58.0549 0x0f1c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
20:48:58.0566 0x0f1c exfat - ok
20:48:58.0589 0x0f1c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:48:58.0602 0x0f1c fastfat - ok
20:48:58.0639 0x0f1c [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
20:48:58.0687 0x0f1c Fax - ok
20:48:58.0701 0x0f1c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
20:48:58.0710 0x0f1c fdc - ok
20:48:58.0733 0x0f1c [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
20:48:58.0757 0x0f1c fdPHost - ok
20:48:58.0774 0x0f1c [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
20:48:58.0800 0x0f1c FDResPub - ok
20:48:58.0825 0x0f1c [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
20:48:58.0855 0x0f1c fhsvc - ok
20:48:58.0871 0x0f1c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:48:58.0880 0x0f1c FileInfo - ok
20:48:58.0900 0x0f1c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:48:58.0913 0x0f1c Filetrace - ok
20:48:58.0917 0x0f1c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:48:58.0926 0x0f1c flpydisk - ok
20:48:58.0961 0x0f1c [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:48:58.0978 0x0f1c FltMgr - ok
20:48:59.0042 0x0f1c [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
20:48:59.0096 0x0f1c FontCache - ok
20:48:59.0196 0x0f1c [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:48:59.0204 0x0f1c FontCache3.0.0.0 - ok
20:48:59.0208 0x0f1c [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:48:59.0216 0x0f1c FsDepends - ok
20:48:59.0226 0x0f1c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:48:59.0234 0x0f1c Fs_Rec - ok
20:48:59.0259 0x0f1c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:48:59.0282 0x0f1c fvevol - ok
20:48:59.0287 0x0f1c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:48:59.0302 0x0f1c FxPPM - ok
20:48:59.0312 0x0f1c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:48:59.0320 0x0f1c gagp30kx - ok
20:48:59.0329 0x0f1c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:48:59.0347 0x0f1c gencounter - ok
20:48:59.0368 0x0f1c [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:48:59.0379 0x0f1c GPIOClx0101 - ok
20:48:59.0436 0x0f1c [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll
20:48:59.0486 0x0f1c gpsvc - ok
20:48:59.0570 0x0f1c GPU-Z - ok
20:48:59.0598 0x0f1c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:59.0605 0x0f1c gupdate - ok
20:48:59.0609 0x0f1c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:48:59.0615 0x0f1c gupdatem - ok
20:48:59.0642 0x0f1c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:48:59.0672 0x0f1c HdAudAddService - ok
20:48:59.0691 0x0f1c [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:48:59.0712 0x0f1c HDAudBus - ok
20:48:59.0716 0x0f1c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:48:59.0736 0x0f1c HidBatt - ok
20:48:59.0752 0x0f1c [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:48:59.0773 0x0f1c HidBth - ok
20:48:59.0777 0x0f1c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:48:59.0786 0x0f1c hidi2c - ok
20:48:59.0802 0x0f1c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:48:59.0829 0x0f1c HidIr - ok
20:48:59.0846 0x0f1c [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
20:48:59.0861 0x0f1c hidserv - ok
20:48:59.0895 0x0f1c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:48:59.0912 0x0f1c HidUsb - ok
20:48:59.0936 0x0f1c [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:48:59.0960 0x0f1c hkmsvc - ok
20:48:59.0983 0x0f1c [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:49:00.0021 0x0f1c HomeGroupListener - ok
20:49:00.0046 0x0f1c [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:49:00.0080 0x0f1c HomeGroupProvider - ok
20:49:00.0100 0x0f1c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:49:00.0109 0x0f1c HpSAMD - ok
20:49:00.0152 0x0f1c [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:49:00.0186 0x0f1c HTTP - ok
20:49:00.0204 0x0f1c [ 94724AD8E21E3CFF22A2FAB7BBABF725, 226F76C7CF80AF734DB64111E95595EC5E02658482A574643900A6C61A69236C ] HWiNFO32 C:\Windows\system32\drivers\HWiNFO64A.SYS
20:49:00.0210 0x0f1c HWiNFO32 - ok
20:49:00.0222 0x0f1c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:49:00.0229 0x0f1c hwpolicy - ok
20:49:00.0233 0x0f1c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:49:00.0241 0x0f1c hyperkbd - ok
20:49:00.0245 0x0f1c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:49:00.0265 0x0f1c HyperVideo - ok
20:49:00.0283 0x0f1c [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:49:00.0304 0x0f1c i8042prt - ok
20:49:00.0307 0x0f1c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
20:49:00.0313 0x0f1c iaLPSSi_GPIO - ok
20:49:00.0318 0x0f1c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
20:49:00.0325 0x0f1c iaLPSSi_I2C - ok
20:49:00.0358 0x0f1c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
20:49:00.0377 0x0f1c iaStorAV - ok
20:49:00.0390 0x0f1c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:49:00.0408 0x0f1c iaStorV - ok
20:49:00.0411 0x0f1c IEEtwCollectorService - ok
20:49:00.0477 0x0f1c [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll
20:49:00.0514 0x0f1c IKEEXT - ok
20:49:00.0520 0x0f1c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
20:49:00.0527 0x0f1c intelide - ok
20:49:00.0555 0x0f1c [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\Windows\system32\drivers\intelpep.sys
20:49:00.0563 0x0f1c intelpep - ok
20:49:00.0575 0x0f1c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:49:00.0594 0x0f1c intelppm - ok
20:49:00.0608 0x0f1c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:49:00.0629 0x0f1c IpFilterDriver - ok
20:49:00.0677 0x0f1c [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:49:00.0714 0x0f1c iphlpsvc - ok
20:49:00.0754 0x0f1c [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:49:00.0782 0x0f1c IPMIDRV - ok
20:49:00.0802 0x0f1c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:49:00.0817 0x0f1c IPNAT - ok
20:49:00.0833 0x0f1c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:49:00.0854 0x0f1c IRENUM - ok
20:49:00.0865 0x0f1c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:49:00.0873 0x0f1c isapnp - ok
20:49:00.0917 0x0f1c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:49:00.0932 0x0f1c iScsiPrt - ok
20:49:00.0945 0x0f1c [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:49:00.0953 0x0f1c kbdclass - ok
20:49:00.0957 0x0f1c [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:49:00.0977 0x0f1c kbdhid - ok
20:49:00.0980 0x0f1c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
20:49:00.0988 0x0f1c kbldfltr - ok
20:49:00.0996 0x0f1c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:49:01.0013 0x0f1c kdnic - ok
20:49:01.0030 0x0f1c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
20:49:01.0038 0x0f1c KeyIso - ok
20:49:01.0051 0x0f1c [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:49:01.0060 0x0f1c KSecDD - ok
20:49:01.0089 0x0f1c [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:49:01.0100 0x0f1c KSecPkg - ok
20:49:01.0103 0x0f1c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:49:01.0123 0x0f1c ksthunk - ok
20:49:01.0160 0x0f1c [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:49:01.0185 0x0f1c KtmRm - ok
20:49:01.0218 0x0f1c [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll
20:49:01.0240 0x0f1c LanmanServer - ok
20:49:01.0291 0x0f1c [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:49:01.0306 0x0f1c LanmanWorkstation - ok
20:49:01.0345 0x0f1c [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
20:49:01.0371 0x0f1c lfsvc - ok
20:49:01.0395 0x0f1c [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
20:49:01.0400 0x0f1c LGBusEnum - ok
20:49:01.0426 0x0f1c [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
20:49:01.0432 0x0f1c LGSHidFilt - ok
20:49:01.0452 0x0f1c [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
20:49:01.0457 0x0f1c LGVirHid - ok
20:49:01.0479 0x0f1c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:49:01.0503 0x0f1c lltdio - ok
20:49:01.0518 0x0f1c [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:49:01.0553 0x0f1c lltdsvc - ok
20:49:01.0571 0x0f1c [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:49:01.0600 0x0f1c lmhosts - ok
20:49:01.0614 0x0f1c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:49:01.0624 0x0f1c LSI_SAS - ok
20:49:01.0629 0x0f1c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:49:01.0638 0x0f1c LSI_SAS2 - ok
20:49:01.0645 0x0f1c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
20:49:01.0654 0x0f1c LSI_SAS3 - ok
20:49:01.0658 0x0f1c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:49:01.0667 0x0f1c LSI_SSS - ok
20:49:01.0704 0x0f1c [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
20:49:01.0749 0x0f1c LSM - ok
20:49:01.0763 0x0f1c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
20:49:01.0783 0x0f1c luafv - ok
20:49:01.0787 0x0f1c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
20:49:01.0795 0x0f1c megasas - ok
20:49:01.0821 0x0f1c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
20:49:01.0843 0x0f1c megasr - ok
20:49:01.0861 0x0f1c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
20:49:01.0898 0x0f1c MMCSS - ok
20:49:01.0920 0x0f1c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
20:49:01.0931 0x0f1c Modem - ok
20:49:01.0941 0x0f1c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
20:49:01.0959 0x0f1c monitor - ok
20:49:01.0973 0x0f1c [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:49:01.0981 0x0f1c mouclass - ok
20:49:01.0985 0x0f1c [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:49:01.0994 0x0f1c mouhid - ok
20:49:01.0999 0x0f1c [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:49:02.0008 0x0f1c mountmgr - ok
20:49:02.0089 0x0f1c [ DEA022193DF8C88F6E2B3E33D148A5DB, 97DFC47DB83E04A975A1969AA120385463FCAF4E1A9984FD3220442D7026B45A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:49:02.0097 0x0f1c MozillaMaintenance - ok
20:49:02.0108 0x0f1c [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:49:02.0119 0x0f1c mpsdrv - ok
20:49:02.0157 0x0f1c [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:49:02.0198 0x0f1c MpsSvc - ok
20:49:02.0222 0x0f1c [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:49:02.0250 0x0f1c MRxDAV - ok
20:49:02.0282 0x0f1c [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:49:02.0312 0x0f1c mrxsmb - ok
20:49:02.0328 0x0f1c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:49:02.0353 0x0f1c mrxsmb10 - ok
20:49:02.0380 0x0f1c [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:49:02.0407 0x0f1c mrxsmb20 - ok
20:49:02.0437 0x0f1c [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:49:02.0459 0x0f1c MsBridge - ok
