Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Rechner langsam Viruss?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.05.2015, 21:37   #1
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Hallo,
ich habe folgendes Problem;

Mein Rechner mit WIN 8.1 ist sehr Langsam geworden. Er arbeitet dauernd auf der Festplatte nicht aus dem Arbeitsspeicher. Die Auslasstung der Festplatte geht auf 100%. Während die Auslastung des Arbeitsspeichers nur bis 33% geht. (Gemessen mit Taskmeneger)
Nach mehreren durchlaufen von Windows Defender wurde Hacktool Keygen auf einer alten Sicherung eines USB Sticks gefunden.(nein ich benutze keine illegalen Programme)
Defender hat die Datei gelöscht. Danach funktionierte das System. Nach einem neustart ist das Problem wieder da. Defender , Malwaerebytes und adwclaner finden aber nichts.

Es währe schön, wenn mir jemand helfen könnte.

PS: Ich benutze diesen Rechner für eine nebenberufliche selbständige Tätigkeit.

Geändert von shubi (24.05.2015 um 21:45 Uhr)

Alt 24.05.2015, 22:59   #2
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 25.05.2015, 08:42   #3
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by H (administrator) on IDEA-PC on 25-05-2015 09:05:50
Running from C:\Users\H\Downloads
Loaded Profiles: UpdatusUser & H (Available Profiles: UpdatusUser & H & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
() C:\Windows\jmesoft\Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Star Finanz-Software Entwicklung und Vertriebs GmbH) C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
(TPV-INVENTA TECHNOLOGY CO., LTD.) C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [TNIOSDVolumeSync(x64)] => C:\Program Files (x86)\TNIOSDVolumeSync\TNIExec.exe [9728 2012-08-29] (TPV-INVENTA TECHNOLOGY CO., LTD.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [bgsmsnd.exe] => C:\WINDOWS\SysWOW64\bgsmsnd.exe [204720 2014-06-26] (Broadgun Software)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-11-21] (Microsoft Corporation)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2480739207-2502134016-2632597921-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2480739207-2502134016-2632597921-1002 -> {649F3FA9-EB13-441C-86F7-2FC9156ED06A} URL =
BHO-x32: pdfMachine -> {56CF4856-ECB4-4e46-A897-A378821F97B9} -> C:\WINDOWS\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software)
Toolbar: HKLM-x32 - pdfMachine - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\WINDOWS\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software)
Toolbar: HKU\.DEFAULT -> No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
FireFox:
========
FF ProfilePath: C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\99kle6gz.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll [2010-10-18] (Exent Technologies Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-05-24] (Nitro PDF)
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\FreeRide Games\NPGameTreatPlugin.dll No File
FF Plugin HKU\S-1-5-21-2480739207-2502134016-2632597921-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Extension: Avira Browser Safety - C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\99kle6gz.default\Extensions\abs@avira.com [2015-05-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
R2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [24880 2013-01-15] (Microsoft) []
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [154112 2014-12-03] (Firebird Project) []
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5772288 2014-12-03] (Firebird Project) []
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () []
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-05-24] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
R2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
R2 TNISrvc; C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe [53760 2012-08-29] (TPV-INVENTA TECHNOLOGY CO., LTD.) []
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-11] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-11] (Microsoft Corporation)
S2 IdeaTouch.LocalDataServer.Education; "C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232576 2012-08-22] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [13696 2012-05-02] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-11] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
S5 avgntflt; <===== ATTENTION Locked Service
U3 DfSdkS; No ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 09:05 - 2015-05-25 09:06 - 00012411 _____ () C:\Users\H\Downloads\FRST.txt
2015-05-25 09:04 - 2015-05-25 09:05 - 00000000 ____D () C:\FRST
2015-05-25 09:02 - 2015-05-25 09:03 - 02108416 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe
2015-05-25 09:01 - 2015-05-25 09:01 - 00000000 _____ () C:\ProgramData\rebootpending.txt
2015-05-24 22:04 - 2015-05-24 22:04 - 00000000 ____D () C:\Device
2015-05-24 21:51 - 2015-05-24 22:04 - 00000000 ____D () C:\Users\H\Doctor Web
2015-05-24 21:46 - 2015-05-24 21:50 - 162343880 _____ () C:\Users\H\Downloads\o5zgon8o.exe
2015-05-24 21:28 - 2015-05-24 21:28 - 05049344 _____ (Crawler.com ) C:\Users\H\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2015-05-24 21:28 - 2015-05-24 21:28 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2015-05-24 13:17 - 2015-05-24 13:18 - 51789024 _____ (Microsoft Corporation) C:\Users\H\Downloads\Windows-KB890830-x64-V5.24.exe
2015-05-24 13:13 - 2015-04-30 10:07 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2015-05-24 13:11 - 2015-05-24 13:12 - 50811104 _____ (Microsoft Corporation) C:\Users\H\Downloads\Windows-KB890830-V5.24.exe
2015-05-24 12:22 - 2015-05-24 12:52 - 00000000 ____D () C:\AdwCleaner
2015-05-24 12:22 - 2015-05-24 12:22 - 02223104 _____ () C:\Users\H\Downloads\adwcleaner_4.205.exe
2015-05-24 12:10 - 2015-05-24 12:10 - 00532480 _____ (Trend Micro Incorporated) C:\Users\H\Downloads\cwshredder.exe
2015-05-23 10:07 - 2015-05-25 09:00 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-05-23 10:06 - 2015-05-23 10:07 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\H\Downloads\avira_de_av_556034e6ea1ba__ws.exe
2015-05-23 09:58 - 2015-05-23 09:58 - 00000941 _____ () C:\DelFix.txt
2015-05-22 23:48 - 2015-05-22 23:48 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\H\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-22 00:01 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-22 00:01 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-21 21:09 - 2015-05-21 21:09 - 00000183 _____ () C:\INSTALL.LOG
2015-05-21 20:35 - 2015-05-21 20:36 - 02931056 _____ () C:\Users\H\Downloads\SecurityTaskManager_Setup.exe
2015-05-21 20:14 - 2015-05-25 09:05 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002
2015-05-21 20:13 - 2015-05-21 20:13 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-IDEA-PC-Windows-8.1-(64-bit).dat
2015-05-21 20:09 - 2015-05-25 08:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-21 20:08 - 2015-05-21 20:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\H\Downloads\revosetup95.exe
2015-05-20 13:45 - 2015-05-20 13:45 - 00001210 _____ () C:\WINDOWS\firebird.log
2015-05-20 11:50 - 2015-05-20 11:50 - 00002127 _____ () C:\Users\H\Desktop\Foxit Reader Deutsch - CHIP Downloader.lnk
2015-05-20 08:52 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-16 15:07 - 2015-05-20 09:54 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nico Mak Computing
2015-05-13 16:55 - 2015-05-13 16:55 - 00001144 _____ () C:\Users\Public\Desktop\Amicron-Mailoffice 4.0.lnk
2015-05-13 16:55 - 2015-05-13 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amicron-Mailoffice 4.0
2015-05-13 16:55 - 2015-05-13 16:55 - 00000000 ____D () C:\Program Files (x86)\Amicron-Mailoffice 4.0
2015-05-13 16:52 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amicron-Faktura 11.0
2015-05-13 16:52 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files (x86)\Amicron-Faktura 11.0
2015-05-13 16:52 - 2015-05-13 16:52 - 00001113 _____ () C:\Users\Public\Desktop\Amicron-Faktura 11.0.lnk
2015-05-13 16:37 - 2015-05-13 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (x64)
2015-05-13 16:37 - 2015-05-13 16:37 - 00000000 ____D () C:\Program Files\Firebird
2015-05-13 16:37 - 2014-12-03 17:08 - 00773632 _____ (IBPhoenix) C:\WINDOWS\system32\Firebird2Control.cpl
2015-05-13 16:37 - 2014-12-03 17:06 - 00875520 _____ (Firebird Project) C:\WINDOWS\system32\GDS32.DLL
2015-05-13 16:36 - 2015-05-13 16:36 - 10294006 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.3.26780_0_x64.exe
2015-05-13 16:19 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:19 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:53 - 2015-05-13 15:53 - 00000000 ____D () C:\müll
2015-05-13 15:51 - 2014-12-03 16:40 - 00552960 _____ (Firebird Project) C:\WINDOWS\SysWOW64\GDS32.DLL
2015-05-13 15:35 - 2015-05-24 17:39 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C72B0CE2-9C72-4228-8055-EB54D33D645A}
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieUserList
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieSiteList
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieBrowserModeList
2015-05-13 15:01 - 2015-05-24 22:07 - 00251498 _____ () C:\WINDOWS\PFRO.log
2015-05-13 15:01 - 2015-05-24 22:07 - 00004337 _____ () C:\WINDOWS\setupact.log
2015-05-13 15:01 - 2015-05-13 15:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-13 15:00 - 2015-05-13 15:54 - 00000000 ____D () C:\Program Files\Firebird_2_5
2015-05-13 14:58 - 2015-05-13 14:59 - 10326711 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.4.26856_0_x64(1).exe
2015-05-13 14:51 - 2015-05-13 14:51 - 05248848 _____ (Piriform Ltd) C:\Users\H\Downloads\ccsetup505_slim.exe
2015-05-13 14:50 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 14:50 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:49 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:49 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 14:49 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 14:49 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:49 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:48 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 14:48 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 14:48 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 14:48 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-05-13 14:48 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-13 14:44 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:44 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:38 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 14:38 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 14:38 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:38 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:38 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 14:38 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 14:38 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 14:38 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 14:38 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 14:38 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:38 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:37 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 14:37 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 14:37 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 14:37 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 14:37 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 14:37 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-05-13 14:37 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-05-13 14:37 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-05-13 14:36 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 14:36 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 14:36 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 14:34 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 14:34 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 14:34 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 14:34 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 14:34 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 14:34 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 14:34 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 14:34 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 14:34 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 14:34 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 14:34 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 14:34 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 14:34 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 14:34 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 14:34 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 14:34 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 14:34 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 14:34 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 14:34 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 14:34 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 14:34 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 14:34 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 14:34 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 14:34 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 14:34 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 14:34 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 14:34 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 14:34 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 14:34 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 14:34 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 14:34 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 14:34 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 14:34 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 14:34 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 14:34 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 14:34 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 14:32 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-05-13 14:32 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-05-13 14:31 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 14:31 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 14:31 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 14:31 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 14:31 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-05-13 14:31 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 14:29 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-05-13 14:29 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-05-13 14:27 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:27 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 08:19 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-05-13 08:19 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files\HWiNFO64
2015-05-13 08:19 - 2015-05-13 08:19 - 02713488 _____ (Martin Malík - REALiX ) C:\Users\H\Downloads\hw64_462.exe
2015-05-12 18:32 - 2015-05-13 15:35 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Opera Software
2015-05-12 18:32 - 2015-05-13 15:35 - 00000000 ___HD () C:\Users\H\AppData\Local\Opera Software
2015-05-12 18:31 - 2015-05-13 15:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-12 18:30 - 2015-05-12 18:30 - 00001105 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSD-Z.lnk
2015-05-12 16:53 - 2015-05-12 16:53 - 00339822 ____H () C:\Users\H\Downloads\SSD-Z_15.03.15wip.zip
2015-05-12 16:50 - 2015-05-12 18:31 - 00001213 _____ () C:\Users\H\Desktop\CrystalDiskInfo.lnk
2015-05-12 16:50 - 2015-05-12 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-05-12 16:50 - 2015-05-12 18:31 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2015-05-12 16:50 - 2015-05-12 16:50 - 03015656 _____ (Crystal Dew World ) C:\Users\H\Downloads\crystaldiskinfo6_3_2-en.exe
2015-05-12 14:20 - 2015-05-12 14:21 - 01542344 _____ (Lenovo Group Limited ) C:\Users\H\Downloads\h1100351.exe
2015-05-12 11:44 - 2015-05-12 11:45 - 00002198 _____ () C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-05-12 11:44 - 2015-05-12 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 9.0
2015-05-12 11:44 - 2015-05-12 11:44 - 00000000 ____D () C:\ProgramData\StarMoney 9.0
2015-05-12 11:44 - 2015-05-12 11:44 - 00000000 ____D () C:\Program Files (x86)\Business Objects
2015-05-12 11:43 - 2015-05-24 09:43 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2015-05-12 10:53 - 2015-05-12 10:58 - 188090912 _____ () C:\Users\H\Downloads\smoney.exe
2015-05-12 10:42 - 2015-05-13 16:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-13 16:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-13 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-12 10:42 - 13087456 _____ (Microsoft Corporation) C:\Users\H\Downloads\Silverlight_x64.exe
2015-05-11 16:41 - 2015-05-11 16:41 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-05-11 16:34 - 2015-05-11 16:35 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Users\H\Downloads\ashampoo_winoptimizer_2015_18590.exe
2015-05-11 16:18 - 2015-05-11 16:18 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-11 15:24 - 2015-05-12 08:16 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-11 15:20 - 2015-05-11 15:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-05-11 15:17 - 2015-05-11 15:17 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-05-11 15:17 - 2015-05-11 15:17 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 15:06 - 2015-05-20 09:01 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-11 15:06 - 2015-05-20 09:01 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-11 15:06 - 2015-05-11 15:06 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-11 15:06 - 2015-05-11 15:06 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-05-11 15:05 - 2015-05-11 15:05 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-05-11 15:05 - 2015-05-11 15:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-05-11 15:05 - 2015-05-11 15:05 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-05-11 15:05 - 2015-05-11 15:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-05-11 15:04 - 2015-05-11 15:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-11 15:03 - 2015-05-25 08:55 - 00000000 __RHD () C:\Users\H\OneDrive
2015-05-11 15:03 - 2015-05-11 15:03 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-05-11 15:01 - 2015-05-11 15:01 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-05-11 15:00 - 2015-05-11 15:00 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-11 14:58 - 2015-05-11 15:02 - 00000000 ___HD () C:\Users\H\AppData\Local\PackageStaging
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-11 14:58 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-11 14:58 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-11 14:57 - 2015-05-11 14:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-11 14:57 - 2015-05-11 14:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-11 14:56 - 2015-05-11 14:56 - 00001465 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-11 14:56 - 2015-05-11 14:56 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-11 14:56 - 2015-05-11 14:56 - 00000020 ___SH () C:\Users\H\ntuser.ini
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-11 14:53 - 2015-05-11 14:53 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-11 14:49 - 2015-05-11 14:49 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-05-11 14:41 - 2015-05-11 14:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-11 14:38 - 2015-05-11 14:38 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-05-11 14:37 - 2015-05-24 22:09 - 00000000 ____D () C:\Users\H
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\Administrator
2015-05-11 14:37 - 2015-05-11 14:53 - 00043818 _____ () C:\WINDOWS\diagwrn.xml
2015-05-11 14:37 - 2015-05-11 14:53 - 00043818 _____ () C:\WINDOWS\diagerr.xml
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:30 - 2015-05-22 08:46 - 00000000 ____D () C:\WINDOWS\VMC412
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____D () C:\Program Files\Realtek
2015-05-11 14:29 - 2015-05-25 09:02 - 01455921 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-11 14:29 - 2015-05-20 10:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-11 14:29 - 2015-05-11 14:40 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-11 14:29 - 2015-05-11 14:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-11 14:29 - 2015-05-11 14:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-11 14:29 - 2013-10-29 01:39 - 06610720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-11 14:29 - 2013-10-29 01:39 - 03477280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 01042720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-11 14:29 - 2013-10-29 01:38 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 14:29 - 2013-10-25 13:44 - 03435888 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-11 14:28 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-05-11 14:28 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-05-11 12:10 - 2015-05-11 12:20 - 98689221 _____ () C:\Users\H\Downloads\AF11-Setup.exe
2015-05-11 11:18 - 2015-05-13 16:26 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-05-11 11:07 - 2015-05-11 11:07 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nitro
2015-05-11 10:59 - 2015-05-23 10:10 - 00000000 ____D () C:\Users\H\AppData\Roaming\Foxit Software
2015-05-11 10:57 - 2015-05-11 10:58 - 36570832 _____ (Foxit Software Inc. ) C:\Users\H\Downloads\FoxitReader715.0425_enu_Setup.exe
2015-05-11 10:51 - 2015-05-13 16:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-11 10:51 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-11 10:36 - 2015-05-11 10:36 - 00000291 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer (3).lnk
2015-05-11 10:35 - 2015-05-11 10:35 - 00000291 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2015-05-11 08:11 - 2015-05-20 22:18 - 00007603 ____H () C:\Users\H\AppData\Local\Resmon.ResmonCfg
2015-05-11 08:07 - 2015-05-11 08:07 - 01918240 _____ (Mister Group ) C:\Users\H\Downloads\SystemExplorerSetup_641.exe
2015-05-09 23:21 - 2015-05-09 23:21 - 00248728 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\31750657.sys
2015-05-09 23:13 - 2015-05-22 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-09 23:11 - 2015-05-09 23:12 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\H\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-09 21:34 - 2015-05-09 21:34 - 00000000 ___HD () C:\Users\H\AppData\Local\Apps\2.0
2015-05-09 21:10 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\OpenOffice
2015-05-09 20:45 - 2015-05-11 14:43 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-09 20:45 - 2015-05-09 20:45 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-09 20:45 - 2015-05-09 20:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\FileOpen
2015-05-09 20:45 - 2015-05-09 20:45 - 00000000 ____D () C:\ProgramData\FileOpen
2015-05-09 20:43 - 2015-05-11 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BroadGun Software
2015-05-09 20:43 - 2015-05-09 20:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-09 20:42 - 2015-05-24 12:13 - 00000000 ___HD () C:\Users\H\AppData\Local\pdfMachine
2015-05-09 20:42 - 2014-11-11 14:15 - 07747504 _____ (BroadGun Software Pty Ltd) C:\WINDOWS\SysWOW64\bgsview.exe
2015-05-09 20:42 - 2014-11-11 14:15 - 00143280 _____ () C:\WINDOWS\SysWOW64\bgsreses.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00141744 _____ () C:\WINDOWS\SysWOW64\bgsresfr.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00140720 _____ () C:\WINDOWS\SysWOW64\bgsresit.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00138160 _____ () C:\WINDOWS\SysWOW64\bgsrespt.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00137136 _____ () C:\WINDOWS\SysWOW64\bgsrespl.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00136624 _____ () C:\WINDOWS\SysWOW64\bgsresde.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00135088 _____ () C:\WINDOWS\SysWOW64\bgsresen.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00133552 _____ () C:\WINDOWS\SysWOW64\bgsresda.dll
2015-05-09 20:42 - 2014-10-10 08:49 - 00474544 _____ (Broadgun Software Pty Ltd) C:\WINDOWS\SysWOW64\bgsofice.dll
2015-05-09 20:42 - 2014-10-09 14:15 - 00283056 _____ (Broadgun Software) C:\WINDOWS\SysWOW64\bgstb.dll
2015-05-09 20:42 - 2014-06-26 11:55 - 00204720 _____ (Broadgun Software) C:\WINDOWS\SysWOW64\bgsmsnd.exe
2015-05-09 20:42 - 2014-06-26 11:55 - 00066480 _____ () C:\WINDOWS\system32\bgspm64.dll
2015-05-09 20:42 - 2009-03-20 09:03 - 00516832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bgscapi.dll
2015-05-09 20:41 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-05-09 20:33 - 2015-05-09 20:38 - 164858324 _____ () C:\Users\H\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2015-05-09 17:23 - 2015-05-11 17:16 - 00000000 ____D () C:\WINDOWS\pss
2015-05-09 16:52 - 2005-11-14 11:00 - 00383488 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\midas.dll
2015-05-09 16:48 - 2015-05-19 17:52 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nitro PDF
2015-05-09 16:45 - 2015-05-09 16:45 - 00000000 ____D () C:\Program Files (x86)\Firebird
2015-05-09 16:45 - 2013-03-19 11:03 - 00462848 _____ (IBPhoenix) C:\WINDOWS\SysWOW64\Firebird2Control.cpl
2015-05-09 16:45 - 2003-04-01 08:00 - 00200704 _____ (DATEV eG Nürnberg) C:\WINDOWS\SysWOW64\SELF32.DLL
2015-05-09 16:38 - 2015-05-24 22:09 - 00000000 ____D () C:\ProgramData\firebird
2015-05-09 16:26 - 2003-04-01 08:00 - 00020864 _____ () C:\WINDOWS\SysWOW64\SELF32.TBL
2015-05-09 16:26 - 2003-04-01 08:00 - 00015156 _____ () C:\WINDOWS\SysWOW64\SELF32.INI
2015-05-09 16:20 - 2015-05-13 16:52 - 00000000 ____D () C:\AM-db
2015-05-09 16:14 - 2015-05-09 19:21 - 00000000 ___HD () C:\$SysReset
2015-05-09 16:14 - 2015-05-09 16:15 - 10326711 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.4.26856_0_x64.exe
2015-05-09 15:59 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\Mozilla
2015-05-09 15:59 - 2015-05-09 15:59 - 00000000 ___HD () C:\Users\H\AppData\Local\Mozilla
2015-05-09 15:59 - 2015-05-09 15:59 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-09 15:57 - 2015-05-09 15:57 - 00243592 _____ () C:\Users\H\Downloads\Firefox Setup Stub 37.0.2.exe
2015-05-09 15:54 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\AppData\Local\Lenovo
2015-05-09 15:53 - 2015-05-09 15:53 - 00000000 ___HD () C:\Users\H\AppData\Local\Power2Go
2015-05-09 15:52 - 2015-05-09 15:52 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-05-09 15:50 - 2015-05-09 15:50 - 00000000 ____D () C:\ProgramData\eBay
2015-05-09 15:45 - 2015-05-09 15:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Macromedia
2015-05-09 15:45 - 2015-05-09 15:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Adobe
2015-05-09 15:44 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\AppData\Local\VirtualStore
2015-05-09 15:43 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Local\Packages
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-05-08 15:22 - 2015-05-08 15:22 - 00000000 ___HD () C:\Lenovo
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-25 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-24 22:07 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-24 12:25 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-24 11:30 - 2014-11-21 05:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 11:30 - 2014-11-21 04:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-24 11:30 - 2014-11-21 04:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-22 08:46 - 2014-03-26 10:07 - 00000000 ____D () C:\Program Files (x86)\SugarSync
2015-05-22 08:46 - 2014-03-26 09:55 - 00000000 ____D () C:\WINDOWS\jmesoft
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ras
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ras
2015-05-22 08:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-05-22 08:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\registration
2015-05-22 08:37 - 2015-04-04 19:44 - 00000000 ____D () C:\Users\H\VMLites
2015-05-21 21:34 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-21 08:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-21 00:10 - 2014-03-26 09:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-20 10:11 - 2014-03-26 09:52 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-05-20 10:07 - 2014-03-26 09:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-05-20 10:04 - 2014-03-26 10:10 - 00000000 ____D () C:\Program Files (x86)\Lenovo DE
2015-05-20 10:04 - 2014-03-26 09:52 - 00000000 ____D () C:\Program Files\Intel
2015-05-19 07:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-15 09:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-14 10:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-13 16:30 - 2013-08-22 16:44 - 00371608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-05-13 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-05-13 16:27 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 16:26 - 2014-11-21 12:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-05-13 16:26 - 2014-11-21 05:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 11:44 - 2013-08-22 15:25 - 00017486 _____ () C:\WINDOWS\system32\Drivers\etc\services
2015-05-11 15:24 - 2014-12-13 15:18 - 00000000 __SHD () C:\Recovery
2015-05-11 15:24 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-05-11 15:20 - 2014-03-26 10:09 - 00000000 ____D () C:\ProgramData\CyberLink
2015-05-11 15:19 - 2014-03-26 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-05-11 15:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-05-11 15:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-11 15:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-05-11 15:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 15:03 - 2014-12-13 15:56 - 00000000 _RHDO () C:\Users\H\OneDrive.old
2015-05-11 15:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-05-11 14:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-11 14:54 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2015-05-11 14:51 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-05-11 14:51 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-11 14:46 - 2014-03-26 09:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-05-11 14:46 - 2014-03-26 09:56 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-05-11 14:43 - 2014-03-26 10:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-05-11 14:43 - 2014-03-26 10:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2015-05-11 14:43 - 2014-03-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Rescue System
2015-05-11 14:43 - 2014-03-26 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-05-11 14:43 - 2014-03-26 09:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-11 14:43 - 2014-03-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo USB2.0 UVC Camera
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-05-11 14:41 - 2014-03-26 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-11 14:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-05-11 14:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-05-11 14:41 - 2012-07-26 07:37 - 00000000 ___HD () C:\Users\Default.migrated
2015-05-11 14:40 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-05-11 14:40 - 2012-10-10 01:10 - 00000000 ____D () C:\ProgramData\PRICache
2015-05-11 14:39 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-05-11 14:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-11 14:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-05-11 14:38 - 2012-10-10 01:09 - 00000000 ___HD () C:\Users\Administrator\AppData\Local\Packages
2015-05-11 13:11 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-05-10 00:17 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-09 23:26 - 2014-03-26 10:11 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-05-09 22:11 - 2014-03-26 09:52 - 00000000 ____D () C:\ProgramData\Intel
2015-05-09 21:56 - 2014-03-26 10:12 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-09 21:53 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-09 19:09 - 2014-03-26 10:09 - 00000000 ____D () C:\Program Files\Lenovo
2015-05-09 16:20 - 2014-12-05 21:45 - 00000000 ____D () C:\Daten
2015-05-09 16:00 - 2015-02-22 21:14 - 00000000 ____D () C:\Jts
2015-05-09 16:00 - 2014-12-06 13:16 - 00000000 ____D () C:\16bb532173b4957bbfd757fd794e38
2015-05-09 15:35 - 2015-04-16 18:14 - 00000000 ____D () C:\Sicherung
2015-05-09 15:24 - 2015-04-06 14:46 - 00000000 ____D () C:\acad
2015-05-09 15:24 - 2014-12-07 13:05 - 00000000 ____D () C:\Autodesk
2015-05-05 19:59 - 2014-11-21 13:01 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-11-21 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-05-11 08:11 - 2015-05-20 22:18 - 0007603 ____H () C:\Users\H\AppData\Local\Resmon.ResmonCfg
2015-05-11 14:30 - 2015-05-11 14:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-26 09:59 - 2014-03-26 09:59 - 0000198 ____H () C:\ProgramData\Lenovo-3548.vbs
2015-05-25 09:01 - 2015-05-25 09:01 - 0000000 _____ () C:\ProgramData\rebootpending.txt
Files to move or delete:
====================
C:\ProgramData\Lenovo-3548.vbs

