| |
| |||||||
Log-Analyse und Auswertung: DHL-Mail Anhang geöffnetWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.05.2015, 17:42
| #1 |
| |  DHL-Mail Anhang geöffnet Hallo, leider hat meine Frau gestern aus Unwissenheit den Anhang (angeblich PDF) eines DHL-Mails geöffnet. Ich vermute der PC wurde dadurch infiziert. Der Virenscanner F-Secure hat zwar nichts gefunden diesbzgl. aber das o.g. Tool FRST64 hat Alarm geschlagen. Was muss ich tun? Wer kann mir helfen ? |
|
29.05.2015, 17:51
| #2 |
| /// the machine /// TB-Ausbilder    | DHL-Mail Anhang geöffnet hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
29.05.2015, 18:02
| #3 |
| | DHL-Mail Anhang geöffnet Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-05-2015 01
__________________Ran by wolfgang (ATTENTION: The logged in user is not administrator) on WOLFGANG-PC on 29-05-2015 18:22:58 Running from C:\Users\wolfgang\Desktop Loaded Profiles: wolfgang & ADMIN (Available Profiles: wolfgang & luisa & elias & roswitha & ADMIN) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> smss.exe Failed to access process -> csrss.exe Failed to access process -> wininit.exe Failed to access process -> csrss.exe Failed to access process -> winlogon.exe Failed to access process -> services.exe Failed to access process -> lsass.exe Failed to access process -> lsm.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> AsLdrSrv.exe Failed to access process -> wlanext.exe Failed to access process -> conhost.exe Failed to access process -> GFNEXSrv.exe Failed to access process -> spoolsv.exe Failed to access process -> svchost.exe Failed to access process -> apnmcp.exe Failed to access process -> devmonsrv.exe Failed to access process -> svchost.exe Failed to access process -> officeclicktorun.exe Failed to access process -> CLMSMonitorService.exe Failed to access process -> CLMSServer.exe Failed to access process -> svchost.exe Failed to access process -> EvtEng.exe Failed to access process -> svchost.exe Failed to access process -> fshoster32.exe Failed to access process -> fsorsp.exe Failed to access process -> HeciServer.exe Failed to access process -> fsgk32.exe Failed to access process -> Jhi_service.exe Failed to access process -> LMIGuardianSvc.exe Failed to access process -> MemeoBackgroundService.exe Failed to access process -> sqlservr.exe Failed to access process -> PDFProFiltSrvPP.exe Failed to access process -> PnkBstrA.exe Failed to access process -> PsiService_2.exe Failed to access process -> RegSrvc.exe Failed to access process -> RichVideo64.exe Failed to access process -> sqlwriter.exe Failed to access process -> svchost.exe Failed to access process -> TvdService.exe Failed to access process -> WLIDSVC.EXE Failed to access process -> ZeroConfigService.exe Failed to access process -> obexsrv.exe Failed to access process -> hamachi-2.exe Failed to access process -> WLIDSVCM.EXE Failed to access process -> unsecapp.exe Failed to access process -> WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe Failed to access process -> FSMA32.EXE Failed to access process -> PHotkey.exe Failed to access process -> MsgTranAgt.exe Failed to access process -> MsgTranAgt64.exe Failed to access process -> svchost.exe Failed to access process -> TrustedInstaller.exe Failed to access process -> FSHDLL64.EXE Failed to access process -> fssm32.exe Failed to access process -> SynTPEnh.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe Failed to access process -> Atouch64.exe Failed to access process -> PVDesktop.exe () C:\Program Files (x86)\PHotkey\PVDAgent.exe Failed to access process -> POsd.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe () C:\Users\wolfgang\AppData\Local\Amazon Music\Amazon Music Helper.exe Failed to access process -> wmpnetwk.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe Failed to access process -> mediasrv.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe Failed to access process -> BrYNSvc.exe () C:\Program Files (x86)\watchmi\TvdTray.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe Failed to access process -> BTHSAmpPalService.exe Failed to access process -> BTHSSecurityMgr.exe Failed to access process -> IAStorDataMgrSvc.exe Failed to access process -> svchost.exe Failed to access process -> LMS.exe Failed to access process -> dllhost.exe Failed to access process -> UNS.exe (Adobe Systems Incorporated) C:\Config.Msi\86554.rbf Failed to access process -> msiexec.exe Failed to access process -> taskeng.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Failed to access process -> SearchIndexer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Failed to access process -> sppsvc.exe Failed to access process -> armsvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation) HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink) HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-31] (CyberLink Corp.) HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-30] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [2004360 2015-04-28] (APN) HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.) HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.) HKLM-x32\...\RunOnce: [BrUrl] => rundll32 url.dll,FileProtocolHandler Help Improve Brother Products! Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2014-04-15] (Google Inc.) HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Run: [Amazon Music] => C:\Users\wolfgang\AppData\Local\Amazon Music\Amazon Music Helper.exe [5886784 2015-04-21] () HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\RunOnce: [Adobe Speed Launcher] => 1432915598 HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Policies\system: [LogonHoursAction] 2 HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1 HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk [2014-04-15] ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Welcome to ALDI HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI URLSearchHook: [S-1-5-21-2578260161-3009678811-3890924073-1006] ATTENTION ==> Default URLSearchHook is missing SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation) BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.) Toolbar: HKU\S-1-5-21-2578260161-3009678811-3890924073-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\wolfgang\AppData\Roaming\Mozilla\Firefox\Profiles\jy7lhkgy.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-08-29] CHR Extension: (Google Docs) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-22] CHR Extension: (Google Drive) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-22] CHR Extension: (YouTube) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-22] CHR Extension: (Google Search) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-22] CHR Extension: (Google Sheets) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-08-29] CHR Extension: (Bookmark Manager) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-23] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12] CHR Extension: (Google Wallet) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-28] CHR Extension: (Gmail) - C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-22] CHR HKLM\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - https://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-04-28] CHR HKLM-x32\...\Chrome\Extension: [aaaaahlfahldnilidgnlikdckbfehhca] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaaiabcopkplhgaedhbloeejhhankf.crx [2015-04-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.) R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] () R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation) R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink) R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink) R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation) R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation) R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation) R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation) R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation) R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.) R2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] () R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-25] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] () S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation) R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-24] (F-Secure Corporation) R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-15] (F-Secure Corporation) R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-05-26] () R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation) R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] () S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-05-04] (ITE ) R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 18:22 - 2015-05-29 18:23 - 00025005 _____ () C:\Users\wolfgang\Desktop\FRST.txt 2015-05-29 18:22 - 2015-05-29 18:23 - 00000000 ____D () C:\FRST 2015-05-29 18:21 - 2015-05-29 18:20 - 02108928 _____ (Farbar) C:\Users\wolfgang\Desktop\FRST64.exe 2015-05-29 18:20 - 2015-05-29 18:20 - 02108928 _____ (Farbar) C:\Users\wolfgang\Downloads\FRST64.exe 2015-05-16 10:29 - 2015-05-16 10:30 - 07626918 _____ () C:\Users\wolfgang\Downloads\Heute.eml 2015-05-13 23:10 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 23:10 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 19:35 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 19:35 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-05-13 19:35 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 19:35 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2015-05-13 19:34 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-05-13 19:34 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 19:34 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 19:34 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-05-13 19:34 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-05-13 19:34 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 19:34 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe 2015-05-13 19:34 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 19:34 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 19:34 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-05-13 19:34 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-05-13 19:34 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-05-13 19:34 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-05-13 19:34 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll 2015-05-13 19:34 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-05-13 19:34 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe 2015-05-13 19:34 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe 2015-05-13 19:34 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe 2015-05-13 19:34 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe 2015-05-13 19:34 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-05-13 19:34 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-05-13 19:34 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-05-13 19:34 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-05-13 19:34 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-05-13 19:34 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-05-13 19:34 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe 2015-05-13 19:34 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-05-13 19:34 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-05-13 19:34 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll 2015-05-13 19:34 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-05-13 19:34 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-05-13 19:34 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-05-13 19:34 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-05-13 19:32 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 19:32 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-05-13 19:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 19:32 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 19:32 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 19:32 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 19:32 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 19:32 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 19:32 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 19:32 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 19:32 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 19:32 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 19:32 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 19:32 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 19:32 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 19:32 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 19:32 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 19:32 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 19:32 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 19:32 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 19:32 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-05-13 19:32 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-05-13 19:32 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 19:32 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 19:32 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-05-13 19:32 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-05-13 19:32 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-05-13 19:32 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-05-13 19:32 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 19:32 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 19:32 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-05-13 19:32 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 19:32 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-05-13 19:32 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-05-13 19:32 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-05-13 19:32 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-05-13 19:32 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-05-13 19:32 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-05-13 19:32 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-05-13 19:32 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 19:32 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 19:32 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-05-13 19:32 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 19:32 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 19:32 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-05-13 19:32 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 19:32 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-05-13 19:32 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-05-13 19:32 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-05-13 19:32 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-05-13 19:32 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 19:32 