20:49:02.0475 0x0f1c [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
20:49:02.0494 0x0f1c MSDTC - ok
20:49:02.0505 0x0f1c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:49:02.0529 0x0f1c Msfs - ok
20:49:02.0544 0x0f1c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:49:02.0552 0x0f1c msgpiowin32 - ok
20:49:02.0569 0x0f1c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:49:02.0588 0x0f1c mshidkmdf - ok
20:49:02.0602 0x0f1c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:49:02.0620 0x0f1c mshidumdf - ok
20:49:02.0687 0x0f1c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:49:02.0710 0x0f1c msisadrv - ok
20:49:02.0739 0x0f1c [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:49:02.0751 0x0f1c MSiSCSI - ok
20:49:02.0754 0x0f1c msiserver - ok
20:49:02.0768 0x0f1c [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
20:49:02.0778 0x0f1c MsKeyboardFilter - ok
20:49:02.0785 0x0f1c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:49:02.0793 0x0f1c MSKSSRV - ok
20:49:02.0821 0x0f1c [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:49:02.0845 0x0f1c MsLldp - ok
20:49:02.0849 0x0f1c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:49:02.0867 0x0f1c MSPCLOCK - ok
20:49:02.0874 0x0f1c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:49:02.0889 0x0f1c MSPQM - ok
20:49:02.0922 0x0f1c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:49:02.0938 0x0f1c MsRPC - ok
20:49:02.0944 0x0f1c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:49:02.0955 0x0f1c mssmbios - ok
20:49:02.0973 0x0f1c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:49:02.0988 0x0f1c MSTEE - ok
20:49:03.0002 0x0f1c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:49:03.0018 0x0f1c MTConfig - ok
20:49:03.0035 0x0f1c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
20:49:03.0053 0x0f1c Mup - ok
20:49:03.0069 0x0f1c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:49:03.0078 0x0f1c mvumis - ok
20:49:03.0123 0x0f1c [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
20:49:03.0143 0x0f1c napagent - ok
20:49:03.0177 0x0f1c [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:49:03.0201 0x0f1c NativeWifiP - ok
20:49:03.0217 0x0f1c [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:49:03.0237 0x0f1c NcaSvc - ok
20:49:03.0253 0x0f1c [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
20:49:03.0277 0x0f1c NcbService - ok
20:49:03.0300 0x0f1c [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:49:03.0345 0x0f1c NcdAutoSetup - ok
20:49:03.0398 0x0f1c [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:49:03.0434 0x0f1c NDIS - ok
20:49:03.0445 0x0f1c [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:49:03.0455 0x0f1c NdisCap - ok
20:49:03.0469 0x0f1c [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:49:03.0495 0x0f1c NdisImPlatform - ok
20:49:03.0499 0x0f1c [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:49:03.0519 0x0f1c NdisTapi - ok
20:49:03.0533 0x0f1c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:49:03.0542 0x0f1c Ndisuio - ok
20:49:03.0550 0x0f1c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
20:49:03.0574 0x0f1c NdisVirtualBus - ok
20:49:03.0589 0x0f1c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:49:03.0615 0x0f1c NdisWan - ok
20:49:03.0621 0x0f1c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
20:49:03.0634 0x0f1c NdisWanLegacy - ok
20:49:03.0648 0x0f1c [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:49:03.0660 0x0f1c NDProxy - ok
20:49:03.0675 0x0f1c [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:49:03.0687 0x0f1c Ndu - ok
20:49:03.0711 0x0f1c [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:49:03.0721 0x0f1c NetBIOS - ok
20:49:03.0742 0x0f1c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:49:03.0777 0x0f1c NetBT - ok
20:49:03.0800 0x0f1c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
20:49:03.0808 0x0f1c Netlogon - ok
20:49:03.0828 0x0f1c [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
20:49:03.0853 0x0f1c Netman - ok
20:49:03.0878 0x0f1c [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
20:49:03.0901 0x0f1c netprofm - ok
20:49:03.0935 0x0f1c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:49:03.0945 0x0f1c NetTcpPortSharing - ok
20:49:03.0950 0x0f1c [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
20:49:03.0965 0x0f1c netvsc - ok
20:49:04.0009 0x0f1c [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:49:04.0047 0x0f1c NlaSvc - ok
20:49:04.0077 0x0f1c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:49:04.0087 0x0f1c Npfs - ok
20:49:04.0100 0x0f1c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:49:04.0129 0x0f1c npsvctrig - ok
20:49:04.0148 0x0f1c [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
20:49:04.0164 0x0f1c nsi - ok
20:49:04.0176 0x0f1c [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:49:04.0197 0x0f1c nsiproxy - ok
20:49:04.0290 0x0f1c [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:49:04.0350 0x0f1c Ntfs - ok
20:49:04.0365 0x0f1c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
20:49:04.0382 0x0f1c Null - ok
20:49:04.0400 0x0f1c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:49:04.0411 0x0f1c nvraid - ok
20:49:04.0417 0x0f1c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:49:04.0429 0x0f1c nvstor - ok
20:49:04.0435 0x0f1c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:49:04.0445 0x0f1c nv_agp - ok
20:49:04.0499 0x0f1c [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:49:04.0509 0x0f1c ose64 - ok
20:49:04.0531 0x0f1c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:49:04.0564 0x0f1c p2pimsvc - ok
20:49:04.0594 0x0f1c [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
20:49:04.0620 0x0f1c p2psvc - ok
20:49:04.0637 0x0f1c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
20:49:04.0655 0x0f1c Parport - ok
20:49:04.0671 0x0f1c [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:49:04.0681 0x0f1c partmgr - ok
20:49:04.0708 0x0f1c [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:49:04.0735 0x0f1c PcaSvc - ok
20:49:04.0758 0x0f1c [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
20:49:04.0773 0x0f1c pci - ok
20:49:04.0794 0x0f1c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
20:49:04.0802 0x0f1c pciide - ok
20:49:04.0813 0x0f1c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:49:04.0823 0x0f1c pcmcia - ok
20:49:04.0827 0x0f1c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
20:49:04.0836 0x0f1c pcw - ok
20:49:04.0840 0x0f1c [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\Windows\system32\drivers\pdc.sys
20:49:04.0850 0x0f1c pdc - ok
20:49:04.0935 0x0f1c [ 8F98C4BC605261B4B6E568FE791EB67A, 7B0D99D972A60423F7378BEE886061695FDA79B59AFF939744A130721E0174A1 ] PDF Architect 2 C:\Program Files (x86)\PDF Architect 2\ws.exe
20:49:04.0996 0x0f1c PDF Architect 2 - ok
20:49:05.0028 0x0f1c [ 9077A3059AB47834633AEAAED465F3D9, 9CA662E9CBA30795E4E5DAB3E309D2062FFDC2053C261054E24EF7EE5300F69F ] pdfforge CrashHandler C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe
20:49:05.0052 0x0f1c pdfforge CrashHandler - ok
20:49:05.0081 0x0f1c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:49:05.0110 0x0f1c PEAUTH - ok
20:49:05.0179 0x0f1c [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:49:05.0252 0x0f1c PeerDistSvc - ok
20:49:05.0325 0x0f1c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:49:05.0361 0x0f1c PerfHost - ok
20:49:05.0427 0x0f1c [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
20:49:05.0484 0x0f1c pla - ok
20:49:05.0509 0x0f1c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:49:05.0519 0x0f1c PlugPlay - ok
20:49:05.0527 0x0f1c [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:49:05.0550 0x0f1c PNRPAutoReg - ok
20:49:05.0567 0x0f1c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:49:05.0582 0x0f1c PNRPsvc - ok
20:49:05.0614 0x0f1c [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:49:05.0639 0x0f1c PolicyAgent - ok
20:49:05.0663 0x0f1c [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
20:49:05.0685 0x0f1c Power - ok
20:49:05.0809 0x0f1c [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:49:05.0896 0x0f1c PrintNotify - ok
20:49:05.0933 0x0f1c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
20:49:05.0943 0x0f1c Processor - ok
20:49:05.0975 0x0f1c [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\Windows\system32\profsvc.dll
20:49:06.0009 0x0f1c ProfSvc - ok
20:49:06.0024 0x0f1c [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:49:06.0041 0x0f1c Psched - ok
20:49:06.0059 0x0f1c [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
20:49:06.0081 0x0f1c QWAVE - ok
20:49:06.0097 0x0f1c [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:49:06.0109 0x0f1c QWAVEdrv - ok
20:49:06.0118 0x0f1c [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:49:06.0129 0x0f1c RasAcd - ok
20:49:06.0146 0x0f1c [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
20:49:06.0165 0x0f1c RasAuto - ok
20:49:06.0188 0x0f1c [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
20:49:06.0216 0x0f1c RasMan - ok
20:49:06.0230 0x0f1c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:49:06.0253 0x0f1c RasPppoe - ok
20:49:06.0274 0x0f1c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:49:06.0308 0x0f1c rdbss - ok
20:49:06.0325 0x0f1c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:49:06.0345 0x0f1c rdpbus - ok
20:49:06.0359 0x0f1c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:49:06.0387 0x0f1c RDPDR - ok
20:49:06.0412 0x0f1c [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:49:06.0419 0x0f1c RdpVideoMiniport - ok
20:49:06.0440 0x0f1c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:49:06.0453 0x0f1c rdyboost - ok
20:49:06.0535 0x0f1c [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
20:49:06.0567 0x0f1c ReFS - ok
20:49:06.0598 0x0f1c [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:49:06.0625 0x0f1c RemoteAccess - ok
20:49:06.0652 0x0f1c [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:49:06.0684 0x0f1c RemoteRegistry - ok
20:49:06.0701 0x0f1c [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:49:06.0721 0x0f1c RpcEptMapper - ok
20:49:06.0742 0x0f1c [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
20:49:06.0759 0x0f1c RpcLocator - ok
20:49:06.0790 0x0f1c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
20:49:06.0812 0x0f1c RpcSs - ok
20:49:06.0822 0x0f1c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:49:06.0834 0x0f1c rspndr - ok
20:49:06.0863 0x0f1c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
20:49:06.0884 0x0f1c RTL8168 - ok
20:49:06.0894 0x0f1c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:49:06.0914 0x0f1c s3cap - ok