Some files in TEMP:
====================
C:\Users\H\AppData\Local\Temp\avgnt.exe
C:\Users\H\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\H\AppData\Local\Temp\Quarantine.exe
C:\Users\H\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-21 04:12
==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by H at 2015-05-25 09:06:35
Running from C:\Users\H\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2480739207-2502134016-2632597921-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2480739207-2502134016-2632597921-501 - Limited - Disabled)
H (S-1-5-21-2480739207-2502134016-2632597921-1002 - Administrator - Enabled) => C:\Users\H
UpdatusUser (S-1-5-21-2480739207-2502134016-2632597921-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amicron-Faktura 11.0 © Amicron Software (HKLM-x32\...\Amicron-Faktura 11.0) (Version: - )
Amicron-Mailoffice 4.0 © Amicron Software (HKLM-x32\...\Amicron-Mailoffice 4.0) (Version: - )
AngryBirds (HKLM-x32\...\{20CE0033-8F3D-464B-8BA2-A08EB0F27FD3}) (Version: 1.01.0618 - Rovio)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4030 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0423 - Lenovo)
Firebird 2.5.3.26780 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.3.26780 - Firebird Project)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.83.01 - Exent Technologies)
Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Fruits (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
HWiNFO64 Version 4.62 (HKLM\...\HWiNFO64_is1) (Version: 4.62 - Martin Malík - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dashboard (HKLM-x32\...\{FEF1833C-244C-4DF2-AB67-1E1D26921ED8}) (Version: 2.0.0.9 - Lenovo)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1511 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1511 - CyberLink Corp.) Hidden
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Mammals (HKLM-x32\...\InstallShield_{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Mammals (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Nitro Pro 8 (HKLM\...\{A0C6FA89-D6B3-4788-9713-32E6AA386507}) (Version: 8.5.4.11 - Nitro)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
Puzzle (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StarMoney (x32 Version: 4.0.7.94 - StarFinanz) Hidden
StarMoney 9.0 (HKLM-x32\...\{85706D38-23D6-4AF9-8E06-645ED6A958A9}) (Version: 9.0 - Star Finanz GmbH)
sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
sudoku (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
timer (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
TNIOSDVolumeSync (HKLM-x32\...\InstallShield_{86B9BBB1-B06B-4B31-9D0A-634B41598251}) (Version: 1.0.0.3 - TPV-INVENTA TECHNOLOGY CO., LTD.)
TNIOSDVolumeSync (x32 Version: 1.0.0.3 - TPV-INVENTA TECHNOLOGY CO., LTD.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2480739207-2502134016-2632597921-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
24-05-2015 02:07:20 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2176FA56-2BF3-4F79-A24C-A3EB6738C048} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {30E67E76-A1B0-4BC3-8FD4-ED18CCE54A63} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {4574245E-832F-4232-B22B-02574AE56573} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {51E6A395-A984-4F22-ADE4-9F1BA461DDF5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {7C0C1130-817E-48EB-8D62-3F5190DAD663} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {FF279C7E-9F13-4570-A254-96335D20F047} - System32\Tasks\Lenovo\Lenovo-3548 => C:\ProgramData\Lenovo-3548.vbs [2014-03-26] ()
==================== Loaded Modules (Whitelisted) ==============
2015-05-09 20:42 - 2014-06-26 11:55 - 00066480 _____ () C:\WINDOWS\System32\bgspm64.dll
2014-03-26 09:55 - 2011-08-16 21:46 - 00032768 _____ () C:\Windows\jmesoft\Service.exe
2014-03-26 10:15 - 2013-05-14 20:53 - 00390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-03-26 09:54 - 2013-11-01 01:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-12 11:44 - 2011-01-13 10:44 - 00232800 _____ () C:\Program Files (x86)\StarMoney 9.0\ouservice\PATCHW32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\H\OneDrive:ms-properties
AlternateDataStreams: C:\Users\H\OneDrive.old:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1001\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\H\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img7.jpg
DNS Servers: 192.168.50.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "TNIOSDVolumeSync(x86)"
HKLM\...\StartupApproved\Run32: => "TNIOSDVolumeSync(x64)"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "bgsmsnd.exe"
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8074920-E8BD-44B0-B88E-23E5F759F9C1}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{58761724-1755-4008-993C-19CD985FD140}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{AB929053-DEEE-4DCC-A921-07AB8B76BEAA}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{0818B614-444A-4633-B28C-9BB35B3CD19C}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{EE613BC3-5311-4706-9216-42A186DBB775}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{F24DB21B-1BD0-4E7A-A51D-9704CB05E5E3}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{B790462C-6B6F-4E52-83D5-E063F03E5B0E}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{7D43DD43-BFFD-4567-952B-D0CDBA15B97D}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{DD6FC618-4315-40F6-A75D-1604B74539A9}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{F8DDB9D5-F501-40E7-9CB4-3A2E48415375}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{AB5F06C0-DE47-4296-9029-1559A1B76F7F}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{03B06447-F065-468F-BE7D-395824417446}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{D2C3CC43-08E1-433A-89AC-6E0B78ECFF5F}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{C8E3FCEF-DBF9-4F77-ADD6-96FC92807087}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{55498925-A215-42F0-916E-486D0BA15523}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{00736C55-276D-4ABD-B68F-B7B44E15D982}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{557C3C5C-2352-43D3-B95C-88BA9470FCB0}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{5EB075A8-E82A-455D-AC9E-CDD878C31816}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{975FEDA4-1DFD-4074-9981-9E8C26A853C1}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{32BBB5B3-15A9-4B77-A99C-FDD1F8453241}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/24/2015 00:52:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.

Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __NamespaceOperationEvent" zu registrieren, deren Zielklasse "__NamespaceOperationEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __NamespaceOperationEvent" zu registrieren, deren Zielklasse "__NamespaceOperationEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.

System errors:
=============
Error: (05/25/2015 09:02:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.199.669.0)
Error: (05/24/2015 10:08:32 PM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCHS-1-5-21-2480739207-2502134016-2632597921-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/24/2015 10:08:32 PM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCHS-1-5-21-2480739207-2502134016-2632597921-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/24/2015 10:08:32 PM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCHS-1-5-21-2480739207-2502134016-2632597921-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/24/2015 10:08:31 PM) (Source: DCOM) (EventID: 10016) (User: IDEA-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCHS-1-5-21-2480739207-2502134016-2632597921-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (05/24/2015 10:07:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IdeaTouch.LocalDataServer.Education" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (05/24/2015 09:28:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (05/24/2015 09:28:02 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (05/24/2015 01:14:17 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (05/24/2015 01:02:44 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252.

Microsoft Office:
=========================
Error: (05/24/2015 00:52:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __NamespaceOperationEvent__NamespaceOperationEvent//./root
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/CIMV2
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __NamespaceOperationEvent__NamespaceOperationEvent//./root/subscription

CodeIntegrity Errors:
===================================
Date: 2015-05-25 09:03:47.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-25 09:03:47.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-25 09:03:46.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:25.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:25.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.475
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.111
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 36%
Total physical RAM: 3984.3 MB
Available physical RAM: 2535.29 MB
Total Pagefile: 6032.3 MB
Available Pagefile: 4424.72 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.06 GB) (Free:361.63 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FE98E05F)
Partition: GPT Partition Type.
==================== End of log ============================
__________________