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-05-13 19:32 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-05-13 19:32 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-05-13 19:32 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-05-13 19:32 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 19:32 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 19:32 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-05-13 19:32 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-05-13 19:32 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-05-13 19:32 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 19:30 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 19:30 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 19:30 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-05-13 19:30 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 19:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 19:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 19:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll 2015-05-13 19:30 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll 2015-05-13 19:30 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll 2015-05-13 19:29 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll 2015-05-13 19:29 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll 2015-05-13 19:29 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe 2015-05-13 19:29 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll 2015-05-13 19:29 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll 2015-05-13 19:29 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll 2015-05-13 19:29 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe 2015-05-13 19:29 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe 2015-05-13 19:29 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-01 14:24 - 2015-05-01 16:43 - 00000000 ____D () C:\Users\roswitha\Neuer Ordner ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-05-29 18:20 - 2014-04-15 17:20 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2015-05-29 18:20 - 2012-02-21 23:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-05-29 18:14 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-05-29 18:14 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-05-29 18:10 - 2014-04-15 14:44 - 01271290 _____ () C:\Windows\WindowsUpdate.log 2015-05-29 18:10 - 2012-02-21 20:50 - 00765612 _____ () C:\Windows\system32\perfh007.dat 2015-05-29 18:10 - 2012-02-21 20:50 - 00174810 _____ () C:\Windows\system32\perfc007.dat 2015-05-29 18:10 - 2009-07-14 07:13 - 01806426 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-29 18:09 - 2014-04-15 15:08 - 00000000 ____D () C:\Users\wolfgang\Documents\Youcam 2015-05-29 18:06 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\wolfgang\AppData\Local\LogMeIn Hamachi 2015-05-29 18:05 - 2014-04-15 14:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-05-29 18:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-05-29 18:03 - 2009-07-14 06:51 - 00130900 _____ () C:\Windows\setupact.log 2015-05-28 22:46 - 2014-05-25 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-05-28 22:42 - 2014-04-15 14:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-05-28 21:42 - 2014-04-17 19:20 - 00000000 ____D () C:\Users\elias\AppData\Roaming\.minecraft 2015-05-28 20:59 - 2014-05-25 17:21 - 00000000 ____D () C:\Program Files (x86)\EA Games 2015-05-26 14:09 - 2014-11-05 21:05 - 00000000 ____D () C:\Users\wolfgang\Documents\Raetsel 2015-05-26 14:08 - 2014-08-24 11:40 - 00000000 ____D () C:\Users\Public\Documents\Elias 2015-05-26 11:06 - 2014-04-15 16:50 - 00055336 _____ () C:\Windows\system32\Drivers\fsbts.sys 2015-05-25 18:44 - 2014-04-15 14:47 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-20 16:10 - 2015-04-04 20:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-05-20 16:10 - 2015-04-04 20:17 - 00000000 ___SD () C:\Windows\system32\GWX 2015-05-20 10:42 - 2010-11-21 05:47 - 00214364 _____ () C:\Windows\PFRO.log 2015-05-19 19:19 - 2014-04-16 19:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15 2015-05-17 19:14 - 2015-01-09 14:03 - 00010425 _____ () C:\Users\Public\Documents\TV-Aufnahmen Festplatte.xlsx 2015-05-17 17:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-05-16 10:00 - 2012-12-27 12:30 - 00000000 ____D () C:\Users\wolfgang\Documents\DVDVideoSoft 2015-05-15 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2015-05-14 11:15 - 2009-07-14 06:45 - 00535952 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-14 11:10 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-14 11:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers 2015-05-14 11:07 - 2014-04-18 22:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-05-13 23:27 - 2014-04-15 19:53 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-13 23:13 - 2012-02-21 21:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-13 23:10 - 2014-04-18 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-05-13 23:09 - 2014-04-18 22:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-05-10 17:34 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-02 18:05 - 2014-08-24 15:54 - 00000000 ____D () C:\Users\luisa\AppData\Roaming\ControlCenter4 2015-05-01 19:52 - 2014-04-16 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-05-01 19:29 - 2015-01-07 08:50 - 00001150 _____ () C:\Users\wolfgang\Desktop\Amazon Music.lnk 2015-05-01 14:27 - 2014-04-17 18:11 - 00000000 ____D () C:\Users\roswitha Some files in TEMP: ==================== C:\Users\wolfgang\AppData\Local\Temp\cnuif5bq.dll C:\Users\wolfgang\AppData\Local\Temp\COMAP.EXE C:\Users\wolfgang\AppData\Local\Temp\DseShExt-x64.dll C:\Users\wolfgang\AppData\Local\Temp\DseShExt-x86.dll C:\Users\wolfgang\AppData\Local\Temp\EAD3766.exe C:\Users\wolfgang\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe C:\Users\wolfgang\AppData\Local\Temp\q5vbiw0o.dll C:\Users\wolfgang\AppData\Local\Temp\qtpqpwlg.dll C:\Users\wolfgang\AppData\Local\Temp\rtdrvmon.exe C:\Users\wolfgang\AppData\Local\Temp\SDShelEx-win32.dll C:\Users\wolfgang\AppData\Local\Temp\SDShelEx-x64.dll C:\Users\wolfgang\AppData\Local\Temp\ujityyrn.dll C:\Users\wolfgang\AppData\Local\Temp\UninstallEADM.dll C:\Users\wolfgang\AppData\Local\Temp\_is22AD.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-05-2015 01 Ran by wolfgang at 2015-05-29 18:24:30 Running from C:\Users\wolfgang\Desktop Boot Mode: Normal ========================================================== ==================== Accounts: ============================= ADMIN (S-1-5-21-2578260161-3009678811-3890924073-1006 - Administrator - Enabled) => C:\Users\ADMIN Administrator (S-1-5-21-2578260161-3009678811-3890924073-500 - Administrator - Disabled) elias (S-1-5-21-2578260161-3009678811-3890924073-1004 - Limited - Enabled) => C:\Users\elias Gast (S-1-5-21-2578260161-3009678811-3890924073-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2578260161-3009678811-3890924073-1002 - Limited - Enabled) luisa (S-1-5-21-2578260161-3009678811-3890924073-1003 - Limited - Enabled) => C:\Users\luisa roswitha (S-1-5-21-2578260161-3009678811-3890924073-1005 - Limited - Enabled) => C:\Users\roswitha wolfgang (S-1-5-21-2578260161-3009678811-3890924073-1001 - Limited - Enabled) => C:\Users\wolfgang ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17} AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated) Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated) ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - ) Amazon Music (HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\Amazon Amazon Music) (Version: 3.9.3.797 - Amazon Services LLC) AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.) Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG) Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG) Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG) Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG) Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0 - F-Secure Corporation) Hidden Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation) Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation) Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation) CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation) CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.) CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.) CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.) CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.) CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.) CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.) CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.) CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.) CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.) CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.) CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts) Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts) Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts) Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc) Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.) F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1 - F-Secure Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation) Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation) Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation) Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation) Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation) Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation) Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - ) Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation) Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation) IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - ) Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Kabel BW Programme (HKLM-x32\...\F-Secure ServiceEnabler 47731) (Version: 1.83.315.0 - F-Secure Corporation) Kabel BW Programme (x32 Version: 1.83.315.0 - F-Secure Corporation) Hidden Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation) Lexmark 1200 Series (HKLM-x32\...\Lexmark 1200 Series) (Version: - Lexmark International, Inc.) LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.) Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation) Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation) Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation) Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.) Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions) Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.) Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc) NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden Online Safety 2.83.1346.10 (x32 Version: 2.83.1346.10 - F-Secure Corporation) Hidden PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.) PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH) PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0055 - Pegatron Corporation) PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.) Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts) ROBOPro (fischertechnik) Programm (HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\...\ROBOProFischertechnik) (Version: - ) Scansoft PDF Professional (x32 Version: - ) Hidden Search App by Ask (HKLM-x32\...\{4F524A2D-5350-4500-76A7-A758B70C1C01}) (Version: 12.28.1.169 - APN, LLC) <==== ATTENTION Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation) Skatpalast Version 1.0 (HKLM-x32\...\Skatpalast_is1) (Version: 1.0 - ) Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated) Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated) Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation) Usb Driver (Windows X32/X64) v1.0.0.5 (HKLM-x32\...\Usb Driver (Windows X32/X64) v1.0.0.5) (Version: 1.0.0.5 - Knobloch GmbH - www.knobloch-gmbh.de) Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Restore Points ========================= ATTENTION: System Restore is disabled Check "winmgmt" service or repair WMI. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => ==================== Loaded Modules (Whitelisted) ============== 2012-02-22 18:36 - 2012-01-13 03:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe 2012-02-22 00:09 - 2012-01-06 03:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2015-01-07 08:50 - 2015-04-21 01:37 - 05886784 _____ () C:\Users\wolfgang\AppData\Local\Amazon Music\Amazon Music Helper.exe 2012-01-31 11:24 - 2012-01-31 11:24 - 01070592 _____ () C:\Program Files (x86)\watchmi\TvdTray.exe 2012-01-31 11:24 - 2012-01-31 11:24 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll 2014-04-15 14:47 - 2014-04-15 14:47 - 00059904 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\3.0.0.8__f722db7bec59a14b\Tvd.Remote.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\wolfgang\Downloads\Heute.eml:OECustomProperty ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2578260161-3009678811-3890924073-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\wolfgang\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{7D1ED009-EBC5-4CE4-9B4A-FC4CC9FB021E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{5B718866-74F4-43CC-82AD-A1DB96B36F38}] => (Allow) LPort=2869 FirewallRules: [{BD7082C9-D1F3-4421-AACA-478498387A34}] => (Allow) LPort=1900 FirewallRules: [{0E297A41-5A80-4457-AD6A-60F42FD242BD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{8B37044C-F7B4-47D7-88EB-3402B2AE9D4D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe FirewallRules: [{5AA103C8-D255-4DDF-9502-0FC36EF18381}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe FirewallRules: [{DDC38516-5C30-486D-8B05-1D59B4D5A733}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe FirewallRules: [{4645E695-90D8-4178-A1F9-999FDAD8E6FE}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe FirewallRules: [{7E803E13-954D-4C95-B41F-7F894A8B7A6E}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe FirewallRules: [{6118EF37-CFCD-49B4-890D-E5DF572A5D45}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{574B404B-3667-4313-B739-6A86E83BC194}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{ABAAF244-83BB-41CE-816E-F81DF8F65806}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{176F0FFF-D5F7-460B-AFB3-389B50F8942F}] => (Allow) C:\Windows\System32\lxczcoms.exe FirewallRules: [{E85E0C4C-F3E7-494E-AE60-C9FECC1EC03D}] => (Allow) C:\Windows\System32\lxczcoms.exe FirewallRules: [{9B8D1826-8519-4E57-84E5-5C6CE5357D80}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe FirewallRules: [{62364E15-A293-4623-969C-CCC66FA6243B}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe FirewallRules: [TCP Query User{FAC0326F-DEF1-4998-8514-25FF9FAE62C1}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{1963E666-239B-4B27-8463-9CAC6F2FE917}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [{B62B3690-1685-41D1-8773-EC5D903281FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{AF47C975-E44A-4BCA-BF4D-242017CB7736}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{DC4FD68D-C2CD-409C-84EE-3DE5CB8AE7E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{A9604B01-8EA9-4705-8666-92E979169446}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [TCP