20:49:06.0927 0x0f1c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
20:49:06.0936 0x0f1c SamSs - ok
20:49:06.0950 0x0f1c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:49:06.0960 0x0f1c sbp2port - ok
20:49:06.0974 0x0f1c [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:49:06.0989 0x0f1c SCardSvr - ok
20:49:07.0004 0x0f1c [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
20:49:07.0017 0x0f1c ScDeviceEnum - ok
20:49:07.0037 0x0f1c [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:49:07.0048 0x0f1c scfilter - ok
20:49:07.0096 0x0f1c [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll
20:49:07.0150 0x0f1c Schedule - ok
20:49:07.0171 0x0f1c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:49:07.0184 0x0f1c SCPolicySvc - ok
20:49:07.0199 0x0f1c [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:49:07.0213 0x0f1c sdbus - ok
20:49:07.0233 0x0f1c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:49:07.0242 0x0f1c sdstor - ok
20:49:07.0255 0x0f1c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:49:07.0264 0x0f1c secdrv - ok
20:49:07.0278 0x0f1c [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
20:49:07.0299 0x0f1c seclogon - ok
20:49:07.0310 0x0f1c [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
20:49:07.0334 0x0f1c SENS - ok
20:49:07.0356 0x0f1c [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:49:07.0387 0x0f1c SensrSvc - ok
20:49:07.0402 0x0f1c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:49:07.0411 0x0f1c SerCx - ok
20:49:07.0420 0x0f1c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
20:49:07.0430 0x0f1c SerCx2 - ok
20:49:07.0434 0x0f1c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
20:49:07.0449 0x0f1c Serenum - ok
20:49:07.0463 0x0f1c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
20:49:07.0478 0x0f1c Serial - ok
20:49:07.0494 0x0f1c [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:49:07.0502 0x0f1c sermouse - ok
20:49:07.0551 0x0f1c [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
20:49:07.0594 0x0f1c SessionEnv - ok
20:49:07.0646 0x0f1c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:49:07.0660 0x0f1c sfloppy - ok
20:49:07.0693 0x0f1c [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:49:07.0745 0x0f1c SharedAccess - ok
20:49:07.0791 0x0f1c [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:49:07.0833 0x0f1c ShellHWDetection - ok
20:49:07.0838 0x0f1c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:49:07.0846 0x0f1c SiSRaid2 - ok
20:49:07.0851 0x0f1c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:49:07.0860 0x0f1c SiSRaid4 - ok
20:49:07.0882 0x0f1c [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
20:49:07.0913 0x0f1c smphost - ok
20:49:07.0926 0x0f1c [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:49:07.0938 0x0f1c SNMPTRAP - ok
20:49:07.0970 0x0f1c [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:49:07.0989 0x0f1c spaceport - ok
20:49:08.0001 0x0f1c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:49:08.0010 0x0f1c SpbCx - ok
20:49:08.0045 0x0f1c [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe
20:49:08.0083 0x0f1c Spooler - ok
20:49:08.0254 0x0f1c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
20:49:08.0435 0x0f1c sppsvc - ok
20:49:08.0477 0x0f1c [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:49:08.0518 0x0f1c srv - ok
20:49:08.0551 0x0f1c [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:49:08.0574 0x0f1c srv2 - ok
20:49:08.0590 0x0f1c [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:49:08.0616 0x0f1c srvnet - ok
20:49:08.0640 0x0f1c [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:49:08.0669 0x0f1c SSDPSRV - ok
20:49:08.0675 0x0f1c [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:49:08.0688 0x0f1c SstpSvc - ok
20:49:08.0729 0x0f1c [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
20:49:08.0738 0x0f1c ssudmdm - ok
20:49:08.0835 0x0f1c [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:49:08.0858 0x0f1c Steam Client Service - ok
20:49:08.0888 0x0f1c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:49:08.0896 0x0f1c stexstor - ok
20:49:08.0950 0x0f1c [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
20:49:08.0991 0x0f1c stisvc - ok
20:49:09.0015 0x0f1c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
20:49:09.0024 0x0f1c storahci - ok
20:49:09.0046 0x0f1c [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:49:09.0054 0x0f1c storflt - ok
20:49:09.0058 0x0f1c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
20:49:09.0066 0x0f1c stornvme - ok
20:49:09.0086 0x0f1c [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
20:49:09.0126 0x0f1c StorSvc - ok
20:49:09.0129 0x0f1c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:49:09.0137 0x0f1c storvsc - ok
20:49:09.0142 0x0f1c [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\Windows\System32\drivers\storvsp.sys
20:49:09.0173 0x0f1c storvsp - ok
20:49:09.0177 0x0f1c [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
20:49:09.0190 0x0f1c svsvc - ok
20:49:09.0205 0x0f1c [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
20:49:09.0212 0x0f1c swenum - ok
20:49:09.0249 0x0f1c [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
20:49:09.0298 0x0f1c swprv - ok
20:49:09.0340 0x0f1c [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
20:49:09.0395 0x0f1c SysMain - ok
20:49:09.0448 0x0f1c [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:49:09.0504 0x0f1c SystemEventsBroker - ok
20:49:09.0536 0x0f1c [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
20:49:09.0548 0x0f1c TabletInputService - ok
20:49:09.0584 0x0f1c [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:49:09.0622 0x0f1c TapiSrv - ok
20:49:09.0706 0x0f1c [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:49:09.0778 0x0f1c Tcpip - ok
20:49:09.0833 0x0f1c [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:49:09.0895 0x0f1c TCPIP6 - ok
20:49:09.0922 0x0f1c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:49:09.0956 0x0f1c tcpipreg - ok
20:49:09.0972 0x0f1c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:49:09.0982 0x0f1c tdx - ok
20:49:10.0122 0x0f1c [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
20:49:10.0233 0x0f1c TeamViewer9 - ok
20:49:10.0254 0x0f1c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:49:10.0263 0x0f1c terminpt - ok
20:49:10.0323 0x0f1c [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\Windows\System32\termsrv.dll
20:49:10.0358 0x0f1c TermService - ok
20:49:10.0375 0x0f1c [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
20:49:10.0401 0x0f1c Themes - ok
20:49:10.0428 0x0f1c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
20:49:10.0437 0x0f1c THREADORDER - ok
20:49:10.0455 0x0f1c [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:49:10.0473 0x0f1c TimeBroker - ok
20:49:10.0485 0x0f1c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
20:49:10.0497 0x0f1c TPM - ok
20:49:10.0503 0x0f1c [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
20:49:10.0522 0x0f1c TrkWks - ok
20:49:10.0583 0x0f1c [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:49:10.0603 0x0f1c TrustedInstaller - ok
20:49:10.0619 0x0f1c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:49:10.0655 0x0f1c TsUsbFlt - ok
20:49:10.0660 0x0f1c [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:49:10.0667 0x0f1c TsUsbGD - ok
20:49:10.0694 0x0f1c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:49:10.0711 0x0f1c tunnel - ok
20:49:10.0717 0x0f1c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:49:10.0726 0x0f1c uagp35 - ok
20:49:10.0749 0x0f1c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:49:10.0758 0x0f1c UASPStor - ok
20:49:10.0768 0x0f1c [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:49:10.0780 0x0f1c UCX01000 - ok
20:49:10.0821 0x0f1c [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:49:10.0940 0x0f1c udfs - ok
20:49:10.0968 0x0f1c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
20:49:10.0976 0x0f1c UEFI - ok
20:49:11.0001 0x0f1c [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:49:11.0025 0x0f1c UI0Detect - ok
20:49:11.0031 0x0f1c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:49:11.0040 0x0f1c uliagpkx - ok
20:49:11.0057 0x0f1c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
20:49:11.0078 0x0f1c umbus - ok
20:49:11.0081 0x0f1c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
20:49:11.0093 0x0f1c UmPass - ok
20:49:11.0112 0x0f1c [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
20:49:11.0134 0x0f1c UmRdpService - ok
20:49:11.0162 0x0f1c [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
20:49:11.0195 0x0f1c upnphost - ok
20:49:11.0234 0x0f1c [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:49:11.0245 0x0f1c usbccgp - ok
20:49:11.0251 0x0f1c [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:49:11.0269 0x0f1c usbcir - ok
20:49:11.0296 0x0f1c [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:49:11.0305 0x0f1c usbehci - ok
20:49:11.0325 0x0f1c [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:49:11.0345 0x0f1c usbhub - ok
20:49:11.0380 0x0f1c [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:49:11.0400 0x0f1c USBHUB3 - ok
20:49:11.0432 0x0f1c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:49:11.0462 0x0f1c usbohci - ok
20:49:11.0476 0x0f1c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:49:11.0496 0x0f1c usbprint - ok
20:49:11.0520 0x0f1c [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
20:49:11.0529 0x0f1c usbscan - ok
20:49:11.0552 0x0f1c [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:49:11.0563 0x0f1c USBSTOR - ok
20:49:11.0586 0x0f1c [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:49:11.0610 0x0f1c usbuhci - ok
20:49:11.0633 0x0f1c [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:49:11.0649 0x0f1c USBXHCI - ok
20:49:11.0663 0x0f1c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
20:49:11.0671 0x0f1c VaultSvc - ok
20:49:11.0675 0x0f1c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:49:11.0683 0x0f1c vdrvroot - ok
20:49:11.0726 0x0f1c [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
20:49:11.0773 0x0f1c vds - ok
20:49:11.0795 0x0f1c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:49:11.0807 0x0f1c VerifierExt - ok
20:49:11.0832 0x0f1c [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:49:11.0866 0x0f1c vhdmp - ok
20:49:11.0886 0x0f1c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
20:49:11.0894 0x0f1c viaide - ok
20:49:11.0910 0x0f1c [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
20:49:11.0922 0x0f1c Vid - ok
20:49:11.0931 0x0f1c [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:49:11.0940 0x0f1c vmbus - ok