Alt 25.05.2015, 08:55   #4
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



09:23:57.0310 0x0ae8 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:23:57.0310 0x0ae8 UEFI system
09:24:02.0608 0x0ae8 ============================================================
09:24:02.0608 0x0ae8 Current date / time: 2015/05/25 09:24:02.0608
09:24:02.0608 0x0ae8 SystemInfo:
09:24:02.0608 0x0ae8
09:24:02.0608 0x0ae8 OS Version: 6.3.9600 ServicePack: 0.0
09:24:02.0608 0x0ae8 Product type: Workstation
09:24:02.0608 0x0ae8 ComputerName: IDEA-PC
09:24:02.0608 0x0ae8 UserName: H
09:24:02.0608 0x0ae8 Windows directory: C:\WINDOWS
09:24:02.0608 0x0ae8 System windows directory: C:\WINDOWS
09:24:02.0608 0x0ae8 Running under WOW64
09:24:02.0608 0x0ae8 Processor architecture: Intel x64
09:24:02.0608 0x0ae8 Number of processors: 4
09:24:02.0608 0x0ae8 Page size: 0x1000
09:24:02.0608 0x0ae8 Boot type: Normal boot
09:24:02.0608 0x0ae8 ============================================================
09:24:03.0515 0x0ae8 KLMD registered as C:\WINDOWS\system32\drivers\72392078.sys
09:24:05.0280 0x0ae8 System UUID: {D5E3D66B-2D0B-799A-AC98-C2A2E2200315}
09:24:05.0968 0x0ae8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:24:05.0984 0x0ae8 ============================================================
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0:
09:24:05.0984 0x0ae8 GPT partitions:
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6C89BA38-40AA-462D-A8AF-B992A5305DDF}, Name: , StartLBA 0x800, BlocksNum 0x1F4000
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F3D44FC8-1ED8-4776-A234-B89E7A6BFF9B}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {95EBC948-735F-4FF4-B37F-B22B9E3AA576}, Name: , StartLBA 0x276800, BlocksNum 0xFA000
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {C37350F3-618F-48DD-8D92-15040FB077CD}, Name: Microsoft reserved partition, StartLBA 0x370800, BlocksNum 0x40000
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6645DF76-4403-4C60-BAB4-C481F6ED7CF3}, Name: Basic data partition, StartLBA 0x3B0800, BlocksNum 0x36E20800
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F810B825-9A8D-4D7D-AB72-2079974379CD}, Name: , StartLBA 0x371D1000, BlocksNum 0xE1000
09:24:05.0984 0x0ae8 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {14E07E03-964A-426E-A010-E34A7D578736}, Name: , StartLBA 0x372B2000, BlocksNum 0x30D4000
09:24:05.0984 0x0ae8 MBR partitions:
09:24:05.0984 0x0ae8 ============================================================
09:24:05.0999 0x0ae8 C: <-> \Device\Harddisk0\DR0\Partition5
09:24:05.0999 0x0ae8 ============================================================
09:24:05.0999 0x0ae8 Initialize success
09:24:05.0999 0x0ae8 ============================================================
09:24:08.0656 0x08e0 ============================================================
09:24:08.0656 0x08e0 Scan started
09:24:08.0656 0x08e0 Mode: Manual;
09:24:08.0656 0x08e0 ============================================================
09:24:08.0656 0x08e0 KSN ping started
09:24:11.0079 0x08e0 KSN ping finished: true
09:24:12.0141 0x08e0 ================ Scan system memory ========================
09:24:12.0141 0x08e0 System memory - ok
09:24:12.0141 0x08e0 ================ Scan services =============================
09:24:12.0329 0x08e0 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:24:12.0329 0x08e0 1394ohci - ok
09:24:12.0344 0x08e0 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
09:24:12.0344 0x08e0 3ware - ok
09:24:12.0376 0x08e0 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:24:12.0376 0x08e0 ACPI - ok
09:24:12.0391 0x08e0 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:24:12.0391 0x08e0 acpiex - ok
09:24:12.0407 0x08e0 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:24:12.0407 0x08e0 acpipagr - ok
09:24:12.0422 0x08e0 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:24:12.0422 0x08e0 AcpiPmi - ok
09:24:12.0438 0x08e0 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:24:12.0438 0x08e0 acpitime - ok
09:24:12.0469 0x08e0 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:24:12.0469 0x08e0 ADP80XX - ok
09:24:12.0532 0x08e0 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
09:24:12.0532 0x08e0 AeLookupSvc - ok
09:24:12.0547 0x08e0 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:24:12.0563 0x08e0 AFD - ok
09:24:12.0579 0x08e0 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:24:12.0594 0x08e0 agp440 - ok
09:24:12.0610 0x08e0 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:24:12.0641 0x08e0 ahcache - ok
09:24:12.0672 0x08e0 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
09:24:12.0672 0x08e0 ALG - ok
09:24:12.0688 0x08e0 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:24:12.0688 0x08e0 AmdK8 - ok
09:24:12.0704 0x08e0 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:24:12.0704 0x08e0 AmdPPM - ok
09:24:12.0719 0x08e0 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:24:12.0719 0x08e0 amdsata - ok
09:24:12.0735 0x08e0 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:24:12.0735 0x08e0 amdsbs - ok
09:24:12.0751 0x08e0 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:24:12.0751 0x08e0 amdxata - ok
09:24:12.0782 0x08e0 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:24:12.0782 0x08e0 AppID - ok
09:24:12.0813 0x08e0 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:24:12.0813 0x08e0 AppIDSvc - ok
09:24:12.0829 0x08e0 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:24:12.0829 0x08e0 Appinfo - ok
09:24:12.0844 0x08e0 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:24:12.0860 0x08e0 AppReadiness - ok
09:24:12.0907 0x08e0 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:24:12.0923 0x08e0 AppXSvc - ok
09:24:12.0938 0x08e0 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:24:12.0938 0x08e0 arcsas - ok
09:24:12.0954 0x08e0 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:24:12.0954 0x08e0 atapi - ok
09:24:12.0985 0x08e0 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:24:13.0048 0x08e0 AudioEndpointBuilder - ok
09:24:13.0079 0x08e0 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:24:13.0094 0x08e0 Audiosrv - ok
09:24:13.0094 0x08e0 avkmgr - ok
09:24:13.0126 0x08e0 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:24:13.0126 0x08e0 AxInstSV - ok
09:24:13.0157 0x08e0 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:24:13.0173 0x08e0 b06bdrv - ok
09:24:13.0188 0x08e0 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:24:13.0188 0x08e0 BasicDisplay - ok
09:24:13.0188 0x08e0 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:24:13.0188 0x08e0 BasicRender - ok
09:24:13.0391 0x08e0 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
09:24:13.0501 0x08e0 BCM43XX - ok
09:24:13.0516 0x08e0 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:24:13.0516 0x08e0 bcmfn2 - ok
09:24:13.0548 0x08e0 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:24:13.0548 0x08e0 BDESVC - ok
09:24:13.0610 0x08e0 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:24:13.0610 0x08e0 Beep - ok
09:24:13.0657 0x08e0 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
09:24:13.0704 0x08e0 BFE - ok
09:24:13.0751 0x08e0 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
09:24:13.0766 0x08e0 BITS - ok
09:24:13.0782 0x08e0 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:24:13.0782 0x08e0 bowser - ok
09:24:13.0798 0x08e0 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:24:13.0798 0x08e0 BrokerInfrastructure - ok
09:24:13.0813 0x08e0 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
09:24:13.0813 0x08e0 Browser - ok
09:24:13.0829 0x08e0 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:24:13.0829 0x08e0 BthAvrcpTg - ok
09:24:13.0860 0x08e0 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:24:13.0892 0x08e0 BthHFEnum - ok
09:24:13.0907 0x08e0 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:24:13.0907 0x08e0 bthhfhid - ok
09:24:13.0954 0x08e0 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:24:13.0954 0x08e0 BthHFSrv - ok
09:24:13.0970 0x08e0 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:24:13.0970 0x08e0 BTHMODEM - ok
09:24:14.0001 0x08e0 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
09:24:14.0001 0x08e0 bthserv - ok
09:24:14.0017 0x08e0 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:24:14.0017 0x08e0 cdfs - ok
09:24:14.0048 0x08e0 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:24:14.0048 0x08e0 cdrom - ok
09:24:14.0063 0x08e0 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:24:14.0063 0x08e0 CertPropSvc - ok
09:24:14.0079 0x08e0 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:24:14.0079 0x08e0 circlass - ok
09:24:14.0110 0x08e0 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:24:14.0110 0x08e0 CLFS - ok
09:24:14.0142 0x08e0 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:24:14.0142 0x08e0 CmBatt - ok
09:24:14.0188 0x08e0 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:24:14.0188 0x08e0 CNG - ok
09:24:14.0204 0x08e0 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
09:24:14.0204 0x08e0 CompositeBus - ok
09:24:14.0204 0x08e0 COMSysApp - ok
09:24:14.0220 0x08e0 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:24:14.0220 0x08e0 condrv - ok
09:24:14.0298 0x08e0 [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:24:14.0610 0x08e0 cphs - ok
09:24:14.0642 0x08e0 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:24:14.0642 0x08e0 CryptSvc - ok
09:24:14.0657 0x08e0 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
09:24:14.0657 0x08e0 dam - ok
09:24:14.0735 0x08e0 [ FCE361409964B71918D0D04CC26F8BD8, 8282F6CAEFCCE7B34E06F2EDD39D21AA8E728605E278093A52E25738252CCED7 ] Dashboard Service C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
09:24:14.0798 0x08e0 Dashboard Service - ok
09:24:14.0845 0x08e0 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:24:14.0860 0x08e0 DcomLaunch - ok
09:24:14.0907 0x08e0 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:24:14.0907 0x08e0 defragsvc - ok
09:24:14.0954 0x08e0 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:24:14.0954 0x08e0 DeviceAssociationService - ok
09:24:14.0970 0x08e0 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:24:14.0970 0x08e0 DeviceInstall - ok
09:24:15.0001 0x08e0 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:24:15.0001 0x08e0 Dfsc - ok
09:24:15.0032 0x08e0 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:24:15.0032 0x08e0 Dhcp - ok
09:24:15.0079 0x08e0 [ 9703EC57F5BBB94F89CA80A5D0C12221, 29639F73AA86AA42401A1DB0AF4E76012E617879EC03AD7591210164BA105EBF ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:24:15.0095 0x08e0 DiagTrack - ok
09:24:15.0110 0x08e0 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
09:24:15.0110 0x08e0 disk - ok
09:24:15.0142 0x08e0 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:24:15.0142 0x08e0 dmvsc - ok
09:24:15.0157 0x08e0 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:24:15.0251 0x08e0 Dnscache - ok
09:24:15.0282 0x08e0 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:24:15.0282 0x08e0 dot3svc - ok
09:24:15.0313 0x08e0 [ C0AA415718DDD13A136E353844628A65, 7E2F2A139E897EAE56038B920BDA9381094BC0AE9E626F6634E6B444B8B0C91F ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
09:24:15.0345 0x08e0 dot4 - ok
09:24:15.0360 0x08e0 [ CC88A1D8A39752859101ECCE1F1BC888, F21C1D478180BC5E932BB2C2E4618E3ED463CA87ACEDEB139682D218435F82F1 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
09:24:15.0392 0x08e0 Dot4Print - ok
09:24:15.0407 0x08e0 [ DAE2C276739676593250AD3F732A2E74, DBC6AFAF80141E2480E19878F581EDFE9C2B018DA2EC527C4025FF04D5587AFD ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:24:15.0407 0x08e0 Dot4Scan - ok
09:24:15.0423 0x08e0 [ 292ADB7C57B5457F18F2FC06934B0B40, 12FFDF5F48A79B1B4ADBB88BA2CB6C59DD6719554E8EA6BEEFE99B3E3C66F1AC ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
09:24:15.0423 0x08e0 dot4usb - ok
09:24:15.0439 0x08e0 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
09:24:15.0439 0x08e0 DPS - ok
09:24:15.0454 0x08e0 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:24:15.0454 0x08e0 drmkaud - ok
09:24:15.0485 0x08e0 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:24:15.0501 0x08e0 DsmSvc - ok
09:24:15.0564 0x08e0 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:24:15.0579 0x08e0 DXGKrnl - ok
09:24:15.0626 0x08e0 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:24:15.0626 0x08e0 Eaphost - ok
09:24:15.0798 0x08e0 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:24:15.0845 0x08e0 ebdrv - ok
09:24:15.0876 0x08e0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
09:24:15.0876 0x08e0 EFS - ok
09:24:15.0892 0x08e0 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:24:15.0892 0x08e0 EhStorClass - ok
09:24:15.0907 0x08e0 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:24:15.0923 0x08e0 EhStorTcgDrv - ok
09:24:15.0923 0x08e0 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:24:15.0923 0x08e0 ErrDev - ok
09:24:16.0001 0x08e0 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
09:24:16.0001 0x08e0 EventSystem - ok
09:24:16.0017 0x08e0 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:24:16.0017 0x08e0 exfat - ok
09:24:16.0032 0x08e0 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:24:16.0032 0x08e0 fastfat - ok
09:24:16.0079 0x08e0 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
09:24:16.0079 0x08e0 Fax - ok
09:24:16.0095 0x08e0 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:24:16.0095 0x08e0 fdc - ok
09:24:16.0126 0x08e0 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:24:16.0126 0x08e0 fdPHost - ok
09:24:16.0142 0x08e0 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:24:16.0142 0x08e0 FDResPub - ok
09:24:16.0157 0x08e0 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:24:16.0157 0x08e0 fhsvc - ok
09:24:16.0157 0x08e0 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:24:16.0157 0x08e0 FileInfo - ok
09:24:16.0173 0x08e0 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:24:16.0173 0x08e0 Filetrace - ok
09:24:16.0267 0x08e0 [ 10F941E8763B6AC5B0576F37F71D62EF, 87B1F082FFAFD45F05A84C60FBB9F245771245FC1D744627093AF31610D11E14 ] FirebirdGuardianDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
09:24:16.0392 0x08e0 FirebirdGuardianDefaultInstance - ok
09:24:16.0532 0x08e0 [ BABB12A56487F18861CE185DD57AF8DB, 90FA523534D138402148B257C2DA13B5009EA96DC386182BC5282B09E20CC2CE ] FirebirdServerDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
09:24:16.0626 0x08e0 FirebirdServerDefaultInstance - ok
09:24:16.0657 0x08e0 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:24:16.0657 0x08e0 flpydisk - ok
09:24:16.0689 0x08e0 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:24:16.0704 0x08e0 FltMgr - ok
09:24:16.0751 0x08e0 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:24:16.0767 0x08e0 FontCache - ok
09:24:16.0845 0x08e0 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:24:16.0845 0x08e0 FontCache3.0.0.0 - ok
09:24:16.0860 0x08e0 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:24:16.0860 0x08e0 FsDepends - ok
09:24:16.0876 0x08e0 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:24:16.0876 0x08e0 Fs_Rec - ok
09:24:16.0907 0x08e0 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:24:16.0907 0x08e0 fvevol - ok
09:24:16.0923 0x08e0 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
09:24:16.0923 0x08e0 FxPPM - ok
09:24:16.0939 0x08e0 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:24:16.0939 0x08e0 gagp30kx - ok
09:24:16.0954 0x08e0 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:24:16.0954 0x08e0 gencounter - ok
09:24:16.0985 0x08e0 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:24:16.0985 0x08e0 GPIOClx0101 - ok
09:24:17.0032 0x08e0 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:24:17.0048 0x08e0 gpsvc - ok
09:24:17.0079 0x08e0 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:24:17.0079 0x08e0 HDAudBus - ok
09:24:17.0079 0x08e0 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:24:17.0079 0x08e0 HidBatt - ok
09:24:17.0126 0x08e0 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:24:17.0142 0x08e0 HidBth - ok
09:24:17.0157 0x08e0 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:24:17.0157 0x08e0 hidi2c - ok
09:24:17.0189 0x08e0 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:24:17.0189 0x08e0 HidIr - ok
09:24:17.0204 0x08e0 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:24:17.0204 0x08e0 hidserv - ok
09:24:17.0220 0x08e0 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:24:17.0220 0x08e0 HidUsb - ok
09:24:17.0251 0x08e0 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
09:24:17.0251 0x08e0 hkmsvc - ok
09:24:17.0267 0x08e0 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:24:17.0283 0x08e0 HomeGroupListener - ok
09:24:17.0314 0x08e0 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:24:17.0314 0x08e0 HomeGroupProvider - ok
09:24:17.0329 0x08e0 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:24:17.0329 0x08e0 HpSAMD - ok
09:24:17.0376 0x08e0 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:24:17.0392 0x08e0 HTTP - ok
09:24:17.0408 0x08e0 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:24:17.0408 0x08e0 hwpolicy - ok
09:24:17.0439 0x08e0 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:24:17.0439 0x08e0 hyperkbd - ok
09:24:17.0455 0x08e0 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:24:17.0455 0x08e0 HyperVideo - ok
09:24:17.0486 0x08e0 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:24:17.0501 0x08e0 i8042prt - ok
09:24:17.0517 0x08e0 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:24:17.0517 0x08e0 iaLPSSi_GPIO - ok
09:24:17.0533 0x08e0 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:24:17.0533 0x08e0 iaLPSSi_I2C - ok
09:24:17.0564 0x08e0 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:24:17.0564 0x08e0 iaStorAV - ok
09:24:17.0595 0x08e0 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:24:17.0595 0x08e0 iaStorV - ok
09:24:17.0658 0x08e0 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:24:17.0658 0x08e0 ICCS - ok
09:24:17.0658 0x08e0 IdeaTouch.LocalDataServer.Education - ok
09:24:17.0658 0x08e0 IEEtwCollectorService - ok
09:24:17.0751 0x08e0 [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:24:17.0861 0x08e0 igfx - ok
09:24:17.0892 0x08e0 [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:24:17.0892 0x08e0 igfxCUIService1.0.0.0 - ok
09:24:17.0939 0x08e0 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:24:17.0986 0x08e0 IKEEXT - ok
09:24:18.0095 0x08e0 [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:24:18.0142 0x08e0 IntcAzAudAddService - ok
09:24:18.0189 0x08e0 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:24:18.0220 0x08e0 IntcDAud - ok
09:24:18.0236 0x08e0 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:24:18.0236 0x08e0 intelide - ok
09:24:18.0252 0x08e0 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:24:18.0252 0x08e0 intelpep - ok
09:24:18.0267 0x08e0 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:24:18.0267 0x08e0 intelppm - ok
09:24:18.0283 0x08e0 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:24:18.0283 0x08e0 IpFilterDriver - ok
09:24:18.0330 0x08e0 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:24:18.0345 0x08e0 iphlpsvc - ok
09:24:18.0377 0x08e0 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:24:18.0377 0x08e0 IPMIDRV - ok
09:24:18.0392 0x08e0 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:24:18.0392 0x08e0 IPNAT - ok
09:24:18.0408 0x08e0 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:24:18.0408 0x08e0 IRENUM - ok
09:24:18.0423 0x08e0 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:24:18.0423 0x08e0 isapnp - ok
09:24:18.0439 0x08e0 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:24:18.0455 0x08e0 iScsiPrt - ok
09:24:18.0470 0x08e0 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
09:24:18.0517 0x08e0 iwdbus - ok
09:24:18.0580 0x08e0 [ E2CFDA7E9606FD5ECAB93E4817414661, F60A1EFFD7EB9D69620E971AB30D3FF4138D233A6EDE51CFD1BE8CCB5776E321 ] JME Keyboard C:\Windows\jmesoft\Service.exe
09:24:18.0658 0x08e0 JME Keyboard - ok
09:24:18.0673 0x08e0 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:24:18.0673 0x08e0 kbdclass - ok
09:24:18.0705 0x08e0 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:24:18.0720 0x08e0 kbdhid - ok
09:24:18.0736 0x08e0 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
09:24:18.0752 0x08e0 kdnic - ok
09:24:18.0752 0x08e0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
09:24:18.0752 0x08e0 KeyIso - ok
09:24:18.0767 0x08e0 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:24:18.0767 0x08e0 KSecDD - ok
09:24:18.0798 0x08e0 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:24:18.0798 0x08e0 KSecPkg - ok
09:24:18.0814 0x08e0 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:24:18.0814 0x08e0 ksthunk - ok
09:24:18.0845 0x08e0 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:24:18.0861 0x08e0 KtmRm - ok
09:24:18.0923 0x08e0 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:24:18.0939 0x08e0 LanmanServer - ok
09:24:18.0970 0x08e0 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:24:18.0986 0x08e0 LanmanWorkstation - ok
09:24:19.0048 0x08e0 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
09:24:19.0064 0x08e0 lfsvc - ok
09:24:19.0080 0x08e0 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
09:24:19.0080 0x08e0 lltdio - ok
09:24:19.0111 0x08e0 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:24:19.0111 0x08e0 lltdsvc - ok
09:24:19.0142 0x08e0 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:24:19.0142 0x08e0 lmhosts - ok
09:24:19.0173 0x08e0 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:24:19.0173 0x08e0 LSI_SAS - ok
09:24:19.0173 0x08e0 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
09:24:19.0173 0x08e0 LSI_SAS2 - ok
09:24:19.0189 0x08e0 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
09:24:19.0189 0x08e0 LSI_SAS3 - ok
09:24:19.0205 0x08e0 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:24:19.0205 0x08e0 LSI_SSS - ok
09:24:19.0252 0x08e0 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
09:24:19.0298 0x08e0 LSM - ok
09:24:19.0361 0x08e0 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:24:19.0361 0x08e0 luafv - ok
09:24:19.0392 0x08e0 MBAMSwissArmy - ok
09:24:19.0392 0x08e0 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:24:19.0408 0x08e0 megasas - ok
09:24:19.0423 0x08e0 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:24:19.0439 0x08e0 megasr - ok
09:24:19.0470 0x08e0 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
09:24:19.0470 0x08e0 MEIx64 - ok
09:24:19.0502 0x08e0 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
09:24:19.0502 0x08e0 MMCSS - ok
09:24:19.0517 0x08e0 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:24:19.0517 0x08e0 Modem - ok
09:24:19.0517 0x08e0 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:24:19.0517 0x08e0 monitor - ok
09:24:19.0548 0x08e0 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:24:19.0548 0x08e0 mouclass - ok
09:24:19.0564 0x08e0 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:24:19.0564 0x08e0 mouhid - ok
09:24:19.0580 0x08e0 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:24:19.0580 0x08e0 mountmgr - ok
09:24:19.0595 0x08e0 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:24:19.0595 0x08e0 mpsdrv - ok
09:24:19.0642 0x08e0 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:24:19.0658 0x08e0 MpsSvc - ok
09:24:19.0705 0x08e0 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:24:19.0736 0x08e0 MRxDAV - ok
09:24:19.0752 0x08e0 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:24:19.0752 0x08e0 mrxsmb - ok
09:24:19.0783 0x08e0 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:24:19.0783 0x08e0 mrxsmb10 - ok
09:24:19.0783 0x08e0 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:24:19.0783 0x08e0 mrxsmb20 - ok
09:24:19.0814 0x08e0 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
09:24:19.0830 0x08e0 MsBridge - ok
09:24:19.0845 0x08e0 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:24:19.0845 0x08e0 MSDTC - ok
09:24:19.0861 0x08e0 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:24:19.0861 0x08e0 Msfs - ok
09:24:19.0877 0x08e0 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:24:19.0877 0x08e0 msgpiowin32 - ok
09:24:19.0908 0x08e0 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:24:19.0908 0x08e0 mshidkmdf - ok
09:24:19.0908 0x08e0 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:24:19.0908 0x08e0 mshidumdf - ok
09:24:19.0924 0x08e0 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:24:19.0924 0x08e0 msisadrv - ok
09:24:19.0955 0x08e0 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:24:19.0955 0x08e0 MSiSCSI - ok
09:24:19.0955 0x08e0 msiserver - ok
09:24:19.0970 0x08e0 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:24:19.0970 0x08e0 MSKSSRV - ok
09:24:19.0986 0x08e0 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
09:24:19.0986 0x08e0 MsLldp - ok
09:24:20.0002 0x08e0 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:24:20.0002 0x08e0 MSPCLOCK - ok
09:24:20.0017 0x08e0 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:24:20.0017 0x08e0 MSPQM - ok
09:24:20.0049 0x08e0 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:24:20.0049 0x08e0 MsRPC - ok
09:24:20.0064 0x08e0 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:24:20.0064 0x08e0 mssmbios - ok
09:24:20.0080 0x08e0 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:24:20.0080 0x08e0 MSTEE - ok
09:24:20.0096 0x08e0 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:24:20.0096 0x08e0 MTConfig - ok
09:24:20.0096 0x08e0 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:24:20.0096 0x08e0 Mup - ok
09:24:20.0111 0x08e0 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:24:20.0111 0x08e0 mvumis - ok
09:24:20.0158 0x08e0 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
09:24:20.0158 0x08e0 napagent - ok
09:24:20.0174 0x08e0 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:24:20.0189 0x08e0 NativeWifiP - ok
09:24:20.0221 0x08e0 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:24:20.0221 0x08e0 NcaSvc - ok
09:24:20.0252 0x08e0 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:24:20.0252 0x08e0 NcbService - ok
09:24:20.0267 0x08e0 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:24:20.0267 0x08e0 NcdAutoSetup - ok
09:24:20.0314 0x08e0 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:24:20.0330 0x08e0 NDIS - ok
09:24:20.0346 0x08e0 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
09:24:20.0346 0x08e0 NdisCap - ok
09:24:20.0361 0x08e0 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
09:24:20.0361 0x08e0 NdisImPlatform - ok
09:24:20.0392 0x08e0 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:24:20.0408 0x08e0 NdisTapi - ok
09:24:20.0424 0x08e0 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:24:20.0424 0x08e0 Ndisuio - ok
09:24:20.0439 0x08e0 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:24:20.0439 0x08e0 NdisVirtualBus - ok
09:24:20.0455 0x08e0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:24:20.0455 0x08e0 NdisWan - ok
09:24:20.0471 0x08e0 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:24:20.0471 0x08e0 NdisWanLegacy - ok
09:24:20.0486 0x08e0 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:24:20.0502 0x08e0 NDProxy - ok
09:24:20.0533 0x08e0 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:24:20.0533 0x08e0 Ndu - ok
09:24:20.0549 0x08e0 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:24:20.0549 0x08e0 NetBIOS - ok
09:24:20.0564 0x08e0 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:24:20.0564 0x08e0 NetBT - ok
09:24:20.0580 0x08e0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
09:24:20.0580 0x08e0 Netlogon - ok
09:24:20.0612 0x08e0 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
09:24:20.0612 0x08e0 Netman - ok
09:24:20.0658 0x08e0 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:24:20.0674 0x08e0 netprofm - ok
09:24:20.0737 0x08e0 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:24:20.0752 0x08e0 NetTcpPortSharing - ok
09:24:20.0783 0x08e0 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
09:24:20.0783 0x08e0 netvsc - ok
09:24:20.0862 0x08e0 [ 0465745314A4A166E0F9D0BE6EB7CF69, 0AA4E6EA812175F9FDAC905FFA813A325DDD7062AE0D6D16C1F58F88DC10899A ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
09:24:20.0877 0x08e0 NitroDriverReadSpool8 - ok
09:24:20.0909 0x08e0 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:24:20.0924 0x08e0 NlaSvc - ok
09:24:20.0987 0x08e0 [ 1A0B0D6FF4B3E48DDAD3D7548399E014, E50891855F20E48503D00E4F62D69AB8ECC64878AB6FBF12AC6037FB2D510131 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
09:24:21.0002 0x08e0 nlsX86cc - ok
09:24:21.0002 0x08e0 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:24:21.0018 0x08e0 Npfs - ok
09:24:21.0034 0x08e0 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:24:21.0034 0x08e0 npsvctrig - ok
09:24:21.0065 0x08e0 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
09:24:21.0065 0x08e0 nsi - ok
09:24:21.0080 0x08e0 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:24:21.0080 0x08e0 nsiproxy - ok
09:24:21.0159 0x08e0 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:24:21.0205 0x08e0 Ntfs - ok