Query User{43A4439A-D671-41E2-B44C-2BD85BB0A911}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [UDP Query User{F33EE8B8-8167-49A2-B72C-208E55C2300A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe FirewallRules: [{E31E271D-4E31-4B70-B666-CB3F4FA69DC4}] => (Allow) C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe FirewallRules: [{17707694-C028-4972-861D-3804D414885C}] => (Allow) C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe FirewallRules: [TCP Query User{AC78D7F8-C925-440C-A5CC-CCA7B23183D8}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe FirewallRules: [UDP Query User{7950C39C-95E8-413E-B36E-8C47425075F9}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe FirewallRules: [{0FF61B22-2FB2-4CBC-BF8F-EA78C715DA75}] => (Allow) LPort=54925 FirewallRules: [TCP Query User{415993AF-CD4B-47E6-9451-5B5F8544F075}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [UDP Query User{FE747F0F-A0B9-4886-8779-04FCA2DF4F98}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe FirewallRules: [{D95D9AF4-FF04-455B-A08E-C2B54D027C44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{723D2419-8D5F-4A13-8260-31E50EBFD3E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{FC00BC13-4CD2-4C19-88CE-BF62478249E1}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe FirewallRules: [UDP Query User{AD2C2846-1A85-4931-A4CF-3C52A68417F2}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe FirewallRules: [{B00445A0-4200-4199-B2E4-A0EA2AA3FCB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{300205CB-C34F-4845-9FFD-869E5F4AD9A2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [{21F203F0-AD60-4893-BEB3-137F5E4EB077}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/29/2015 06:04:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/29/2015 06:04:20 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (05/28/2015 10:01:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2015/05/28 22:01:47.836]: [00006068]: Initialize TwdsMain Class failed! Error: (05/28/2015 10:01:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2015/05/28 22:01:47.835]: [00006068]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (05/28/2015 10:00:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/28/2015 10:00:16 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (05/28/2015 09:49:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm javaw.exe, Version 8.0.31.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1840 Startzeit: 01d0997e5f3aa766 Endzeit: 62 Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe Berichts-ID: 44cd25ab-0572-11e5-8ccc-685d43acab6f Error: (05/28/2015 09:28:55 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 2 2015-05-28 21:28:55+02:00 WOLFGANG-PC wolfgang-PC\elias F-Secure Anti-Virus Manual scanning was finished - workstation was found infected! Error: (05/28/2015 03:02:31 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2015-05-28 15:02:31+02:00 WOLFGANG-PC wolfgang-PC\elias F-Secure Anti-Virus Malicious code found in file C:\Users\roswitha\Downloads\DHL_Report_62731019587.pdf. Infection: Trojan:W32/FakePDF.A Action: The file was quarantined. Error: (05/28/2015 03:00:28 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2015/05/28 15:00:28.978]: [00006116]: Initialize TwdsMain Class failed! System errors: ============= Error: (05/28/2015 02:58:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "watchmi service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/28/2015 02:58:40 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst watchmi service erreicht. Error: (05/28/2015 02:57:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/28/2015 02:57:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (05/28/2015 00:33:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/28/2015 00:33:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server (SQLEXPRESS) erreicht. Error: (05/28/2015 00:33:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/28/2015 00:33:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht. Error: (05/27/2015 07:14:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (05/27/2015 07:14:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server (SQLEXPRESS) erreicht. Microsoft Office: ========================= Error: (05/29/2015 06:04:26 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/29/2015 06:04:20 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (05/28/2015 10:01:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2015/05/28 22:01:47.836]: [00006068]: Initialize TwdsMain Class failed! Error: (05/28/2015 10:01:47 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2015/05/28 22:01:47.835]: [00006068]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (05/28/2015 10:00:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (05/28/2015 10:00:16 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: ) Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden. bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data) bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor) bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider) --- Ende der internen Ausnahmestapelüberwachung --- bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType) bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture) bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes) bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity) bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity) bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args) Error: (05/28/2015 09:49:30 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: javaw.exe8.0.31.13184001d0997e5f3aa76662C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe44cd25ab-0572-11e5-8ccc-685d43acab6f Error: (05/28/2015 09:28:55 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 2 2015-05-28 21:28:55+02:00 WOLFGANG-PC wolfgang-PC\elias F-Secure Anti-Virus Manual scanning was finished - workstation was found infected! Error: (05/28/2015 03:02:31 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: ) Description: 1 2015-05-28 15:02:31+02:00 WOLFGANG-PC wolfgang-PC\elias F-Secure Anti-Virus Malicious code found in file C:\Users\roswitha\Downloads\DHL_Report_62731019587.pdf. Infection: Trojan:W32/FakePDF.A Action: The file was quarantined. Error: (05/28/2015 03:00:28 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2015/05/28 15:00:28.978]: [00006116]: Initialize TwdsMain Class failed! ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz Percentage of memory in use: 49% Total physical RAM: 3990.47 MB Available physical RAM: 2015.83 MB Total Pagefile: 7979.14 MB Available Pagefile: 5020.2 MB Total Virtual: 8192 MB Available Virtual: 8191.82 MB ==================== Drives ================================ Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:500.18 GB) NTFS Drive d: (Recover) (Fixed) (Total:50 GB) (Free:18.93 GB) NTFS ==================== MBR & Partition Table ================== ==================== End of log ============================ |
|
30.05.2015, 13:24
| #4 |
| /// the machine /// TB-Ausbilder | DHL-Mail Anhang geöffnet Unsere Tools brauchen immer Adminrechte!  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.05.2015, 15:25
| #5 |
| | DHL-Mail Anhang geöffnet Hallo Schrauber, dies sah eigentlich gut aus. Anbei die beiden Logs: mbar: Malwarebytes Anti-Rootkit BETA 1.09.1.1004 www.malwarebytes.org Database version: main: v2015.05.30.02 rootkit: v2015.05.24.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.17801 ADMIN :: WOLFGANG-PC [administrator] 30.05.2015 14:48:45 mbar-log-2015-05-30 (14-48-45).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 567123 Time elapsed: 47 minute(s), 16 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) TDSS: 16:17:44.0540 0x1268 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 16:17:52.0329 0x1268 ============================================================ 16:17:52.0329 0x1268 Current date / time: 2015/05/30 16:17:52.0329 16:17:52.0329 0x1268 SystemInfo: 16:17:52.0329 0x1268 16:17:52.0329 0x1268 OS Version: 6.1.7601 ServicePack: 1.0 16:17:52.0329 0x1268 Product type: Workstation 16:17:52.0329 0x1268 ComputerName: WOLFGANG-PC 16:17:52.0329 0x1268 UserName: ADMIN 16:17:52.0329 0x1268 Windows directory: C:\Windows 16:17:52.0329 0x1268 System windows directory: C:\Windows 16:17:52.0329 0x1268 Running under WOW64 16:17:52.0329 0x1268 Processor architecture: Intel x64 16:17:52.0329 0x1268 Number of processors: 4 16:17:52.0329 0x1268 Page size: 0x1000 16:17:52.0329 0x1268 Boot type: Normal boot 16:17:52.0329 0x1268 ============================================================ 16:17:52.0500 0x1268 KLMD registered as C:\Windows\system32\drivers\66088809.sys 16:17:53.0002 0x1268 System UUID: {AB831A18-638A-FEC8-6663-FA9E2820BD10} 16:17:53.0984 0x1268 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:17:53.0999 0x1268 ============================================================ 16:17:53.0999 0x1268 \Device\Harddisk0\DR0: 16:17:53.0999 0x1268 MBR partitions: 16:17:53.0999 0x1268 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 16:17:53.0999 0x1268 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x50F13000 16:17:53.0999 0x1268 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50F45800, BlocksNum 0x6400000 16:17:53.0999 0x1268 ============================================================ 16:17:54.0031 0x1268 C: <-> \Device\Harddisk0\DR0\Partition2 16:17:54.0062 0x1268 D: <-> \Device\Harddisk0\DR0\Partition3 16:17:54.0062 0x1268 ============================================================ 16:17:54.0062 0x1268 Initialize success 16:17:54.0062 0x1268 ============================================================ 16:19:31.0004 0x1ef4 ============================================================ 16:19:31.0004 0x1ef4 Scan started 16:19:31.0004 0x1ef4 Mode: Manual; SigCheck; TDLFS; 16:19:31.0004 0x1ef4 ============================================================ 16:19:31.0004 0x1ef4 KSN ping started 16:19:44.0833 0x1ef4 KSN ping finished: true 16:19:45.0801 0x1ef4 ================ Scan system memory ======================== 16:19:45.0801 0x1ef4 System memory - ok 16:19:45.0802 0x1ef4 ================ Scan services ============================= 16:19:46.0020 0x1ef4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 16:19:46.0334 0x1ef4 1394ohci - ok 16:19:46.0404 0x1ef4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:19:46.0447 0x1ef4 ACPI - ok 16:19:46.0479 0x1ef4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 16:19:46.0664 0x1ef4 AcpiPmi - ok 16:19:46.0748 0x1ef4 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 16:19:46.0775 0x1ef4 AdobeARMservice - ok 16:19:46.0944 0x1ef4 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 16:19:47.0035 0x1ef4 AdobeFlashPlayerUpdateSvc - ok 16:19:47.0094 0x1ef4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 16:19:47.0131 0x1ef4 adp94xx - ok 16:19:47.0198 0x1ef4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 16:19:47.0262 0x1ef4 adpahci - ok 16:19:47.0312 0x1ef4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 16:19:47.0384 0x1ef4 adpu320 - ok 16:19:47.0434 0x1ef4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:19:47.0585 0x1ef4 AeLookupSvc - ok 16:19:47.0653 0x1ef4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 16:19:47.0799 0x1ef4 AFD - ok 16:19:47.0840 0x1ef4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 16:19:47.0891 0x1ef4 agp440 - ok 16:19:47.0939 0x1ef4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 16:19:48.0064 0x1ef4 ALG - ok 16:19:48.0123 0x1ef4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 16:19:48.0177 0x1ef4 aliide - ok 16:19:48.0202 0x1ef4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 16:19:48.0244 0x1ef4 amdide - ok 16:19:48.0276 0x1ef4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 16:19:48.0400 0x1ef4 AmdK8 - ok 16:19:48.0428 0x1ef4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 16:19:48.0705 0x1ef4 AmdPPM - ok 16:19:48.0737 0x1ef4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:19:48.0756 0x1ef4 amdsata - ok 16:19:48.0792 0x1ef4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:19:48.0815 0x1ef4 amdsbs - ok 16:19:48.0854 0x1ef4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:19:48.0902 0x1ef4 amdxata - ok 16:19:48.0955 0x1ef4 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys 16:19:49.0114 0x1ef4 AMPPAL - ok 16:19:49.0154 0x1ef4 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys 16:19:49.0244 0x1ef4 AMPPALP - ok 16:19:49.0382 0x1ef4 [ E1841818278F2A9D66F834451D608AEA, 1773C8C97B8945232847364E27B47A0FA1837EF6D928005972B76B5A7CF6C59E ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe 16:19:49.0447 0x1ef4 AMPPALR3 - ok 16:19:49.0504 0x1ef4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys 16:19:49.0788 0x1ef4 AppID - ok 16:19:49.0820 0x1ef4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:19:50.0022 0x1ef4 AppIDSvc - ok 16:19:50.0074 0x1ef4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 16:19:50.0208 0x1ef4 Appinfo - ok 16:19:50.0255 0x1ef4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 16:19:50.0290 0x1ef4 arc - ok 16:19:50.0312 0x1ef4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:19:50.0343 0x1ef4 arcsas - ok 16:19:50.0421 0x1ef4 [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService C:\Program Files (x86)\PHotkey\ASLDRSrv.exe 16:19:50.0466 0x1ef4 ASLDRService - ok 16:19:50.0603 0x1ef4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:19:50.0724 0x1ef4 aspnet_state - ok 16:19:50.0766 0x1ef4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 16:19:50.0961 0x1ef4 AsyncMac - ok 16:19:51.0007 0x1ef4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 16:19:51.0078 0x1ef4 atapi - ok 16:19:51.0187 0x1ef4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 16:19:51.0396 0x1ef4 AudioEndpointBuilder - ok 16:19:51.0441 0x1ef4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 16:19:51.0500 0x1ef4 AudioSrv - ok 16:19:51.0554 0x1ef4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:19:51.0796 0x1ef4 AxInstSV - ok 16:19:51.0847 0x1ef4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:19:52.0066 0x1ef4 b06bdrv - ok 16:19:52.0104 0x1ef4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 16:19:52.0261 0x1ef4 b57nd60a - ok 16:19:52.0326 0x1ef4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 16:19:52.0461 0x1ef4 BDESVC - ok 16:19:52.0486 0x1ef4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 16:19:52.0625 0x1ef4 Beep - ok 16:19:52.0715 0x1ef4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 16:19:52.0868 0x1ef4 BFE - ok 16:19:52.0964 0x1ef4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 16:19:53.0212 0x1ef4 BITS - ok 16:19:53.0281 0x1ef4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys 16:19:53.0374 0x1ef4 blbdrive - ok 16:19:53.0519 0x1ef4 [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe 16:19:53.0592 0x1ef4 Bluetooth Device Monitor - ok 16:19:53.0709 