20:49:11.0944 0x0f1c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:49:11.0951 0x0f1c VMBusHID - ok
20:49:11.0989 0x0f1c [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
20:49:12.0005 0x0f1c vmbusr - ok
20:49:12.0038 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
20:49:12.0059 0x0f1c vmicguestinterface - ok
20:49:12.0071 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:49:12.0087 0x0f1c vmicheartbeat - ok
20:49:12.0099 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:49:12.0116 0x0f1c vmickvpexchange - ok
20:49:12.0128 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:49:12.0145 0x0f1c vmicrdv - ok
20:49:12.0157 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:49:12.0173 0x0f1c vmicshutdown - ok
20:49:12.0185 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:49:12.0202 0x0f1c vmictimesync - ok
20:49:12.0214 0x0f1c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
20:49:12.0231 0x0f1c vmicvss - ok
20:49:12.0247 0x0f1c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:49:12.0257 0x0f1c volmgr - ok
20:49:12.0299 0x0f1c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:49:12.0315 0x0f1c volmgrx - ok
20:49:12.0354 0x0f1c [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:49:12.0371 0x0f1c volsnap - ok
20:49:12.0384 0x0f1c [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
20:49:12.0392 0x0f1c vpci - ok
20:49:12.0396 0x0f1c [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
20:49:12.0405 0x0f1c vpcivsp - ok
20:49:12.0420 0x0f1c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:49:12.0431 0x0f1c vsmraid - ok
20:49:12.0497 0x0f1c [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
20:49:12.0547 0x0f1c VSS - ok
20:49:12.0576 0x0f1c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:49:12.0591 0x0f1c VSTXRAID - ok
20:49:12.0620 0x0f1c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:49:12.0649 0x0f1c vwifibus - ok
20:49:12.0671 0x0f1c [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:49:12.0695 0x0f1c vwififlt - ok
20:49:12.0715 0x0f1c [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:49:12.0744 0x0f1c vwifimp - ok
20:49:12.0781 0x0f1c [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
20:49:12.0801 0x0f1c W32Time - ok
20:49:12.0805 0x0f1c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:49:12.0813 0x0f1c WacomPen - ok
20:49:12.0866 0x0f1c [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
20:49:12.0925 0x0f1c wbengine - ok
20:49:12.0949 0x0f1c [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:49:12.0977 0x0f1c WbioSrvc - ok
20:49:13.0003 0x0f1c [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:49:13.0032 0x0f1c Wcmsvc - ok
20:49:13.0047 0x0f1c [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:49:13.0088 0x0f1c wcncsvc - ok
20:49:13.0099 0x0f1c [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:49:13.0123 0x0f1c WcsPlugInService - ok
20:49:13.0157 0x0f1c [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:49:13.0166 0x0f1c WdBoot - ok
20:49:13.0262 0x0f1c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:49:13.0291 0x0f1c Wdf01000 - ok
20:49:13.0311 0x0f1c [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:49:13.0325 0x0f1c WdFilter - ok
20:49:13.0339 0x0f1c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:49:13.0356 0x0f1c WdiServiceHost - ok
20:49:13.0359 0x0f1c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:49:13.0374 0x0f1c WdiSystemHost - ok
20:49:13.0387 0x0f1c [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
20:49:13.0397 0x0f1c WdNisDrv - ok
20:49:13.0416 0x0f1c WdNisSvc - ok
20:49:13.0440 0x0f1c [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll
20:49:13.0464 0x0f1c WebClient - ok
20:49:13.0482 0x0f1c [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
20:49:13.0503 0x0f1c Wecsvc - ok
20:49:13.0519 0x0f1c [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
20:49:13.0531 0x0f1c WEPHOSTSVC - ok
20:49:13.0543 0x0f1c [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:49:13.0569 0x0f1c wercplsupport - ok
20:49:13.0574 0x0f1c [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
20:49:13.0596 0x0f1c WerSvc - ok
20:49:13.0624 0x0f1c [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:49:13.0635 0x0f1c WFPLWFS - ok
20:49:13.0658 0x0f1c [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
20:49:13.0667 0x0f1c WiaRpc - ok
20:49:13.0685 0x0f1c [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:49:13.0692 0x0f1c WIMMount - ok
20:49:13.0695 0x0f1c WinDefend - ok
20:49:13.0745 0x0f1c [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:49:13.0771 0x0f1c WinHttpAutoProxySvc - ok
20:49:13.0824 0x0f1c [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:49:13.0846 0x0f1c Winmgmt - ok
20:49:13.0932 0x0f1c [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
20:49:14.0008 0x0f1c WinRM - ok
20:49:14.0064 0x0f1c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
20:49:14.0074 0x0f1c WinUsb - ok
20:49:14.0148 0x0f1c [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll
20:49:14.0199 0x0f1c WlanSvc - ok
20:49:14.0258 0x0f1c [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:49:14.0318 0x0f1c wlidsvc - ok
20:49:14.0388 0x0f1c [ C2B9A06FC544F74B00DEFCE0D39D2BA8, F2D6AE4762E77366E7D40C36AC9F94AC72CB180F9E5B231D09CBD986DD040E7F ] wltrysvc C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
20:49:14.0391 0x0f1c wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
20:49:16.0885 0x0f1c Detect skipped due to KSN trusted
20:49:16.0885 0x0f1c wltrysvc - ok
20:49:16.0900 0x0f1c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:49:16.0908 0x0f1c WmiAcpi - ok
20:49:16.0927 0x0f1c [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:49:16.0973 0x0f1c wmiApSrv - ok
20:49:17.0003 0x0f1c WMPNetworkSvc - ok
20:49:17.0034 0x0f1c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
20:49:17.0045 0x0f1c Wof - ok
20:49:17.0096 0x0f1c [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
20:49:17.0155 0x0f1c workfolderssvc - ok
20:49:17.0222 0x0f1c [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:49:17.0230 0x0f1c wpcfltr - ok
20:49:17.0238 0x0f1c [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:49:17.0265 0x0f1c WPCSvc - ok
20:49:17.0287 0x0f1c [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:49:17.0327 0x0f1c WPDBusEnum - ok
20:49:17.0353 0x0f1c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:49:17.0361 0x0f1c WpdUpFltr - ok
20:49:17.0380 0x0f1c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:49:17.0391 0x0f1c ws2ifsl - ok
20:49:17.0418 0x0f1c [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
20:49:17.0455 0x0f1c wscsvc - ok
20:49:17.0458 0x0f1c WSearch - ok
20:49:17.0555 0x0f1c [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
20:49:17.0677 0x0f1c WSService - ok
20:49:17.0787 0x0f1c [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\Windows\system32\wuaueng.dll
20:49:17.0889 0x0f1c wuauserv - ok
20:49:17.0915 0x0f1c [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:49:17.0932 0x0f1c WudfPf - ok
20:49:17.0952 0x0f1c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:49:17.0964 0x0f1c WUDFRd - ok
20:49:17.0978 0x0f1c [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:49:17.0989 0x0f1c wudfsvc - ok
20:49:17.0996 0x0f1c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:18.0007 0x0f1c WUDFWpdFs - ok
20:49:18.0013 0x0f1c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
20:49:18.0024 0x0f1c WUDFWpdMtp - ok
20:49:18.0071 0x0f1c [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
20:49:18.0093 0x0f1c WwanSvc - ok
20:49:18.0101 0x0f1c ================ Scan global ===============================
20:49:18.0150 0x0f1c [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
20:49:18.0177 0x0f1c [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
20:49:18.0203 0x0f1c [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
20:49:18.0240 0x0f1c [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
20:49:18.0249 0x0f1c [ Global ] - ok
20:49:18.0250 0x0f1c ================ Scan MBR ==================================
20:49:18.0260 0x0f1c [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:49:18.0341 0x0f1c \Device\Harddisk0\DR0 - ok
20:49:18.0353 0x0f1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:49:18.0632 0x0f1c \Device\Harddisk1\DR1 - ok
20:49:19.0098 0x0f1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
20:49:19.0153 0x0f1c \Device\Harddisk2\DR2 - ok
20:49:19.0157 0x0f1c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
20:49:19.0251 0x0f1c \Device\Harddisk3\DR3 - ok
20:49:19.0251 0x0f1c ================ Scan VBR ==================================
20:49:19.0267 0x0f1c [ 39C8C38A78A89E168391F6DC08BE7277 ] \Device\Harddisk0\DR0\Partition1
20:49:19.0302 0x0f1c \Device\Harddisk0\DR0\Partition1 - ok
20:49:19.0316 0x0f1c [ F409152A17963D5FEAE1B10D063B0753 ] \Device\Harddisk0\DR0\Partition2
20:49:19.0322 0x0f1c \Device\Harddisk0\DR0\Partition2 - ok
20:49:19.0331 0x0f1c [ 1F1A829F9D680D1582C7FE9A49B14CBB ] \Device\Harddisk0\DR0\Partition3
20:49:19.0331 0x0f1c \Device\Harddisk0\DR0\Partition3 - ok
20:49:19.0343 0x0f1c [ BA791213DF0FE5BA9553FD8AFF6B0973 ] \Device\Harddisk0\DR0\Partition4
20:49:19.0382 0x0f1c \Device\Harddisk0\DR0\Partition4 - ok
20:49:19.0392 0x0f1c [ 0749721A418B30B735D61D639711ECEF ] \Device\Harddisk0\DR0\Partition5
20:49:19.0435 0x0f1c \Device\Harddisk0\DR0\Partition5 - ok
20:49:19.0437 0x0f1c [ D5B304AC852BF5B7BCEFBDF6C8E37CF2 ] \Device\Harddisk1\DR1\Partition1
20:49:19.0460 0x0f1c \Device\Harddisk1\DR1\Partition1 - ok
20:49:19.0462 0x0f1c [ 681ED9E3F1FF5DA4C6BD5E5D427FA290 ] \Device\Harddisk1\DR1\Partition2
20:49:19.0463 0x0f1c \Device\Harddisk1\DR1\Partition2 - ok
20:49:19.0465 0x0f1c [ 95EB68DDFCA288F1079E763A7F00AA1D ] \Device\Harddisk2\DR2\Partition1
20:49:19.0465 0x0f1c \Device\Harddisk2\DR2\Partition1 - ok
20:49:19.0487 0x0f1c [ 2D9B365DBB0DAD34F739636BE70C1C9C ] \Device\Harddisk2\DR2\Partition2
20:49:19.0488 0x0f1c \Device\Harddisk2\DR2\Partition2 - ok
20:49:19.0491 0x0f1c [ DDE46202EF2062796D6280FF173678BB ] \Device\Harddisk3\DR3\Partition1
20:49:19.0494 0x0f1c \Device\Harddisk3\DR3\Partition1 - ok
20:49:19.0494 0x0f1c ================ Scan generic autorun ======================
20:49:19.0719 0x0f1c [ 0BA24C19638DC562D00BFB12CA34AF0B, 07414FD7047421351462B4B517537E5E81B8BD50738BEE610E1560726A6182B2 ] C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe
20:49:19.0900 0x0f1c Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
20:49:22.0385 0x0f1c Detect skipped due to KSN trusted
20:49:22.0385 0x0f1c Broadcom Wireless Manager UI - ok