09:24:21.0221 0x08e0 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
09:24:21.0221 0x08e0 Null - ok
09:24:21.0487 0x08e0 [ 86B50CE257C74E378FC2686B8A1F8B30, 944093E5182FD076A93D8D9C06979E2B031A310217DFF0B2723CB136EE517772 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:24:21.0643 0x08e0 nvlddmkm - ok
09:24:21.0690 0x08e0 [ 3C4C982A745D50EEF29A59927E4E37CD, DB1C833FDA7873D00578C281EC808A6A303D0B569141E5F08FC6369F84AF8318 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
09:24:21.0690 0x08e0 nvpciflt - ok
09:24:21.0721 0x08e0 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:24:21.0721 0x08e0 nvraid - ok
09:24:21.0737 0x08e0 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:24:21.0752 0x08e0 nvstor - ok
09:24:21.0784 0x08e0 [ F44DF61D9B1C1269862CF4E135B64590, 7E6579A63A6E2E75C9CA752A5D16896C1677F6B7461C9ED9E1962B97946E716B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
09:24:21.0799 0x08e0 nvsvc - ok
09:24:21.0893 0x08e0 [ 845AF450F71A11B7358C6EFE9A76A894, 8042DF2402D00E210536552AC8202F6112F75C2F1506B0BED8DD3F04AF7BEF3F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:24:21.0909 0x08e0 nvUpdatusService - ok
09:24:21.0955 0x08e0 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:24:21.0955 0x08e0 nv_agp - ok
09:24:21.0987 0x08e0 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:24:21.0987 0x08e0 p2pimsvc - ok
09:24:22.0018 0x08e0 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:24:22.0034 0x08e0 p2psvc - ok
09:24:22.0065 0x08e0 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:24:22.0065 0x08e0 Parport - ok
09:24:22.0080 0x08e0 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:24:22.0080 0x08e0 partmgr - ok
09:24:22.0096 0x08e0 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:24:22.0096 0x08e0 PcaSvc - ok
09:24:22.0112 0x08e0 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
09:24:22.0112 0x08e0 pci - ok
09:24:22.0143 0x08e0 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:24:22.0143 0x08e0 pciide - ok
09:24:22.0159 0x08e0 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:24:22.0159 0x08e0 pcmcia - ok
09:24:22.0174 0x08e0 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:24:22.0174 0x08e0 pcw - ok
09:24:22.0205 0x08e0 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:24:22.0205 0x08e0 pdc - ok
09:24:22.0330 0x08e0 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:24:22.0330 0x08e0 PEAUTH - ok
09:24:22.0377 0x08e0 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:24:22.0377 0x08e0 PerfHost - ok
09:24:22.0424 0x08e0 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
09:24:22.0440 0x08e0 pla - ok
09:24:22.0471 0x08e0 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:24:22.0471 0x08e0 PlugPlay - ok
09:24:22.0502 0x08e0 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:24:22.0502 0x08e0 PNRPAutoReg - ok
09:24:22.0518 0x08e0 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:24:22.0518 0x08e0 PNRPsvc - ok
09:24:22.0565 0x08e0 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:24:22.0565 0x08e0 PolicyAgent - ok
09:24:22.0580 0x08e0 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
09:24:22.0580 0x08e0 Power - ok
09:24:22.0705 0x08e0 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:24:22.0752 0x08e0 PrintNotify - ok
09:24:22.0784 0x08e0 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:24:22.0799 0x08e0 Processor - ok
09:24:22.0815 0x08e0 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:24:22.0846 0x08e0 ProfSvc - ok
09:24:22.0877 0x08e0 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
09:24:22.0877 0x08e0 Psched - ok
09:24:22.0909 0x08e0 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:24:22.0909 0x08e0 QWAVE - ok
09:24:22.0924 0x08e0 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:24:22.0924 0x08e0 QWAVEdrv - ok
09:24:22.0924 0x08e0 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:24:22.0924 0x08e0 RasAcd - ok
09:24:22.0956 0x08e0 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:24:22.0956 0x08e0 RasAuto - ok
09:24:22.0987 0x08e0 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:24:23.0002 0x08e0 RasMan - ok
09:24:23.0018 0x08e0 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:24:23.0018 0x08e0 RasPppoe - ok
09:24:23.0034 0x08e0 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:24:23.0034 0x08e0 rdbss - ok
09:24:23.0034 0x08e0 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:24:23.0049 0x08e0 rdpbus - ok
09:24:23.0049 0x08e0 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:24:23.0065 0x08e0 RDPDR - ok
09:24:23.0081 0x08e0 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:24:23.0081 0x08e0 RdpVideoMiniport - ok
09:24:23.0081 0x08e0 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:24:23.0081 0x08e0 rdyboost - ok
09:24:23.0112 0x08e0 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
09:24:23.0143 0x08e0 ReFS - ok
09:24:23.0174 0x08e0 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:24:23.0174 0x08e0 RemoteAccess - ok
09:24:23.0221 0x08e0 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:24:23.0221 0x08e0 RemoteRegistry - ok
09:24:23.0299 0x08e0 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
09:24:23.0299 0x08e0 RichVideo64 - ok
09:24:23.0331 0x08e0 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:24:23.0331 0x08e0 RpcEptMapper - ok
09:24:23.0362 0x08e0 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
09:24:23.0362 0x08e0 RpcLocator - ok
09:24:23.0393 0x08e0 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:24:23.0409 0x08e0 RpcSs - ok
09:24:23.0440 0x08e0 [ A1D5FFEFDBEB3881EC3D74CC7136847F, B3D278267EF17CC6F2FAF92D3FE67734FB9689EDDFA2A78F620300409DA5D0BB ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
09:24:23.0456 0x08e0 RSP2STOR - ok
09:24:23.0471 0x08e0 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
09:24:23.0487 0x08e0 rspndr - ok
09:24:23.0502 0x08e0 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
09:24:23.0518 0x08e0 RTL8168 - ok
09:24:23.0534 0x08e0 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:24:23.0534 0x08e0 s3cap - ok
09:24:23.0565 0x08e0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
09:24:23.0565 0x08e0 SamSs - ok
09:24:23.0596 0x08e0 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:24:23.0596 0x08e0 sbp2port - ok
09:24:23.0627 0x08e0 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:24:23.0627 0x08e0 SCardSvr - ok
09:24:23.0643 0x08e0 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:24:23.0659 0x08e0 ScDeviceEnum - ok
09:24:23.0659 0x08e0 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:24:23.0674 0x08e0 scfilter - ok
09:24:23.0706 0x08e0 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:24:23.0721 0x08e0 Schedule - ok
09:24:23.0768 0x08e0 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:24:23.0768 0x08e0 SCPolicySvc - ok
09:24:23.0784 0x08e0 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:24:23.0799 0x08e0 sdbus - ok
09:24:23.0799 0x08e0 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:24:23.0799 0x08e0 sdstor - ok
09:24:23.0815 0x08e0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
09:24:23.0815 0x08e0 secdrv - ok
09:24:23.0831 0x08e0 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
09:24:23.0831 0x08e0 seclogon - ok
09:24:23.0831 0x08e0 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
09:24:23.0831 0x08e0 SENS - ok
09:24:23.0846 0x08e0 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:24:23.0862 0x08e0 SensrSvc - ok
09:24:23.0862 0x08e0 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:24:23.0877 0x08e0 SerCx - ok
09:24:23.0877 0x08e0 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:24:23.0893 0x08e0 SerCx2 - ok
09:24:23.0893 0x08e0 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:24:23.0893 0x08e0 Serenum - ok
09:24:23.0924 0x08e0 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:24:23.0924 0x08e0 Serial - ok
09:24:23.0940 0x08e0 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:24:23.0956 0x08e0 sermouse - ok
09:24:24.0002 0x08e0 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:24:24.0002 0x08e0 SessionEnv - ok
09:24:24.0018 0x08e0 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:24:24.0018 0x08e0 sfloppy - ok
09:24:24.0065 0x08e0 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:24:24.0065 0x08e0 SharedAccess - ok
09:24:24.0112 0x08e0 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:24:24.0112 0x08e0 ShellHWDetection - ok
09:24:24.0127 0x08e0 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:24:24.0127 0x08e0 SiSRaid2 - ok
09:24:24.0127 0x08e0 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:24:24.0127 0x08e0 SiSRaid4 - ok
09:24:24.0159 0x08e0 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
09:24:24.0159 0x08e0 smphost - ok
09:24:24.0190 0x08e0 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:24:24.0190 0x08e0 SNMPTRAP - ok
09:24:24.0221 0x08e0 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:24:24.0221 0x08e0 spaceport - ok
09:24:24.0237 0x08e0 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:24:24.0237 0x08e0 SpbCx - ok
09:24:24.0284 0x08e0 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:24:24.0331 0x08e0 Spooler - ok
09:24:24.0487 0x08e0 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:24:24.0565 0x08e0 sppsvc - ok
09:24:24.0596 0x08e0 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:24:24.0596 0x08e0 srv - ok
09:24:24.0612 0x08e0 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:24:24.0628 0x08e0 srv2 - ok
09:24:24.0628 0x08e0 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:24:24.0643 0x08e0 srvnet - ok
09:24:24.0674 0x08e0 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:24:24.0674 0x08e0 SSDPSRV - ok
09:24:24.0706 0x08e0 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:24:24.0721 0x08e0 SstpSvc - ok
09:24:24.0799 0x08e0 [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
09:24:24.0893 0x08e0 StarMoney 9.0 OnlineUpdate - ok
09:24:24.0924 0x08e0 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:24:24.0924 0x08e0 stexstor - ok
09:24:24.0971 0x08e0 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:24:24.0987 0x08e0 stisvc - ok
09:24:25.0003 0x08e0 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:24:25.0018 0x08e0 storahci - ok
09:24:25.0034 0x08e0 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:24:25.0034 0x08e0 storflt - ok
09:24:25.0049 0x08e0 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:24:25.0049 0x08e0 stornvme - ok
09:24:25.0081 0x08e0 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:24:25.0081 0x08e0 StorSvc - ok
09:24:25.0096 0x08e0 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:24:25.0096 0x08e0 storvsc - ok
09:24:25.0128 0x08e0 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
09:24:25.0128 0x08e0 svsvc - ok
09:24:25.0143 0x08e0 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:24:25.0143 0x08e0 swenum - ok
09:24:25.0159 0x08e0 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
09:24:25.0174 0x08e0 swprv - ok
09:24:25.0206 0x08e0 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
09:24:25.0221 0x08e0 SysMain - ok
09:24:25.0237 0x08e0 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:24:25.0237 0x08e0 SystemEventsBroker - ok
09:24:25.0268 0x08e0 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:24:25.0268 0x08e0 TabletInputService - ok
09:24:25.0299 0x08e0 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:24:25.0299 0x08e0 TapiSrv - ok
09:24:25.0378 0x08e0 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:24:25.0409 0x08e0 Tcpip - ok
09:24:25.0471 0x08e0 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:24:25.0503 0x08e0 TCPIP6 - ok
09:24:25.0534 0x08e0 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:24:25.0534 0x08e0 tcpipreg - ok
09:24:25.0565 0x08e0 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:24:25.0565 0x08e0 tdx - ok
09:24:25.0581 0x08e0 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:24:25.0581 0x08e0 terminpt - ok
09:24:25.0612 0x08e0 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
09:24:25.0628 0x08e0 TermService - ok
09:24:25.0643 0x08e0 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
09:24:25.0643 0x08e0 Themes - ok
09:24:25.0659 0x08e0 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
09:24:25.0659 0x08e0 THREADORDER - ok
09:24:25.0674 0x08e0 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:24:25.0690 0x08e0 TimeBroker - ok
09:24:25.0721 0x08e0 [ 91B58933B10637971680A5B03843FA55, BF9AC5B4634E2A8B226B95BCD6EA386020A0E76739E9C5B6A9DF200C3783740B ] TNISrvc C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe
09:24:25.0784 0x08e0 TNISrvc - ok
09:24:25.0799 0x08e0 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
09:24:25.0815 0x08e0 TPM - ok
09:24:25.0815 0x08e0 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:24:25.0815 0x08e0 TrkWks - ok
09:24:25.0878 0x08e0 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:24:25.0893 0x08e0 TrustedInstaller - ok
09:24:25.0924 0x08e0 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
09:24:25.0924 0x08e0 TsUsbFlt - ok
09:24:25.0940 0x08e0 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:24:25.0940 0x08e0 TsUsbGD - ok
09:24:25.0971 0x08e0 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
09:24:25.0971 0x08e0 tunnel - ok
09:24:25.0987 0x08e0 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:24:25.0987 0x08e0 uagp35 - ok
09:24:26.0003 0x08e0 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:24:26.0003 0x08e0 UASPStor - ok
09:24:26.0034 0x08e0 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
09:24:26.0050 0x08e0 UCX01000 - ok
09:24:26.0081 0x08e0 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:24:26.0096 0x08e0 udfs - ok
09:24:26.0112 0x08e0 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:24:26.0112 0x08e0 UEFI - ok
09:24:26.0143 0x08e0 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:24:26.0143 0x08e0 UI0Detect - ok
09:24:26.0159 0x08e0 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:24:26.0159 0x08e0 uliagpkx - ok
09:24:26.0175 0x08e0 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:24:26.0175 0x08e0 umbus - ok
09:24:26.0190 0x08e0 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:24:26.0190 0x08e0 UmPass - ok
09:24:26.0237 0x08e0 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:24:26.0237 0x08e0 UmRdpService - ok
09:24:26.0253 0x08e0 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:24:26.0253 0x08e0 upnphost - ok
09:24:26.0284 0x08e0 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:24:26.0284 0x08e0 usbaudio - ok
09:24:26.0315 0x08e0 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:24:26.0315 0x08e0 usbccgp - ok
09:24:26.0346 0x08e0 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:24:26.0346 0x08e0 usbcir - ok
09:24:26.0346 0x08e0 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:24:26.0362 0x08e0 usbehci - ok
09:24:26.0378 0x08e0 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:24:26.0393 0x08e0 usbhub - ok
09:24:26.0425 0x08e0 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:24:26.0425 0x08e0 USBHUB3 - ok
09:24:26.0472 0x08e0 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:24:26.0472 0x08e0 usbohci - ok
09:24:26.0487 0x08e0 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:24:26.0487 0x08e0 usbprint - ok
09:24:26.0503 0x08e0 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:24:26.0503 0x08e0 USBSTOR - ok
09:24:26.0518 0x08e0 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:24:26.0518 0x08e0 usbuhci - ok
09:24:26.0550 0x08e0 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:24:26.0550 0x08e0 USBXHCI - ok
09:24:26.0565 0x08e0 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:24:26.0565 0x08e0 VaultSvc - ok
09:24:26.0565 0x08e0 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:24:26.0565 0x08e0 vdrvroot - ok
09:24:26.0628 0x08e0 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
09:24:26.0643 0x08e0 vds - ok
09:24:26.0659 0x08e0 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:24:26.0659 0x08e0 VerifierExt - ok
09:24:26.0753 0x08e0 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:24:26.0753 0x08e0 vhdmp - ok
09:24:26.0784 0x08e0 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
09:24:26.0784 0x08e0 viaide - ok
09:24:26.0800 0x08e0 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:24:26.0800 0x08e0 vmbus - ok
09:24:26.0815 0x08e0 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:24:26.0815 0x08e0 VMBusHID - ok
09:24:26.0847 0x08e0 [ 13DE7AE037CC6F42F8E68D8125C75D30, 56F020EDF5312C6F073758D6B21E37B93C17B883CBC89BBBE5CD956AED5C8D10 ] VMC412 C:\WINDOWS\System32\Drivers\VMC412.sys
09:24:26.0878 0x08e0 VMC412 - ok
09:24:26.0925 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
09:24:26.0925 0x08e0 vmicguestinterface - ok
09:24:26.0940 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:24:26.0956 0x08e0 vmicheartbeat - ok
09:24:26.0972 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:24:26.0972 0x08e0 vmickvpexchange - ok
09:24:26.0987 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:24:26.0987 0x08e0 vmicrdv - ok
09:24:27.0003 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:24:27.0019 0x08e0 vmicshutdown - ok
09:24:27.0019 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:24:27.0034 0x08e0 vmictimesync - ok
09:24:27.0050 0x08e0 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:24:27.0050 0x08e0 vmicvss - ok
09:24:27.0065 0x08e0 [ EDAB214F988CCC06A1E3DC2F2455A80D, D9B4E1E0E00980A5A89F06CB9A468C9DB42E485E20E8A2929F217E501BB41C2D ] vmuacflt C:\WINDOWS\System32\Drivers\vmuacflt.sys
09:24:27.0081 0x08e0 vmuacflt - ok
09:24:27.0081 0x08e0 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:24:27.0081 0x08e0 volmgr - ok
09:24:27.0112 0x08e0 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:24:27.0112 0x08e0 volmgrx - ok
09:24:27.0128 0x08e0 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:24:27.0128 0x08e0 volsnap - ok
09:24:27.0206 0x08e0 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:24:27.0206 0x08e0 vpci - ok
09:24:27.0222 0x08e0 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:24:27.0237 0x08e0 vsmraid - ok
09:24:27.0284 0x08e0 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
09:24:27.0331 0x08e0 VSS - ok
09:24:27.0362 0x08e0 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:24:27.0362 0x08e0 VSTXRAID - ok
09:24:27.0378 0x08e0 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:24:27.0378 0x08e0 vwifibus - ok
09:24:27.0394 0x08e0 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
09:24:27.0394 0x08e0 vwififlt - ok
09:24:27.0409 0x08e0 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
09:24:27.0409 0x08e0 vwifimp - ok
09:24:27.0456 0x08e0 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
09:24:27.0472 0x08e0 W32Time - ok
09:24:27.0487 0x08e0 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:24:27.0487 0x08e0 WacomPen - ok
09:24:27.0550 0x08e0 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
09:24:27.0565 0x08e0 wbengine - ok
09:24:27.0612 0x08e0 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:24:27.0612 0x08e0 WbioSrvc - ok
09:24:27.0628 0x08e0 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:24:27.0628 0x08e0 Wcmsvc - ok
09:24:27.0659 0x08e0 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:24:27.0675 0x08e0 wcncsvc - ok
09:24:27.0691 0x08e0 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:24:27.0691 0x08e0 WcsPlugInService - ok
09:24:27.0722 0x08e0 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:24:27.0722 0x08e0 WdBoot - ok
09:24:27.0753 0x08e0 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:24:27.0753 0x08e0 Wdf01000 - ok
09:24:27.0784 0x08e0 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:24:27.0784 0x08e0 WdFilter - ok
09:24:27.0800 0x08e0 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:24:27.0800 0x08e0 WdiServiceHost - ok
09:24:27.0816 0x08e0 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:24:27.0816 0x08e0 WdiSystemHost - ok
09:24:27.0847 0x08e0 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:24:27.0847 0x08e0 WdNisDrv - ok
09:24:27.0863 0x08e0 WdNisSvc - ok
09:24:27.0878 0x08e0 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:24:27.0894 0x08e0 WebClient - ok
09:24:27.0909 0x08e0 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:24:27.0909 0x08e0 Wecsvc - ok
09:24:27.0909 0x08e0 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:24:27.0909 0x08e0 WEPHOSTSVC - ok
09:24:27.0941 0x08e0 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:24:27.0941 0x08e0 wercplsupport - ok
09:24:27.0956 0x08e0 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:24:27.0956 0x08e0 WerSvc - ok
09:24:27.0988 0x08e0 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
09:24:27.0988 0x08e0 WFPLWFS - ok
09:24:28.0003 0x08e0 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:24:28.0003 0x08e0 WiaRpc - ok
09:24:28.0019 0x08e0 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:24:28.0034 0x08e0 WIMMount - ok
09:24:28.0034 0x08e0 WinDefend - ok
09:24:28.0097 0x08e0 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:24:28.0113 0x08e0 WinHttpAutoProxySvc - ok
09:24:28.0160 0x08e0 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:24:28.0160 0x08e0 Winmgmt - ok
09:24:28.0238 0x08e0 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:24:28.0285 0x08e0 WinRM - ok
09:24:28.0347 0x08e0 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:24:28.0363 0x08e0 WlanSvc - ok
09:24:28.0410 0x08e0 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:24:28.0425 0x08e0 wlidsvc - ok
09:24:28.0441 0x08e0 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:24:28.0441 0x08e0 WmiAcpi - ok
09:24:28.0488 0x08e0 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:24:28.0488 0x08e0 wmiApSrv - ok
09:24:28.0503 0x08e0 WMPNetworkSvc - ok
09:24:28.0519 0x08e0 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:24:28.0519 0x08e0 Wof - ok
09:24:28.0582 0x08e0 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:24:28.0613 0x08e0 workfolderssvc - ok
09:24:28.0644 0x08e0 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:24:28.0644 0x08e0 wpcfltr - ok
09:24:28.0660 0x08e0 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
09:24:28.0660 0x08e0 WPCSvc - ok
09:24:28.0675 0x08e0 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:24:28.0675 0x08e0 WPDBusEnum - ok
09:24:28.0691 0x08e0 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:24:28.0691 0x08e0 WpdUpFltr - ok
09:24:28.0691 0x08e0 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:24:28.0707 0x08e0 ws2ifsl - ok
09:24:28.0707 0x08e0 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:24:28.0722 0x08e0 wscsvc - ok
09:24:28.0722 0x08e0 WSearch - ok
09:24:28.0816 0x08e0 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
09:24:28.0863 0x08e0 WSService - ok
09:24:28.0879 0x08e0 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
09:24:28.0894 0x08e0 wsvd - ok
09:24:28.0988 0x08e0 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:24:29.0160 0x08e0 wuauserv - ok
09:24:29.0207 0x08e0 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:24:29.0207 0x08e0 WudfPf - ok
09:24:29.0207 0x08e0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:24:29.0207 0x08e0 WUDFRd - ok
09:24:29.0222 0x08e0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:24:29.0222 0x08e0 WUDFSensorLP - ok
09:24:29.0254 0x08e0 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:24:29.0254 0x08e0 wudfsvc - ok
09:24:29.0269 0x08e0 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:24:29.0285 0x08e0 WUDFWpdFs - ok
09:24:29.0300 0x08e0 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:24:29.0300 0x08e0 WwanSvc - ok
09:24:29.0363 0x08e0 [ C6B289A70A2D36242A2CCAA2715E1747, B7B4762C16B0B9D25F4A20123CA16DA76A897460D2A20D8D1F347D618F49C8B3 ] X5XSEx_Pr148 C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
09:24:29.0363 0x08e0 X5XSEx_Pr148 - ok
09:24:29.0363 0x08e0 ================ Scan global ===============================
09:24:29.0410 0x08e0 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
09:24:29.0441 0x08e0 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
09:24:29.0472 0x08e0 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
09:24:29.0504 0x08e0 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
09:24:29.0504 0x08e0 [ Global ] - ok
09:24:29.0504 0x08e0 ================ Scan MBR ==================================
09:24:29.0519 0x08e0 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:24:29.0519 0x08e0 \Device\Harddisk0\DR0 - ok
09:24:29.0519 0x08e0 ================ Scan VBR ==================================
09:24:29.0519 0x08e0 [ 323D4E3BCE9186363B74CED9A4B36277 ] \Device\Harddisk0\DR0\Partition1
09:24:29.0535 0x08e0 \Device\Harddisk0\DR0\Partition1 - ok
09:24:29.0550 0x08e0 [ BC019A815C8B325B9B60A28567AECF22 ] \Device\Harddisk0\DR0\Partition2
09:24:29.0550 0x08e0 \Device\Harddisk0\DR0\Partition2 - ok
09:24:29.0566 0x08e0 [ 96096FBDDC4E881B3AAB845033A9F9DD ] \Device\Harddisk0\DR0\Partition3
09:24:29.0582 0x08e0 \Device\Harddisk0\DR0\Partition3 - ok
09:24:29.0597 0x08e0 [ A8643ABE4A393F05CD91B4C825A584FA ] \Device\Harddisk0\DR0\Partition4
09:24:29.0597 0x08e0 \Device\Harddisk0\DR0\Partition4 - ok
09:24:29.0597 0x08e0 [ 5D7FCA6353F435B56B0EEFCB75A8F5DD ] \Device\Harddisk0\DR0\Partition5
09:24:29.0613 0x08e0 \Device\Harddisk0\DR0\Partition5 - ok
09:24:29.0644 0x08e0 [ 901B4A229B162DD9C6E628D513D3F1C7 ] \Device\Harddisk0\DR0\Partition6
09:24:29.0675 0x08e0 \Device\Harddisk0\DR0\Partition6 - ok
09:24:29.0707 0x08e0 [ 6058BCADBD7B381E1063CA143127BE21 ] \Device\Harddisk0\DR0\Partition7
09:24:29.0707 0x08e0 \Device\Harddisk0\DR0\Partition7 - ok
09:24:29.0707 0x08e0 ================ Scan generic autorun ======================
09:24:30.0425 0x08e0 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:24:30.0738 0x08e0 RtHDVCpl - ok
09:24:30.0800 0x08e0 [ AF69A9A2556617801630965F52224F63, 243CD3E6FCD38B1577E637ACE2FF40F78919E0C5E9D0F26FB5C711A9145316DD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
09:24:30.0816 0x08e0 RtHDVBg_Dolby - ok
09:24:30.0847 0x08e0 [ 8EC9EF60E24E88DC5DC74D305925E2CF, 37719AAD02B4EA851F899AB4A3464EA381B96BA2E386A52BF9FDAA8C9257FDBE ] C:\WINDOWS\system32\igfxtray.exe
09:24:30.0863 0x08e0 IgfxTray - ok
09:24:30.0863 0x08e0 SpywareTerminatorShield - ok
09:24:30.0863 0x08e0 SpywareTerminatorUpdater - ok
09:24:30.0894 0x08e0 [ 174833F30109DCAF6B2031157D3425E6, 395396219B46E1D0D4A12417CA970EE5F5431D83B961008E94F56357F4E83E50 ] C:\Program Files (x86)\TNIOSDVolumeSync\TNIExec.exe
09:24:30.0894 0x08e0 TNIOSDVolumeSync(x64) - ok
09:24:30.0941 0x08e0 [ 17716C3DD52BF815291D80FAAF329AC7, 3E42FBED89BF8CE6C0EE8C97C050358ED98577BB1DDFA93CDE25F431FC55138E ] C:\WINDOWS\jmesoft\hotkey.exe
09:24:31.0097 0x08e0 jmekey - ok
09:24:31.0113 0x08e0 [ A7464F6ED03611109F435218E424AAB8, 2C582D2E97F5AE97D1FBEC0493DF45A8EAF2D2CA93048556FD11B4AAA09956E6 ] C:\Windows\jmesoft\ServiceLoader.exe
09:24:31.0129 0x08e0 jmesoft - ok
09:24:31.0191 0x08e0 [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
09:24:31.0191 0x08e0 YouCam Mirage - ok
09:24:31.0191 0x08e0 [ 79EDDBCBFFC23585BC1495AFC03CC4D7, 325A6C067A52BAD7070C1C758EA69645FD8083AC6D0ABA8340BDBE1A712E005F ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
09:24:31.0207 0x08e0 YouCam Tray - ok
09:24:31.0285 0x08e0 [ 50299DBA20F8A1735830914777B55932, 7A8864A9FA81BF6C53797B7B8FCC2199B812A7E913D35387A0C5C63C170BAC02 ] C:\Program Files\Lenovo\LVT\LJYZ.exe
09:24:31.0301 0x08e0 LVT - ok
09:24:31.0347 0x08e0 [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
09:24:31.0347 0x08e0 RemoteControl10 - ok
09:24:31.0347 0x08e0 bgsmsnd.exe - ok
09:24:31.0394 0x08e0 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:24:31.0426 0x08e0 WAB Migrate - ok
09:24:31.0457 0x08e0 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:24:31.0472 0x08e0 WAB Migrate - ok
09:24:31.0472 0x08e0 Waiting for KSN requests completion. In queue: 91
09:24:32.0488 0x08e0 Waiting for KSN requests completion. In queue: 91
09:24:33.0504 0x08e0 Waiting for KSN requests completion. In queue: 91
09:24:34.0504 0x08e0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
09:24:34.0504 0x08e0 Win FW state via NFP2: enabled
09:24:36.0942 0x08e0 ============================================================
09:24:36.0942 0x08e0 Scan finished
09:24:36.0942 0x08e0 ============================================================
09:24:36.0942 0x12c0 Detected object count: 0
09:24:36.0942 0x12c0 Actual detected object count: 0
09:24:56.0725 0x06c8 ============================================================
09:24:56.0740 0x06c8 Scan started
09:24:56.0740 0x06c8 Mode: Manual;
09:24:56.0740 0x06c8 ============================================================
09:24:56.0740 0x06c8 KSN ping started
09:24:59.0069 0x06c8 KSN ping finished: true
09:24:59.0694 0x06c8 ================ Scan system memory ========================
09:24:59.0694 0x06c8 System memory - ok
09:24:59.0694 0x06c8 ================ Scan services =============================
09:24:59.0834 0x06c8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
09:24:59.0850 0x06c8 1394ohci - ok
09:24:59.0866 0x06c8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys

Alt 25.05.2015, 08:56   #5
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



09:24:59.0866 0x06c8 3ware - ok
09:24:59.0881 0x06c8 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
09:24:59.0897 0x06c8 ACPI - ok
09:24:59.0897 0x06c8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
09:24:59.0897 0x06c8 acpiex - ok
09:24:59.0912 0x06c8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
09:24:59.0912 0x06c8 acpipagr - ok
09:24:59.0944 0x06c8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
09:24:59.0944 0x06c8 AcpiPmi - ok
09:24:59.0944 0x06c8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
09:24:59.0959 0x06c8 acpitime - ok
09:24:59.0975 0x06c8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
09:24:59.0991 0x06c8 ADP80XX - ok
09:25:00.0037 0x06c8 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
09:25:00.0053 0x06c8 AeLookupSvc - ok
09:25:00.0069 0x06c8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
09:25:00.0069 0x06c8 AFD - ok
09:25:00.0084 0x06c8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
09:25:00.0100 0x06c8 agp440 - ok
09:25:00.0116 0x06c8 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
09:25:00.0116 0x06c8 ahcache - ok
09:25:00.0147 0x06c8 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
09:25:00.0147 0x06c8 ALG - ok
09:25:00.0162 0x06c8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
09:25:00.0162 0x06c8 AmdK8 - ok
09:25:00.0209 0x06c8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
09:25:00.0209 0x06c8 AmdPPM - ok
09:25:00.0225 0x06c8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
09:25:00.0225 0x06c8 amdsata - ok
09:25:00.0241 0x06c8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
09:25:00.0256 0x06c8 amdsbs - ok
09:25:00.0256 0x06c8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
09:25:00.0256 0x06c8 amdxata - ok
09:25:00.0287 0x06c8 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
09:25:00.0287 0x06c8 AppID - ok
09:25:00.0319 0x06c8 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
09:25:00.0319 0x06c8 AppIDSvc - ok
09:25:00.0319 0x06c8 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
09:25:00.0319 0x06c8 Appinfo - ok
09:25:00.0350 0x06c8 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
09:25:00.0350 0x06c8 AppReadiness - ok
09:25:00.0412 0x06c8 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
09:25:00.0428 0x06c8 AppXSvc - ok
09:25:00.0459 0x06c8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
09:25:00.0459 0x06c8 arcsas - ok
09:25:00.0475 0x06c8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
09:25:00.0475 0x06c8 atapi - ok
09:25:00.0506 0x06c8 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
09:25:00.0506 0x06c8 AudioEndpointBuilder - ok
09:25:00.0537 0x06c8 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
09:25:00.0553 0x06c8 Audiosrv - ok
09:25:00.0553 0x06c8 avkmgr - ok
09:25:00.0584 0x06c8 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
09:25:00.0584 0x06c8 AxInstSV - ok
09:25:00.0600 0x06c8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
09:25:00.0616 0x06c8 b06bdrv - ok
09:25:00.0631 0x06c8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
09:25:00.0631 0x06c8 BasicDisplay - ok
09:25:00.0647 0x06c8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
09:25:00.0647 0x06c8 BasicRender - ok
09:25:00.0850 0x06c8 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
09:25:00.0975 0x06c8 BCM43XX - ok
09:25:00.0991 0x06c8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
09:25:00.0991 0x06c8 bcmfn2 - ok
09:25:01.0022 0x06c8 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
09:25:01.0037 0x06c8 BDESVC - ok
09:25:01.0069 0x06c8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:25:01.0069 0x06c8 Beep - ok
09:25:01.0100 0x06c8 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
09:25:01.0116 0x06c8 BFE - ok
09:25:01.0178 0x06c8 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
09:25:01.0194 0x06c8 BITS - ok
09:25:01.0194 0x06c8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
09:25:01.0209 0x06c8 bowser - ok
09:25:01.0209 0x06c8 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
09:25:01.0225 0x06c8 BrokerInfrastructure - ok
09:25:01.0241 0x06c8 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
09:25:01.0241 0x06c8 Browser - ok
09:25:01.0256 0x06c8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
09:25:01.0256 0x06c8 BthAvrcpTg - ok
09:25:01.0288 0x06c8 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
09:25:01.0288 0x06c8 BthHFEnum - ok
09:25:01.0288 0x06c8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
09:25:01.0288 0x06c8 bthhfhid - ok
09:25:01.0319 0x06c8 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
09:25:01.0334 0x06c8 BthHFSrv - ok
09:25:01.0350 0x06c8 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
09:25:01.0350 0x06c8 BTHMODEM - ok
09:25:01.0366 0x06c8 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
09:25:01.0366 0x06c8 bthserv - ok
09:25:01.0381 0x06c8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
09:25:01.0381 0x06c8 cdfs - ok
09:25:01.0428 0x06c8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
09:25:01.0428 0x06c8 cdrom - ok
09:25:01.0444 0x06c8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
09:25:01.0444 0x06c8 CertPropSvc - ok
09:25:01.0459 0x06c8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
09:25:01.0459 0x06c8 circlass - ok
09:25:01.0491 0x06c8 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
09:25:01.0491 0x06c8 CLFS - ok
09:25:01.0522 0x06c8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
09:25:01.0522 0x06c8 CmBatt - ok
09:25:01.0569 0x06c8 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
09:25:01.0569 0x06c8 CNG - ok
09:25:01.0600 0x06c8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
09:25:01.0600 0x06c8 CompositeBus - ok
09:25:01.0600 0x06c8 COMSysApp - ok
09:25:01.0616 0x06c8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
09:25:01.0616 0x06c8 condrv - ok
09:25:01.0694 0x06c8 [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:25:01.0694 0x06c8 cphs - ok
09:25:01.0741 0x06c8 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
09:25:01.0741 0x06c8 CryptSvc - ok
09:25:01.0756 0x06c8 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
09:25:01.0756 0x06c8 dam - ok
09:25:01.0834 0x06c8 [ FCE361409964B71918D0D04CC26F8BD8, 8282F6CAEFCCE7B34E06F2EDD39D21AA8E728605E278093A52E25738252CCED7 ] Dashboard Service C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
09:25:01.0834 0x06c8 Dashboard Service - ok
09:25:01.0866 0x06c8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:25:01.0881 0x06c8 DcomLaunch - ok
09:25:01.0897 0x06c8 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
09:25:01.0913 0x06c8 defragsvc - ok
09:25:01.0944 0x06c8 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
09:25:01.0944 0x06c8 DeviceAssociationService - ok
09:25:01.0975 0x06c8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
09:25:01.0975 0x06c8 DeviceInstall - ok
09:25:02.0006 0x06c8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
09:25:02.0006 0x06c8 Dfsc - ok
09:25:02.0022 0x06c8 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
09:25:02.0022 0x06c8 Dhcp - ok
09:25:02.0084 0x06c8 [ 9703EC57F5BBB94F89CA80A5D0C12221, 29639F73AA86AA42401A1DB0AF4E76012E617879EC03AD7591210164BA105EBF ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
09:25:02.0100 0x06c8 DiagTrack - ok
09:25:02.0116 0x06c8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
09:25:02.0116 0x06c8 disk - ok
09:25:02.0147 0x06c8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
09:25:02.0147 0x06c8 dmvsc - ok
09:25:02.0178 0x06c8 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:25:02.0178 0x06c8 Dnscache - ok
09:25:02.0209 0x06c8 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
09:25:02.0225 0x06c8 dot3svc - ok
09:25:02.0256 0x06c8 [ C0AA415718DDD13A136E353844628A65, 7E2F2A139E897EAE56038B920BDA9381094BC0AE9E626F6634E6B444B8B0C91F ] dot4 C:\WINDOWS\system32\DRIVERS\Dot4.sys
09:25:02.0256 0x06c8 dot4 - ok
09:25:02.0272 0x06c8 [ CC88A1D8A39752859101ECCE1F1BC888, F21C1D478180BC5E932BB2C2E4618E3ED463CA87ACEDEB139682D218435F82F1 ] Dot4Print C:\WINDOWS\System32\drivers\Dot4Prt.sys
09:25:02.0272 0x06c8 Dot4Print - ok
09:25:02.0272 0x06c8 [ DAE2C276739676593250AD3F732A2E74, DBC6AFAF80141E2480E19878F581EDFE9C2B018DA2EC527C4025FF04D5587AFD ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys
09:25:02.0272 0x06c8 Dot4Scan - ok
09:25:02.0288 0x06c8 [ 292ADB7C57B5457F18F2FC06934B0B40, 12FFDF5F48A79B1B4ADBB88BA2CB6C59DD6719554E8EA6BEEFE99B3E3C66F1AC ] dot4usb C:\WINDOWS\system32\DRIVERS\dot4usb.sys
09:25:02.0288 0x06c8 dot4usb - ok
09:25:02.0303 0x06c8 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
09:25:02.0303 0x06c8 DPS - ok
09:25:02.0319 0x06c8 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:25:02.0319 0x06c8 drmkaud - ok
09:25:02.0350 0x06c8 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
09:25:02.0366 0x06c8 DsmSvc - ok
09:25:02.0428 0x06c8 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
09:25:02.0444 0x06c8 DXGKrnl - ok
09:25:02.0475 0x06c8 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
09:25:02.0475 0x06c8 Eaphost - ok
09:25:02.0553 0x06c8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
09:25:02.0600 0x06c8 ebdrv - ok
09:25:02.0631 0x06c8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
09:25:02.0631 0x06c8 EFS - ok
09:25:02.0647 0x06c8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
09:25:02.0647 0x06c8 EhStorClass - ok
09:25:02.0647 0x06c8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
09:25:02.0663 0x06c8 EhStorTcgDrv - ok
09:25:02.0663 0x06c8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
09:25:02.0663 0x06c8 ErrDev - ok
09:25:02.0709 0x06c8 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
09:25:02.0725 0x06c8 EventSystem - ok
09:25:02.0741 0x06c8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
09:25:02.0741 0x06c8 exfat - ok
09:25:02.0741 0x06c8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
09:25:02.0741 0x06c8 fastfat - ok
09:25:02.0788 0x06c8 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
09:25:02.0803 0x06c8 Fax - ok
09:25:02.0803 0x06c8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
09:25:02.0803 0x06c8 fdc - ok
09:25:02.0834 0x06c8 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
09:25:02.0834 0x06c8 fdPHost - ok
09:25:02.0850 0x06c8 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
09:25:02.0850 0x06c8 FDResPub - ok
09:25:02.0866 0x06c8 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
09:25:02.0866 0x06c8 fhsvc - ok
09:25:02.0866 0x06c8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
09:25:02.0866 0x06c8 FileInfo - ok
09:25:02.0881 0x06c8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
09:25:02.0881 0x06c8 Filetrace - ok
09:25:02.0959 0x06c8 [ 10F941E8763B6AC5B0576F37F71D62EF, 87B1F082FFAFD45F05A84C60FBB9F245771245FC1D744627093AF31610D11E14 ] FirebirdGuardianDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
09:25:02.0959 0x06c8 FirebirdGuardianDefaultInstance - ok
09:25:03.0084 0x06c8 [ BABB12A56487F18861CE185DD57AF8DB, 90FA523534D138402148B257C2DA13B5009EA96DC386182BC5282B09E20CC2CE ] FirebirdServerDefaultInstance C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
09:25:03.0163 0x06c8 FirebirdServerDefaultInstance - ok
09:25:03.0178 0x06c8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
09:25:03.0178 0x06c8 flpydisk - ok
09:25:03.0194 0x06c8 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:25:03.0209 0x06c8 FltMgr - ok
09:25:03.0256 0x06c8 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
09:25:03.0272 0x06c8 FontCache - ok
09:25:03.0350 0x06c8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:25:03.0350 0x06c8 FontCache3.0.0.0 - ok
09:25:03.0366 0x06c8 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
09:25:03.0366 0x06c8 FsDepends - ok
09:25:03.0381 0x06c8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:25:03.0381 0x06c8 Fs_Rec - ok
09:25:03.0413 0x06c8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
09:25:03.0413 0x06c8 fvevol - ok
09:25:03.0428 0x06c8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
09:25:03.0428 0x06c8 FxPPM - ok
09:25:03.0444 0x06c8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
09:25:03.0444 0x06c8 gagp30kx - ok
09:25:03.0459 0x06c8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
09:25:03.0459 0x06c8 gencounter - ok
09:25:03.0491 0x06c8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
09:25:03.0491 0x06c8 GPIOClx0101 - ok
09:25:03.0538 0x06c8 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
09:25:03.0569 0x06c8 gpsvc - ok
09:25:03.0585 0x06c8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
09:25:03.0585 0x06c8 HDAudBus - ok
09:25:03.0585 0x06c8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
09:25:03.0585 0x06c8 HidBatt - ok
09:25:03.0616 0x06c8 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
09:25:03.0616 0x06c8 HidBth - ok
09:25:03.0632 0x06c8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
09:25:03.0632 0x06c8 hidi2c - ok
09:25:03.0663 0x06c8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
09:25:03.0663 0x06c8 HidIr - ok
09:25:03.0678 0x06c8 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
09:25:03.0678 0x06c8 hidserv - ok
09:25:03.0694 0x06c8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
09:25:03.0694 0x06c8 HidUsb - ok
09:25:03.0725 0x06c8 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
09:25:03.0725 0x06c8 hkmsvc - ok
09:25:03.0741 0x06c8 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
09:25:03.0757 0x06c8 HomeGroupListener - ok
09:25:03.0788 0x06c8 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
09:25:03.0788 0x06c8 HomeGroupProvider - ok
09:25:03.0803 0x06c8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
09:25:03.0803 0x06c8 HpSAMD - ok
09:25:03.0850 0x06c8 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
09:25:03.0866 0x06c8 HTTP - ok
09:25:03.0882 0x06c8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
09:25:03.0882 0x06c8 hwpolicy - ok
09:25:03.0882 0x06c8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
09:25:03.0882 0x06c8 hyperkbd - ok
09:25:03.0897 0x06c8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
09:25:03.0897 0x06c8 HyperVideo - ok
09:25:03.0928 0x06c8 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
09:25:03.0928 0x06c8 i8042prt - ok
09:25:03.0944 0x06c8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
09:25:03.0944 0x06c8 iaLPSSi_GPIO - ok
09:25:03.0960 0x06c8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
09:25:03.0960 0x06c8 iaLPSSi_I2C - ok
09:25:03.0975 0x06c8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
09:25:03.0991 0x06c8 iaStorAV - ok
09:25:04.0007 0x06c8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
09:25:04.0022 0x06c8 iaStorV - ok
09:25:04.0085 0x06c8 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
09:25:04.0085 0x06c8 ICCS - ok
09:25:04.0085 0x06c8 IdeaTouch.LocalDataServer.Education - ok
09:25:04.0100 0x06c8 IEEtwCollectorService - ok
09:25:04.0194 0x06c8 [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:25:04.0241 0x06c8 igfx - ok
09:25:04.0272 0x06c8 [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:25:04.0272 0x06c8 igfxCUIService1.0.0.0 - ok
09:25:04.0303 0x06c8 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
09:25:04.0319 0x06c8 IKEEXT - ok
09:25:04.0413 0x06c8 [ 517869DB2BC6058D250A2963AE32B2D4, 155452DCBA19ABDF8ED72286E9AC43947A06F08C1BD044F88A870F3465981B79 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:25:04.0460 0x06c8 IntcAzAudAddService - ok
09:25:04.0507 0x06c8 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:25:04.0507 0x06c8 IntcDAud - ok
09:25:04.0522 0x06c8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
09:25:04.0522 0x06c8 intelide - ok
09:25:04.0538 0x06c8 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
09:25:04.0538 0x06c8 intelpep - ok
09:25:04.0553 0x06c8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
09:25:04.0569 0x06c8 intelppm - ok
09:25:04.0585 0x06c8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:25:04.0585 0x06c8 IpFilterDriver - ok
09:25:04.0616 0x06c8 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
09:25:04.0632 0x06c8 iphlpsvc - ok
09:25:04.0663 0x06c8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
09:25:04.0663 0x06c8 IPMIDRV - ok
09:25:04.0678 0x06c8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
09:25:04.0678 0x06c8 IPNAT - ok
09:25:04.0710 0x06c8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
09:25:04.0710 0x06c8 IRENUM - ok
09:25:04.0725 0x06c8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
09:25:04.0725 0x06c8 isapnp - ok
09:25:04.0741 0x06c8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
09:25:04.0741 0x06c8 iScsiPrt - ok
09:25:04.0757 0x06c8 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
09:25:04.0772 0x06c8 iwdbus - ok
09:25:04.0803 0x06c8 [ E2CFDA7E9606FD5ECAB93E4817414661, F60A1EFFD7EB9D69620E971AB30D3FF4138D233A6EDE51CFD1BE8CCB5776E321 ] JME Keyboard C:\Windows\jmesoft\Service.exe
09:25:04.0803 0x06c8 JME Keyboard - ok
09:25:04.0819 0x06c8 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
09:25:04.0819 0x06c8 kbdclass - ok
09:25:04.0850 0x06c8 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
09:25:04.0850 0x06c8 kbdhid - ok
09:25:04.0866 0x06c8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
09:25:04.0866 0x06c8 kdnic - ok
09:25:04.0866 0x06c8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
09:25:04.0866 0x06c8 KeyIso - ok
09:25:04.0882 0x06c8 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
09:25:04.0882 0x06c8 KSecDD - ok
09:25:04.0913 0x06c8 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
09:25:04.0913 0x06c8 KSecPkg - ok
09:25:04.0928 0x06c8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
09:25:04.0928 0x06c8 ksthunk - ok
09:25:04.0960 0x06c8 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
09:25:04.0975 0x06c8 KtmRm - ok
09:25:05.0007 0x06c8 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
09:25:05.0007 0x06c8 LanmanServer - ok
09:25:05.0053 0x06c8 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
09:25:05.0053 0x06c8 LanmanWorkstation - ok
09:25:05.0100 0x06c8 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
09:25:05.0100 0x06c8 lfsvc - ok
09:25:05.0116 0x06c8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
09:25:05.0116 0x06c8 lltdio - ok
09:25:05.0147 0x06c8 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
09:25:05.0147 0x06c8 lltdsvc - ok
09:25:05.0179 0x06c8 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
09:25:05.0179 0x06c8 lmhosts - ok
09:25:05.0210 0x06c8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
09:25:05.0210 0x06c8 LSI_SAS - ok
09:25:05.0210 0x06c8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
09:25:05.0210 0x06c8 LSI_SAS2 - ok
09:25:05.0257 0x06c8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
09:25:05.0257 0x06c8 LSI_SAS3 - ok
09:25:05.0257 0x06c8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
09:25:05.0257 0x06c8 LSI_SSS - ok
09:25:05.0304 0x06c8 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
09:25:05.0319 0x06c8 LSM - ok
09:25:05.0350 0x06c8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
09:25:05.0350 0x06c8 luafv - ok
09:25:05.0350 0x06c8 MBAMSwissArmy - ok
09:25:05.0366 0x06c8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
09:25:05.0366 0x06c8 megasas - ok
09:25:05.0382 0x06c8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
09:25:05.0397 0x06c8 megasr - ok
09:25:05.0429 0x06c8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
09:25:05.0429 0x06c8 MEIx64 - ok
09:25:05.0444 0x06c8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
09:25:05.0444 0x06c8 MMCSS - ok
09:25:05.0460 0x06c8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
09:25:05.0460 0x06c8 Modem - ok
09:25:05.0476 0x06c8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
09:25:05.0476 0x06c8 monitor - ok
09:25:05.0491 0x06c8 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
09:25:05.0491 0x06c8 mouclass - ok
09:25:05.0507 0x06c8 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
09:25:05.0507 0x06c8 mouhid - ok
09:25:05.0507 0x06c8 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
09:25:05.0507 0x06c8 mountmgr - ok
09:25:05.0522 0x06c8 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
09:25:05.0522 0x06c8 mpsdrv - ok
09:25:05.0569 0x06c8 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
09:25:05.0585 0x06c8 MpsSvc - ok
09:25:05.0616 0x06c8 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
09:25:05.0616 0x06c8 MRxDAV - ok
09:25:05.0632 0x06c8 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:25:05.0632 0x06c8 mrxsmb - ok
09:25:05.0663 0x06c8 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
09:25:05.0663 0x06c8 mrxsmb10 - ok
09:25:05.0679 0x06c8 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
09:25:05.0679 0x06c8 mrxsmb20 - ok
09:25:05.0710 0x06c8 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
09:25:05.0710 0x06c8 MsBridge - ok
09:25:05.0741 0x06c8 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
09:25:05.0741 0x06c8 MSDTC - ok
09:25:05.0757 0x06c8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:25:05.0757 0x06c8 Msfs - ok
09:25:05.0772 0x06c8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
09:25:05.0772 0x06c8 msgpiowin32 - ok
09:25:05.0788 0x06c8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
09:25:05.0788 0x06c8 mshidkmdf - ok
09:25:05.0804 0x06c8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
09:25:05.0804 0x06c8 mshidumdf - ok
09:25:05.0819 0x06c8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
09:25:05.0819 0x06c8 msisadrv - ok
09:25:05.0835 0x06c8 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
09:25:05.0835 0x06c8 MSiSCSI - ok
09:25:05.0851 0x06c8 msiserver - ok
09:25:05.0866 0x06c8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:25:05.0866 0x06c8 MSKSSRV - ok
09:25:05.0882 0x06c8 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
09:25:05.0882 0x06c8 MsLldp - ok
09:25:05.0898 0x06c8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:25:05.0898 0x06c8 MSPCLOCK - ok
09:25:05.0898 0x06c8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:25:05.0898 0x06c8 MSPQM - ok
09:25:05.0945 0x06c8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
09:25:05.0945 0x06c8 MsRPC - ok
09:25:05.0960 0x06c8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
09:25:05.0960 0x06c8 mssmbios - ok
09:25:05.0960 0x06c8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
09:25:05.0960 0x06c8 MSTEE - ok
09:25:05.0976 0x06c8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
09:25:05.0991 0x06c8 MTConfig - ok
09:25:05.0991 0x06c8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
09:25:05.0991 0x06c8 Mup - ok
09:25:06.0007 0x06c8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
09:25:06.0007 0x06c8 mvumis - ok
09:25:06.0038 0x06c8 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
09:25:06.0054 0x06c8 napagent - ok
09:25:06.0070 0x06c8 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
09:25:06.0070 0x06c8 NativeWifiP - ok
09:25:06.0101 0x06c8 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
09:25:06.0101 0x06c8 NcaSvc - ok
09:25:06.0116 0x06c8 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
09:25:06.0116 0x06c8 NcbService - ok
09:25:06.0132 0x06c8 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
09:25:06.0132 0x06c8 NcdAutoSetup - ok
09:25:06.0195 0x06c8 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
09:25:06.0195 0x06c8 NDIS - ok
09:25:06.0226 0x06c8 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
09:25:06.0226 0x06c8 NdisCap - ok
09:25:06.0226 0x06c8 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
09:25:06.0226 0x06c8 NdisImPlatform - ok
09:25:06.0257 0x06c8 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:25:06.0257 0x06c8 NdisTapi - ok
09:25:06.0288 0x06c8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:25:06.0288 0x06c8 Ndisuio - ok
09:25:06.0288 0x06c8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
09:25:06.0304 0x06c8 NdisVirtualBus - ok
09:25:06.0304 0x06c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:25:06.0320 0x06c8 NdisWan - ok
09:25:06.0320 0x06c8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:25:06.0320 0x06c8 NdisWanLegacy - ok
09:25:06.0335 0x06c8 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:25:06.0335 0x06c8 NDProxy - ok
09:25:06.0367 0x06c8 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
09:25:06.0367 0x06c8 Ndu - ok
09:25:06.0382 0x06c8 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:25:06.0382 0x06c8 NetBIOS - ok
09:25:06.0382 0x06c8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:25:06.0398 0x06c8 NetBT - ok
09:25:06.0413 0x06c8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
09:25:06.0413 0x06c8 Netlogon - ok
09:25:06.0445 0x06c8 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
09:25:06.0445 0x06c8 Netman - ok
09:25:06.0492 0x06c8 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
09:25:06.0492 0x06c8 netprofm - ok
09:25:06.0554 0x06c8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:25:06.0554 0x06c8 NetTcpPortSharing - ok
09:25:06.0601 0x06c8 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
09:25:06.0601 0x06c8 netvsc - ok
09:25:06.0679 0x06c8 [ 0465745314A4A166E0F9D0BE6EB7CF69, 0AA4E6EA812175F9FDAC905FFA813A325DDD7062AE0D6D16C1F58F88DC10899A ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
09:25:06.0679 0x06c8 NitroDriverReadSpool8 - ok
09:25:06.0726 0x06c8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
09:25:06.0726 0x06c8 NlaSvc - ok
09:25:06.0804 0x06c8 [ 1A0B0D6FF4B3E48DDAD3D7548399E014, E50891855F20E48503D00E4F62D69AB8ECC64878AB6FBF12AC6037FB2D510131 ] nlsX86cc C:\WINDOWS\SysWOW64\NLSSRV32.EXE
09:25:06.0804 0x06c8 nlsX86cc - ok
09:25:06.0820 0x06c8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:25:06.0820 0x06c8 Npfs - ok
09:25:06.0851 0x06c8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
09:25:06.0851 0x06c8 npsvctrig - ok
09:25:06.0882 0x06c8 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
09:25:06.0882 0x06c8 nsi - ok
09:25:06.0898 0x06c8 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
09:25:06.0898 0x06c8 nsiproxy - ok
09:25:06.0976 0x06c8 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:25:06.0992 0x06c8 Ntfs - ok
09:25:07.0023 0x06c8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
09:25:07.0023 0x06c8 Null - ok
09:25:07.0304 0x06c8 [ 86B50CE257C74E378FC2686B8A1F8B30, 944093E5182FD076A93D8D9C06979E2B031A310217DFF0B2723CB136EE517772 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
09:25:07.0476 0x06c8 nvlddmkm - ok
09:25:07.0507 0x06c8 [ 3C4C982A745D50EEF29A59927E4E37CD, DB1C833FDA7873D00578C281EC808A6A303D0B569141E5F08FC6369F84AF8318 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
09:25:07.0507 0x06c8 nvpciflt - ok
09:25:07.0523 0x06c8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
09:25:07.0523 0x06c8 nvraid - ok
09:25:07.0539 0x06c8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
09:25:07.0539 0x06c8 nvstor - ok
09:25:07.0585 0x06c8 [ F44DF61D9B1C1269862CF4E135B64590, 7E6579A63A6E2E75C9CA752A5D16896C1677F6B7461C9ED9E1962B97946E716B ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
09:25:07.0585 0x06c8 nvsvc - ok
09:25:07.0679 0x06c8 [ 845AF450F71A11B7358C6EFE9A76A894, 8042DF2402D00E210536552AC8202F6112F75C2F1506B0BED8DD3F04AF7BEF3F ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:25:07.0695 0x06c8 nvUpdatusService - ok
09:25:07.0710 0x06c8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
09:25:07.0710 0x06c8 nv_agp - ok
09:25:07.0757 0x06c8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
09:25:07.0757 0x06c8 p2pimsvc - ok
09:25:07.0804 0x06c8 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
09:25:07.0804 0x06c8 p2psvc - ok
09:25:07.0820 0x06c8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
09:25:07.0820 0x06c8 Parport - ok
09:25:07.0835 0x06c8 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
09:25:07.0835 0x06c8 partmgr - ok
09:25:07.0867 0x06c8 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
09:25:07.0867 0x06c8 PcaSvc - ok
09:25:07.0882 0x06c8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
09:25:07.0882 0x06c8 pci - ok
09:25:07.0898 0x06c8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
09:25:07.0898 0x06c8 pciide - ok
09:25:07.0914 0x06c8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
09:25:07.0914 0x06c8 pcmcia - ok
09:25:07.0929 0x06c8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
09:25:07.0929 0x06c8 pcw - ok
09:25:07.0960 0x06c8 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
09:25:07.0960 0x06c8 pdc - ok
09:25:07.0992 0x06c8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
09:25:08.0007 0x06c8 PEAUTH - ok
09:25:08.0039 0x06c8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
09:25:08.0039 0x06c8 PerfHost - ok
09:25:08.0101 0x06c8 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
09:25:08.0117 0x06c8 pla - ok
09:25:08.0148 0x06c8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
09:25:08.0148 0x06c8 PlugPlay - ok
09:25:08.0164 0x06c8 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
09:25:08.0164 0x06c8 PNRPAutoReg - ok
09:25:08.0179 0x06c8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
09:25:08.0195 0x06c8 PNRPsvc - ok
09:25:08.0226 0x06c8 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
09:25:08.0226 0x06c8 PolicyAgent - ok
09:25:08.0242 0x06c8 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
09:25:08.0242 0x06c8 Power - ok
09:25:08.0351 0x06c8 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:25:08.0398 0x06c8 PrintNotify - ok
09:25:08.0429 0x06c8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
09:25:08.0429 0x06c8 Processor - ok
09:25:08.0460 0x06c8 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
09:25:08.0460 0x06c8 ProfSvc - ok
09:25:08.0492 0x06c8 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
09:25:08.0492 0x06c8 Psched - ok
09:25:08.0523 0x06c8 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
09:25:08.0523 0x06c8 QWAVE - ok
09:25:08.0539 0x06c8 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
09:25:08.0539 0x06c8 QWAVEdrv - ok
09:25:08.0570 0x06c8 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:25:08.0570 0x06c8 RasAcd - ok
09:25:08.0585 0x06c8 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:25:08.0601 0x06c8 RasAuto - ok
09:25:08.0617 0x06c8 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:25:08.0632 0x06c8 RasMan - ok
09:25:08.0648 0x06c8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:25:08.0648 0x06c8 RasPppoe - ok
09:25:08.0664 0x06c8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:25:08.0679 0x06c8 rdbss - ok
09:25:08.0679 0x06c8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
09:25:08.0679 0x06c8 rdpbus - ok
09:25:08.0695 0x06c8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
09:25:08.0710 0x06c8 RDPDR - ok
09:25:08.0726 0x06c8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
09:25:08.0726 0x06c8 RdpVideoMiniport - ok
09:25:08.0726 0x06c8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
09:25:08.0742 0x06c8 rdyboost - ok
09:25:08.0757 0x06c8 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
09:25:08.0773 0x06c8 ReFS - ok
09:25:08.0804 0x06c8 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:25:08.0820 0x06c8 RemoteAccess - ok
09:25:08.0851 0x06c8 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:25:08.0851 0x06c8 RemoteRegistry - ok
09:25:08.0929 0x06c8 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
09:25:08.0929 0x06c8 RichVideo64 - ok
09:25:08.0960 0x06c8 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
09:25:08.0960 0x06c8 RpcEptMapper - ok
09:25:08.0992 0x06c8 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
09:25:08.0992 0x06c8 RpcLocator - ok
09:25:09.0023 0x06c8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
09:25:09.0039 0x06c8 RpcSs - ok
09:25:09.0070 0x06c8 [ A1D5FFEFDBEB3881EC3D74CC7136847F, B3D278267EF17CC6F2FAF92D3FE67734FB9689EDDFA2A78F620300409DA5D0BB ] RSP2STOR C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
09:25:09.0070 0x06c8 RSP2STOR - ok
09:25:09.0101 0x06c8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
09:25:09.0101 0x06c8 rspndr - ok
09:25:09.0132 0x06c8 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
09:25:09.0132 0x06c8 RTL8168 - ok
09:25:09.0148 0x06c8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
09:25:09.0148 0x06c8 s3cap - ok
09:25:09.0179 0x06c8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
09:25:09.0179 0x06c8 SamSs - ok
09:25:09.0226 0x06c8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
09:25:09.0226 0x06c8 sbp2port - ok
09:25:09.0257 0x06c8 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
09:25:09.0257 0x06c8 SCardSvr - ok
09:25:09.0273 0x06c8 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
09:25:09.0273 0x06c8 ScDeviceEnum - ok
09:25:09.0289 0x06c8 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
09:25:09.0289 0x06c8 scfilter - ok
09:25:09.0320 0x06c8 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:25:09.0335 0x06c8 Schedule - ok
09:25:09.0382 0x06c8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
09:25:09.0382 0x06c8 SCPolicySvc - ok
09:25:09.0414 0x06c8 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
09:25:09.0414 0x06c8 sdbus - ok
09:25:09.0429 0x06c8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
09:25:09.0429 0x06c8 sdstor - ok
09:25:09.0429 0x06c8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
09:25:09.0429 0x06c8 secdrv - ok
09:25:09.0445 0x06c8 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
09:25:09.0460 0x06c8 seclogon - ok
09:25:09.0460 0x06c8 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
09:25:09.0460 0x06c8 SENS - ok
09:25:09.0476 0x06c8 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
09:25:09.0492 0x06c8 SensrSvc - ok
09:25:09.0507 0x06c8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
09:25:09.0507 0x06c8 SerCx - ok
09:25:09.0523 0x06c8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
09:25:09.0523 0x06c8 SerCx2 - ok
09:25:09.0523 0x06c8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
09:25:09.0523 0x06c8 Serenum - ok
09:25:09.0539 0x06c8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
09:25:09.0539 0x06c8 Serial - ok
09:25:09.0570 0x06c8 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
09:25:09.0570 0x06c8 sermouse - ok
09:25:09.0585 0x06c8 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
09:25:09.0601 0x06c8 SessionEnv - ok
09:25:09.0617 0x06c8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
09:25:09.0617 0x06c8 sfloppy - ok
09:25:09.0648 0x06c8 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:25:09.0648 0x06c8 SharedAccess - ok
09:25:09.0710 0x06c8 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:25:09.0710 0x06c8 ShellHWDetection - ok
09:25:09.0742 0x06c8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
09:25:09.0742 0x06c8 SiSRaid2 - ok
09:25:09.0742 0x06c8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
09:25:09.0742 0x06c8 SiSRaid4 - ok
09:25:09.0773 0x06c8 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
09:25:09.0773 0x06c8 smphost - ok
09:25:09.0804 0x06c8 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
09:25:09.0804 0x06c8 SNMPTRAP - ok
09:25:09.0835 0x06c8 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
09:25:09.0835 0x06c8 spaceport - ok
09:25:09.0851 0x06c8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
09:25:09.0851 0x06c8 SpbCx - ok
09:25:09.0898 0x06c8 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
09:25:09.0898 0x06c8 Spooler - ok
09:25:10.0039 0x06c8 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
09:25:10.0132 0x06c8 sppsvc - ok
09:25:10.0148 0x06c8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:25:10.0164 0x06c8 srv - ok
09:25:10.0179 0x06c8 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
09:25:10.0179 0x06c8 srv2 - ok
09:25:10.0195 0x06c8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
09:25:10.0195 0x06c8 srvnet - ok
09:25:10.0226 0x06c8 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:25:10.0226 0x06c8 SSDPSRV - ok
09:25:10.0242 0x06c8 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
09:25:10.0242 0x06c8 SstpSvc - ok
09:25:10.0336 0x06c8 [ 3BF022F8064A83A23DF90971DD78CA83, 85754DF1C6DE745ADF9A0BAB1948AFF2CA16C4569128DA90AF610D199E621BF4 ] StarMoney 9.0 OnlineUpdate C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe
09:25:10.0351 0x06c8 StarMoney 9.0 OnlineUpdate - ok
09:25:10.0367 0x06c8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
09:25:10.0367 0x06c8 stexstor - ok
09:25:10.0414 0x06c8 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
09:25:10.0429 0x06c8 stisvc - ok
09:25:10.0429 0x06c8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
09:25:10.0429 0x06c8 storahci - ok
09:25:10.0461 0x06c8 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
09:25:10.0461 0x06c8 storflt - ok
09:25:10.0476 0x06c8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
09:25:10.0476 0x06c8 stornvme - ok
09:25:10.0492 0x06c8 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
09:25:10.0492 0x06c8 StorSvc - ok
09:25:10.0507 0x06c8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
09:25:10.0507 0x06c8 storvsc - ok
09:25:10.0539 0x06c8 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
09:25:10.0539 0x06c8 svsvc - ok
09:25:10.0554 0x06c8 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
09:25:10.0554 0x06c8 swenum - ok
09:25:10.0586 0x06c8 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
09:25:10.0586 0x06c8 swprv - ok
09:25:10.0617 0x06c8 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
09:25:10.0632 0x06c8 SysMain - ok
09:25:10.0648 0x06c8 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
09:25:10.0648 0x06c8 SystemEventsBroker - ok
09:25:10.0679 0x06c8 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
09:25:10.0695 0x06c8 TabletInputService - ok
09:25:10.0711 0x06c8 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:25:10.0711 0x06c8 TapiSrv - ok
09:25:10.0773 0x06c8 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
09:25:10.0804 0x06c8 Tcpip - ok
09:25:10.0867 0x06c8 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:25:10.0914 0x06c8 TCPIP6 - ok
09:25:10.0945 0x06c8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
09:25:10.0945 0x06c8 tcpipreg - ok
09:25:10.0976 0x06c8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
09:25:10.0976 0x06c8 tdx - ok
09:25:10.0992 0x06c8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
09:25:10.0992 0x06c8 terminpt - ok
09:25:11.0023 0x06c8 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
09:25:11.0039 0x06c8 TermService - ok
09:25:11.0054 0x06c8 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
09:25:11.0054 0x06c8 Themes - ok
09:25:11.0086 0x06c8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
09:25:11.0086 0x06c8 THREADORDER - ok
09:25:11.0086 0x06c8 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
09:25:11.0101 0x06c8 TimeBroker - ok
09:25:11.0148 0x06c8 [ 91B58933B10637971680A5B03843FA55, BF9AC5B4634E2A8B226B95BCD6EA386020A0E76739E9C5B6A9DF200C3783740B ] TNISrvc C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe
09:25:11.0148 0x06c8 TNISrvc - ok
09:25:11.0164 0x06c8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
09:25:11.0164 0x06c8 TPM - ok
09:25:11.0164 0x06c8 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
09:25:11.0179 0x06c8 TrkWks - ok
09:25:11.0226 0x06c8 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
09:25:11.0226 0x06c8 TrustedInstaller - ok
09:25:11.0257 0x06c8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
09:25:11.0257 0x06c8 TsUsbFlt - ok
09:25:11.0273 0x06c8 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
09:25:11.0273 0x06c8 TsUsbGD - ok
09:25:11.0304 0x06c8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
09:25:11.0304 0x06c8 tunnel - ok
09:25:11.0320 0x06c8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
09:25:11.0320 0x06c8 uagp35 - ok
09:25:11.0351 0x06c8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
09:25:11.0351 0x06c8 UASPStor - ok
09:25:11.0398 0x06c8 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
09:25:11.0398 0x06c8 UCX01000 - ok
09:25:11.0429 0x06c8 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
09:25:11.0429 0x06c8 udfs - ok
09:25:11.0445 0x06c8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
09:25:11.0445 0x06c8 UEFI - ok
09:25:11.0476 0x06c8 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
09:25:11.0476 0x06c8 UI0Detect - ok
09:25:11.0492 0x06c8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
09:25:11.0492 0x06c8 uliagpkx - ok
09:25:11.0507 0x06c8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
09:25:11.0507 0x06c8 umbus - ok
09:25:11.0523 0x06c8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
09:25:11.0523 0x06c8 UmPass - ok
09:25:11.0554 0x06c8 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
09:25:11.0570 0x06c8 UmRdpService - ok
09:25:11.0586 0x06c8 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
09:25:11.0586 0x06c8 upnphost - ok
09:25:11.0617 0x06c8 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
09:25:11.0617 0x06c8 usbaudio - ok
09:25:11.0632 0x06c8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
09:25:11.0648 0x06c8 usbccgp - ok
09:25:11.0648 0x06c8 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
09:25:11.0664 0x06c8 usbcir - ok
09:25:11.0664 0x06c8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
09:25:11.0664 0x06c8 usbehci - ok
09:25:11.0695 0x06c8 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
09:25:11.0695 0x06c8 usbhub - ok
09:25:11.0742 0x06c8 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
09:25:11.0742 0x06c8 USBHUB3 - ok
09:25:11.0789 0x06c8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
09:25:11.0789 0x06c8 usbohci - ok
09:25:11.0804 0x06c8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
09:25:11.0804 0x06c8 usbprint - ok
09:25:11.0820 0x06c8 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
09:25:11.0820 0x06c8 USBSTOR - ok
09:25:11.0836 0x06c8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
09:25:11.0836 0x06c8 usbuhci - ok
09:25:11.0867 0x06c8 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
09:25:11.0882 0x06c8 USBXHCI - ok
09:25:11.0882 0x06c8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
09:25:11.0882 0x06c8 VaultSvc - ok
09:25:11.0898 0x06c8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
09:25:11.0898 0x06c8 vdrvroot - ok
09:25:11.0961 0x06c8 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
09:25:11.0976 0x06c8 vds - ok
09:25:12.0007 0x06c8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
09:25:12.0007 0x06c8 VerifierExt - ok
09:25:12.0101 0x06c8 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
09:25:12.0101 0x06c8 vhdmp - ok
09:25:12.0133 0x06c8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
09:25:12.0133 0x06c8 viaide - ok
09:25:12.0148 0x06c8 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
09:25:12.0148 0x06c8 vmbus - ok
09:25:12.0164 0x06c8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
09:25:12.0164 0x06c8 VMBusHID - ok
09:25:12.0195 0x06c8 [ 13DE7AE037CC6F42F8E68D8125C75D30, 56F020EDF5312C6F073758D6B21E37B93C17B883CBC89BBBE5CD956AED5C8D10 ] VMC412 C:\WINDOWS\System32\Drivers\VMC412.sys
09:25:12.0195 0x06c8 VMC412 - ok
09:25:12.0242 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
09:25:12.0242 0x06c8 vmicguestinterface - ok
09:25:12.0258 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
09:25:12.0273 0x06c8 vmicheartbeat - ok
09:25:12.0273 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
09:25:12.0289 0x06c8 vmickvpexchange - ok
09:25:12.0304 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
09:25:12.0304 0x06c8 vmicrdv - ok
09:25:12.0320 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
09:25:12.0320 0x06c8 vmicshutdown - ok
09:25:12.0336 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
09:25:12.0351 0x06c8 vmictimesync - ok
09:25:12.0351 0x06c8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
09:25:12.0367 0x06c8 vmicvss - ok
09:25:12.0383 0x06c8 [ EDAB214F988CCC06A1E3DC2F2455A80D, D9B4E1E0E00980A5A89F06CB9A468C9DB42E485E20E8A2929F217E501BB41C2D ] vmuacflt C:\WINDOWS\System32\Drivers\vmuacflt.sys
09:25:12.0383 0x06c8 vmuacflt - ok
09:25:12.0398 0x06c8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
09:25:12.0398 0x06c8 volmgr - ok
09:25:12.0414 0x06c8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
09:25:12.0414 0x06c8 volmgrx - ok
09:25:12.0445 0x06c8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
09:25:12.0445 0x06c8 volsnap - ok
09:25:12.0476 0x06c8 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
09:25:12.0476 0x06c8 vpci - ok
09:25:12.0508 0x06c8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
09:25:12.0508 0x06c8 vsmraid - ok
09:25:12.0554 0x06c8 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
09:25:12.0570 0x06c8 VSS - ok
09:25:12.0617 0x06c8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
09:25:12.0617 0x06c8 VSTXRAID - ok
09:25:12.0633 0x06c8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
09:25:12.0633 0x06c8 vwifibus - ok
09:25:12.0648 0x06c8 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
09:25:12.0648 0x06c8 vwififlt - ok
09:25:12.0648 0x06c8 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
09:25:12.0648 0x06c8 vwifimp - ok
09:25:12.0695 0x06c8 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
09:25:12.0695 0x06c8 W32Time - ok
09:25:12.0711 0x06c8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
09:25:12.0711 0x06c8 WacomPen - ok
09:25:12.0773 0x06c8 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
09:25:12.0789 0x06c8 wbengine - ok
09:25:12.0836 0x06c8 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
09:25:12.0836 0x06c8 WbioSrvc - ok
09:25:12.0851 0x06c8 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
09:25:12.0851 0x06c8 Wcmsvc - ok
09:25:12.0883 0x06c8 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
09:25:12.0883 0x06c8 wcncsvc - ok
09:25:12.0898 0x06c8 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
09:25:12.0898 0x06c8 WcsPlugInService - ok
09:25:12.0929 0x06c8 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
09:25:12.0929 0x06c8 WdBoot - ok
09:25:12.0961 0x06c8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
09:25:12.0976 0x06c8 Wdf01000 - ok
09:25:12.0992 0x06c8 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
09:25:12.0992 0x06c8 WdFilter - ok
09:25:13.0008 0x06c8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
09:25:13.0008 0x06c8 WdiServiceHost - ok
09:25:13.0023 0x06c8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
09:25:13.0023 0x06c8 WdiSystemHost - ok
09:25:13.0054 0x06c8 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
09:25:13.0054 0x06c8 WdNisDrv - ok
09:25:13.0070 0x06c8 WdNisSvc - ok
09:25:13.0086 0x06c8 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
09:25:13.0086 0x06c8 WebClient - ok
09:25:13.0101 0x06c8 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
09:25:13.0117 0x06c8 Wecsvc - ok
09:25:13.0117 0x06c8 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
09:25:13.0117 0x06c8 WEPHOSTSVC - ok
09:25:13.0133 0x06c8 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
09:25:13.0133 0x06c8 wercplsupport - ok
09:25:13.0148 0x06c8 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
09:25:13.0148 0x06c8 WerSvc - ok
09:25:13.0179 0x06c8 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
09:25:13.0179 0x06c8 WFPLWFS - ok
09:25:13.0195 0x06c8 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
09:25:13.0195 0x06c8 WiaRpc - ok
09:25:13.0226 0x06c8 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
09:25:13.0226 0x06c8 WIMMount - ok
09:25:13.0226 0x06c8 WinDefend - ok
09:25:13.0273 0x06c8 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
09:25:13.0289 0x06c8 WinHttpAutoProxySvc - ok
09:25:13.0320 0x06c8 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:25:13.0336 0x06c8 Winmgmt - ok
09:25:13.0414 0x06c8 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
09:25:13.0445 0x06c8 WinRM - ok
09:25:13.0508 0x06c8 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
09:25:13.0539 0x06c8 WlanSvc - ok
09:25:13.0570 0x06c8 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
09:25:13.0601 0x06c8 wlidsvc - ok
09:25:13.0617 0x06c8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
09:25:13.0617 0x06c8 WmiAcpi - ok
09:25:13.0648 0x06c8 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
09:25:13.0664 0x06c8 wmiApSrv - ok
09:25:13.0680 0x06c8 WMPNetworkSvc - ok
09:25:13.0695 0x06c8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
09:25:13.0695 0x06c8 Wof - ok
09:25:13.0758 0x06c8 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
09:25:13.0773 0x06c8 workfolderssvc - ok
09:25:13.0805 0x06c8 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
09:25:13.0805 0x06c8 wpcfltr - ok
09:25:13.0820 0x06c8 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
09:25:13.0820 0x06c8 WPCSvc - ok
09:25:13.0836 0x06c8 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
09:25:13.0836 0x06c8 WPDBusEnum - ok
09:25:13.0851 0x06c8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
09:25:13.0851 0x06c8 WpdUpFltr - ok
09:25:13.0867 0x06c8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
09:25:13.0867 0x06c8 ws2ifsl - ok
09:25:13.0883 0x06c8 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
09:25:13.0883 0x06c8 wscsvc - ok
09:25:13.0883 0x06c8 WSearch - ok
09:25:13.0992 0x06c8 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
09:25:14.0039 0x06c8 WSService - ok
09:25:14.0070 0x06c8 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\WINDOWS\system32\DRIVERS\wsvd.sys
09:25:14.0070 0x06c8 wsvd - ok
09:25:14.0180 0x06c8 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
09:25:14.0227 0x06c8 wuauserv - ok
09:25:14.0242 0x06c8 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
09:25:14.0242 0x06c8 WudfPf - ok
09:25:14.0242 0x06c8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
09:25:14.0258 0x06c8 WUDFRd - ok
09:25:14.0258 0x06c8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:25:14.0258 0x06c8 WUDFSensorLP - ok
09:25:14.0273 0x06c8 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
09:25:14.0273 0x06c8 wudfsvc - ok
09:25:14.0289 0x06c8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
09:25:14.0289 0x06c8 WUDFWpdFs - ok
09:25:14.0320 0x06c8 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
09:25:14.0336 0x06c8 WwanSvc - ok
09:25:14.0367 0x06c8 [ C6B289A70A2D36242A2CCAA2715E1747, B7B4762C16B0B9D25F4A20123CA16DA76A897460D2A20D8D1F347D618F49C8B3 ] X5XSEx_Pr148 C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys
09:25:14.0367 0x06c8 X5XSEx_Pr148 - ok
09:25:14.0383 0x06c8 ================ Scan global ===============================
09:25:14.0414 0x06c8 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
09:25:14.0445 0x06c8 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
09:25:14.0477 0x06c8 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
09:25:14.0508 0x06c8 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
09:25:14.0524 0x06c8 [ Global ] - ok
09:25:14.0524 0x06c8 ================ Scan MBR ==================================
09:25:14.0524 0x06c8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:25:14.0539 0x06c8 \Device\Harddisk0\DR0 - ok
09:25:14.0539 0x06c8 ================ Scan VBR ==================================
09:25:14.0539 0x06c8 [ 323D4E3BCE9186363B74CED9A4B36277 ] \Device\Harddisk0\DR0\Partition1
09:25:14.0539 0x06c8 \Device\Harddisk0\DR0\Partition1 - ok
09:25:14.0555 0x06c8 [ BC019A815C8B325B9B60A28567AECF22 ] \Device\Harddisk0\DR0\Partition2
09:25:14.0570 0x06c8 \Device\Harddisk0\DR0\Partition2 - ok
09:25:14.0586 0x06c8 [ 96096FBDDC4E881B3AAB845033A9F9DD ] \Device\Harddisk0\DR0\Partition3
09:25:14.0602 0x06c8 \Device\Harddisk0\DR0\Partition3 - ok
09:25:14.0602 0x06c8 [ A8643ABE4A393F05CD91B4C825A584FA ] \Device\Harddisk0\DR0\Partition4
09:25:14.0602 0x06c8 \Device\Harddisk0\DR0\Partition4 - ok
09:25:14.0617 0x06c8 [ 5D7FCA6353F435B56B0EEFCB75A8F5DD ] \Device\Harddisk0\DR0\Partition5
09:25:14.0633 0x06c8 \Device\Harddisk0\DR0\Partition5 - ok
09:25:14.0649 0x06c8 [ 901B4A229B162DD9C6E628D513D3F1C7 ] \Device\Harddisk0\DR0\Partition6
09:25:14.0664 0x06c8 \Device\Harddisk0\DR0\Partition6 - ok
09:25:14.0680 0x06c8 [ 6058BCADBD7B381E1063CA143127BE21 ] \Device\Harddisk0\DR0\Partition7
09:25:14.0695 0x06c8 \Device\Harddisk0\DR0\Partition7 - ok
09:25:14.0695 0x06c8 ================ Scan generic autorun ======================
09:25:15.0039 0x06c8 [ 16438B000BF56F2CD7FDB5E6C3B38C7E, 32D6E69E6367D3ADB2189DA89103CB9910CE791EFB0879515DDD380A96D85BAE ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
09:25:15.0196 0x06c8 RtHDVCpl - ok
09:25:15.0258 0x06c8 [ AF69A9A2556617801630965F52224F63, 243CD3E6FCD38B1577E637ACE2FF40F78919E0C5E9D0F26FB5C711A9145316DD ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
09:25:15.0274 0x06c8 RtHDVBg_Dolby - ok
09:25:15.0321 0x06c8 [ 8EC9EF60E24E88DC5DC74D305925E2CF, 37719AAD02B4EA851F899AB4A3464EA381B96BA2E386A52BF9FDAA8C9257FDBE ] C:\WINDOWS\system32\igfxtray.exe
09:25:15.0336 0x06c8 IgfxTray - ok
09:25:15.0336 0x06c8 SpywareTerminatorShield - ok
09:25:15.0336 0x06c8 SpywareTerminatorUpdater - ok
09:25:15.0367 0x06c8 [ 174833F30109DCAF6B2031157D3425E6, 395396219B46E1D0D4A12417CA970EE5F5431D83B961008E94F56357F4E83E50 ] C:\Program Files (x86)\TNIOSDVolumeSync\TNIExec.exe
09:25:15.0367 0x06c8 TNIOSDVolumeSync(x64) - ok
09:25:15.0414 0x06c8 [ 17716C3DD52BF815291D80FAAF329AC7, 3E42FBED89BF8CE6C0EE8C97C050358ED98577BB1DDFA93CDE25F431FC55138E ] C:\WINDOWS\jmesoft\hotkey.exe
09:25:15.0414 0x06c8 jmekey - ok
09:25:15.0414 0x06c8 [ A7464F6ED03611109F435218E424AAB8, 2C582D2E97F5AE97D1FBEC0493DF45A8EAF2D2CA93048556FD11B4AAA09956E6 ] C:\Windows\jmesoft\ServiceLoader.exe
09:25:15.0414 0x06c8 jmesoft - ok
09:25:15.0446 0x06c8 [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
09:25:15.0461 0x06c8 YouCam Mirage - ok
09:25:15.0461 0x06c8 [ 79EDDBCBFFC23585BC1495AFC03CC4D7, 325A6C067A52BAD7070C1C758EA69645FD8083AC6D0ABA8340BDBE1A712E005F ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
09:25:15.0461 0x06c8 YouCam Tray - ok
09:25:15.0524 0x06c8 [ 50299DBA20F8A1735830914777B55932, 7A8864A9FA81BF6C53797B7B8FCC2199B812A7E913D35387A0C5C63C170BAC02 ] C:\Program Files\Lenovo\LVT\LJYZ.exe
09:25:15.0539 0x06c8 LVT - ok
09:25:15.0586 0x06c8 [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
09:25:15.0586 0x06c8 RemoteControl10 - ok
09:25:15.0586 0x06c8 bgsmsnd.exe - ok
09:25:15.0633 0x06c8 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:25:15.0649 0x06c8 WAB Migrate - ok
09:25:15.0664 0x06c8 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
09:25:15.0664 0x06c8 WAB Migrate - ok
09:25:15.0680 0x06c8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
09:25:15.0680 0x06c8 Win FW state via NFP2: enabled
09:25:18.0086 0x06c8 ============================================================
09:25:18.0086 0x06c8 Scan finished
09:25:18.0086 0x06c8 ============================================================
09:25:18.0086 0x121c Detected object count: 0
09:25:18.0086 0x121c Actual detected object count: 0