0x1ef4 [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe 16:19:53.0772 0x1ef4 Bluetooth Media Service - ok 16:19:53.0883 0x1ef4 [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe 16:19:53.0954 0x1ef4 Bluetooth OBEX Service - ok 16:19:54.0025 0x1ef4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:19:54.0136 0x1ef4 bowser - ok 16:19:54.0158 0x1ef4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 16:19:54.0263 0x1ef4 BrFiltLo - ok 16:19:54.0312 0x1ef4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 16:19:54.0400 0x1ef4 BrFiltUp - ok 16:19:54.0475 0x1ef4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 16:19:54.0598 0x1ef4 Browser - ok 16:19:54.0640 0x1ef4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 16:19:54.0810 0x1ef4 Brserid - ok 16:19:54.0860 0x1ef4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 16:19:54.0977 0x1ef4 BrSerWdm - ok 16:19:55.0065 0x1ef4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 16:19:55.0159 0x1ef4 BrUsbMdm - ok 16:19:55.0176 0x1ef4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 16:19:55.0268 0x1ef4 BrUsbSer - ok 16:19:55.0350 0x1ef4 [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 16:19:55.0432 0x1ef4 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 ) 16:19:58.0110 0x1ef4 Detect skipped due to KSN trusted 16:19:58.0110 0x1ef4 BrYNSvc - ok 16:19:58.0201 0x1ef4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys 16:19:58.0314 0x1ef4 BthEnum - ok 16:19:58.0387 0x1ef4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys 16:19:58.0484 0x1ef4 BTHMODEM - ok 16:19:58.0524 0x1ef4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 16:19:58.0587 0x1ef4 BthPan - ok 16:19:58.0670 0x1ef4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 16:19:58.0816 0x1ef4 BTHPORT - ok 16:19:58.0880 0x1ef4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 16:19:58.0984 0x1ef4 bthserv - ok 16:19:59.0049 0x1ef4 [ 618AFD0072F4A672977484BFF6FE4FE2, 0F234937C781718F6C7A7791D9BC4036F83F69D0E8BF21D1AFC0F799FE54742D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe 16:19:59.0093 0x1ef4 BTHSSecurityMgr - ok 16:19:59.0119 0x1ef4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 16:19:59.0247 0x1ef4 BTHUSB - ok 16:19:59.0315 0x1ef4 [ BE9931E1C340441A1103DA3CCAEF6E96, 11A306787F633099CB329A9CD197E45BFEACBBF85566AB0B062CCC0103AA1B54 ] btmaudio C:\Windows\system32\drivers\btmaud.sys 16:19:59.0438 0x1ef4 btmaudio - ok 16:19:59.0474 0x1ef4 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys 16:19:59.0576 0x1ef4 btmaux - ok 16:19:59.0625 0x1ef4 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys 16:19:59.0727 0x1ef4 btmhsf - ok 16:19:59.0761 0x1ef4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:19:59.0864 0x1ef4 cdfs - ok 16:19:59.0902 0x1ef4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 16:19:59.0986 0x1ef4 cdrom - ok 16:20:00.0046 0x1ef4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 16:20:00.0171 0x1ef4 CertPropSvc - ok 16:20:00.0227 0x1ef4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 16:20:00.0347 0x1ef4 circlass - ok 16:20:00.0416 0x1ef4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 16:20:00.0473 0x1ef4 CLFS - ok 16:20:00.0719 0x1ef4 [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe 16:20:00.0847 0x1ef4 ClickToRunSvc - ok 16:20:00.0982 0x1ef4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 16:20:01.0013 0x1ef4 clr_optimization_v2.0.50727_32 - ok 16:20:01.0078 0x1ef4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 16:20:01.0109 0x1ef4 clr_optimization_v2.0.50727_64 - ok 16:20:01.0228 0x1ef4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 16:20:01.0260 0x1ef4 clr_optimization_v4.0.30319_32 - ok 16:20:01.0316 0x1ef4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 16:20:01.0392 0x1ef4 clr_optimization_v4.0.30319_64 - ok 16:20:01.0466 0x1ef4 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 16:20:01.0513 0x1ef4 clwvd - ok 16:20:01.0554 0x1ef4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 16:20:01.0623 0x1ef4 CmBatt - ok 16:20:01.0643 0x1ef4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 16:20:01.0710 0x1ef4 cmdide - ok 16:20:01.0773 0x1ef4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys 16:20:01.0828 0x1ef4 CNG - ok 16:20:01.0881 0x1ef4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 16:20:01.0936 0x1ef4 Compbatt - ok 16:20:01.0986 0x1ef4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys 16:20:02.0101 0x1ef4 CompositeBus - ok 16:20:02.0112 0x1ef4 COMSysApp - ok 16:20:02.0241 0x1ef4 [ 236172C3A418B9A0F26B416A72F5A556, 315D8C8A002BE607A7AC011DA17C6CE305C49C6AF458669C3D2B649A06DBCDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 16:20:02.0290 0x1ef4 cphs - ok 16:20:02.0333 0x1ef4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 16:20:02.0385 0x1ef4 crcdisk - ok 16:20:02.0433 0x1ef4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:20:02.0543 0x1ef4 CryptSvc - ok 16:20:02.0681 0x1ef4 [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe 16:20:02.0712 0x1ef4 CyberLink PowerDVD 10 MS Monitor Service - ok 16:20:02.0771 0x1ef4 [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe 16:20:02.0817 0x1ef4 CyberLink PowerDVD 10 MS Service - ok 16:20:02.0882 0x1ef4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:20:03.0056 0x1ef4 DcomLaunch - ok 16:20:03.0122 0x1ef4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 16:20:03.0240 0x1ef4 defragsvc - ok 16:20:03.0298 0x1ef4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 16:20:03.0409 0x1ef4 DfsC - ok 16:20:03.0455 0x1ef4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 16:20:03.0612 0x1ef4 Dhcp - ok 16:20:03.0757 0x1ef4 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll 16:20:03.0904 0x1ef4 DiagTrack - ok 16:20:03.0973 0x1ef4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 16:20:04.0145 0x1ef4 discache - ok 16:20:04.0211 0x1ef4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 16:20:04.0241 0x1ef4 Disk - ok 16:20:04.0309 0x1ef4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:20:04.0454 0x1ef4 Dnscache - ok 16:20:04.0485 0x1ef4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 16:20:04.0590 0x1ef4 dot3svc - ok 16:20:04.0630 0x1ef4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 16:20:04.0742 0x1ef4 DPS - ok 16:20:04.0812 0x1ef4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:20:04.0898 0x1ef4 drmkaud - ok 16:20:04.0981 0x1ef4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:20:05.0069 0x1ef4 DXGKrnl - ok 16:20:05.0141 0x1ef4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 16:20:05.0277 0x1ef4 EapHost - ok 16:20:05.0494 0x1ef4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:20:05.0714 0x1ef4 ebdrv - ok 16:20:05.0775 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe 16:20:05.0936 0x1ef4 EFS - ok 16:20:06.0044 0x1ef4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 16:20:06.0217 0x1ef4 ehRecvr - ok 16:20:06.0250 0x1ef4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 16:20:06.0338 0x1ef4 ehSched - ok 16:20:06.0407 0x1ef4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 16:20:06.0473 0x1ef4 elxstor - ok 16:20:06.0514 0x1ef4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 16:20:06.0575 0x1ef4 ErrDev - ok 16:20:06.0625 0x1ef4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 16:20:06.0756 0x1ef4 EventSystem - ok 16:20:06.0884 0x1ef4 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 16:20:06.0976 0x1ef4 EvtEng - ok 16:20:07.0080 0x1ef4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 16:20:07.0184 0x1ef4 exfat - ok 16:20:07.0350 0x1ef4 [ 476F455E9ACD598FD2D82A7F2896F040, 13D4EBAEC9F9259F14EBC4F61DCED6755AB254681B7FD9CBBFABDB1C05DD0726 ] F-Secure Gatekeeper C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys 16:20:07.0387 0x1ef4 F-Secure Gatekeeper - ok 16:20:07.0457 0x1ef4 [ 91E3FB44FD00648B026CE6EE5C5414FB, D77ABFCA24645E992F9D787E2C12369CDDE928BF211F791E2D04CA3EB143D607 ] F-Secure HIPS C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys 16:20:07.0497 0x1ef4 F-Secure HIPS - ok 16:20:07.0529 0x1ef4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:20:08.0478 0x1ef4 fastfat - ok 16:20:08.0565 0x1ef4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 16:20:08.0720 0x1ef4 Fax - ok 16:20:08.0764 0x1ef4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 16:20:08.0840 0x1ef4 fdc - ok 16:20:08.0880 0x1ef4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 16:20:08.0980 0x1ef4 fdPHost - ok 16:20:09.0007 0x1ef4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 16:20:09.0115 0x1ef4 FDResPub - ok 16:20:09.0129 0x1ef4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:20:09.0147 0x1ef4 FileInfo - ok 16:20:09.0186 0x1ef4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:20:09.0315 0x1ef4 Filetrace - ok 16:20:09.0351 0x1ef4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 16:20:09.0438 0x1ef4 flpydisk - ok 16:20:09.0489 0x1ef4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:20:09.0561 0x1ef4 FltMgr - ok 16:20:09.0707 0x1ef4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll 16:20:09.0870 0x1ef4 FontCache - ok 16:20:09.0965 0x1ef4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:20:10.0021 0x1ef4 FontCache3.0.0.0 - ok 16:20:10.0076 0x1ef4 [ DDA886136E50D00BFFD202AAE37A55E5, 257794E68DCEB6DC684C9EDACCC2A23062F2EE1D180683DB20AAD89D9B18402B ] fsbts C:\Windows\system32\Drivers\fsbts.sys 16:20:10.0133 0x1ef4 fsbts - ok 16:20:10.0171 0x1ef4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:20:10.0227 0x1ef4 FsDepends - ok 16:20:10.0284 0x1ef4 [ A876BA917EBD9E629CFD344EEBE240AD, D0C748099F284A2404279C06ACDA8F2258E092964DF90269D7F9C69B2BAAE5BB ] fshoster C:\Program Files (x86)\Kabel BW\fshoster32.exe 16:20:10.0312 0x1ef4 fshoster - ok 16:20:10.0359 0x1ef4 [ F014EC4D8DAF812A5ECB5F667AD6E59C, 4E06E85AE7FE0D55E6566AC473718C958CDE829959B4AC6FE0FC936771DF2318 ] FSMA C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE 16:20:10.0393 0x1ef4 FSMA - ok 16:20:10.0498 0x1ef4 [ D3B6995B7D1CD9481AA54ECB8B8DF595, 27BAD0724B6ACC41FA677832952277275C5C8D807FFE7058FC5D64F357A4B232 ] fsni C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\bin\fsni64.sys 16:20:10.0535 0x1ef4 fsni - ok 16:20:10.0657 0x1ef4 [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe 16:20:10.0761 0x1ef4 FSORSPClient - ok 16:20:10.0791 0x1ef4 [ 695E2F0F1BA5DD81E112F8E07134CC8E, F483D90A79FF9F28B5C220C92B2770B40684D4C0F86F0E8FAF8E06CEE38A0C22 ] fsvista C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys 16:20:10.0849 0x1ef4 fsvista - ok 16:20:10.0884 0x1ef4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:20:10.0962 0x1ef4 Fs_Rec - ok 16:20:11.0025 0x1ef4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:20:11.0094 0x1ef4 fvevol - ok 16:20:11.0138 0x1ef4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:20:11.0213 0x1ef4 gagp30kx - ok 16:20:11.0281 0x1ef4 [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe 16:20:11.0386 0x1ef4 GFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 ) 16:20:14.0065 0x1ef4 Detect skipped due to KSN trusted 16:20:14.0065 0x1ef4 GFNEXSrv - ok 16:20:14.0154 0x1ef4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 16:20:14.0312 0x1ef4 gpsvc - ok 16:20:14.0392 0x1ef4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:20:14.0420 0x1ef4 gupdate - ok 16:20:14.0426 0x1ef4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:20:14.0443 0x1ef4 gupdatem - ok 16:20:14.0496 0x1ef4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe 16:20:14.0561 0x1ef4 gusvc - ok 16:20:14.0640 0x1ef4 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys 16:20:14.0717 0x1ef4 hamachi - ok 16:20:14.0899 0x1ef4 [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe 16:20:15.0020 0x1ef4 Hamachi2Svc - ok 16:20:15.0087 0x1ef4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 16:20:15.0311 0x1ef4 hcw85cir - ok 16:20:15.0355 0x1ef4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:20:15.0549 0x1ef4 HdAudAddService - ok 16:20:15.0583 0x1ef4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys 16:20:15.0757 0x1ef4 HDAudBus - ok 16:20:15.0788 0x1ef4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 16:20:15.0978 0x1ef4 HidBatt - ok 16:20:16.0010 0x1ef4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 16:20:16.0198 0x1ef4 HidBth - ok 16:20:16.0216 0x1ef4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 16:20:16.0428 0x1ef4 HidIr - ok 16:20:16.0458 0x1ef4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 16:20:16.0555 0x1ef4 hidserv - ok 16:20:16.0644 0x1ef4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 16:20:16.0835 0x1ef4 HidUsb - ok 16:20:16.0891 0x1ef4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 16:20:17.0054 0x1ef4 hkmsvc - ok 16:20:17.0108 0x1ef4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:20:17.0162 0x1ef4 HomeGroupListener - ok 16:20:17.0213 0x1ef4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:20:17.0295 0x1ef4 HomeGroupProvider - ok 16:20:17.0343 0x1ef4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:20:17.0384 0x1ef4 HpSAMD - ok 16:20:17.0451 0x1ef4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:20:17.0707 0x1ef4 HTTP - ok 16:20:17.0745 0x1ef4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:20:17.0799 0x1ef4 hwpolicy - ok 16:20:17.0825 0x1ef4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 16:20:17.0872 0x1ef4 i8042prt - ok 16:20:17.0923 0x1ef4 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys 16:20:17.0990 0x1ef4 iaStor - ok 16:20:18.0063 0x1ef4 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 16:20:18.0164 0x1ef4 IAStorDataMgrSvc - ok 16:20:18.0267 0x1ef4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:20:18.0323 0x1ef4 iaStorV - ok 16:20:18.0343 0x1ef4 [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys 16:20:18.0431 0x1ef4 ibtfltcoex - ok 16:20:18.0539 0x1ef4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 16:20:18.0661 0x1ef4 idsvc - ok 16:20:18.0682 0x1ef4 IEEtwCollectorService - ok 16:20:19.0190 0x1ef4 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 16:20:19.0867 0x1ef4 igfx - ok 16:20:19.0926 0x1ef4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 16:20:19.0968 0x1ef4 iirsp - ok 16:20:20.0024 0x1ef4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 16:20:20.0136 0x1ef4 IKEEXT - ok 16:20:20.0207 0x1ef4 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 16:20:20.0340 0x1ef4 intaud_WaveExtensible - ok 16:20:20.0590 0x1ef4 [ 059DDDEDBE5701DC3B779D32798108AC, 4735C52D5F7A7AC07985835C17955C96418BB3C3316264CF6A44F6150E10755B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:20:20.0911 0x1ef4 IntcAzAudAddService - ok 16:20:21.0015 0x1ef4 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 16:20:21.0122 0x1ef4 IntcDAud - ok 16:20:21.0228 0x1ef4 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 16:20:21.0286 0x1ef4 Intel(R) Capability Licensing Service Interface - ok 16:20:21.0334 0x1ef4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 16:20:21.0359 0x1ef4 intelide - ok 16:20:21.0403 0x1ef4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 