20:49:22.0431 0x0f1c [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
20:49:22.0440 0x0f1c Classic Start Menu - ok
20:49:22.0816 0x0f1c [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
20:49:23.0094 0x0f1c Launch LCore - ok
20:49:23.0218 0x0f1c [ 3CD5FD3FED5388DC01A072DB5D06C9CD, BED3D0CE4EF7A8D0FAB8B1E2E519D2B7F9BB81E62F5CBC6C968179FC20956165 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
20:49:23.0253 0x0f1c StartCCC - ok
20:49:23.0282 0x0f1c [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:49:23.0292 0x0f1c SunJavaUpdateSched - ok
20:49:23.0361 0x0f1c [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:49:23.0386 0x0f1c Adobe ARM - ok
20:49:23.0512 0x0f1c [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe
20:49:23.0519 0x0f1c Google Update - ok
20:49:23.0519 0x0f1c Waiting for KSN requests completion. In queue: 5
20:49:24.0520 0x0f1c Waiting for KSN requests completion. In queue: 5
20:49:25.0521 0x0f1c Waiting for KSN requests completion. In queue: 5
20:49:26.0548 0x0f1c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x61100 ( enabled : updated )
20:49:26.0568 0x0f1c Win FW state via NFP2: enabled
20:49:28.0936 0x0f1c ============================================================
20:49:28.0936 0x0f1c Scan finished
20:49:28.0936 0x0f1c ============================================================
20:49:28.0943 0x05bc Detected object count: 0
20:49:28.0943 0x05bc Actual detected object count: 0
20:50:47.0449 0x01b0 Deinitialize success
|
|
27.11.2014, 19:28
| #4 |
| /// the machine /// TB-Ausbilder | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.11.2014, 20:28
| #5 |
| | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Unterstütz leider kein Windows 8.1 |
|
28.11.2014, 18:10
| #6 |
| /// the machine /// TB-Ausbilder | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Mein Fehler  Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus |
|
30.11.2014, 14:05
| #7 |
| | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Sry hat etwas länger gedauert hab gedacht, dass etwas mit AdwCleaner nicht richtig ist, weil er die ganze Zeit geblinkt hat und es stand: "Warte ab. Bitte wählen Sie alle Elemet ab die Sie nicht entfernen wollen." Leiste ganze Zeit grau. Nichts ist sonst passiert. mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 28.11.2014 Suchlauf-Zeit: 20:59:08 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.28.08 Rootkit Datenbank: v2014.11.22.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Luginius Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 319168 Verstrichene Zeit: 7 Min, 51 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 28/11/2014 um 21:09:37
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 8.1 Pro N (64 bits)
# Benutzername : Luginius - LUGINIUS-PC
# Gestartet von : C:\Users\Luginius\Desktop\AdwCleaner_4.102.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Users\Luginius\AppData\Roaming\pdfforge
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil64.dll
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v33.1 (x86 de)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [3933 octets] - [26/11/2014 16:31:25]
AdwCleaner[R1].txt - [3809 octets] - [28/11/2014 21:09:37]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3869 octets] ##########
Code:
ATTFilter # AdwCleaner v4.102 - Bericht erstellt am 30/11/2014 um 13:38:33
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 8.1 Pro N (64 bits)
# Benutzername : Luginius - LUGINIUS-PC
# Gestartet von : C:\Users\Luginius\Desktop\AdwCleaner_4.102.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Users\Luginius\AppData\Roaming\pdfforge
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil.dll
Daten Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil64.dll
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v33.1 (x86 de)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [3933 octets] - [26/11/2014 16:31:25]
AdwCleaner[R1].txt - [3993 octets] - [28/11/2014 21:09:37]
AdwCleaner[R2].txt - [3869 octets] - [30/11/2014 13:38:33]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [3929 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 Pro N x64
Ran by Luginius on 30.11.2014 at 13:58:10,87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Luginius\AppData\Roaming\pdfforge"
~~~ FireFox
Emptied folder: C:\Users\Luginius\AppData\Roaming\mozilla\firefox\profiles\xdi5evnd.default\minidumps [7 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.11.2014 at 14:00:17,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
30.11.2014, 18:08
| #8 | |
| /// the machine /// TB-Ausbilder | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und ausZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.12.2014, 18:51
| #9 |
| | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Okay, Danke. Hab gedacht, dass er irgendwas unten anzeigt. Hier der neue Bericht. AdwCleaner\AdwCleaner[S0].txt: Code:
ATTFilter # AdwCleaner v4.103 - Bericht erstellt am 01/12/2014 um 18:46:59
# Aktualisiert 01/12/2014 von Xplode
# Database : 2014-12-01.2 [Live]
# Betriebssystem : Windows 8.1 Pro N (64 bits)
# Benutzername : Luginius - LUGINIUS-PC
# Gestartet von : C:\Users\Luginius\Desktop\adwcleaner_4.103.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\Users\Luginius\AppData\Local\Smartbar\Application\Resources\crdlil64.dll
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Mozilla Firefox v33.1 (x86 de)
-\\ Google Chrome v39.0.2171.71
*************************
AdwCleaner[R0].txt - [3993 octets] - [26/11/2014 16:31:25]
AdwCleaner[R1].txt - [4053 octets] - [28/11/2014 21:09:37]
AdwCleaner[R3].txt - [3991 octets] - [01/12/2014 18:45:00]
AdwCleaner[S0].txt - [3937 octets] - [01/12/2014 18:46:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3997 octets] ##########
|
|
02.12.2014, 17:35
| #10 |
| /// the machine /// TB-Ausbilder | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und ausESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.12.2014, 19:25
| #11 |
| | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Problem ist immer noch dar. Hab nicht gedacht das ESET so lange dauert. hab bei mir um die 10-11 Stunden gedauert. Grade, ist es mit dem blinken des Fenster ganz schlimm, werde ganze Zeit beim schreiben unterbrochen. ESET Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=935a525f01336d4e9ca086ac5c6414dc
# engine=21401
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-04 11:10:34
# local_time=2014-12-05 12:10:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 49805 8038953 0 0
# scanned=1043828
# found=16
# cleaned=0
# scan_time=29582
sh=FD8431DEAF4A7507B7A834128A77E8B5B975AAA8 ft=1 fh=628ec0f3fa2e0fd4 vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Luginius\AppData\Local\Microsoft\Windows\INetCache\IE\4HH3RALX\JDownloaderSetup[1].exe"
sh=40CE0A58E99858007E5DCD0BB5BF6A122686A917 ft=1 fh=f92770b35775886c vn="Win32/Somoto.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Luginius\AppData\Local\Microsoft\Windows\INetCache\IE\PE81RDIZ\BiTool[1].dll"
sh=7BA72F6F34AF5FC9008B31224C57AD7163710859 ft=1 fh=83a3a7e8a175f46e vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Luginius\AppData\Local\Microsoft\Windows\INetCache\IE\PE81RDIZ\setup[1].exe"
sh=FD8431DEAF4A7507B7A834128A77E8B5B975AAA8 ft=1 fh=628ec0f3fa2e0fd4 vn="Variante von Win32/InstallCore.QW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Luginius\AppData\Local\Temp\13058567349064114830.exe"
sh=ED8CD814782D14B1C20A91EB1D78681F408D1328 ft=1 fh=e295b31a0ce14a28 vn="Variante von Win32/TrojanDropper.MsiDrop.A Trojaner" ac=I fn="C:\Users\Luginius\AppData\Local\Temp\Installer.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Luginius\Desktop\PDFCreator-1_7_3_setup.exe"
sh=DEC31B89C17FCFE5FE8E06AE231D577123D4ADA5 ft=1 fh=c0207b50ba74e8fa vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="F:\Games\Divinity Original Sin\Shipping\steam_api.dll"
sh=74A1081E538749858D5FE8BB42F2DF58D94A561E ft=1 fh=37c8b77ecb182cb8 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="F:\Programme ISO\Programm downloads\FFSetup2.exe"
sh=102D8B5A31AFCD45B1457184CCFC0B086D112659 ft=1 fh=aea001b76ebb43c6 vn="Win32/Toggle evtl. unerwünschte Anwendung" ac=I fn="F:\Programme ISO\Programm downloads\installer_mpeg_to_avi_converter_Deutsch_Deutsch.exe"
sh=58ECB8D2A6D07CC4EF6A4E6772BA0D0E4ECF72B4 ft=1 fh=0ff1d435f0a5e429 vn="Win32/Toggle evtl. unerwünschte Anwendung" ac=I fn="F:\Programme ISO\Programm downloads\installer_WinUp_2_3.exe"
sh=8D8D3F0F9D147F6A5128039910EE1107AFBEB7E8 ft=1 fh=4789e5f53199622f vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="F:\Sicherungsdaten\Alt\Lukas\SoftonicDownloader37871.exe"
sh=1B95866B59F369204EEE64C89EBF73AE65849DDA ft=1 fh=77b67014d1f9f560 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="F:\Sicherungsdaten\Alt\Lukas\alles\Kaloma.exe"
sh=74A1081E538749858D5FE8BB42F2DF58D94A561E ft=1 fh=37c8b77ecb182cb8 vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="K:\Programme ISO\Programm downloads\FFSetup2.exe"
sh=102D8B5A31AFCD45B1457184CCFC0B086D112659 ft=1 fh=aea001b76ebb43c6 vn="Win32/Toggle evtl. unerwünschte Anwendung" ac=I fn="K:\Programme ISO\Programm downloads\installer_mpeg_to_avi_converter_Deutsch_Deutsch.exe"
sh=58ECB8D2A6D07CC4EF6A4E6772BA0D0E4ECF72B4 ft=1 fh=0ff1d435f0a5e429 vn="Win32/Toggle evtl. unerwünschte Anwendung" ac=I fn="K:\Programme ISO\Programm downloads\installer_WinUp_2_3.exe"
sh=DEC31B89C17FCFE5FE8E06AE231D577123D4ADA5 ft=1 fh=c0207b50ba74e8fa vn="Variante von Win32/Packed.VMProtect.ABD Trojaner" ac=I fn="L:\Games\Divinity Original Sin\Shipping\steam_api.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.91 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 2.0.3.1025 Java 7 Update 71 Adobe Flash Player 15.0.0.189 Adobe Reader XI Mozilla Firefox (33.1) Google Chrome (39.0.2171.65) Google Chrome (39.0.2171.71) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Windows Defender MpCmdRun.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Luginius (administrator) on LUGINIUS-PC on 05-12-2014 12:28:18
Running from C:\Users\Luginius\Desktop
Loaded Profile: Luginius (Available profiles: Luginius)
Platform: Windows 8.1 Pro N (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.EXE
(Microsoft Corporation) C:\Windows\System32\WerFault.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRAY.exe [7144960 2014-10-23] (Broadcom Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202520 2013-08-19] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-09-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\...\Run: [Google Update] => C:\Users\Luginius\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-25] (Google Inc.)