Alt 25.05.2015, 12:00   #6
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Servus,



bitte beachten:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Wie ich sehe, hast du bereits AdwCleaner ausgeführt. Bitte alle Logdateien davon posten.
__________________
--> Rechner langsam Viruss?

Alt 26.05.2015, 08:07   #7
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



AdwCleaner Logfile:
AdwCleaner Logfile:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.205 - Bericht erstellt 25/05/2015 um 23:12:29
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : H - IDEA-PC
# Gestarted von : C:\Users\H\Downloads\AdwCleaner_4.205 (1).exe
# Option : Suchlauf
 ***** [ Dienste ] *****
 
***** [ Dateien / Ordner ] *****
 Ordner Gefunden : C:\Device
 ***** [ Geplante Tasks ] *****
 
***** [ Verknüpfungen ] *****
 
***** [ Registrierungsdatenbank ] *****
 
***** [ Internetbrowser ] *****
 -\\ Internet Explorer v11.0.9600.17416
 
-\\ Mozilla Firefox v
 
*************************
 AdwCleaner[R0].txt - [845 Bytes] - [24/05/2015 12:22:47]
AdwCleaner[R1].txt - [902 Bytes] - [24/05/2015 12:48:46]
AdwCleaner[R2].txt - [758 Bytes] - [25/05/2015 23:12:29]
AdwCleaner[S0].txt - [960 Bytes] - [24/05/2015 12:52:11]
 ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [874 Bytes] ##########
         
[/CODE][/CODE]
--- --- ---
--- --- ---
--- --- ---AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.205 - Bericht erstellt 24/05/2015 um 12:52:11
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Lokal]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : H - IDEA-PC
# Gestarted von : C:\Users\H\Downloads\adwcleaner_4.205.exe
# Option : Löschen
 ***** [ Dienste ] *****
 
***** [ Dateien / Ordner ] *****
 Ordner Gelöscht : C:\ProgramData\SecTaskMan
Ordner Gelöscht : C:\Users\H\AppData\Local\SecTaskMan
 ***** [ Geplante Tasks ] *****
 
***** [ Verknüpfungen ] *****
 
***** [ Registrierungsdatenbank ] *****
 
***** [ Internetbrowser ] *****
 -\\ Internet Explorer v11.0.9600.17416
 
-\\ Mozilla Firefox v
 
*************************
 AdwCleaner[R0].txt - [845 Bytes] - [24/05/2015 12:22:47]
AdwCleaner[R1].txt - [902 Bytes] - [24/05/2015 12:48:46]

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.205 - Bericht erstellt 24/05/2015 um 12:48:46
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Lokal]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : H - IDEA-PC
# Gestarted von : C:\Users\H\Downloads\adwcleaner_4.205.exe
# Option : Suchlauf
 ***** [ Dienste ] *****
 
***** [ Dateien / Ordner ] *****
 Ordner Gefunden : C:\ProgramData\SecTaskMan
Ordner Gefunden : C:\Users\H\AppData\Local\SecTaskMan
 ***** [ Geplante Tasks ] *****
 
***** [ Verknüpfungen ] *****
 
***** [ Registrierungsdatenbank ] *****
 
***** [ Internetbrowser ] *****
 -\\ Internet Explorer v11.0.9600.17416
 
-\\ Mozilla Firefox v
 
*************************
 AdwCleaner[R0].txt - [845 Bytes] - [24/05/2015 12:22:47]
AdwCleaner[R1].txt - [766 Bytes] - [24/05/2015 12:48:46]
 ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [824 Bytes] ##########
         
--- --- ---
--- --- ---
# AdwCleaner v4.205 - Bericht erstellt 24/05/2015 um 12:22:47
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-21.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : H - IDEA-PC
# Gestarted von : C:\Users\H\Downloads\adwcleaner_4.205.exe
# Option : Suchlauf
***** [ Dienste ] *****

***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\ProgramData\SecTaskMan
Ordner Gefunden : C:\Users\H\AppData\Local\SecTaskMan
***** [ Geplante Tasks ] *****

***** [ Verknüpfungen ] *****

***** [ Registrierungsdatenbank ] *****

***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416

-\\ Mozilla Firefox v

*************************
AdwCleaner[R0].txt - [709 Bytes] - [24/05/2015 12:22:47]

Alt 26.05.2015, 09:18   #8
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 3
Downloade dir bitte Shortcut Cleaner (by Grinler) auf deinen Desktop.
  • Starte die sc-cleaner.exe mit einem Doppelclick.
  • Bestätige die Meldung Shortcut Cleaner Finished am Ende des Suchlaufs mit Ok.
  • Eine Logdatei wird sich öffnen (sc-cleaner.txt).
  • Poste mir den Inhalt mit deiner nächsten Antwort.





Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die Logdatei von Shortcut-Cleaner,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.05.2015, 10:14   #9
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 26.05.2015
Suchlauf-Zeit: 10:38:14
Logdatei: mbam.txt
Administrator: Ja
Version: 2.01.6.1022
Malware Datenbank: v2015.03.09.05
Rootkit Datenbank: v2015.05.24.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: H
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 458430
Verstrichene Zeit: 16 Min, 0 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente gefunden)
Module: 0
(Keine schädliche Elemente gefunden)
Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)
Registrierungswerte: 0
(Keine schädliche Elemente gefunden)
Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)
Ordner: 0
(Keine schädliche Elemente gefunden)
Dateien: 0
(Keine schädliche Elemente gefunden)
Physische Sektoren: 0
(Keine schädliche Elemente gefunden)

(end)JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.0 (05.25.2015:1)
OS: Windows 8.1 x64
Ran by H on 26.05.2015 at 11:01:15,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  
 
~~~ Services
  
 ~~~ Tasks
 Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002
  
 ~~~ Registry Values
  
 ~~~ Registry Keys
  
 ~~~ Files
  
 ~~~ Folders
  
  
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.05.2015 at 11:02:22,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


Shortcut Cleaner 1.3.8 by Lawrence Abrams (Grinler)
Bleeping Computer - Technical Support and Computer Help
Copyright 2008-2015 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
Shortcut Cleaner Download
Windows Version: Windows 8.1
Program started at: 05/26/2015 11:04:36 AM.
Scanning for registry hijacks:
* No issues found in the Registry.
Searching for Hijacked Shortcuts:
Searching C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\
Searching C:\ProgramData\Microsoft\Windows\Start Menu\
Searching C:\Users\H\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\
Searching C:\Users\Public\Desktop\
Searching C:\Users\H\Desktop\
Searching C:\Users\Public\Desktop\

0 bad shortcuts found.
Program finished at: 05/26/2015 11:04:37 AM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-05-2015
Ran by H (administrator) on IDEA-PC on 26-05-2015 11:07:59
Running from C:\Users\H\Downloads
Loaded Profiles: H (Available Profiles: UpdatusUser & H & Administrator)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Farbar) C:\Users\H\Downloads\FRST64 (1).exe

==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1360600 2013-10-29] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [TNIOSDVolumeSync(x64)] => C:\Program Files (x86)\TNIOSDVolumeSync\TNIExec.exe [9728 2012-08-29] (TPV-INVENTA TECHNOLOGY CO., LTD.)
HKLM-x32\...\Run: [jmekey] => C:\WINDOWS\jmesoft\hotkey.exe [118784 2013-07-24] (Lenovo)
HKLM-x32\...\Run: [jmesoft] => C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-08-16] ()
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [bgsmsnd.exe] => C:\WINDOWS\SysWOW64\bgsmsnd.exe [204720 2014-06-26] (Broadgun Software)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [184048 2013-11-01] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland ? mit Hotmail Nachfolger Outlook und Messenger Skype
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = Lenovo Deutschland: Computer, Notebooks, Tablets & Mehr | Lenovo (DE)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2480739207-2502134016-2632597921-1002 -> {649F3FA9-EB13-441C-86F7-2FC9156ED06A} URL =
BHO-x32: pdfMachine -> {56CF4856-ECB4-4e46-A897-A378821F97B9} -> C:\WINDOWS\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software)
Toolbar: HKLM-x32 - pdfMachine - {56CF4856-ECB4-4e46-A897-A378821F97B9} - C:\WINDOWS\SysWow64\bgstb.dll [2014-10-09] (Broadgun Software)
Toolbar: HKU\.DEFAULT -> No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Tcpip\Parameters: [DhcpNameServer] 192.168.50.1
FireFox:
========
FF ProfilePath: C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\99kle6gz.default
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 -> C:\Program Files (x86)\FreeRide Games\npExentControl.dll [2010-10-18] (Exent Technologies Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-05-24] (Nitro PDF)
FF Plugin-x32: www.exent.com/GameTreatWidget -> C:\Program Files (x86)\FreeRide Games\NPGameTreatPlugin.dll No File
FF Plugin HKU\S-1-5-21-2480739207-2502134016-2632597921-1002: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll No File
FF Extension: Avira Browser Safety - C:\Users\H\AppData\Roaming\Mozilla\Firefox\Profiles\99kle6gz.default\Extensions\abs@avira.com [2015-05-23]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)
S2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [24880 2013-01-15] (Microsoft) []
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-05] (Microsoft Corporation)
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [154112 2014-12-03] (Firebird Project) []
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5772288 2014-12-03] (Firebird Project) []
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-08-16] () []
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-05-24] (Nitro PDF Software)
S2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
S2 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [697488 2014-07-04] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S2 TNISrvc; C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe [53760 2012-08-29] (TPV-INVENTA TECHNOLOGY CO., LTD.) []
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-05-11] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-05-11] (Microsoft Corporation)
S2 IdeaTouch.LocalDataServer.Education; "C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [146856 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [21928 2013-06-04] (Windows (R) Win 7 DDK provider)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-26] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232576 2012-08-22] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [13696 2012-05-02] (Vimicro Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-05-11] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
U3 DfSdkS; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 11:07 - 2015-05-26 11:07 - 02108928 _____ (Farbar) C:\Users\H\Downloads\FRST64 (1).exe
2015-05-26 11:05 - 2015-05-26 10:57 - 00001193 _____ () C:\Users\H\Desktop\mbam.txt
2015-05-26 11:04 - 2015-05-26 11:04 - 00463688 _____ (Bleeping Computer, LLC) C:\Users\H\Downloads\sc-cleaner.exe
2015-05-26 11:04 - 2015-05-26 11:04 - 00001800 _____ () C:\Users\H\Desktop\sc-cleaner.txt
2015-05-26 11:02 - 2015-05-26 11:02 - 00000722 _____ () C:\Users\H\Desktop\JRT.txt
2015-05-26 11:01 - 2015-05-26 11:01 - 00000000 ____D () C:\RegBackup
2015-05-26 10:59 - 2015-05-26 10:59 - 02946703 _____ (Thisisu) C:\Users\H\Downloads\JRT.exe
2015-05-26 10:38 - 2015-05-26 10:38 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-26 10:35 - 2015-05-26 10:35 - 00001129 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-26 10:35 - 2015-05-26 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-05-26 10:35 - 2015-05-26 10:35 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-05-26 10:35 - 2015-04-14 09:38 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-05-26 10:35 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-05-26 10:35 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-05-26 10:34 - 2015-05-26 10:35 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\H\Downloads\mbam-setup-2.1.6.1022 (2).exe
2015-05-25 23:12 - 2015-05-25 23:12 - 02222592 _____ () C:\Users\H\Downloads\AdwCleaner_4.205 (1).exe
2015-05-25 09:23 - 2015-05-25 09:23 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\H\Downloads\tdsskiller.exe
2015-05-25 09:06 - 2015-05-25 09:06 - 00028810 _____ () C:\Users\H\Downloads\Addition.txt
2015-05-25 09:05 - 2015-05-26 11:07 - 00011137 _____ () C:\Users\H\Downloads\FRST.txt
2015-05-25 09:04 - 2015-05-26 11:08 - 00000000 ____D () C:\FRST
2015-05-25 09:02 - 2015-05-25 09:03 - 02108416 _____ (Farbar) C:\Users\H\Downloads\FRST64.exe
2015-05-24 21:51 - 2015-05-24 22:04 - 00000000 ____D () C:\Users\H\Doctor Web
2015-05-24 21:46 - 2015-05-24 21:50 - 162343880 _____ () C:\Users\H\Downloads\o5zgon8o.exe
2015-05-24 21:28 - 2015-05-24 21:28 - 05049344 _____ (Crawler.com ) C:\Users\H\Downloads\SpywareTerminatorSetup_3.0.0.82.exe
2015-05-24 21:28 - 2015-05-24 21:28 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2015-05-24 13:17 - 2015-05-24 13:18 - 51789024 _____ (Microsoft Corporation) C:\Users\H\Downloads\Windows-KB890830-x64-V5.24.exe
2015-05-24 13:13 - 2015-04-30 10:07 - 137310008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MRT.exe
2015-05-24 13:11 - 2015-05-24 13:12 - 50811104 _____ (Microsoft Corporation) C:\Users\H\Downloads\Windows-KB890830-V5.24.exe
2015-05-24 12:22 - 2015-05-25 23:15 - 00000000 ____D () C:\AdwCleaner
2015-05-24 12:22 - 2015-05-24 12:22 - 02223104 _____ () C:\Users\H\Downloads\adwcleaner_4.205.exe
2015-05-24 12:10 - 2015-05-24 12:10 - 00532480 _____ (Trend Micro Incorporated) C:\Users\H\Downloads\cwshredder.exe
2015-05-23 10:06 - 2015-05-23 10:07 - 04737144 _____ (Avira Operations GmbH & Co. KG) C:\Users\H\Downloads\avira_de_av_556034e6ea1ba__ws.exe
2015-05-23 09:58 - 2015-05-23 09:58 - 00000941 _____ () C:\DelFix.txt
2015-05-22 23:48 - 2015-05-22 23:48 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\H\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-22 00:01 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-05-22 00:01 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-05-21 21:09 - 2015-05-21 21:09 - 00000183 _____ () C:\INSTALL.LOG
2015-05-21 20:35 - 2015-05-21 20:36 - 02931056 _____ () C:\Users\H\Downloads\SecurityTaskManager_Setup.exe
2015-05-21 20:13 - 2015-05-21 20:13 - 00000207 _____ () C:\WINDOWS\tweaking.com-regbackup-IDEA-PC-Windows-8.1-(64-bit).dat
2015-05-21 20:09 - 2015-05-25 08:59 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-21 20:08 - 2015-05-21 20:09 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\H\Downloads\revosetup95.exe
2015-05-20 13:45 - 2015-05-20 13:45 - 00001210 _____ () C:\WINDOWS\firebird.log
2015-05-20 11:50 - 2015-05-20 11:50 - 00002127 _____ () C:\Users\H\Desktop\Foxit Reader Deutsch - CHIP Downloader.lnk
2015-05-20 08:52 - 2015-03-03 15:17 - 00295552 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-05-16 15:07 - 2015-05-20 09:54 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nico Mak Computing
2015-05-13 16:55 - 2015-05-13 16:55 - 00001144 _____ () C:\Users\Public\Desktop\Amicron-Mailoffice 4.0.lnk
2015-05-13 16:55 - 2015-05-13 16:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amicron-Mailoffice 4.0
2015-05-13 16:55 - 2015-05-13 16:55 - 00000000 ____D () C:\Program Files (x86)\Amicron-Mailoffice 4.0
2015-05-13 16:52 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amicron-Faktura 11.0
2015-05-13 16:52 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files (x86)\Amicron-Faktura 11.0
2015-05-13 16:52 - 2015-05-13 16:52 - 00001113 _____ () C:\Users\Public\Desktop\Amicron-Faktura 11.0.lnk
2015-05-13 16:37 - 2015-05-13 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firebird 2.5 (x64)
2015-05-13 16:37 - 2015-05-13 16:37 - 00000000 ____D () C:\Program Files\Firebird
2015-05-13 16:37 - 2014-12-03 17:08 - 00773632 _____ (IBPhoenix) C:\WINDOWS\system32\Firebird2Control.cpl
2015-05-13 16:37 - 2014-12-03 17:06 - 00875520 _____ (Firebird Project) C:\WINDOWS\system32\GDS32.DLL
2015-05-13 16:36 - 2015-05-13 16:36 - 10294006 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.3.26780_0_x64.exe
2015-05-13 16:19 - 2015-04-30 22:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:19 - 2015-04-30 22:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 15:53 - 2015-05-13 15:53 - 00000000 ____D () C:\müll
2015-05-13 15:51 - 2014-12-03 16:40 - 00552960 _____ (Firebird Project) C:\WINDOWS\SysWOW64\GDS32.DLL
2015-05-13 15:35 - 2015-05-26 09:06 - 00003910 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C72B0CE2-9C72-4228-8055-EB54D33D645A}
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieUserList
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieSiteList
2015-05-13 15:35 - 2015-05-13 15:35 - 00000000 __SHD () C:\Users\H\AppData\Local\EmieBrowserModeList
2015-05-13 15:01 - 2015-05-25 23:16 - 00004414 _____ () C:\WINDOWS\setupact.log
2015-05-13 15:01 - 2015-05-25 23:15 - 00251824 _____ () C:\WINDOWS\PFRO.log
2015-05-13 15:01 - 2015-05-13 15:01 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-05-13 15:00 - 2015-05-13 15:54 - 00000000 ____D () C:\Program Files\Firebird_2_5
2015-05-13 14:58 - 2015-05-13 14:59 - 10326711 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.4.26856_0_x64(1).exe
2015-05-13 14:51 - 2015-05-13 14:51 - 05248848 _____ (Piriform Ltd) C:\Users\H\Downloads\ccsetup505_slim.exe
2015-05-13 14:50 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 14:50 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 14:49 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 14:49 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 14:49 - 2015-03-17 19:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 14:49 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 14:49 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 14:48 - 2015-05-01 01:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 14:48 - 2015-05-01 00:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 14:48 - 2015-03-09 04:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 14:48 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2015-05-13 14:48 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2015-05-13 14:44 - 2015-04-24 23:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 14:44 - 2015-03-05 01:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 14:38 - 2015-04-09 00:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 14:38 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 14:38 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 14:38 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 14:38 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 14:38 - 2015-03-13 06:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 14:38 - 2015-03-13 06:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 14:38 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 14:38 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 14:38 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 14:38 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 14:37 - 2015-04-14 00:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 14:37 - 2015-04-10 03:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 14:37 - 2015-04-10 02:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 14:37 - 2015-04-10 02:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 14:37 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 14:37 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 14:37 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-05-13 14:37 - 2014-11-10 01:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-05-13 14:37 - 2014-11-10 01:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-05-13 14:36 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 14:36 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 14:36 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 14:34 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 14:34 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 14:34 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 14:34 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 14:34 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 14:34 - 2015-04-21 18:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 14:34 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 14:34 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 14:34 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 14:34 - 2015-04-21 18:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 14:34 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 14:34 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 14:34 - 2015-04-21 17:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 14:34 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 14:34 - 2015-04-21 17:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 14:34 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 14:34 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 14:34 - 2015-04-21 17:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 14:34 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 14:34 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 14:34 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 14:34 - 2015-04-21 17:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 14:34 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 14:34 - 2015-04-21 17:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 14:34 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 14:34 - 2015-04-21 17:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 14:34 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 14:34 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 14:34 - 2015-04-21 17:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 14:34 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 14:34 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 14:34 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 14:34 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 14:34 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 14:34 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 14:34 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 14:32 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-05-13 14:32 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-05-13 14:32 - 2014-12-03 01:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-05-13 14:31 - 2015-03-30 07:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 14:31 - 2015-03-27 05:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 14:31 - 2015-03-27 04:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 14:31 - 2015-03-27 04:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 14:31 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-05-13 14:31 - 2015-03-13 02:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-13 14:29 - 2014-07-24 05:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2015-05-13 14:29 - 2014-07-24 05:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2015-05-13 14:27 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 14:27 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 08:19 - 2015-05-22 08:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2015-05-13 08:19 - 2015-05-22 08:46 - 00000000 ____D () C:\Program Files\HWiNFO64
2015-05-13 08:19 - 2015-05-13 08:19 - 02713488 _____ (Martin Malík - REALiX ) C:\Users\H\Downloads\hw64_462.exe
2015-05-12 18:32 - 2015-05-13 15:35 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Opera Software
2015-05-12 18:32 - 2015-05-13 15:35 - 00000000 ___HD () C:\Users\H\AppData\Local\Opera Software
2015-05-12 18:31 - 2015-05-13 15:35 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-12 18:30 - 2015-05-12 18:30 - 00001105 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SSD-Z.lnk
2015-05-12 16:53 - 2015-05-12 16:53 - 00339822 ____H () C:\Users\H\Downloads\SSD-Z_15.03.15wip.zip
2015-05-12 16:50 - 2015-05-12 18:31 - 00001213 _____ () C:\Users\H\Desktop\CrystalDiskInfo.lnk
2015-05-12 16:50 - 2015-05-12 18:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2015-05-12 16:50 - 2015-05-12 18:31 - 00000000 ____D () C:\Program Files (x86)\CrystalDiskInfo
2015-05-12 16:50 - 2015-05-12 16:50 - 03015656 _____ (Crystal Dew World ) C:\Users\H\Downloads\crystaldiskinfo6_3_2-en.exe
2015-05-12 14:20 - 2015-05-12 14:21 - 01542344 _____ (Lenovo Group Limited ) C:\Users\H\Downloads\h1100351.exe
2015-05-12 11:44 - 2015-05-12 11:45 - 00002198 _____ () C:\Users\Public\Desktop\StarMoney 9.0.lnk
2015-05-12 11:44 - 2015-05-12 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarMoney 9.0
2015-05-12 11:44 - 2015-05-12 11:44 - 00000000 ____D () C:\ProgramData\StarMoney 9.0
2015-05-12 11:44 - 2015-05-12 11:44 - 00000000 ____D () C:\Program Files (x86)\Business Objects
2015-05-12 11:43 - 2015-05-24 09:43 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2015-05-12 10:53 - 2015-05-12 10:58 - 188090912 _____ () C:\Users\H\Downloads\smoney.exe
2015-05-12 10:42 - 2015-05-13 16:29 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-13 16:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-13 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 10:42 - 2015-05-12 10:42 - 13087456 _____ (Microsoft Corporation) C:\Users\H\Downloads\Silverlight_x64.exe
2015-05-11 16:41 - 2015-05-11 16:41 - 00000000 ____D () C:\ProgramData\Ashampoo
2015-05-11 16:34 - 2015-05-11 16:35 - 28444000 _____ (Ashampoo GmbH & Co. KG ) C:\Users\H\Downloads\ashampoo_winoptimizer_2015_18590.exe
2015-05-11 16:18 - 2015-05-11 16:18 - 00000144 _____ () C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-05-11 15:24 - 2015-05-12 08:16 - 00000000 ___DC () C:\WINDOWS\Panther
2015-05-11 15:20 - 2015-05-11 15:20 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2015-05-11 15:17 - 2015-05-11 15:17 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-05-11 15:17 - 2015-05-11 15:17 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2015-05-11 15:17 - 2015-05-11 15:17 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 02171904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01763352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01488040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00672984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00273240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2015-05-11 15:16 - 2015-05-11 15:16 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-05-11 15:16 - 2015-05-11 15:16 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-11 15:06 - 2015-05-20 09:01 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-11 15:06 - 2015-05-20 09:01 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-11 15:06 - 2015-05-11 15:06 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00377152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00264000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\clfsw32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clfsw32.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-05-11 15:06 - 2015-05-11 15:06 - 00044024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-05-11 15:06 - 2015-05-11 15:06 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2015-05-11 15:06 - 2015-05-11 15:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 07476032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01733952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01498872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00513488 _____ () C:\WINDOWS\SysWOW64\locale.nls
2015-05-11 15:05 - 2015-05-11 15:05 - 00513488 _____ () C:\WINDOWS\system32\locale.nls
2015-05-11 15:05 - 2015-05-11 15:05 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\tracerpt.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tracerpt.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\sechost.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00257216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sechost.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00177984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2015-05-11 15:05 - 2015-05-11 15:05 - 00097792 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2015-05-11 15:05 - 2015-05-11 15:05 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe
2015-05-11 15:05 - 2015-05-11 15:05 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-05-11 15:05 - 2015-05-11 15:05 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 03678720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 02373632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00891392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00780800 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2015-05-11 15:04 - 2015-05-11 15:04 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00133256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-05-11 15:04 - 2015-05-11 15:04 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2015-05-11 15:04 - 2015-05-11 15:04 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wu.upgrade.ps.dll
2015-05-11 15:03 - 2015-05-26 09:02 - 00000000 ___HD () C:\Users\H\OneDrive
2015-05-11 15:03 - 2015-05-11 15:03 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2015-05-11 15:03 - 2015-05-11 15:03 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 02484224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\scesrv.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2015-05-11 15:02 - 2015-05-11 15:02 - 00393728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scesrv.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 22291584 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 19731824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00991552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2015-05-11 15:01 - 2015-05-11 15:01 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setup16.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\instnm.exe
2015-05-11 15:01 - 2015-05-11 15:01 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wow32.dll
2015-05-11 15:01 - 2015-05-11 15:01 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user.exe
2015-05-11 15:00 - 2015-05-11 15:00 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2015-05-11 14:58 - 2015-05-11 15:02 - 00000000 ___HD () C:\Users\H\AppData\Local\PackageStaging
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files\Reference Assemblies
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files\MSBuild
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2015-05-11 14:58 - 2015-05-11 14:58 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2015-05-11 14:58 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2015-05-11 14:58 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2015-05-11 14:57 - 2015-05-11 14:57 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-11 14:57 - 2015-05-11 14:57 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-11 14:56 - 2015-05-11 14:56 - 00001465 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-05-11 14:56 - 2015-05-11 14:56 - 00000451 _____ () C:\WINDOWS\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2015-05-11 14:56 - 2015-05-11 14:56 - 00000020 ___SH () C:\Users\H\ntuser.ini
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Startmenü
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2015-05-11 14:54 - 2015-05-11 14:54 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-05-11 14:53 - 2015-05-11 14:53 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-05-11 14:49 - 2015-05-11 14:49 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2015-05-11 14:41 - 2015-05-11 14:41 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-05-11 14:38 - 2015-05-11 14:38 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2015-05-11 14:37 - 2015-05-24 22:09 - 00000000 ____D () C:\Users\H
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ___RD () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:37 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\Administrator
2015-05-11 14:37 - 2015-05-11 14:53 - 00043818 _____ () C:\WINDOWS\diagwrn.xml
2015-05-11 14:37 - 2015-05-11 14:53 - 00043818 _____ () C:\WINDOWS\diagerr.xml
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\UpdatusUser\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\H\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Vorlagen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Startmenü
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Netzwerkumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Lokale Einstellungen
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Eigene Dateien
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Druckumgebung
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Verlauf
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\AppData\Local\Anwendungsdaten
2015-05-11 14:37 - 2015-05-11 14:37 - 00000000 _SHDL () C:\Users\Administrator\Anwendungsdaten
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-05-11 14:37 - 2014-11-21 05:42 - 00000369 _____ () C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-05-11 14:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-05-11 14:30 - 2015-05-22 08:46 - 00000000 ____D () C:\WINDOWS\VMC412
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2015-05-11 14:30 - 2015-05-11 14:30 - 00000000 ____D () C:\Program Files\Realtek
2015-05-11 14:29 - 2015-05-26 10:29 - 01647202 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-11 14:29 - 2015-05-20 10:11 - 00000000 ____D () C:\Program Files (x86)\Intel
2015-05-11 14:29 - 2015-05-11 14:40 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-05-11 14:29 - 2015-05-11 14:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-05-11 14:29 - 2015-05-11 14:29 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-05-11 14:29 - 2013-10-29 01:39 - 06610720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-05-11 14:29 - 2013-10-29 01:39 - 03477280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 01042720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-05-11 14:29 - 2013-10-29 01:38 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2015-05-11 14:29 - 2013-10-29 01:38 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-05-11 14:29 - 2013-10-25 13:44 - 03435888 _____ () C:\WINDOWS\system32\nvcoproc.bin
2015-05-11 14:28 - 2014-10-01 19:54 - 00064000 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-05-11 14:28 - 2014-10-01 19:54 - 00060416 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-05-11 12:10 - 2015-05-11 12:20 - 98689221 _____ () C:\Users\H\Downloads\AF11-Setup.exe
2015-05-11 11:18 - 2015-05-13 16:26 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-05-11 11:07 - 2015-05-11 11:07 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nitro
2015-05-11 10:59 - 2015-05-23 10:10 - 00000000 ____D () C:\Users\H\AppData\Roaming\Foxit Software
2015-05-11 10:57 - 2015-05-11 10:58 - 36570832 _____ (Foxit Software Inc. ) C:\Users\H\Downloads\FoxitReader715.0425_enu_Setup.exe
2015-05-11 10:51 - 2015-05-13 16:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-11 10:51 - 2015-04-30 10:07 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-11 10:36 - 2015-05-11 10:36 - 00000291 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer (3).lnk
2015-05-11 10:35 - 2015-05-11 10:35 - 00000291 _____ () C:\Users\H\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Computer.lnk
2015-05-11 08:11 - 2015-05-20 22:18 - 00007603 ____H () C:\Users\H\AppData\Local\Resmon.ResmonCfg
2015-05-11 08:07 - 2015-05-11 08:07 - 01918240 _____ (Mister Group ) C:\Users\H\Downloads\SystemExplorerSetup_641.exe
2015-05-09 23:21 - 2015-05-09 23:21 - 00248728 _____ (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\31750657.sys
2015-05-09 23:13 - 2015-05-22 08:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-09 23:11 - 2015-05-09 23:12 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\H\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-09 21:34 - 2015-05-09 21:34 - 00000000 ___HD () C:\Users\H\AppData\Local\Apps\2.0
2015-05-09 21:10 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\OpenOffice
2015-05-09 20:45 - 2015-05-11 14:43 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-05-09 20:45 - 2015-05-09 20:45 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-05-09 20:45 - 2015-05-09 20:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\FileOpen
2015-05-09 20:45 - 2015-05-09 20:45 - 00000000 ____D () C:\ProgramData\FileOpen
2015-05-09 20:43 - 2015-05-11 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BroadGun Software
2015-05-09 20:43 - 2015-05-09 20:44 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2015-05-09 20:42 - 2015-05-24 12:13 - 00000000 ___HD () C:\Users\H\AppData\Local\pdfMachine
2015-05-09 20:42 - 2014-11-11 14:15 - 07747504 _____ (BroadGun Software Pty Ltd) C:\WINDOWS\SysWOW64\bgsview.exe
2015-05-09 20:42 - 2014-11-11 14:15 - 00143280 _____ () C:\WINDOWS\SysWOW64\bgsreses.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00141744 _____ () C:\WINDOWS\SysWOW64\bgsresfr.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00140720 _____ () C:\WINDOWS\SysWOW64\bgsresit.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00138160 _____ () C:\WINDOWS\SysWOW64\bgsrespt.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00137136 _____ () C:\WINDOWS\SysWOW64\bgsrespl.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00136624 _____ () C:\WINDOWS\SysWOW64\bgsresde.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00135088 _____ () C:\WINDOWS\SysWOW64\bgsresen.dll
2015-05-09 20:42 - 2014-11-11 14:15 - 00133552 _____ () C:\WINDOWS\SysWOW64\bgsresda.dll
2015-05-09 20:42 - 2014-10-10 08:49 - 00474544 _____ (Broadgun Software Pty Ltd) C:\WINDOWS\SysWOW64\bgsofice.dll
2015-05-09 20:42 - 2014-10-09 14:15 - 00283056 _____ (Broadgun Software) C:\WINDOWS\SysWOW64\bgstb.dll
2015-05-09 20:42 - 2014-06-26 11:55 - 00204720 _____ (Broadgun Software) C:\WINDOWS\SysWOW64\bgsmsnd.exe
2015-05-09 20:42 - 2014-06-26 11:55 - 00066480 _____ () C:\WINDOWS\system32\bgspm64.dll
2015-05-09 20:42 - 2009-03-20 09:03 - 00516832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bgscapi.dll
2015-05-09 20:41 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\Desktop\OpenOffice 4.1.1 (de) Installation Files
2015-05-09 20:33 - 2015-05-09 20:38 - 164858324 _____ () C:\Users\H\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2015-05-09 17:23 - 2015-05-11 17:16 - 00000000 ____D () C:\WINDOWS\pss
2015-05-09 16:52 - 2005-11-14 11:00 - 00383488 _____ (Borland Software Corporation) C:\WINDOWS\SysWOW64\midas.dll
2015-05-09 16:48 - 2015-05-19 17:52 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Nitro PDF
2015-05-09 16:45 - 2015-05-09 16:45 - 00000000 ____D () C:\Program Files (x86)\Firebird
2015-05-09 16:45 - 2013-03-19 11:03 - 00462848 _____ (IBPhoenix) C:\WINDOWS\SysWOW64\Firebird2Control.cpl
2015-05-09 16:45 - 2003-04-01 08:00 - 00200704 _____ (DATEV eG Nürnberg) C:\WINDOWS\SysWOW64\SELF32.DLL
2015-05-09 16:38 - 2015-05-26 09:11 - 00000000 ____D () C:\ProgramData\firebird
2015-05-09 16:26 - 2003-04-01 08:00 - 00020864 _____ () C:\WINDOWS\SysWOW64\SELF32.TBL
2015-05-09 16:26 - 2003-04-01 08:00 - 00015156 _____ () C:\WINDOWS\SysWOW64\SELF32.INI
2015-05-09 16:20 - 2015-05-26 11:03 - 00000000 ____D () C:\AM-db
2015-05-09 16:14 - 2015-05-09 19:21 - 00000000 ___HD () C:\$SysReset
2015-05-09 16:14 - 2015-05-09 16:15 - 10326711 _____ (Firebird Project ) C:\Users\H\Downloads\Firebird-2.5.4.26856_0_x64.exe
2015-05-09 15:59 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Roaming\Mozilla
2015-05-09 15:59 - 2015-05-09 15:59 - 00000000 ___HD () C:\Users\H\AppData\Local\Mozilla
2015-05-09 15:59 - 2015-05-09 15:59 - 00000000 ____D () C:\ProgramData\Mozilla
2015-05-09 15:57 - 2015-05-09 15:57 - 00243592 _____ () C:\Users\H\Downloads\Firefox Setup Stub 37.0.2.exe
2015-05-09 15:54 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\AppData\Local\Lenovo
2015-05-09 15:53 - 2015-05-09 15:53 - 00000000 ___HD () C:\Users\H\AppData\Local\Power2Go
2015-05-09 15:52 - 2015-05-09 15:52 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2015-05-09 15:50 - 2015-05-09 15:50 - 00000000 ____D () C:\ProgramData\eBay
2015-05-09 15:45 - 2015-05-09 15:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Macromedia
2015-05-09 15:45 - 2015-05-09 15:45 - 00000000 ___HD () C:\Users\H\AppData\Roaming\Adobe
2015-05-09 15:44 - 2015-05-22 08:46 - 00000000 ____D () C:\Users\H\AppData\Local\VirtualStore
2015-05-09 15:43 - 2015-05-22 08:36 - 00000000 ____D () C:\Users\H\AppData\Local\Packages
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Startmenü
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Dokumente
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2015-05-09 15:41 - 2015-05-09 15:41 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2015-05-08 15:22 - 2015-05-08 15:22 - 00000000 ___HD () C:\Lenovo
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-26 11:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-25 23:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-25 23:15 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-25 09:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-24 11:30 - 2014-11-21 05:35 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-24 11:30 - 2014-11-21 04:45 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2015-05-24 11:30 - 2014-11-21 04:45 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2015-05-22 08:46 - 2014-03-26 10:07 - 00000000 ____D () C:\Program Files (x86)\SugarSync
2015-05-22 08:46 - 2014-03-26 09:55 - 00000000 ____D () C:\WINDOWS\jmesoft
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\ras
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2015-05-22 08:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\ras
2015-05-22 08:46 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2015-05-22 08:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\registration
2015-05-22 08:37 - 2015-04-04 19:44 - 00000000 ____D () C:\Users\H\VMLites
2015-05-21 21:34 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-21 08:50 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-21 00:10 - 2014-03-26 09:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-20 10:11 - 2014-03-26 09:52 - 00000000 ____D () C:\Program Files (x86)\Lenovo
2015-05-20 10:07 - 2014-03-26 09:59 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Lenovo
2015-05-20 10:04 - 2014-03-26 10:10 - 00000000 ____D () C:\Program Files (x86)\Lenovo DE
2015-05-20 10:04 - 2014-03-26 09:52 - 00000000 ____D () C:\Program Files\Intel
2015-05-19 07:51 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-15 09:56 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-14 10:39 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-13 16:30 - 2013-08-22 16:44 - 00371608 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2015-05-13 16:27 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2015-05-13 16:27 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 16:26 - 2014-11-21 12:51 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-05-13 16:26 - 2014-11-21 05:13 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 11:44 - 2013-08-22 15:25 - 00017486 _____ () C:\WINDOWS\system32\Drivers\etc\services
2015-05-11 15:24 - 2014-12-13 15:18 - 00000000 __SHD () C:\Recovery
2015-05-11 15:24 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2015-05-11 15:20 - 2014-03-26 10:09 - 00000000 ____D () C:\ProgramData\CyberLink
2015-05-11 15:19 - 2014-03-26 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2015-05-11 15:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2015-05-11 15:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\winrm
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2015-05-11 15:14 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ___SD () C:\WINDOWS\system32\dsc
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2015-05-11 15:14 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-05-11 15:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\servicing
2015-05-11 15:04 - 2013-08-22 17:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-05-11 15:03 - 2014-12-13 15:56 - 00000000 _RHDO () C:\Users\H\OneDrive.old
2015-05-11 15:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2015-05-11 14:54 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2015-05-11 14:54 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2015-05-11 14:51 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2015-05-11 14:51 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-11 14:46 - 2014-03-26 09:56 - 00000000 ____D () C:\WINDOWS\SysWOW64\NV
2015-05-11 14:46 - 2014-03-26 09:56 - 00000000 ____D () C:\WINDOWS\system32\NV
2015-05-11 14:43 - 2014-03-26 10:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2015-05-11 14:43 - 2014-03-26 10:15 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2015-05-11 14:43 - 2014-03-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo Rescue System
2015-05-11 14:43 - 2014-03-26 09:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2015-05-11 14:43 - 2014-03-26 09:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-05-11 14:43 - 2014-03-26 09:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo USB2.0 UVC Camera
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2015-05-11 14:41 - 2014-11-21 04:45 - 00000000 ____D () C:\WINDOWS\system32\WCN
2015-05-11 14:41 - 2014-03-26 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2015-05-11 14:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2015-05-11 14:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2015-05-11 14:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2015-05-11 14:41 - 2012-07-26 07:37 - 00000000 ___HD () C:\Users\Default.migrated
2015-05-11 14:40 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2015-05-11 14:40 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-05-11 14:40 - 2012-10-10 01:10 - 00000000 ____D () C:\ProgramData\PRICache
2015-05-11 14:39 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2015-05-11 14:39 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2015-05-11 14:38 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2015-05-11 14:38 - 2012-10-10 01:09 - 00000000 ___HD () C:\Users\Administrator\AppData\Local\Packages
2015-05-11 13:11 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2015-05-10 00:17 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2015-05-09 23:26 - 2014-03-26 10:11 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-05-09 22:11 - 2014-03-26 09:52 - 00000000 ____D () C:\ProgramData\Intel
2015-05-09 21:56 - 2014-03-26 10:12 - 00000000 ____D () C:\ProgramData\McAfee
2015-05-09 21:53 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-09 19:09 - 2014-03-26 10:09 - 00000000 ____D () C:\Program Files\Lenovo
2015-05-09 16:20 - 2014-12-05 21:45 - 00000000 ____D () C:\Daten
2015-05-09 16:00 - 2015-02-22 21:14 - 00000000 ____D () C:\Jts
2015-05-09 16:00 - 2014-12-06 13:16 - 00000000 ____D () C:\16bb532173b4957bbfd757fd794e38
2015-05-09 15:35 - 2015-04-16 18:14 - 00000000 ____D () C:\Sicherung
2015-05-09 15:24 - 2015-04-06 14:46 - 00000000 ____D () C:\acad
2015-05-09 15:24 - 2014-12-07 13:05 - 00000000 ____D () C:\Autodesk
2015-05-05 19:59 - 2014-11-21 13:01 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 19:59 - 2014-11-21 13:01 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Files in the root of some directories =======
2015-05-11 08:11 - 2015-05-20 22:18 - 0007603 ____H () C:\Users\H\AppData\Local\Resmon.ResmonCfg
2015-05-11 14:30 - 2015-05-11 14:30 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-03-26 09:59 - 2014-03-26 09:59 - 0000198 ____H () C:\ProgramData\Lenovo-3548.vbs
Files to move or delete:
====================
C:\ProgramData\Lenovo-3548.vbs