16:20:21.0471 0x1ef4 intelppm - ok 16:20:21.0523 0x1ef4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 16:20:21.0626 0x1ef4 IPBusEnum - ok 16:20:21.0649 0x1ef4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:20:21.0742 0x1ef4 IpFilterDriver - ok 16:20:21.0790 0x1ef4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:20:21.0937 0x1ef4 iphlpsvc - ok 16:20:21.0976 0x1ef4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 16:20:22.0066 0x1ef4 IPMIDRV - ok 16:20:22.0099 0x1ef4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:20:22.0203 0x1ef4 IPNAT - ok 16:20:22.0232 0x1ef4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:20:22.0290 0x1ef4 IRENUM - ok 16:20:22.0312 0x1ef4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:20:22.0359 0x1ef4 isapnp - ok 16:20:22.0421 0x1ef4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 16:20:22.0461 0x1ef4 iScsiPrt - ok 16:20:22.0496 0x1ef4 [ 492F2DF02CD817CE8D544F96097BD77A, 6EF37BD62A49C9F55845A56498A93A26C109BEC2EBCB65A49908BECEC6FC6371 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys 16:20:22.0696 0x1ef4 IT9135BDA - ok 16:20:22.0737 0x1ef4 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys 16:20:22.0772 0x1ef4 iusb3hcs - ok 16:20:22.0814 0x1ef4 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 16:20:22.0865 0x1ef4 iusb3hub - ok 16:20:22.0976 0x1ef4 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys 16:20:23.0042 0x1ef4 iusb3xhc - ok 16:20:23.0087 0x1ef4 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys 16:20:23.0147 0x1ef4 iwdbus - ok 16:20:23.0218 0x1ef4 [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 16:20:23.0248 0x1ef4 jhi_service - ok 16:20:23.0290 0x1ef4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 16:20:23.0333 0x1ef4 kbdclass - ok 16:20:23.0358 0x1ef4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 16:20:23.0422 0x1ef4 kbdhid - ok 16:20:23.0446 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe 16:20:23.0464 0x1ef4 KeyIso - ok 16:20:23.0518 0x1ef4 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:20:23.0560 0x1ef4 KSecDD - ok 16:20:23.0586 0x1ef4 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:20:23.0624 0x1ef4 KSecPkg - ok 16:20:23.0661 0x1ef4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:20:23.0736 0x1ef4 ksthunk - ok 16:20:23.0775 0x1ef4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 16:20:23.0873 0x1ef4 KtmRm - ok 16:20:23.0933 0x1ef4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:20:24.0084 0x1ef4 LanmanServer - ok 16:20:24.0142 0x1ef4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:20:24.0280 0x1ef4 LanmanWorkstation - ok 16:20:24.0364 0x1ef4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:20:24.0497 0x1ef4 lltdio - ok 16:20:24.0553 0x1ef4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:20:24.0697 0x1ef4 lltdsvc - ok 16:20:24.0731 0x1ef4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:20:24.0860 0x1ef4 lmhosts - ok 16:20:24.0968 0x1ef4 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe 16:20:25.0018 0x1ef4 LMIGuardianSvc - ok 16:20:25.0099 0x1ef4 [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 16:20:25.0138 0x1ef4 LMS - ok 16:20:25.0215 0x1ef4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 16:20:25.0266 0x1ef4 LSI_FC - ok 16:20:25.0298 0x1ef4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:20:25.0353 0x1ef4 LSI_SAS - ok 16:20:25.0371 0x1ef4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:20:25.0396 0x1ef4 LSI_SAS2 - ok 16:20:25.0433 0x1ef4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 16:20:25.0475 0x1ef4 LSI_SCSI - ok 16:20:25.0501 0x1ef4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 16:20:25.0577 0x1ef4 luafv - ok 16:20:25.0620 0x1ef4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 16:20:25.0686 0x1ef4 Mcx2Svc - ok 16:20:25.0720 0x1ef4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 16:20:25.0768 0x1ef4 megasas - ok 16:20:25.0802 0x1ef4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 16:20:25.0834 0x1ef4 MegaSR - ok 16:20:25.0864 0x1ef4 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys 16:20:25.0970 0x1ef4 MEIx64 - ok 16:20:26.0007 0x1ef4 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe 16:20:26.0105 0x1ef4 MemeoBackgroundService - ok 16:20:26.0147 0x1ef4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 16:20:26.0272 0x1ef4 MMCSS - ok 16:20:26.0303 0x1ef4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 16:20:26.0408 0x1ef4 Modem - ok 16:20:26.0431 0x1ef4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 16:20:26.0571 0x1ef4 monitor - ok 16:20:26.0614 0x1ef4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 16:20:26.0653 0x1ef4 mouclass - ok 16:20:26.0697 0x1ef4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 16:20:26.0890 0x1ef4 mouhid - ok 16:20:26.0934 0x1ef4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:20:26.0966 0x1ef4 mountmgr - ok 16:20:27.0036 0x1ef4 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:20:27.0079 0x1ef4 MozillaMaintenance - ok 16:20:27.0127 0x1ef4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 16:20:28.0169 0x1ef4 mpio - ok 16:20:28.0265 0x1ef4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:20:28.0371 0x1ef4 mpsdrv - ok 16:20:28.0455 0x1ef4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 16:20:28.0587 0x1ef4 MpsSvc - ok 16:20:28.0632 0x1ef4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:20:28.0716 0x1ef4 MRxDAV - ok 16:20:28.0764 0x1ef4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:20:28.0848 0x1ef4 mrxsmb - ok 16:20:28.0891 0x1ef4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:20:28.0983 0x1ef4 mrxsmb10 - ok 16:20:29.0012 0x1ef4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:20:29.0104 0x1ef4 mrxsmb20 - ok 16:20:29.0132 0x1ef4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 16:20:29.0173 0x1ef4 msahci - ok 16:20:29.0216 0x1ef4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 16:20:29.0263 0x1ef4 msdsm - ok 16:20:29.0324 0x1ef4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 16:20:29.0431 0x1ef4 MSDTC - ok 16:20:29.0486 0x1ef4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:20:29.0607 0x1ef4 Msfs - ok 16:20:29.0646 0x1ef4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:20:29.0767 0x1ef4 mshidkmdf - ok 16:20:29.0781 0x1ef4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:20:29.0814 0x1ef4 msisadrv - ok 16:20:29.0858 0x1ef4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:20:30.0000 0x1ef4 MSiSCSI - ok 16:20:30.0009 0x1ef4 msiserver - ok 16:20:30.0078 0x1ef4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:20:30.0197 0x1ef4 MSKSSRV - ok 16:20:30.0220 0x1ef4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:20:30.0319 0x1ef4 MSPCLOCK - ok 16:20:30.0337 0x1ef4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:20:30.0396 0x1ef4 MSPQM - ok 16:20:30.0424 0x1ef4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:20:30.0465 0x1ef4 MsRPC - ok 16:20:30.0508 0x1ef4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys 16:20:30.0575 0x1ef4 mssmbios - ok 16:20:30.0639 0x1ef4 MSSQL$SQLEXPRESS - ok 16:20:30.0692 0x1ef4 [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE 16:20:30.0766 0x1ef4 MSSQLServerADHelper100 - ok 16:20:30.0815 0x1ef4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:20:30.0941 0x1ef4 MSTEE - ok 16:20:30.0962 0x1ef4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 16:20:31.0037 0x1ef4 MTConfig - ok 16:20:31.0070 0x1ef4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 16:20:31.0133 0x1ef4 Mup - ok 16:20:31.0218 0x1ef4 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 16:20:31.0258 0x1ef4 MyWiFiDHCPDNS - ok 16:20:31.0304 0x1ef4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 16:20:31.0440 0x1ef4 napagent - ok 16:20:31.0504 0x1ef4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:20:31.0626 0x1ef4 NativeWifiP - ok 16:20:31.0728 0x1ef4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 16:20:31.0788 0x1ef4 NDIS - ok 16:20:31.0857 0x1ef4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:20:31.0939 0x1ef4 NdisCap - ok 16:20:31.0968 0x1ef4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:20:32.0119 0x1ef4 NdisTapi - ok 16:20:32.0145 0x1ef4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:20:32.0267 0x1ef4 Ndisuio - ok 16:20:32.0283 0x1ef4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:20:32.0380 0x1ef4 NdisWan - ok 16:20:32.0396 0x1ef4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:20:32.0482 0x1ef4 NDProxy - ok 16:20:32.0515 0x1ef4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:20:32.0626 0x1ef4 NetBIOS - ok 16:20:32.0671 0x1ef4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:20:32.0795 0x1ef4 NetBT - ok 16:20:32.0809 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe 16:20:32.0822 0x1ef4 Netlogon - ok 16:20:32.0881 0x1ef4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 16:20:32.0986 0x1ef4 Netman - ok 16:20:33.0096 0x1ef4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:20:33.0154 0x1ef4 NetMsmqActivator - ok 16:20:33.0165 0x1ef4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:20:33.0234 0x1ef4 NetPipeActivator - ok 16:20:33.0287 0x1ef4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 16:20:33.0390 0x1ef4 netprofm - ok 16:20:33.0397 0x1ef4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:20:33.0427 0x1ef4 NetTcpActivator - ok 16:20:33.0433 0x1ef4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:20:33.0471 0x1ef4 NetTcpPortSharing - ok 16:20:33.0888 0x1ef4 [ 47DC062656EA661FE9175DBACAD00E9D, 508CD435420C0EA2E5943BFE1B4687ECBFB9602209A539B213C5197A16BFF816 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 16:20:34.0404 0x1ef4 NETwNs64 - ok 16:20:34.0464 0x1ef4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 16:20:34.0522 0x1ef4 nfrd960 - ok 16:20:34.0599 0x1ef4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 16:20:34.0766 0x1ef4 NlaSvc - ok 16:20:34.0796 0x1ef4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:20:34.0915 0x1ef4 Npfs - ok 16:20:34.0943 0x1ef4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 16:20:35.0086 0x1ef4 nsi - ok 16:20:35.0117 0x1ef4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:20:35.0208 0x1ef4 nsiproxy - ok 16:20:35.0326 0x1ef4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:20:35.0540 0x1ef4 Ntfs - ok 16:20:35.0609 0x1ef4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 16:20:35.0741 0x1ef4 Null - ok 16:20:35.0778 0x1ef4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:20:35.0816 0x1ef4 nvraid - ok 16:20:35.0831 0x1ef4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:20:35.0872 0x1ef4 nvstor - ok 16:20:35.0905 0x1ef4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:20:35.0923 0x1ef4 nv_agp - ok 16:20:35.0960 0x1ef4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 16:20:36.0016 0x1ef4 ohci1394 - ok 16:20:36.0115 0x1ef4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:20:36.0176 0x1ef4 ose - ok 16:20:36.0482 0x1ef4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:20:37.0207 0x1ef4 osppsvc - ok 16:20:37.0268 0x1ef4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:20:37.0352 0x1ef4 p2pimsvc - ok 16:20:37.0403 0x1ef4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 16:20:37.0509 0x1ef4 p2psvc - ok 16:20:37.0541 0x1ef4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 16:20:37.0640 0x1ef4 Parport - ok 16:20:37.0687 0x1ef4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:20:37.0706 0x1ef4 partmgr - ok 16:20:37.0758 0x1ef4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 16:20:37.0846 0x1ef4 PcaSvc - ok 16:20:37.0894 0x1ef4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 16:20:37.0941 0x1ef4 pci - ok 16:20:37.0969 0x1ef4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 16:20:38.0009 0x1ef4 pciide - ok 16:20:38.0049 0x1ef4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:20:38.0094 0x1ef4 pcmcia - ok 16:20:38.0110 0x1ef4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 16:20:38.0176 0x1ef4 pcw - ok 16:20:38.0275 0x1ef4 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe 16:20:38.0404 0x1ef4 PDFProFiltSrvPP - ok 16:20:38.0494 0x1ef4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:20:38.0588 0x1ef4 PEAUTH - ok 16:20:38.0671 0x1ef4 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys 16:20:38.0725 0x1ef4 PEGAGFN - ok 16:20:38.0834 0x1ef4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:20:38.0922 0x1ef4 PerfHost - ok 16:20:39.0017 0x1ef4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 16:20:39.0153 0x1ef4 pla - ok 16:20:39.0255 0x1ef4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:20:39.0359 0x1ef4 PlugPlay - ok 16:20:39.0411 0x1ef4 PnkBstrA - ok 16:20:39.0446 0x1ef4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:20:39.0503 0x1ef4 PNRPAutoReg - ok 16:20:39.0538 0x1ef4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:20:39.0595 0x1ef4 PNRPsvc - ok 16:20:39.0692 0x1ef4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:20:39.0801 0x1ef4 PolicyAgent - ok 16:20:39.0820 0x1ef4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 16:20:39.0944 0x1ef4 Power - ok 16:20:39.0996 0x1ef4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 16:20:40.0115 0x1ef4 PptpMiniport - ok 16:20:40.0129 0x1ef4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 16:20:40.0170 0x1ef4 Processor - ok 16:20:40.0216 0x1ef4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 16:20:40.0301 0x1ef4 ProfSvc - ok 16:20:40.0364 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe 16:20:40.0409 0x1ef4 ProtectedStorage - ok 16:20:40.0442 0x1ef4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:20:40.0571 0x1ef4 Psched - ok 16:20:40.0661 0x1ef4 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe 16:20:40.0706 0x1ef4 PSI_SVC_2 - ok 16:20:40.0813 0x1ef4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 16:20:40.0911 0x1ef4 ql2300 - ok 16:20:40.0956 0x1ef4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 16:20:40.0977 0x1ef4 ql40xx - ok 16:20:41.0037 0x1ef4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 16:20:41.0138 0x1ef4 QWAVE - ok 16:20:41.0172 0x1ef4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:20:41.0302 0x1ef4 QWAVEdrv - ok 16:20:41.0325 0x1ef4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:20:41.0440 0x1ef4 RasAcd - ok 16:20:41.0482 0x1ef4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 16:20:41.0588 0x1ef4 RasAgileVpn - ok 16:20:41.0630 0x1ef4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 16:20:41.0741 0x1ef4 RasAuto - ok 16:20:41.0777 0x1ef4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 16:20:41.0871 0x1ef4 Rasl2tp - ok 16:20:41.0908 0x1ef4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 16:20:41.0987 0x1ef4 RasMan - ok 16:20:42.0044 0x1ef4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:20:42.0119 0x1ef4 RasPppoe - ok 16:20:42.0145 0x1ef4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 16:20:42.0215 0x1ef4 RasSstp - ok 16:20:42.0252 0x1ef4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:20:42.0332 