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2425632 2014-11-07] (IObit)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x081B1B66F8EECF01
HKU\S-1-5-21-1187133439-2445563951-4204365367-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Luginius\AppData\Roaming\Mozilla\Firefox\Profiles\xdi5evnd.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Homepage: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 2 -> C:\Program Files (x86)\PDF Architect 2\np-previewer.dll (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-1187133439-2445563951-4204365367-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1187133439-2445563951-4204365367-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Luginius\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Luginius\AppData\Roaming\Mozilla\Firefox\Profiles\xdi5evnd.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-04]
FF Extension: Adblock Plus - C:\Users\Luginius\AppData\Roaming\Mozilla\Firefox\Profiles\xdi5evnd.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-28]
Chrome:
=======
CHR Profile: C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-25]
CHR Extension: (Google Docs) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-25]
CHR Extension: (Google Drive) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-25]
CHR Extension: (YouTube) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-25]
CHR Extension: (Google Cast) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-10-25]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-10-25]
CHR Extension: (Google-Suche) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-25]
CHR Extension: (Google Tabellen) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-25]
CHR Extension: (Google Wallet) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-25]
CHR Extension: (Google Mail) - C:\Users\Luginius\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2014-11-27] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2014-11-27] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2014-11-27] (ASUSTeK Computer Inc.)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2630432 2014-11-04] (IObit)
S3 PDF Architect 2; C:\Program Files (x86)\PDF Architect 2\ws.exe [1771560 2014-10-10] (pdfforge GmbH)
S3 pdfforge CrashHandler; C:\Program Files (x86)\PDF Architect 2\crash-handler-ws.exe [861736 2014-10-10] (pdfforge GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [5836800 2014-10-23] (Broadcom Corporation) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 AR5416; C:\Windows\system32\DRIVERS\athwx.sys [2811296 2012-10-31] (Atheros Communications, Inc.) [File not signed]
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-01-15] ()
R3 athr; C:\Windows\system32\DRIVERS\athwnx.sys [3680256 2013-06-18] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-28] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-25] (REALiX(tm))
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\Luginius\AppData\Local\Temp\GPU-Z.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-05 12:28 - 2014-12-05 12:28 - 00016098 _____ () C:\Users\Luginius\Desktop\FRST.txt
2014-12-05 12:26 - 2014-12-05 12:26 - 00000000 ____D () C:\Users\Luginius\Desktop\FRST-OlderVersion
2014-12-05 12:21 - 2014-12-05 12:21 - 00852490 _____ () C:\Users\Luginius\Desktop\SecurityCheck.exe
2014-12-04 15:53 - 2014-12-04 15:53 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-12-04 15:51 - 2014-12-04 15:51 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\ProductData
2014-12-04 15:50 - 2014-12-04 15:52 - 00000272 _____ () C:\Windows\Tasks\ASC8_SkipUac_Luginius.job
2014-12-04 15:50 - 2014-12-04 15:51 - 00000000 ____D () C:\ProgramData\IObit
2014-12-04 15:50 - 2014-12-04 15:50 - 00003172 _____ () C:\Windows\System32\Tasks\ASC8_PerformanceMonitor
2014-12-04 15:50 - 2014-12-04 15:50 - 00002414 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Luginius
2014-12-04 15:50 - 2014-12-04 15:50 - 00002378 _____ () C:\Windows\System32\Tasks\ASC8_SkipUac_Luginius
2014-12-04 15:50 - 2014-12-04 15:50 - 00002201 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2014-12-04 15:50 - 2014-12-04 15:50 - 00001248 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-12-04 15:50 - 2014-12-04 15:50 - 00000308 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Luginius.job
2014-12-04 15:50 - 2014-12-04 15:50 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-12-04 15:50 - 2014-12-04 15:50 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Apple Computer
2014-12-04 15:50 - 2014-12-04 15:50 - 00000000 ____D () C:\ProgramData\ProductData
2014-12-04 15:50 - 2014-12-04 15:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2014-12-04 15:50 - 2014-12-04 15:50 - 00000000 ____D () C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2014-12-04 15:49 - 2014-12-04 15:50 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\IObit
2014-12-04 15:49 - 2014-12-04 15:50 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-12-04 15:45 - 2014-12-04 15:45 - 02347384 _____ (ESET) C:\Users\Luginius\Desktop\esetsmartinstaller_deu.exe
2014-12-02 23:44 - 2014-12-02 23:49 - 00000000 ____D () C:\Users\Luginius\Desktop\8. Klasse Mathe
2014-12-02 01:07 - 2014-12-04 15:45 - 00000000 ____D () C:\Users\Luginius\Desktop\Chip Adventskalendar
2014-12-01 18:44 - 2014-12-01 18:44 - 02154496 _____ () C:\Users\Luginius\Desktop\adwcleaner_4.103.exe
2014-11-30 14:19 - 2012-09-25 20:43 - 03653632 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athw8x.sys
2014-11-30 14:13 - 2014-11-30 14:14 - 28294227 _____ () C:\Users\Luginius\Desktop\DWA-547_drv_revA_v1.71EUb09.zip
2014-11-30 14:00 - 2014-11-30 14:00 - 00000836 _____ () C:\Users\Luginius\Desktop\JRT.txt
2014-11-30 13:58 - 2014-11-30 13:58 - 00000000 ____D () C:\Windows\ERUNT
2014-11-30 13:54 - 2014-11-30 13:55 - 00000099 _____ () C:\Users\Luginius\Desktop\Neues Textdokument (2).txt
2014-11-30 13:37 - 2014-11-30 13:37 - 01707646 _____ (Thisisu) C:\Users\Luginius\Desktop\JRT.exe
2014-11-28 21:08 - 2014-11-28 21:08 - 00001192 _____ () C:\Users\Luginius\Desktop\mbam.txt
2014-11-28 20:58 - 2014-11-28 20:58 - 00001118 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-28 20:56 - 2014-11-28 20:56 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Luginius\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-27 23:08 - 2014-11-27 23:08 - 00000000 __SHD () C:\Users\Luginius\AppData\Local\EmieBrowserModeList
2014-11-27 20:25 - 2014-11-27 20:26 - 05599228 _____ (Swearware) C:\Users\Luginius\Desktop\ComboFix.exe
2014-11-27 18:55 - 2014-11-27 18:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-27 18:54 - 2014-11-27 18:54 - 00005820 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-11-27 18:54 - 2014-11-27 18:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-27 18:54 - 2014-11-27 18:54 - 00000000 _____ () C:\Windows\SysWOW64\Drivers\1043_ASUSTeK_M5A99X EVO.alu
2014-11-27 18:54 - 2014-09-26 18:42 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-27 18:54 - 2014-09-26 18:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-27 18:54 - 2014-09-26 18:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-11-27 18:54 - 2014-09-26 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-11-27 18:46 - 2014-11-27 18:46 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2014-11-27 18:46 - 2013-01-15 10:52 - 00014464 _____ () C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2014-11-27 18:45 - 2014-11-27 18:46 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-11-27 18:45 - 2014-11-27 18:45 - 00000000 ____D () C:\Windows\SysWOW64\Drivers\MFDLL
2014-11-27 18:45 - 2014-11-27 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-11-27 18:45 - 2014-11-27 18:45 - 00000000 ____D () C:\ProgramData\ASUS
2014-11-27 18:45 - 2014-11-27 18:45 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-11-27 18:45 - 2012-08-22 16:54 - 00015232 _____ () C:\Windows\SysWOW64\Drivers\AsIO.sys
2014-11-27 18:45 - 2010-06-29 14:41 - 00028672 _____ (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2014-11-27 18:45 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2014-11-27 18:45 - 2008-01-04 13:34 - 00011832 ____N () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-11-27 18:45 - 2008-01-04 13:34 - 00010216 ____N () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-11-27 18:44 - 2014-11-27 18:44 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-11-27 18:44 - 2014-11-27 18:44 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-11-27 18:44 - 2014-11-27 18:44 - 00000000 ____D () C:\Program Files\Realtek
2014-11-27 18:43 - 2014-11-27 18:44 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-11-27 18:43 - 2014-11-27 18:43 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-11-27 18:43 - 2014-11-27 18:43 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-11-27 18:43 - 2013-08-21 11:50 - 03591000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-11-27 18:43 - 2013-08-20 19:17 - 02809048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-11-27 18:43 - 2013-08-20 19:17 - 02585304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-11-27 18:43 - 2013-08-20 17:48 - 00633381 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-11-27 18:43 - 2013-08-20 17:31 - 00148184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-11-27 18:43 - 2013-08-20 12:51 - 31488000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-11-27 18:43 - 2013-08-20 09:02 - 04848920 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMlfx.dll
2014-11-27 18:43 - 2013-08-16 14:46 - 00818008 _____ (ASUSTeKcomputer.Inc Inc) C:\Windows\system32\RTKSMSettingsIPC.dll
2014-11-27 18:43 - 2013-08-14 15:36 - 01325312 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-11-27 18:43 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-11-27 18:43 - 2013-08-14 15:35 - 01084160 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-11-27 18:43 - 2013-08-14 15:35 - 00907008 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-11-27 18:43 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-11-27 18:43 - 2013-08-13 04:21 - 01019136 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-11-27 18:43 - 2013-08-13 04:21 - 00899328 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-11-27 18:43 - 2013-08-13 04:21 - 00720128 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-11-27 18:43 - 2013-08-13 04:21 - 00244480 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-11-27 18:43 - 2013-08-08 18:57 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-11-27 18:43 - 2013-08-07 16:41 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-11-27 18:43 - 2013-08-07 16:34 - 00765184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-11-27 18:43 - 2013-08-06 08:47 - 00947248 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-11-27 18:43 - 2013-08-06 03:56 - 06219096 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-11-27 18:43 - 2013-08-06 03:56 - 01908568 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-11-27 18:43 - 2013-08-06 03:56 - 00312152 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-11-27 18:43 - 2013-08-06 03:56 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-11-27 18:43 - 2013-08-05 17:11 - 02743328 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-11-27 18:43 - 2013-08-02 19:16 - 01005784 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-11-27 18:43 - 2013-08-01 09:59 - 05694760 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-11-27 18:43 - 2013-07-28 09:48 - 27518208 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-11-27 18:43 - 2013-07-26 13:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-11-27 18:43 - 2013-07-24 09:07 - 02032896 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-11-27 18:43 - 2013-07-23 14:40 - 03610880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-11-27 18:43 - 2013-07-23 14:40 - 02103040 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-11-27 18:43 - 2013-07-23 14:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-11-27 18:43 - 2013-07-23 14:39 - 01916672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-11-27 18:43 - 2013-07-23 14:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-11-27 18:43 - 2013-07-11 13:15 - 00557880 _____ () C:\Windows\system32\audioLibVc.dll
2014-11-27 18:43 - 2013-06-25 11:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-11-27 18:43 - 2013-06-25 11:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-11-27 18:43 - 2013-06-25 11:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-11-27 18:43 - 2013-06-21 10:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-11-27 18:43 - 2013-06-05 20:42 - 00208072 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-11-27 18:43 - 2013-04-24 16:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-11-27 18:43 - 2013-04-03 13:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-11-27 18:43 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-11-27 18:43 - 2012-10-02 13:41 - 00501192 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-11-27 18:43 - 2012-10-02 13:41 - 00487368 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-11-27 18:43 - 2012-10-02 13:41 - 00415688 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-11-27 18:43 - 2012-08-31 18:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-11-27 18:43 - 2012-08-31 18:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-11-27 18:43 - 2012-08-31 18:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-11-27 18:43 - 2012-08-31 18:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-11-27 18:43 - 2012-08-31 18:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-11-27 18:43 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-11-27 18:43 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-11-27 18:43 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-11-27 18:43 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-11-27 18:43 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-11-27 18:43 - 2011-09-02 13:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-11-27 18:43 - 2011-09-02 13:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-11-27 18:43 - 2011-09-02 13:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-11-27 18:43 - 2011-08-23 16:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-11-27 18:43 - 2011-08-11 15:55 - 00001332 _____ () C:\Windows\system32\Drivers\DTSU2P.DAT