Some files in TEMP:
====================
C:\Users\H\AppData\Local\Temp\avgnt.exe
C:\Users\H\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\H\AppData\Local\Temp\Quarantine.exe
C:\Users\H\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-05-21 04:12
==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by H at 2015-05-26 11:09:03
Running from C:\Users\H\Downloads
Boot Mode: Normal
==========================================================

==================== Accounts: =============================
Administrator (S-1-5-21-2480739207-2502134016-2632597921-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2480739207-2502134016-2632597921-501 - Limited - Disabled)
H (S-1-5-21-2480739207-2502134016-2632597921-1002 - Administrator - Enabled) => C:\Users\H
UpdatusUser (S-1-5-21-2480739207-2502134016-2632597921-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Amicron-Faktura 11.0 © Amicron Software (HKLM-x32\...\Amicron-Faktura 11.0) (Version: - )
Amicron-Mailoffice 4.0 © Amicron Software (HKLM-x32\...\Amicron-Mailoffice 4.0) (Version: - )
AngryBirds (HKLM-x32\...\{20CE0033-8F3D-464B-8BA2-A08EB0F27FD3}) (Version: 1.01.0618 - Rovio)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4030 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Driver & Application Installation (HKLM-x32\...\{BFECCF2A-F094-4066-8BFA-29CCBB7F6602}) (Version: 6.13.0423 - Lenovo)
Firebird 2.5.3.26780 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.3.26780 - Firebird Project)
FreeRide Games (HKLM-x32\...\{6C26A305-4549-4A8A-9F03-25719C03B0FB}) (Version: 07.05.83.01 - Exent Technologies)
Fruits (HKLM-x32\...\InstallShield_{AA39BFDE-71E5-46A6-A10B-44C2F45A341E}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Fruits (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
HWiNFO64 Version 4.62 (HKLM\...\HWiNFO64_is1) (Version: 4.62 - Martin Malík - REALiX)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Lenovo Blacksilk USB Keyboard Driver (HKLM-x32\...\{B266E062-D6C5-485B-B426-51B152B041A6}) (Version: V1.6.13.0724 - Lenovo)
Lenovo Dashboard (HKLM-x32\...\{FEF1833C-244C-4DF2-AB67-1E1D26921ED8}) (Version: 2.0.0.9 - Lenovo)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Rescue System (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 4.0.0.1511 - CyberLink Corp.)
Lenovo Rescue System (Version: 4.0.0.1511 - CyberLink Corp.) Hidden
Lenovo USB2.0 UVC Camera (HKLM-x32\...\{70D2C5B8-EB22-45B1-9EAA-5E8C1C408A3B}) (Version: 1.00.0000 - Vimicro Corporation)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
LVT (HKLM-x32\...\{9E3469A6-443A-452C-BF44-8D7CE3A9A7E2}) (Version: 5.00.0914 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mammals (HKLM-x32\...\InstallShield_{ACA58CEB-2F74-4095-ADB6-4C1BFB170F64}) (Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd)
Mammals (x32 Version: 1.00.2012.0809 - Tong child Research & Planning Co.,Ltd) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
Nitro Pro 8 (HKLM\...\{A0C6FA89-D6B3-4788-9713-32E6AA386507}) (Version: 8.5.4.11 - Nitro)
NVIDIA Grafiktreiber 327.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Puzzle (HKLM-x32\...\InstallShield_{6EB7ECE3-E3BE-481D-821B-F1AFFA244D64}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
Puzzle (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StarMoney (x32 Version: 4.0.7.94 - StarFinanz) Hidden
StarMoney 9.0 (HKLM-x32\...\{85706D38-23D6-4AF9-8E06-645ED6A958A9}) (Version: 9.0 - Star Finanz GmbH)
sudoku (HKLM-x32\...\InstallShield_{8C4715DF-8AC9-4F0A-8E35-F9B4CF318FF1}) (Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd)
sudoku (x32 Version: 1.00.2012.0807 - Tong child Research & Planning Co.,Ltd) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
timer (HKLM-x32\...\InstallShield_{9CC4B8EE-A96B-4800-B674-0CF8B4560F45}) (Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd)
timer (x32 Version: 1.00.2012.0512 - Tong child Research & Planning Co.,Ltd) Hidden
TNIOSDVolumeSync (HKLM-x32\...\InstallShield_{86B9BBB1-B06B-4B31-9D0A-634B41598251}) (Version: 1.0.0.3 - TPV-INVENTA TECHNOLOGY CO., LTD.)
TNIOSDVolumeSync (x32 Version: 1.0.0.3 - TPV-INVENTA TECHNOLOGY CO., LTD.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2480739207-2502134016-2632597921-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Restore Points =========================
24-05-2015 02:07:20 Geplanter Prüfpunkt
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2176FA56-2BF3-4F79-A24C-A3EB6738C048} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {30E67E76-A1B0-4BC3-8FD4-ED18CCE54A63} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {51E6A395-A984-4F22-ADE4-9F1BA461DDF5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {7C0C1130-817E-48EB-8D62-3F5190DAD663} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {CF325542-4420-4BE6-BB65-99CFA0392D40} - \Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002 No Task File <==== ATTENTION
Task: {DC7D5E9A-9777-4ECE-9CBC-5F8C443411C0} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-04-30] (Microsoft Corporation)
Task: {FF279C7E-9F13-4570-A254-96335D20F047} - System32\Tasks\Lenovo\Lenovo-3548 => C:\ProgramData\Lenovo-3548.vbs [2014-03-26] ()
==================== Loaded Modules (Whitelisted) ==============
2014-03-26 09:54 - 2013-11-01 01:13 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-05-09 20:42 - 2014-06-26 11:55 - 00066480 _____ () C:\WINDOWS\System32\bgspm64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\H\OneDrive:ms-properties
AlternateDataStreams: C:\Users\H\OneDrive.old:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\H\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img7.jpg
DNS Servers: 192.168.50.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "RtHDVBg_Dolby"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "LVT"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "TNIOSDVolumeSync(x86)"
HKLM\...\StartupApproved\Run32: => "TNIOSDVolumeSync(x64)"
HKLM\...\StartupApproved\Run32: => "jmesoft"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "bgsmsnd.exe"
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B8074920-E8BD-44B0-B88E-23E5F759F9C1}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{58761724-1755-4008-993C-19CD985FD140}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{AB929053-DEEE-4DCC-A921-07AB8B76BEAA}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{0818B614-444A-4633-B28C-9BB35B3CD19C}] => (Allow) C:\Program Files (x86)\Amicron-Faktura 11.0\Faktura.exe
FirewallRules: [{EE613BC3-5311-4706-9216-42A186DBB775}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{F24DB21B-1BD0-4E7A-A51D-9704CB05E5E3}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{B790462C-6B6F-4E52-83D5-E063F03E5B0E}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{7D43DD43-BFFD-4567-952B-D0CDBA15B97D}] => (Allow) C:\Program Files (x86)\Amicron-Mailoffice 4.0\Mailoffice.exe
FirewallRules: [{DD6FC618-4315-40F6-A75D-1604B74539A9}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{F8DDB9D5-F501-40E7-9CB4-3A2E48415375}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{AB5F06C0-DE47-4296-9029-1559A1B76F7F}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{03B06447-F065-468F-BE7D-395824417446}] => (Allow) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReader.exe
FirewallRules: [{D2C3CC43-08E1-433A-89AC-6E0B78ECFF5F}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{C8E3FCEF-DBF9-4F77-ADD6-96FC92807087}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{55498925-A215-42F0-916E-486D0BA15523}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{00736C55-276D-4ABD-B68F-B7B44E15D982}] => (Allow) C:\Program Files\Firebird\Firebird_2_5\unins000.exe
FirewallRules: [{557C3C5C-2352-43D3-B95C-88BA9470FCB0}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{5EB075A8-E82A-455D-AC9E-CDD878C31816}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{975FEDA4-1DFD-4074-9981-9E8C26A853C1}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
FirewallRules: [{32BBB5B3-15A9-4B77-A99C-FDD1F8453241}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\bgsview.exe
==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
Application errors:
==================
Error: (05/26/2015 10:29:08 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (05/26/2015 09:58:53 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (05/25/2015 10:28:52 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (05/25/2015 10:06:28 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Das Stammelement der Manifestdatei muss assembliert sein.
Error: (05/24/2015 00:52:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: Vom Kryptografiedienst konnte das VSS-Sicherungsobjekt "System Writer" nicht initialisiert werden.

Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.

System errors:
=============
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "TNI Launcher Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Firebird Server - DefaultInstance" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StarMoney 9.0 OnlineUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Cyberlink RichVideo64 Service(CRVS)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:37 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "JME Keyboard Driver" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Firebird Guardian - DefaultInstance" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/26/2015 11:01:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dashboard Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/26/2015 11:01:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Microsoft Office:
=========================
Error: (05/26/2015 10:29:08 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2
Error: (05/26/2015 09:58:53 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2
Error: (05/25/2015 10:28:52 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2
Error: (05/25/2015 10:06:28 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: c:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exec:\program files\windowsapps\c59ad0af.lenovocloudstoragebysugarsync_1.3.0.889_neutral__m3tnjedffpfhj\SugarSyncWin8.exe2
Error: (05/24/2015 00:52:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description:
Details:
Could not query the status of the EventSystem service.
System Error:
Der Computer wird heruntergefahren.
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root
Error: (05/24/2015 00:31:45 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription

CodeIntegrity Errors:
===================================
Date: 2015-05-25 09:03:47.341
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-25 09:03:47.122
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-25 09:03:46.966
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:25.240
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:25.108
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.872
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.740
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.475
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.351
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-05-23 10:04:24.111
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3240 CPU @ 3.40GHz
Percentage of memory in use: 38%
Total physical RAM: 3984.3 MB
Available physical RAM: 2441.8 MB
Total Pagefile: 6032.3 MB
Available Pagefile: 4435.98 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:439.06 GB) (Free:361.38 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: FE98E05F)
Partition: GPT Partition Type.
==================== End of log ============================

Alt 26.05.2015, 10:30   #10
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?




Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?




Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
 Toolbar: HKU\.DEFAULT -> No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
 Task: {CF325542-4420-4BE6-BB65-99CFA0392D40} - \Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002 No Task File <==== ATTENTION
RemoveProxy:
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 3
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.05.2015, 11:54   #11
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Fix result of Farbar Recovery Scan Tool (x64) Version: 25-05-2015
Ran by H at 2015-05-26 11:43:14 Run:1
Running from C:\Users\H\Downloads
Loaded Profiles: H (Available Profiles: UpdatusUser & H & Administrator)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
Toolbar: HKU\.DEFAULT -> No Name - {56CF4856-ECB4-4E46-A897-A378821F97B9} - No File
Task: {CF325542-4420-4BE6-BB65-99CFA0392D40} - \Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002 No Task File <==== ATTENTION
RemoveProxy:
EmptyTemp:
end
*****************
Processes closed successfully.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{56CF4856-ECB4-4E46-A897-A378821F97B9} => value Removed successfully
HKCR\CLSID\{56CF4856-ECB4-4E46-A897-A378821F97B9} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF325542-4420-4BE6-BB65-99CFA0392D40}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF325542-4420-4BE6-BB65-99CFA0392D40}" => key Removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-2480739207-2502134016-2632597921-1002" => key Removed successfully
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value Removed successfully
HKU\S-1-5-21-2480739207-2502134016-2632597921-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value Removed successfully

========= End of RemoveProxy: =========
EmptyTemp: => Removed 696.4 MB temporary data.

The system needed a reboot.
==== End of Fixlog 11:45:16 ====

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=edc9bfec340ff14bbdd91a26a2a37edc
# engine=24026
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-26 10:47:40
# local_time=2015-05-26 12:47:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 49114 1287672 0 0
# scanned=237063
# found=0
# cleaned=0
# scan_time=2679

Results of screen317's Security Check version 1.001
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
StarMoney 9.0 ouservice StarMoneyOnlineUpdate.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Alt 26.05.2015, 18:05   #12
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Falls du immer noch Probleme mit einem langsamen Rechner hast, liegt es nicht an Malware.






Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.


Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 
 


Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.05.2015, 22:25   #13
shubi
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Hallo Mathias,

erst mal danke für deine Hilfe.

Leider besteht das Problem immer noch.

Ich habe ein Problem mit Firefox,
Beim Starten von Firefox kommt die Meldung: Firefox wird bereits ausgeführt, reagiert aber nicht. Der offene Firefox-Prozess muss beendet werden, um ein neues Fenster zu öffnen.

beim klicken auf beenden kommt:

Ihr Profil "Firefox" kann nicht geladen werden. Es ist möglicherweise nicht vorhanden oder ein Zugriff ist nicht möglich.

Was kann ich da machen?

Alt 27.05.2015, 11:59   #14
M-K-D-B
/// TB-Ausbilder
 
Rechner langsam Viruss? - Standard

Rechner langsam Viruss?



Servus,


1. Firefox über die Systemsteuerung deinstallieren.

2. Anschließend den FF-Profilordner (C:\Users\H\AppData\Roaming\Mozilla\Firefox) löschen.

3. Firefox neu installieren.





Ich bin froh, dass wir helfen konnten

In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest:
Lob, Kritik und Wünsche
Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!

Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Rechner langsam Viruss?
adwcla, alten, arbeitet, auslastung, datei, dauernd, defender, festplatte, folge, folgendes, hack, hacktool, illegale, keygen, langsam, neustart, platte, problem, programme, rechner, rechner langsam, schön, sicherung, usb, win, windows



Ähnliche Themen: Rechner langsam Viruss?


  1. Rechner sehr langsam
    Log-Analyse und Auswertung - 11.08.2015 (3)
  2. Rechner zu langsam
    Alles rund um Windows - 19.05.2015 (4)
  3. Eigener Rechner Auswertung. Rechner ist recht langsam.
    Log-Analyse und Auswertung - 04.08.2014 (11)
  4. Rechner langsam - Schadsoftware?
    Plagegeister aller Art und deren Bekämpfung - 24.06.2014 (7)
  5. Rechner langsam, Internet langsam, neue Programme , mit Log Files
    Log-Analyse und Auswertung - 08.05.2013 (4)
  6. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  7. Rechner langsam
    Log-Analyse und Auswertung - 20.04.2012 (1)
  8. Rechner langsam
    Log-Analyse und Auswertung - 02.03.2012 (3)
  9. Rechner extrem langsam - Internetseitenaufbau langsam/ ladehemmungen
    Log-Analyse und Auswertung - 21.07.2010 (1)
  10. VIRUSS! Windows Vista Home Premium
    Alles rund um Windows - 10.04.2010 (3)
  11. Rechner total langsam
    Mülltonne - 23.06.2008 (0)
  12. Bei ICQ-Start startet Rechner neu. Dannach ist Rechner langsam
    Log-Analyse und Auswertung - 19.11.2007 (2)
  13. CD Laufwerk geht auf und zu| Rechner langsam | Internet langsam
    Log-Analyse und Auswertung - 01.06.2007 (1)
  14. Rechner = langsam .. was ist das nur.
    Log-Analyse und Auswertung - 01.10.2006 (6)
  15. Rechner langsam
    Log-Analyse und Auswertung - 15.02.2006 (1)
  16. Rechner ist sau langsam - trojaner?
    Plagegeister aller Art und deren Bekämpfung - 19.08.2004 (14)
  17. So langsam gehen mir die Rechner aus.
    Log-Analyse und Auswertung - 14.08.2004 (14)

Zum Thema Rechner langsam Viruss? - Hallo, ich habe folgendes Problem; Mein Rechner mit WIN 8.1 ist sehr Langsam geworden. Er arbeitet dauernd auf der Festplatte nicht aus dem Arbeitsspeicher. Die Auslasstung der Festplatte geht auf - Rechner langsam Viruss?...
Archiv
Du betrachtest: Rechner langsam Viruss? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.