0x1ef4 rdbss - ok 16:20:42.0365 0x1ef4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 16:20:42.0415 0x1ef4 rdpbus - ok 16:20:42.0447 0x1ef4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 16:20:42.0535 0x1ef4 RDPCDD - ok 16:20:42.0562 0x1ef4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 16:20:42.0653 0x1ef4 RDPENCDD - ok 16:20:42.0673 0x1ef4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 16:20:42.0737 0x1ef4 RDPREFMP - ok 16:20:42.0823 0x1ef4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 16:20:42.0892 0x1ef4 RdpVideoMiniport - ok 16:20:42.0934 0x1ef4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 16:20:43.0026 0x1ef4 RDPWD - ok 16:20:43.0079 0x1ef4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:20:43.0134 0x1ef4 rdyboost - ok 16:20:43.0259 0x1ef4 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 16:20:43.0289 0x1ef4 RegSrvc - ok 16:20:43.0325 0x1ef4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:20:43.0399 0x1ef4 RemoteAccess - ok 16:20:43.0439 0x1ef4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:20:43.0519 0x1ef4 RemoteRegistry - ok 16:20:43.0550 0x1ef4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 16:20:43.0623 0x1ef4 RFCOMM - ok 16:20:43.0710 0x1ef4 [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 16:20:43.0771 0x1ef4 RichVideo64 - ok 16:20:43.0805 0x1ef4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:20:43.0875 0x1ef4 RpcEptMapper - ok 16:20:43.0907 0x1ef4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 16:20:43.0979 0x1ef4 RpcLocator - ok 16:20:44.0030 0x1ef4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 16:20:44.0095 0x1ef4 RpcSs - ok 16:20:44.0168 0x1ef4 [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys 16:20:44.0206 0x1ef4 RsFx0103 - ok 16:20:44.0236 0x1ef4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:20:44.0330 0x1ef4 rspndr - ok 16:20:44.0407 0x1ef4 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys 16:20:44.0469 0x1ef4 RSUSBSTOR - ok 16:20:44.0536 0x1ef4 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 16:20:44.0578 0x1ef4 RTL8167 - ok 16:20:44.0600 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe 16:20:44.0638 0x1ef4 SamSs - ok 16:20:44.0653 0x1ef4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:20:44.0672 0x1ef4 sbp2port - ok 16:20:44.0724 0x1ef4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:20:44.0843 0x1ef4 SCardSvr - ok 16:20:44.0877 0x1ef4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:20:44.0994 0x1ef4 scfilter - ok 16:20:45.0043 0x1ef4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 16:20:45.0228 0x1ef4 Schedule - ok 16:20:45.0307 0x1ef4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:20:45.0367 0x1ef4 SCPolicySvc - ok 16:20:45.0396 0x1ef4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 16:20:45.0504 0x1ef4 SDRSVC - ok 16:20:45.0576 0x1ef4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:20:45.0666 0x1ef4 secdrv - ok 16:20:45.0697 0x1ef4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 16:20:45.0800 0x1ef4 seclogon - ok 16:20:45.0837 0x1ef4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 16:20:45.0941 0x1ef4 SENS - ok 16:20:45.0960 0x1ef4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:20:46.0023 0x1ef4 SensrSvc - ok 16:20:46.0053 0x1ef4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 16:20:46.0118 0x1ef4 Serenum - ok 16:20:46.0158 0x1ef4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 16:20:46.0268 0x1ef4 Serial - ok 16:20:46.0288 0x1ef4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 16:20:46.0373 0x1ef4 sermouse - ok 16:20:46.0421 0x1ef4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 16:20:46.0521 0x1ef4 SessionEnv - ok 16:20:46.0536 0x1ef4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 16:20:46.0604 0x1ef4 sffdisk - ok 16:20:46.0674 0x1ef4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 16:20:46.0745 0x1ef4 sffp_mmc - ok 16:20:46.0763 0x1ef4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 16:20:46.0817 0x1ef4 sffp_sd - ok 16:20:46.0836 0x1ef4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 16:20:46.0905 0x1ef4 sfloppy - ok 16:20:46.0963 0x1ef4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:20:47.0075 0x1ef4 SharedAccess - ok 16:20:47.0121 0x1ef4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:20:47.0235 0x1ef4 ShellHWDetection - ok 16:20:47.0310 0x1ef4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:20:47.0884 0x1ef4 SiSRaid2 - ok 16:20:47.0935 0x1ef4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:20:47.0966 0x1ef4 SiSRaid4 - ok 16:20:48.0026 0x1ef4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 16:20:48.0123 0x1ef4 Smb - ok 16:20:48.0185 0x1ef4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:20:48.0268 0x1ef4 SNMPTRAP - ok 16:20:48.0281 0x1ef4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 16:20:48.0340 0x1ef4 spldr - ok 16:20:48.0408 0x1ef4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 16:20:48.0593 0x1ef4 Spooler - ok 16:20:48.0784 0x1ef4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 16:20:48.0972 0x1ef4 sppsvc - ok 16:20:49.0024 0x1ef4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 16:20:49.0107 0x1ef4 sppuinotify - ok 16:20:49.0222 0x1ef4 [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE 16:20:49.0294 0x1ef4 SQLAgent$SQLEXPRESS - ok 16:20:49.0364 0x1ef4 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe 16:20:49.0427 0x1ef4 SQLBrowser - ok 16:20:49.0510 0x1ef4 [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe 16:20:49.0582 0x1ef4 SQLWriter - ok 16:20:49.0652 0x1ef4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:20:49.0737 0x1ef4 srv - ok 16:20:49.0776 0x1ef4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:20:49.0845 0x1ef4 srv2 - ok 16:20:49.0899 0x1ef4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:20:49.0999 0x1ef4 srvnet - ok 16:20:50.0075 0x1ef4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:20:50.0165 0x1ef4 SSDPSRV - ok 16:20:50.0185 0x1ef4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:20:50.0247 0x1ef4 SstpSvc - ok 16:20:50.0267 0x1ef4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:20:50.0298 0x1ef4 stexstor - ok 16:20:50.0334 0x1ef4 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys 16:20:50.0404 0x1ef4 StillCam - ok 16:20:50.0480 0x1ef4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 16:20:50.0622 0x1ef4 stisvc - ok 16:20:50.0675 0x1ef4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys 16:20:50.0727 0x1ef4 swenum - ok 16:20:50.0790 0x1ef4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 16:20:50.0915 0x1ef4 swprv - ok 16:20:50.0979 0x1ef4 [ E157A3A7A09BDBB74AFEAB352D5D76F1, 2CDB47B68A5DA7BDE02594CCA969B1FDD1444CC150A11D4F31B790B022B9CE86 ] SynTP C:\Windows\system32\drivers\SynTP.sys 16:20:51.0017 0x1ef4 SynTP - ok 16:20:51.0157 0x1ef4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 16:20:51.0326 0x1ef4 SysMain - ok 16:20:51.0373 0x1ef4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 16:20:51.0476 0x1ef4 TabletInputService - ok 16:20:51.0517 0x1ef4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 16:20:51.0627 0x1ef4 TapiSrv - ok 16:20:51.0667 0x1ef4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 16:20:51.0765 0x1ef4 TBS - ok 16:20:51.0903 0x1ef4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:20:52.0036 0x1ef4 Tcpip - ok 16:20:52.0183 0x1ef4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:20:52.0301 0x1ef4 TCPIP6 - ok 16:20:52.0384 0x1ef4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:20:52.0491 0x1ef4 tcpipreg - ok 16:20:52.0513 0x1ef4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 16:20:52.0570 0x1ef4 TDPIPE - ok 16:20:52.0592 0x1ef4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 16:20:52.0652 0x1ef4 TDTCP - ok 16:20:52.0684 0x1ef4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:20:52.0790 0x1ef4 tdx - ok 16:20:52.0809 0x1ef4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys 16:20:52.0858 0x1ef4 TermDD - ok 16:20:52.0912 0x1ef4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 16:20:53.0014 0x1ef4 TermService - ok 16:20:53.0066 0x1ef4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 16:20:53.0169 0x1ef4 Themes - ok 16:20:53.0202 0x1ef4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 16:20:53.0260 0x1ef4 THREADORDER - ok 16:20:53.0280 0x1ef4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 16:20:53.0370 0x1ef4 TrkWks - ok 16:20:53.0441 0x1ef4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:20:53.0599 0x1ef4 TrustedInstaller - ok 16:20:53.0639 0x1ef4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 16:20:53.0729 0x1ef4 tssecsrv - ok 16:20:53.0797 0x1ef4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:20:53.0913 0x1ef4 TsUsbFlt - ok 16:20:53.0938 0x1ef4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 16:20:54.0061 0x1ef4 TsUsbGD - ok 16:20:54.0101 0x1ef4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:20:54.0219 0x1ef4 tunnel - ok 16:20:54.0250 0x1ef4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:20:54.0301 0x1ef4 uagp35 - ok 16:20:54.0339 0x1ef4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:20:54.0428 0x1ef4 udfs - ok 16:20:54.0470 0x1ef4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:20:54.0527 0x1ef4 UI0Detect - ok 16:20:54.0563 0x1ef4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:20:54.0619 0x1ef4 uliagpkx - ok 16:20:54.0663 0x1ef4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 16:20:54.0749 0x1ef4 umbus - ok 16:20:54.0815 0x1ef4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 16:20:54.0914 0x1ef4 UmPass - ok 16:20:55.0110 0x1ef4 [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 16:20:55.0173 0x1ef4 UNS - ok 16:20:55.0255 0x1ef4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 16:20:55.0385 0x1ef4 upnphost - ok 16:20:55.0426 0x1ef4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 16:20:55.0528 0x1ef4 usbccgp - ok 16:20:55.0568 0x1ef4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 16:20:55.0653 0x1ef4 usbcir - ok 16:20:55.0693 0x1ef4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 16:20:55.0807 0x1ef4 usbehci - ok 16:20:55.0882 0x1ef4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 16:20:55.0988 0x1ef4 usbhub - ok 16:20:56.0026 0x1ef4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 16:20:56.0094 0x1ef4 usbohci - ok 16:20:56.0145 0x1ef4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 16:20:56.0224 0x1ef4 usbprint - ok 16:20:56.0282 0x1ef4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 16:20:56.0346 0x1ef4 usbscan - ok 16:20:56.0408 0x1ef4 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys 16:20:56.0543 0x1ef4 usbser - ok 16:20:56.0565 0x1ef4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 16:20:56.0627 0x1ef4 USBSTOR - ok 16:20:56.0684 0x1ef4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 16:20:56.0784 0x1ef4 usbuhci - ok 16:20:56.0848 0x1ef4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 16:20:56.0922 0x1ef4 usbvideo - ok 16:20:56.0957 0x1ef4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 16:20:57.0057 0x1ef4 UxSms - ok 16:20:57.0080 0x1ef4 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe 16:20:57.0109 0x1ef4 VaultSvc - ok 16:20:57.0142 0x1ef4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:20:57.0192 0x1ef4 vdrvroot - ok 16:20:57.0232 0x1ef4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 16:20:57.0373 0x1ef4 vds - ok 16:20:57.0407 0x1ef4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 16:20:57.0560 0x1ef4 vga - ok 16:20:57.0586 0x1ef4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 16:20:57.0687 0x1ef4 VgaSave - ok 16:20:57.0721 0x1ef4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 16:20:57.0752 0x1ef4 vhdmp - ok 16:20:57.0809 0x1ef4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 16:20:57.0871 0x1ef4 viaide - ok 16:20:57.0901 0x1ef4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:20:57.0944 0x1ef4 volmgr - ok 16:20:57.0983 0x1ef4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:20:58.0018 0x1ef4 volmgrx - ok 16:20:58.0058 0x1ef4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:20:58.0115 0x1ef4 volsnap - ok 16:20:58.0142 0x1ef4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:20:58.0162 0x1ef4 vsmraid - ok 16:20:58.0265 0x1ef4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 16:20:58.0487 0x1ef4 VSS - ok 16:20:58.0532 0x1ef4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 16:20:58.0605 0x1ef4 vwifibus - ok 16:20:58.0674 0x1ef4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 16:20:58.0803 0x1ef4 vwififlt - ok 16:20:58.0856 0x1ef4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 16:20:58.0958 0x1ef4 vwifimp - ok 16:20:59.0085 0x1ef4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 16:20:59.0228 0x1ef4 W32Time - ok 16:20:59.0261 0x1ef4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 16:20:59.0362 0x1ef4 WacomPen - ok 16:20:59.0432 0x1ef4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 16:20:59.0543 0x1ef4 WANARP - ok 16:20:59.0557 0x1ef4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 16:20:59.0621 0x1ef4 Wanarpv6 - ok 16:20:59.0738 0x1ef4 [ 63D7250ED2C2E3CD9B11139A608D6C39, 256CF5427706912090ABE67E7EAAB09FEE6692A610839BAEE233CFC403702B9C ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe 16:20:59.0795 0x1ef4 watchmi - detected UnsignedFile.Multi.Generic ( 1 ) 16:21:02.0448 0x1ef4 Detect skipped due to KSN trusted 16:21:02.0448 0x1ef4 watchmi - ok 16:21:02.0564 0x1ef4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 16:21:02.0844 0x1ef4 wbengine - ok 16:21:02.0876 0x1ef4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:21:03.0077 0x1ef4 WbioSrvc - ok 16:21:03.0134 0x1ef4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:21:03.0223 0x1ef4 wcncsvc - ok 16:21:03.0271 0x1ef4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:21:03.0320 0x1ef4 WcsPlugInService - ok 16:21:03.0343 0x1ef4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 16:21:03.0421 0x1ef4 Wd - ok 16:21:03.0496 0x1ef4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:21:03.0544 0x1ef4 Wdf01000 - ok 16:21:03.0612 0x1ef4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:21:03.0776 0x1ef4 WdiServiceHost - ok 16:21:03.0788 0x1ef4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:21:03.0837 0x1ef4 WdiSystemHost - ok 16:21:03.0882 0x1ef4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 16:21:03.0966 0x1ef4 WebClient - ok 16:21:04.0061 0x1ef4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:21:04.0175 0x1ef4 Wecsvc - ok 16:21:04.0258 0x1ef4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:21:04.0335 0x1ef4 wercplsupport - ok 16:21:04.0367 0x1ef4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 16:21:04.0448 0x1ef4 WerSvc - ok 16:21:04.0491 0x1ef4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 16:21:04.0581 0x1ef4 WfpLwf - ok 16:21:04.0618 0x1ef4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:21:04.0673 0x1ef4 WIMMount - ok 16:21:04.0705 0x1ef4 WinDefend - ok 16:21:04.0723 0x1ef4 WinHttpAutoProxySvc - ok 16:21:04.0806 0x1ef4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:21:04.0907 0x1ef4 Winmgmt - ok 16:21:05.0020 0x1ef4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 16:21:05.0180 0x1ef4 WinRM - ok 16:21:05.0301 0x1ef4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys 16:21:05.0387 0x1ef4 WinUsb - ok 16:21:05.0477 0x1ef4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 16:21:05.0585 0x1ef4 Wlansvc - ok 16:21:05.0663 0x1ef4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 16:21:05.0713 0x1ef4 wlcrasvc - ok 16:21:05.0863 0x1ef4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 16:21:06.0010 0x1ef4 wlidsvc - ok 16:21:06.0092 0x1ef4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 16:21:06.0183 0x1ef4 WmiAcpi - ok 16:21:06.0225 0x1ef4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:21:06.0312 0x1ef4 wmiApSrv - ok 16:21:06.0359 0x1ef4 WMPNetworkSvc - ok 16:21:06.0419 0x1ef4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:21:06.0487 0x1ef4 WPCSvc - ok 16:21:06.0512 0x1ef4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:21:06.0602 0x1ef4 WPDBusEnum - ok 16:21:06.0644 0x1ef4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:21:06.0758 0x1ef4 ws2ifsl - ok 16:21:06.0801 0x1ef4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 16:21:06.0884 0x1ef4 wscsvc - ok 16:21:06.0892 0x1ef4 WSearch - ok 16:21:07.0036 0x1ef4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll 16:21:07.0305 0x1ef4 wuauserv - ok 16:21:07.0381 0x1ef4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:21:07.0446 0x1ef4 WudfPf - ok 16:21:07.0492 0x1ef4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 16:21:07.0672 0x1ef4 WUDFRd - ok 16:21:07.0707 0x1ef4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:21:07.0857 0x1ef4 wudfsvc - ok 16:21:07.0895 0x1ef4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 16:21:07.0967 0x1ef4 WwanSvc - ok 16:21:08.0105 0x1ef4 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe 16:21:08.0177 0x1ef4 ZeroConfigService - ok 16:21:08.0250 0x1ef4 ================ Scan global =============================== 16:21:08.0270 0x1ef4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 16:21:08.0309 0x1ef4 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll 16:21:08.0326 0x1ef4 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll 16:21:08.0359 0x1ef4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 16:21:08.0402 0x1ef4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 16:21:08.0411 0x1ef4 [ Global ] - ok 16:21:08.0412 0x1ef4 ================ Scan MBR ================================== 16:21:08.0421 0x1ef4 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0 16:21:10.0747 0x1ef4 \Device\Harddisk0\DR0 - ok 16:21:10.0750 0x1ef4 ================ Scan VBR ================================== 16:21:10.0753 0x1ef4 [ 0B639F45E1DE403025D48814554BBB1A ] \Device\Harddisk0\DR0\Partition1 16:21:10.0756 0x1ef4 \Device\Harddisk0\DR0\Partition1 - ok 16:21:10.0762 0x1ef4 [ 6C7E6710C885390F29B2C728EB23DDA4 ] \Device\Harddisk0\DR0\Partition2 16:21:10.0767 0x1ef4 \Device\Harddisk0\DR0\Partition2 - ok 16:21:10.0773 0x1ef4 [ 9CCB4B4199DD8BF40CF3A408755D31FC ] \Device\Harddisk0\DR0\Partition3 16:21:10.0775 0x1ef4 \Device\Harddisk0\DR0\Partition3 - ok 16:21:10.0777 0x1ef4 ================ Scan generic autorun ====================== 16:21:10.0778 0x1ef4 SynTPEnh - ok 16:21:11.0259 0x1ef4 [ CCC2990D218899C9D4EA36CD520DD29A, C78FD6490778DBFA174DDAEEB60E1C610F4E8AA24C35752E9CAE331BD27B7058 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 16:21:11.0770 0x1ef4 RtHDVCpl - ok 16:21:11.0900 0x1ef4 [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe 16:21:12.0104 0x1ef4 RtHDVBg_Dolby - ok 16:21:12.0141 0x1ef4 [ 0F02CCC1D746862F5684D26C96E3E1EA, 2FBF704C14C699FCF0AC20D7A775BAFB49F184AC9C26C5A6695965BAC5A9C375 ] C:\Windows\system32\igfxtray.exe 16:21:12.0173 0x1ef4 IgfxTray - ok 16:21:12.0211 0x1ef4 [ F10B83038ACC83CEEA4B3C6C6FE46E72, 947B374696957E317BAAA7D240FAE58DE613792347E6C1CEF287A3CCAC54227D ] C:\Windows\system32\hkcmd.exe 16:21:12.0240 0x1ef4 HotKeysCmds - ok 16:21:12.0343 0x1ef4 [ 143DA8EEAE483C00DEF75BA50B218C67, 170A8C4B9864E8A26F63E583BCD494895CD1BE253CD797318F8BA50A4092AF22 ] C:\Windows\system32\igfxpers.exe 16:21:12.0379 0x1ef4 Persistence - ok 16:21:12.0383 0x1ef4 BTMTrayAgent - ok 16:21:12.0419 0x1ef4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 16:21:12.0561 0x1ef4 Logitech Download Assistant - ok 16:21:12.0650 0x1ef4 [ 6364FA7D825B600251A4D1DE7D6FF695, 1BEDD2E9DCE4C50FE7FE644D5DDD447DF79975D666CE128F945DD776E46AFC60 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe 16:21:12.0750 0x1ef4 USB3MON - ok 16:21:12.0843 0x1ef4 [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe 16:21:12.0886 0x1ef4 Dolby Advanced Audio v2 - ok 16:21:12.0972 0x1ef4 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe 16:21:12.0988 0x1ef4 CLMLServer - ok 16:21:13.0024 0x1ef4 [ 99ECAF298145F950B1326656167FBFDF, 77573FE19E2C16AB6D7DD3B689D5E926A86793491D6915E76999BA19A35265EA ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe 16:21:13.0038 0x1ef4 RemoteControl10 - ok 16:21:13.0218 0x1ef4 [ 4F59C918782D978EF68E1FE35E5F38EF, D056BB986130EF524F9DD046ACBBA2FB4CE82F50C0067FE84EE85F19066A1A42 ] C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE 16:21:13.0258 0x1ef4 F-Secure Manager - ok 16:21:13.0413 0x1ef4 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 16:21:13.0595 0x1ef4 Adobe ARM - ok 16:21:13.0659 0x1ef4 [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe 16:21:13.0724 0x1ef4 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 ) 16:21:17.0293 0x1ef4 Detect skipped due to KSN trusted 16:21:17.0293 0x1ef4 ControlCenter4 - ok 16:21:17.0465 0x1ef4 [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 16:21:18.0292 0x1ef4 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 ) 16:21:20.0966 0x1ef4 Detect skipped due to KSN trusted 16:21:20.0966 0x1ef4 BrStsMon00 - ok 16:21:21.0055 0x1ef4 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe 16:21:21.0102 0x1ef4 IndexSearch - ok 16:21:21.0125 0x1ef4 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe 16:21:21.0159 0x1ef4 PaperPort PTD - ok 16:21:21.0229 0x1ef4 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe 16:21:21.0291 0x1ef4 PDFHook - ok 16:21:21.0351 0x1ef4 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe 16:21:21.0395 0x1ef4 PDF5 Registry Controller - ok 16:21:21.0424 0x1ef4 [ A876BA917EBD9E629CFD344EEBE240AD, D0C748099F284A2404279C06ACDA8F2258E092964DF90269D7F9C69B2BAAE5BB ] C:\Program Files (x86)\Kabel BW\fshoster32.exe 16:21:21.0448 0x1ef4 F-Secure Hoster (47731) - ok 16:21:21.0697 0x1ef4 [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe 16:21:22.0021 0x1ef4 LogMeIn Hamachi Ui - ok 16:21:22.0142 0x1ef4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:21:22.0432 0x1ef4 Sidebar - ok 16:21:22.0504 0x1ef4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:21:22.0597 0x1ef4 mctadmin - ok 16:21:22.0687 0x1ef4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 16:21:22.0763 0x1ef4 Sidebar - ok 16:21:22.0800 0x1ef4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 16:21:22.0824 0x1ef4 mctadmin - ok 16:21:22.0895 0x1ef4 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe 16:21:22.0957 0x1ef4 swg - ok 16:21:22.0983 0x1ef4 EA Core - ok 16:21:23.0357 0x1ef4 [ 2E8EAB89DB3F6C0A15C07627B6ED9BCC, D146DC20A37AC34A957B000B106164278C67BCCA2B717A5E317670556FCCE9C0 ] C:\Users\wolfgang\AppData\Local\Amazon Music\Amazon Music Helper.exe 16:21:24.0034 0x1ef4 Amazon Music - ok 16:21:24.0048 0x1ef4 Adobe Speed Launcher - ok 16:21:24.0098 0x1ef4 [ 173D93AB55B6602C115E1E0BCDA3BDBC, 938C02C2C682B542788F0D94ABAB2FA7D80D00E1B8A55E19BEE49AF31AB10D9F ] C:\Windows\Speech\Common\sapisvr.exe 16:21:24.0157 0x1ef4 Speech Recognition - ok 16:21:24.0276 0x1ef4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 16:21:24.0402 0x1ef4 Sidebar - ok 16:21:24.0465 0x1ef4 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe 16:21:24.0551 0x1ef4 Sidebar - ok 16:21:24.0654 0x1ef4 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe 16:21:24.0686 0x1ef4 ISUSPM - ok 16:21:24.0687 0x1ef4 Waiting for KSN requests completion. In queue: 15 16:21:25.0688 0x1ef4 Waiting for KSN requests completion. In queue: 15 16:21:26.0688 0x1ef4 Waiting for KSN requests completion. In queue: 15 16:21:27.0861 0x1ef4 AV detected via SS2: Computer Schutz, C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 9.10.15260.0 ), 0x41000 ( enabled : updated ) 16:21:27.0871 0x1ef4 Win FW state via NFP2: enabled 16:21:30.0594 0x1ef4 ============================================================ 16:21:30.0594 0x1ef4 Scan finished 16:21:30.0594 0x1ef4 ============================================================ 16:21:30.0602 0x1194 Detected object count: 0 16:21:30.0602 0x1194 Actual detected object count: 0 |
|
31.05.2015, 05:55
| #6 |
| /// the machine /// TB-Ausbilder | DHL-Mail Anhang geöffnet Nochmal: So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte poste die Logs in Codetags! Sieht soweit alles gut aus: Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
__________________ --> DHL-Mail Anhang geöffnet |
|
31.05.2015, 14:41
| #7 |
| | DHL-Mail Anhang geöffnet Hallo Schrauber, sorry, dass mit dem # habe ich nicht geblickt. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.30.02
rootkit: v2015.05.24.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
ADMIN :: WOLFGANG-PC [administrator]
30.05.2015 14:48:45
mbar-log-2015-05-30 (14-48-45).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 567123
Time elapsed: 47 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 12:41:31.0115 0x1808 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:41:33.0749 0x1808 ============================================================
12:41:33.0750 0x1808 Current date / time: 2015/05/31 12:41:33.0749
12:41:33.0750 0x1808 SystemInfo:
12:41:33.0750 0x1808
12:41:33.0750 0x1808 OS Version: 6.1.7601 ServicePack: 1.0
12:41:33.0750 0x1808 Product type: Workstation
12:41:33.0750 0x1808 ComputerName: WOLFGANG-PC
12:41:33.0751 0x1808 UserName: ADMIN
12:41:33.0751 0x1808 Windows directory: C:\Windows
12:41:33.0751 0x1808 System windows directory: C:\Windows
12:41:33.0751 0x1808 Running under WOW64
12:41:33.0751 0x1808 Processor architecture: Intel x64
12:41:33.0751 0x1808 Number of processors: 4
12:41:33.0751 0x1808 Page size: 0x1000
12:41:33.0751 0x1808 Boot type: Normal boot
12:41:33.0751 0x1808 ============================================================
12:41:33.0899 0x1808 KLMD registered as C:\Windows\system32\drivers\11713381.sys
12:41:34.0220 0x1808 System UUID: {AB831A18-638A-FEC8-6663-FA9E2820BD10}
12:41:34.0831 0x1808 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:41:34.0842 0x1808 ============================================================
12:41:34.0842 0x1808 \Device\Harddisk0\DR0:
12:41:34.0842 0x1808 MBR partitions:
12:41:34.0842 0x1808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:41:34.0843 0x1808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x50F13000
12:41:34.0843 0x1808 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x50F45800, BlocksNum 0x6400000
12:41:34.0843 0x1808 ============================================================
12:41:34.0903 0x1808 C: <-> \Device\Harddisk0\DR0\Partition2
12:41:34.0938 0x1808 D: <-> \Device\Harddisk0\DR0\Partition3
12:41:34.0938 0x1808 ============================================================
12:41:34.0939 0x1808 Initialize success
12:41:34.0939 0x1808 ============================================================
12:41:44.0404 0x0c68 ============================================================
12:41:44.0404 0x0c68 Scan started
12:41:44.0404 0x0c68 Mode: Manual; SigCheck; TDLFS;
12:41:44.0404 0x0c68 ============================================================
12:41:44.0404 0x0c68 KSN ping started
12:41:47.0083 0x0c68 KSN ping finished: true
12:41:47.0646 0x0c68 ================ Scan system memory ========================
12:41:47.0646 0x0c68 System memory - ok
12:41:47.0647 0x0c68 ================ Scan services =============================
12:41:47.0821 0x0c68 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:41:48.0940 0x0c68 1394ohci - ok
12:41:49.0015 0x0c68 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:41:49.0061 0x0c68 ACPI - ok
12:41:49.0101 0x0c68 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:41:49.0241 0x0c68 AcpiPmi - ok
12:41:49.0326 0x0c68 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:41:49.0356 0x0c68 AdobeARMservice - ok
12:41:49.0510 0x0c68 [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:41:49.0585 0x0c68 AdobeFlashPlayerUpdateSvc - ok
12:41:49.0689 0x0c68 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:41:49.0759 0x0c68 adp94xx - ok
12:41:49.0796 0x0c68 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:41:49.0869 0x0c68 adpahci - ok
12:41:49.0923 0x0c68 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:41:49.0958 0x0c68 adpu320 - ok
12:41:49.0999 0x0c68 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:41:50.0104 0x0c68 AeLookupSvc - ok
12:41:50.0176 0x0c68 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:41:50.0310 0x0c68 AFD - ok
12:41:50.0342 0x0c68 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:41:50.0406 0x0c68 agp440 - ok
12:41:50.0451 0x0c68 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:41:50.0560 0x0c68 ALG - ok
12:41:50.0613 0x0c68 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:41:50.0724 0x0c68 aliide - ok
12:41:50.0747 0x0c68 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:41:50.0810 0x0c68 amdide - ok
12:41:50.0843 0x0c68 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:41:50.0923 0x0c68 AmdK8 - ok
12:41:50.0949 0x0c68 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:41:51.0039 0x0c68 AmdPPM - ok
12:41:51.0075 0x0c68 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:41:51.0120 0x0c68 amdsata - ok
12:41:51.0148 0x0c68 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:41:51.0169 0x0c68 amdsbs - ok
12:41:51.0199 0x0c68 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:41:51.0246 0x0c68 amdxata - ok
12:41:51.0291 0x0c68 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
12:41:51.0403 0x0c68 AMPPAL - ok
12:41:51.0444 0x0c68 [ 1C591C1A0CB8ABE215FF66F9A1D8E955, E0BE5D58A721A73DF5F643F9626B21720B2D2CD074B4646144AA788E0C48FAFC ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
12:41:51.0497 0x0c68 AMPPALP - ok
12:41:51.0650 0x0c68 [ E1841818278F2A9D66F834451D608AEA, 1773C8C97B8945232847364E27B47A0FA1837EF6D928005972B76B5A7CF6C59E ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
12:41:51.0719 0x0c68 AMPPALR3 - ok
12:41:51.0782 0x0c68 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
12:41:51.0964 0x0c68 AppID - ok
12:41:52.0011 0x0c68 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:41:52.0114 0x0c68 AppIDSvc - ok
12:41:52.0188 0x0c68 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:41:52.0301 0x0c68 Appinfo - ok