2014-11-27 18:43 - 2011-05-31 08:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-11-27 18:43 - 2011-05-31 08:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-11-27 18:43 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-11-27 18:43 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-11-27 18:43 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-11-27 18:43 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-11-27 18:43 - 2010-09-27 08:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-11-27 18:43 - 2010-07-22 15:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-11-27 18:43 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-11-27 18:43 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-11-27 18:43 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-11-27 18:43 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-11-27 18:15 - 2014-11-27 18:41 - 00000000 ____D () C:\Users\Luginius\Desktop\Asus M5A99X
2014-11-27 11:20 - 2014-11-27 11:20 - 00001989 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-11-26 20:44 - 2014-11-26 20:44 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Luginius\Desktop\tdsskiller.exe
2014-11-26 16:31 - 2014-12-01 18:46 - 00000000 ____D () C:\AdwCleaner
2014-11-26 16:15 - 2014-12-05 12:28 - 00000000 ____D () C:\FRST
2014-11-26 15:59 - 2014-11-26 15:59 - 00000548 _____ () C:\Users\Luginius\Desktop\defogger_disable.log
2014-11-26 15:59 - 2014-11-26 15:59 - 00000168 _____ () C:\Users\Luginius\defogger_reenable
2014-11-26 14:16 - 2014-12-05 12:26 - 02117632 _____ (Farbar) C:\Users\Luginius\Desktop\FRST64.exe
2014-11-26 14:16 - 2014-11-26 14:16 - 00380416 _____ () C:\Users\Luginius\Desktop\Gmer-19357.exe
2014-11-26 14:13 - 2014-11-26 14:13 - 00050477 _____ () C:\Users\Luginius\Desktop\Defogger.exe
2014-11-26 14:12 - 2014-11-28 20:58 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-26 14:12 - 2014-11-28 20:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-11-26 14:12 - 2014-11-28 20:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-11-26 14:12 - 2014-11-26 14:12 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-26 14:12 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-26 14:12 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-26 14:12 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-26 09:46 - 2014-11-26 09:46 - 00000122 _____ () C:\Users\Luginius\Desktop\Sixt.txt
2014-11-23 23:17 - 2014-12-01 11:39 - 00000000 ____D () C:\Users\Luginius\Desktop\Für dawid
2014-11-22 11:40 - 2014-11-22 11:41 - 00001098 _____ () C:\Users\Luginius\Desktop\matlab - Verknüpfung.lnk
2014-11-22 02:33 - 2014-11-24 09:26 - 00000064 _____ () C:\Users\Luginius\Desktop\Neues Textdokument.txt
2014-11-22 01:42 - 2014-11-22 01:42 - 00001272 _____ () C:\Users\Luginius\Desktop\Chromecast.lnk
2014-11-22 01:42 - 2014-11-22 01:42 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chromecast
2014-11-21 19:57 - 2014-11-21 20:05 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\TeamViewer
2014-11-21 19:57 - 2014-11-21 19:57 - 00001194 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-11-21 19:57 - 2014-11-21 19:57 - 00001182 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-11-21 19:57 - 2014-11-21 19:57 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-20 22:23 - 2014-11-20 22:24 - 210974816 _____ (AMD Inc.) C:\Users\Luginius\Downloads\amd-catalyst-14-9-win7-win8.1-32bit-dd-ccc-whql.exe
2014-11-20 19:35 - 2014-11-20 19:35 - 00002590 _____ () C:\Users\Luginius\Desktop\Windows 7 USB DVD Download Tool.lnk
2014-11-20 19:35 - 2014-11-20 19:35 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows 7 USB DVD Download Tool
2014-11-20 19:35 - 2014-11-20 19:35 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Apps\Windows 7 USB DVD Download Tool
2014-11-20 19:16 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-20 19:16 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-20 19:16 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-20 19:16 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-20 19:15 - 2014-11-20 19:28 - 00000000 ____D () C:\Program Files (x86)\WinToUSB
2014-11-17 11:22 - 2014-11-17 11:22 - 00001029 _____ () C:\Users\Public\Desktop\PDF Architect 2.lnk
2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\Users\Luginius\Documents\PDF Architect 2
2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Architect 2
2014-11-17 11:22 - 2014-11-17 11:22 - 00000000 ____D () C:\Program Files (x86)\PDF Architect 2
2014-11-17 11:21 - 2014-11-17 11:24 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-11-17 11:21 - 2014-11-17 11:21 - 00001047 _____ () C:\Users\Public\Desktop\PDFCreator.lnk
2014-11-17 11:21 - 2014-11-17 11:21 - 00000000 ____D () C:\ProgramData\PDF Architect 2
2014-11-17 11:21 - 2014-11-17 11:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2014-11-17 11:21 - 2014-04-25 17:44 - 01070152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-11-17 11:21 - 2014-04-25 17:44 - 00662288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCT2.OCX
2014-11-17 11:21 - 2014-04-25 17:44 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2014-11-17 11:21 - 2014-04-25 17:44 - 00110264 _____ (pdfforge GmbH) C:\Windows\system32\pdfcmon.dll
2014-11-17 11:21 - 2014-04-25 17:44 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2014-11-17 11:21 - 1998-07-06 18:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-11-17 11:21 - 1998-07-06 18:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-11-17 11:21 - 1998-07-06 18:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2014-11-17 11:19 - 2014-11-17 11:19 - 27843432 _____ (pdfforge ) C:\Users\Luginius\Desktop\PDFCreator-1_7_3_setup.exe
2014-11-17 09:15 - 2014-11-30 16:57 - 00000000 ____D () C:\Users\Luginius\Documents\MATLAB
2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Subversion
2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\MathWorks
2014-11-17 09:15 - 2014-11-17 09:15 - 00000000 ____D () C:\Users\Luginius\AppData\Local\MathWorks
2014-11-16 15:38 - 2014-11-16 15:38 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Logitech
2014-11-16 15:38 - 2014-11-16 15:38 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-11-16 15:37 - 2014-11-19 12:40 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-11-16 15:37 - 2014-11-19 12:40 - 00001164 _____ () C:\Windows\LkmdfCoInst.log
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-11-16 15:37 - 2014-11-16 15:37 - 00000000 ____D () C:\ProgramData\Apple
2014-11-16 15:30 - 2014-11-16 15:37 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-11-16 15:29 - 2014-11-16 15:29 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Logitech
2014-11-16 15:29 - 2014-11-16 15:29 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Logishrd
2014-11-16 15:28 - 2014-11-16 15:28 - 67350808 _____ (Logitech Inc.) C:\Users\Luginius\Desktop\LGS_8.57.145_x64_Logitech.exe
2014-11-16 14:57 - 2014-11-16 14:57 - 01156136 _____ (Ruiware) C:\Users\Luginius\Desktop\wpsetup.exe
2014-11-13 12:18 - 2014-11-17 09:20 - 00000000 ____D () C:\Users\Luginius\Desktop\Dawid
2014-11-13 12:12 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-11-13 12:12 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 12:12 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 12:12 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-11-13 12:12 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-11-13 12:12 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-11-13 12:12 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-11-13 12:12 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-11-13 12:12 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-11-13 12:12 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-11-13 12:12 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 12:12 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-11-13 12:12 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 12:12 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-11-13 12:12 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-11-13 12:12 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-11-13 12:12 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-11-13 12:12 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-11-13 12:12 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2014-11-13 12:12 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2014-11-13 12:11 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 12:11 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 12:11 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 12:11 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 12:11 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 12:11 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-11-13 12:11 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 12:11 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 12:11 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 12:11 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 12:11 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-11-13 12:11 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-11-13 12:11 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 12:11 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 12:11 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 12:11 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 12:11 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 12:11 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-11-13 12:11 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 12:11 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 12:11 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 12:11 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-11-13 12:11 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 12:11 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 12:11 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 12:11 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2014-11-13 12:11 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-11-13 12:11 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 12:11 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 12:11 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 12:11 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 12:11 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-11-13 12:11 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-11-13 12:11 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 12:11 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 12:11 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 12:11 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 12:11 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 12:11 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 12:11 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 12:10 - 2014-11-05 00:38 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 12:10 - 2014-11-04 01:10 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 12:10 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-11-13 12:10 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-11-13 12:10 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-11-13 12:10 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-11-13 12:10 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-11-13 12:10 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-11-13 12:10 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 12:10 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-11-13 12:10 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 12:10 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 12:10 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 12:10 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-11-13 12:10 - 2014-10-31 05:53 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-11-13 12:10 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2014-11-13 12:10 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 12:10 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 12:10 - 2014-10-31 05:49 - 00537088 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 12:10 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-11-13 12:10 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 12:10 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-11-13 12:10 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-11-13 12:10 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-11-13 12:10 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 12:10 - 2014-10-31 05:24 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-11-13 12:10 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 12:10 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-11-13 12:10 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-11-13 12:10 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-11-13 12:10 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 12:10 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-11-13 12:10 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-11-13 12:10 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-11-13 12:10 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-11-13 12:10 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-11-13 12:10 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-11-13 12:10 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-11-13 12:10 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 12:10 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 12:10 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 12:10 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 12:10 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 12:10 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-11-13 12:10 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 12:10 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-11-13 12:10 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 12:10 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-11-13 12:10 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-11-13 12:10 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-11-13 12:10 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 12:10 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-11-13 12:10 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 12:10 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-11-13 12:10 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-11-13 12:10 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-11-13 12:10 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-11-13 12:10 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 12:10 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 12:10 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-13 12:10 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-11-13 12:10 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-13 12:10 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-11-13 12:10 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-11-13 12:10 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-13 12:10 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-13 12:10 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-13 12:10 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-11-13 12:10 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-11-13 12:10 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-11-13 12:10 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-13 12:10 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-11-13 12:10 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-11-13 12:10 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-11-13 12:10 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-11-13 12:10 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 12:10 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 12:10 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 12:10 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-11-13 12:10 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-11-13 12:10 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 12:10 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 12:10 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-11-13 12:10 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2014-11-13 12:10 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2014-11-13 12:10 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 12:10 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 12:10 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2014-11-13 12:10 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 12:10 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-11-13 12:10 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 12:10 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 12:10 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 12:10 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-11-13 12:10 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 12:10 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 12:10 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 12:10 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 12:10 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 12:10 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2014-11-13 12:10 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 12:10 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-11-13 12:10 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-11-13 12:10 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-11-13 12:10 - 2014-09-07 23:08 - 00389176 _____ () C:\Windows\system32\ApnDatabase.xml
2014-11-13 12:10 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-11-13 12:10 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-11-13 12:10 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-11-13 12:10 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-11-13 12:10 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2014-11-13 12:10 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2014-11-13 12:10 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-11-13 12:10 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-11-13 12:10 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-11-13 12:10 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOMEX.dll
2014-11-13 12:10 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\FXSAPI.dll
2014-11-13 12:10 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-11-13 12:10 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FXSAPI.dll
2014-11-13 12:10 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-11-13 12:10 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-11-13 12:10 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-11-13 12:10 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-11-13 12:10 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 12:10 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-11-13 12:10 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-11-13 12:10 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 12:10 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-11-13 12:10 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2014-11-13 12:10 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2014-11-10 21:18 - 2014-11-10 21:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 16:43 - 2014-11-10 16:44 - 00000000 ____D () C:\Users\Luginius\Desktop\Vati
2014-11-10 16:42 - 2014-11-28 13:36 - 00000000 ____D () C:\Users\Luginius\Desktop\Lukas
2014-11-10 13:07 - 2014-11-10 13:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tinypic
2014-11-10 13:07 - 2014-11-10 13:07 - 00000000 ____D () C:\Program Files (x86)\Tinypic
2014-11-10 11:30 - 2014-11-10 11:30 - 00027568 _____ () C:\Users\Luginius\Downloads\Kuendigungen_und_Mahnungen.zip
2014-11-07 18:20 - 2014-11-07 18:20 - 00000000 ____D () C:\Users\Luginius\Documents\Benutzerdefinierte Office-Vorlagen
2014-11-07 16:38 - 2014-11-07 16:59 - 00000000 ____D () C:\Users\Luginius\f4
2014-11-07 16:34 - 2014-11-07 16:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\f4
2014-11-06 22:10 - 2014-11-27 10:58 - 00000000 ____D () C:\Users\Luginius\Desktop\Lars Wichtig!
2014-11-06 09:49 - 2014-12-02 23:49 - 00000072 _____ () C:\Users\Public\LMDebug.log
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-05 12:21 - 2014-10-23 16:15 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{83AC5851-DE9F-41F1-B659-2881A7321403}
2014-12-05 12:21 - 2014-10-23 14:01 - 01906781 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 12:19 - 2014-11-03 20:08 - 00003034 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-12-05 12:18 - 2014-10-25 15:26 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 12:18 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-12-05 03:54 - 2014-10-23 20:58 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\ClassicShell
2014-12-05 03:42 - 2014-10-25 15:29 - 00001156 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA.job
2014-12-05 03:36 - 2014-10-25 15:26 - 00001142 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 02:41 - 2014-10-25 15:29 - 00001104 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core.job
2014-12-04 15:55 - 2014-10-23 14:07 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1187133439-2445563951-4204365367-1001
2014-12-04 15:45 - 2014-03-18 11:04 - 01776918 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-04 15:45 - 2014-03-18 10:29 - 00764340 _____ () C:\Windows\system32\perfh007.dat
2014-12-04 15:45 - 2014-03-18 10:29 - 00159160 _____ () C:\Windows\system32\perfc007.dat
2014-12-02 15:40 - 2014-10-23 20:50 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-12-02 15:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-12-01 21:32 - 2014-10-23 22:34 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\vlc
2014-12-01 18:48 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-01 18:47 - 2014-03-18 02:53 - 00020496 _____ () C:\Windows\PFRO.log
2014-12-01 18:46 - 2014-10-28 12:58 - 00001095 _____ () C:\Users\Luginius\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-12-01 13:13 - 2014-10-27 23:10 - 00288256 ___SH () C:\Users\Luginius\Desktop\Thumbs.db
2014-12-01 11:12 - 2014-10-23 23:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-30 14:20 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius\AppData\Local\VirtualStore
2014-11-27 18:54 - 2014-10-23 20:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-27 18:44 - 2013-08-22 15:45 - 00023730 _____ () C:\Windows\setupact.log
2014-11-27 10:49 - 2014-11-04 11:24 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Winamp
2014-11-26 16:18 - 2014-10-28 13:48 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-11-26 15:59 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius
2014-11-26 09:53 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-11-26 09:53 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-11-26 09:37 - 2014-10-25 15:26 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-26 09:29 - 2013-08-22 15:44 - 00482920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-25 10:55 - 2014-10-28 12:35 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Microsoft Help
2014-11-22 01:42 - 2014-10-25 15:26 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Google
2014-11-20 21:51 - 2014-10-25 15:18 - 00714208 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2014-10-25 15:18 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-19 12:45 - 2014-10-25 22:25 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-11-17 02:50 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-11-17 02:37 - 2014-10-25 15:29 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001UA
2014-11-17 02:37 - 2014-10-25 15:29 - 00003728 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187133439-2445563951-4204365367-1001Core
2014-11-16 15:30 - 2014-10-23 16:29 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-16 12:31 - 2014-10-25 15:26 - 00004114 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 12:31 - 2014-10-25 15:26 - 00003878 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 11:44 - 2014-08-07 15:19 - 00000000 ____D () C:\Users\Luginius\Desktop\Treiber
2014-11-13 19:33 - 2014-10-25 00:36 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-13 19:33 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 18:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-11-13 18:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-11-13 18:54 - 2014-10-25 00:18 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 18:52 - 2014-10-25 00:18 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 11:23 - 2014-10-23 20:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 16:43 - 2014-10-23 21:30 - 00000000 ____D () C:\Users\Luginius\Desktop\Programme
2014-11-10 16:42 - 2014-10-23 21:30 - 00000000 ____D () C:\Users\Luginius\Desktop\OC Programme
2014-11-10 10:16 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius\AppData\Roaming\Adobe
2014-11-07 17:05 - 2014-10-23 14:02 - 00000000 ____D () C:\Users\Luginius\AppData\Local\Packages
Some content of TEMP:
====================
C:\Users\Luginius\AppData\Local\Temp\130585673333078917.exe
C:\Users\Luginius\AppData\Local\Temp\13058567349064114830.exe
C:\Users\Luginius\AppData\Local\Temp\AskPIP_FF_.exe
C:\Users\Luginius\AppData\Local\Temp\Execute2App.exe
C:\Users\Luginius\AppData\Local\Temp\FreemakeVideoConverterFull.exe
C:\Users\Luginius\AppData\Local\Temp\Installer.exe
C:\Users\Luginius\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Luginius\AppData\Local\Temp\msvcp90.dll
C:\Users\Luginius\AppData\Local\Temp\msvcr90.dll
C:\Users\Luginius\AppData\Local\Temp\ochelper.dll
C:\Users\Luginius\AppData\Local\Temp\ochelper.exe
C:\Users\Luginius\AppData\Local\Temp\Quarantine.exe
C:\Users\Luginius\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-02 14:06
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Hallo, Problem ist gelöst, lag tatsächlich an der W-Lan Karte und der bcmwltry.exe. Hab den Prozess und andere zugehörige Prozesse mit wltry.exe geschlossen und dann war das Problem weg. Hab dann noch bei Autostart die Anwendung, Broadcom 802.11 Network deaktiviert und seit dem keine Probleme mehr. Gruß Lukas |
|
06.12.2014, 16:27
| #12 |
| /// the machine /// TB-Ausbilder | Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus Dann würde ich mal schauen ob es neue Treiber gibt. Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Fenster Blinken, Maus lädt ständig und im Task Manager gehe die Anwendungen WerFault.exe, wermgr.exe, bcmwltry.exe an und aus |
| adware, bonjour, cpu-z, fehlercode 0xc015000f, fehlercode 0xe0434f4d, fehlercode 22, fehlercode 43, fehlercode windows, firefox 33.1, flash player, installation, launch, registry, svchost.exe, taskmanager, this device is disabled. (code 22), win32/adware.adon, win32/downloadsponsor.a, win32/installcore.qw, win32/installmonetizer.aq, win32/packed.vmprotect.abd, win32/softonicdownloader.a, win32/somoto.c, win32/somoto.g, win32/trojandropper.msidrop.a |
Linear-Darstellung