12:41:52.0379 0x0c68 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:41:52.0411 0x0c68 arc - ok
12:41:52.0447 0x0c68 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:41:52.0471 0x0c68 arcsas - ok
12:41:52.0563 0x0c68 [ EFD89582B55DD32DC79C1A4EB54612A1, 7631F39174E7AE2A162F25D7069123C51274130298A3E5AE10AC1406CD948355 ] ASLDRService C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
12:41:52.0581 0x0c68 ASLDRService - ok
12:41:52.0737 0x0c68 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:41:52.0858 0x0c68 aspnet_state - ok
12:41:52.0900 0x0c68 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:41:53.0033 0x0c68 AsyncMac - ok
12:41:53.0085 0x0c68 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:41:53.0153 0x0c68 atapi - ok
12:41:53.0247 0x0c68 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:41:53.0321 0x0c68 AudioEndpointBuilder - ok
12:41:53.0352 0x0c68 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:41:53.0394 0x0c68 AudioSrv - ok
12:41:53.0458 0x0c68 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:41:53.0618 0x0c68 AxInstSV - ok
12:41:53.0694 0x0c68 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:41:53.0812 0x0c68 b06bdrv - ok
12:41:53.0874 0x0c68 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:41:53.0978 0x0c68 b57nd60a - ok
12:41:54.0031 0x0c68 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:41:54.0164 0x0c68 BDESVC - ok
12:41:54.0188 0x0c68 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:41:54.0292 0x0c68 Beep - ok
12:41:54.0366 0x0c68 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:41:54.0505 0x0c68 BFE - ok
12:41:54.0626 0x0c68 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:41:54.0857 0x0c68 BITS - ok
12:41:54.0882 0x0c68 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
12:41:54.0979 0x0c68 blbdrive - ok
12:41:55.0109 0x0c68 [ 05981C3E51D827ED6B8101A54B05E392, FD010159BEC7B88C3A784844A4796D5DAEBA21788A377D12457F59A961E8D77E ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
12:41:55.0169 0x0c68 Bluetooth Device Monitor - ok
12:41:55.0285 0x0c68 [ BBFAF63BF768047FE2441B4139E803E3, 20079C578507D34C9A30FFE23A8B22D8A9E7079A994295C833A885EC193E577A ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
12:41:55.0365 0x0c68 Bluetooth Media Service - ok
12:41:55.0504 0x0c68 [ 41D8F56E6BBE0111244D87BE2FA90374, 8B73471825B929FEC0367E3B6B6FE346E22ADFB356BE61A01C3EC7CC6F5986D7 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
12:41:55.0560 0x0c68 Bluetooth OBEX Service - ok
12:41:55.0637 0x0c68 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:41:55.0755 0x0c68 bowser - ok
12:41:55.0803 0x0c68 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:41:55.0878 0x0c68 BrFiltLo - ok
12:41:55.0911 0x0c68 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:41:55.0990 0x0c68 BrFiltUp - ok
12:41:56.0065 0x0c68 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:41:56.0159 0x0c68 Browser - ok
12:41:56.0210 0x0c68 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:41:56.0293 0x0c68 Brserid - ok
12:41:56.0317 0x0c68 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:41:56.0387 0x0c68 BrSerWdm - ok
12:41:56.0444 0x0c68 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:41:56.0497 0x0c68 BrUsbMdm - ok
12:41:56.0533 0x0c68 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:41:56.0657 0x0c68 BrUsbSer - ok
12:41:56.0739 0x0c68 [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
12:41:56.0823 0x0c68 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
12:41:59.0502 0x0c68 Detect skipped due to KSN trusted
12:41:59.0503 0x0c68 BrYNSvc - ok
12:41:59.0569 0x0c68 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
12:41:59.0667 0x0c68 BthEnum - ok
12:41:59.0711 0x0c68 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:41:59.0862 0x0c68 BTHMODEM - ok
12:41:59.0917 0x0c68 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
12:42:00.0032 0x0c68 BthPan - ok
12:42:00.0100 0x0c68 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
12:42:00.0175 0x0c68 BTHPORT - ok
12:42:00.0214 0x0c68 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:42:00.0299 0x0c68 bthserv - ok
12:42:00.0336 0x0c68 [ 618AFD0072F4A672977484BFF6FE4FE2, 0F234937C781718F6C7A7791D9BC4036F83F69D0E8BF21D1AFC0F799FE54742D ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
12:42:00.0373 0x0c68 BTHSSecurityMgr - ok
12:42:00.0398 0x0c68 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
12:42:00.0452 0x0c68 BTHUSB - ok
12:42:00.0495 0x0c68 [ BE9931E1C340441A1103DA3CCAEF6E96, 11A306787F633099CB329A9CD197E45BFEACBBF85566AB0B062CCC0103AA1B54 ] btmaudio C:\Windows\system32\drivers\btmaud.sys
12:42:00.0606 0x0c68 btmaudio - ok
12:42:00.0641 0x0c68 [ 988CC6CC49303665D3B2435C51505C3F, 5217A7A1BAD77EBF4E5D68D191FCFD7CE4FB96ABB91638383A077BE9CE794EE3 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
12:42:00.0744 0x0c68 btmaux - ok
12:42:00.0865 0x0c68 [ 2B4B508AFAC2A563931AF1FE875A5B16, F6A5261BD3FB8AE7BF26F32B681A15E56317EF8A9D8AB84B9B6BCA66F5484698 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
12:42:00.0979 0x0c68 btmhsf - ok
12:42:01.0053 0x0c68 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:42:01.0134 0x0c68 cdfs - ok
12:42:01.0168 0x0c68 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:42:01.0229 0x0c68 cdrom - ok
12:42:01.0279 0x0c68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:42:01.0380 0x0c68 CertPropSvc - ok
12:42:01.0406 0x0c68 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:42:01.0486 0x0c68 circlass - ok
12:42:01.0542 0x0c68 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
12:42:01.0594 0x0c68 CLFS - ok
12:42:01.0832 0x0c68 [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
12:42:01.0960 0x0c68 ClickToRunSvc - ok
12:42:02.0085 0x0c68 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:42:02.0154 0x0c68 clr_optimization_v2.0.50727_32 - ok
12:42:02.0225 0x0c68 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:42:02.0296 0x0c68 clr_optimization_v2.0.50727_64 - ok
12:42:02.0375 0x0c68 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:42:02.0524 0x0c68 clr_optimization_v4.0.30319_32 - ok
12:42:02.0571 0x0c68 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:42:02.0681 0x0c68 clr_optimization_v4.0.30319_64 - ok
12:42:02.0746 0x0c68 [ E13A438F9E51DD034730678E33B73290, 3BB111DFDAEAB8DA6124600C7F6E080C2950A0BB420803FC12560343E1A9280A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
12:42:02.0795 0x0c68 clwvd - ok
12:42:02.0835 0x0c68 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:42:02.0911 0x0c68 CmBatt - ok
12:42:02.0934 0x0c68 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:42:03.0027 0x0c68 cmdide - ok
12:42:03.0113 0x0c68 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
12:42:03.0199 0x0c68 CNG - ok
12:42:03.0261 0x0c68 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:42:03.0327 0x0c68 Compbatt - ok
12:42:03.0356 0x0c68 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:42:03.0426 0x0c68 CompositeBus - ok
12:42:03.0451 0x0c68 COMSysApp - ok
12:42:03.0562 0x0c68 [ 236172C3A418B9A0F26B416A72F5A556, 315D8C8A002BE607A7AC011DA17C6CE305C49C6AF458669C3D2B649A06DBCDFB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:42:03.0651 0x0c68 cphs - ok
12:42:03.0691 0x0c68 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:42:03.0732 0x0c68 crcdisk - ok
12:42:03.0793 0x0c68 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:42:03.0907 0x0c68 CryptSvc - ok
12:42:04.0038 0x0c68 [ 7F5CD87CA5BDB4D83F992D8C77201483, 01818EF455833CA3396C8EA4696B8DC28E3A6A3618C081D046C8F207FACAB788 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
12:42:04.0079 0x0c68 CyberLink PowerDVD 10 MS Monitor Service - ok
12:42:04.0132 0x0c68 [ 9FAF58E876A3B1DB3030A0A5805F2D86, 682939B774DF6A28268897A7E113F6D2DF9AD73DBF1994F937FB48818478B7FE ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
12:42:04.0219 0x0c68 CyberLink PowerDVD 10 MS Service - ok
12:42:04.0345 0x0c68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:42:04.0502 0x0c68 DcomLaunch - ok
12:42:04.0568 0x0c68 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:42:04.0679 0x0c68 defragsvc - ok
12:42:04.0730 0x0c68 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:42:04.0830 0x0c68 DfsC - ok
12:42:04.0872 0x0c68 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:42:04.0993 0x0c68 Dhcp - ok
12:42:05.0139 0x0c68 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
12:42:05.0379 0x0c68 DiagTrack - ok
12:42:05.0409 0x0c68 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:42:05.0536 0x0c68 discache - ok
12:42:05.0592 0x0c68 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:42:05.0652 0x0c68 Disk - ok
12:42:05.0711 0x0c68 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:42:05.0823 0x0c68 Dnscache - ok
12:42:05.0865 0x0c68 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:42:05.0966 0x0c68 dot3svc - ok
12:42:05.0985 0x0c68 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:42:06.0108 0x0c68 DPS - ok
12:42:06.0159 0x0c68 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:42:06.0254 0x0c68 drmkaud - ok
12:42:06.0353 0x0c68 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:42:06.0405 0x0c68 DXGKrnl - ok
12:42:06.0488 0x0c68 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:42:06.0610 0x0c68 EapHost - ok
12:42:06.0805 0x0c68 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:42:06.0953 0x0c68 ebdrv - ok
12:42:07.0021 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
12:42:07.0138 0x0c68 EFS - ok
12:42:07.0237 0x0c68 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:42:07.0355 0x0c68 ehRecvr - ok
12:42:07.0408 0x0c68 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:42:07.0472 0x0c68 ehSched - ok
12:42:07.0538 0x0c68 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:42:07.0650 0x0c68 elxstor - ok
12:42:07.0684 0x0c68 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:42:07.0736 0x0c68 ErrDev - ok
12:42:07.0836 0x0c68 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:42:07.0947 0x0c68 EventSystem - ok
12:42:08.0097 0x0c68 [ 64D25284A4E9D11CA0722AF3F30FD970, C7C40CA8AC444F7B0F88086396C17316348480EBA09109222897B5A42AD655DF ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
12:42:08.0149 0x0c68 EvtEng - ok
12:42:08.0227 0x0c68 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:42:08.0303 0x0c68 exfat - ok
12:42:08.0430 0x0c68 [ 476F455E9ACD598FD2D82A7F2896F040, 13D4EBAEC9F9259F14EBC4F61DCED6755AB254681B7FD9CBBFABDB1C05DD0726 ] F-Secure Gatekeeper C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys
12:42:08.0468 0x0c68 F-Secure Gatekeeper - ok
12:42:08.0538 0x0c68 [ 91E3FB44FD00648B026CE6EE5C5414FB, D77ABFCA24645E992F9D787E2C12369CDDE928BF211F791E2D04CA3EB143D607 ] F-Secure HIPS C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys
12:42:08.0561 0x0c68 F-Secure HIPS - ok
12:42:08.0627 0x0c68 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:42:08.0738 0x0c68 fastfat - ok
12:42:08.0835 0x0c68 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:42:08.0957 0x0c68 Fax - ok
12:42:09.0001 0x0c68 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:42:09.0052 0x0c68 fdc - ok
12:42:09.0083 0x0c68 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:42:09.0174 0x0c68 fdPHost - ok
12:42:09.0200 0x0c68 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:42:09.0331 0x0c68 FDResPub - ok
12:42:09.0380 0x0c68 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:42:09.0431 0x0c68 FileInfo - ok
12:42:09.0480 0x0c68 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:42:09.0639 0x0c68 Filetrace - ok
12:42:09.0711 0x0c68 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:42:09.0848 0x0c68 flpydisk - ok
12:42:09.0893 0x0c68 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:42:09.0961 0x0c68 FltMgr - ok
12:42:10.0065 0x0c68 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
12:42:10.0183 0x0c68 FontCache - ok
12:42:10.0291 0x0c68 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:42:10.0350 0x0c68 FontCache3.0.0.0 - ok
12:42:10.0403 0x0c68 [ DDA886136E50D00BFFD202AAE37A55E5, 257794E68DCEB6DC684C9EDACCC2A23062F2EE1D180683DB20AAD89D9B18402B ] fsbts C:\Windows\system32\Drivers\fsbts.sys
12:42:10.0489 0x0c68 fsbts - ok
12:42:10.0532 0x0c68 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:42:10.0633 0x0c68 FsDepends - ok
12:42:10.0678 0x0c68 [ A876BA917EBD9E629CFD344EEBE240AD, D0C748099F284A2404279C06ACDA8F2258E092964DF90269D7F9C69B2BAAE5BB ] fshoster C:\Program Files (x86)\Kabel BW\fshoster32.exe
12:42:10.0710 0x0c68 fshoster - ok
12:42:10.0792 0x0c68 [ F014EC4D8DAF812A5ECB5F667AD6E59C, 4E06E85AE7FE0D55E6566AC473718C958CDE829959B4AC6FE0FC936771DF2318 ] FSMA C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
12:42:10.0823 0x0c68 FSMA - ok
12:42:10.0933 0x0c68 [ D3B6995B7D1CD9481AA54ECB8B8DF595, 27BAD0724B6ACC41FA677832952277275C5C8D807FFE7058FC5D64F357A4B232 ] fsni C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\bin\fsni64.sys
12:42:10.0977 0x0c68 fsni - ok
12:42:11.0049 0x0c68 [ 277A41EB7D2DAA7105DF85BFC2F1C9AD, 59141146C7292C4B9ABC4D019B07E6A3EEB759DB97B629046F168B944459208D ] FSORSPClient C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
12:42:11.0111 0x0c68 FSORSPClient - ok
12:42:11.0149 0x0c68 [ 695E2F0F1BA5DD81E112F8E07134CC8E, F483D90A79FF9F28B5C220C92B2770B40684D4C0F86F0E8FAF8E06CEE38A0C22 ] fsvista C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys
12:42:11.0208 0x0c68 fsvista - ok
12:42:11.0254 0x0c68 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:42:11.0320 0x0c68 Fs_Rec - ok
12:42:11.0376 0x0c68 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:42:11.0423 0x0c68 fvevol - ok
12:42:11.0487 0x0c68 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:42:11.0546 0x0c68 gagp30kx - ok
12:42:11.0602 0x0c68 [ 4E1D0A246E10CFDDBF856432418DE404, 17AC5322A50D0914F90F41E9CBFEBE04CDC3BCA1CFAFE8A3F6CADD305738E1AF ] GFNEXSrv C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
12:42:11.0648 0x0c68 GFNEXSrv - detected UnsignedFile.Multi.Generic ( 1 )
12:42:14.0508 0x0c68 Detect skipped due to KSN trusted
12:42:14.0508 0x0c68 GFNEXSrv - ok
12:42:14.0605 0x0c68 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:42:14.0737 0x0c68 gpsvc - ok
12:42:14.0828 0x0c68 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:14.0886 0x0c68 gupdate - ok
12:42:14.0898 0x0c68 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:42:14.0937 0x0c68 gupdatem - ok
12:42:14.0986 0x0c68 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:42:15.0016 0x0c68 gusvc - ok
12:42:15.0065 0x0c68 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
12:42:15.0120 0x0c68 hamachi - ok
12:42:15.0301 0x0c68 [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
12:42:15.0418 0x0c68 Hamachi2Svc - ok
12:42:15.0478 0x0c68 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:42:15.0579 0x0c68 hcw85cir - ok
12:42:15.0636 0x0c68 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:42:15.0700 0x0c68 HdAudAddService - ok
12:42:15.0813 0x0c68 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:42:15.0909 0x0c68 HDAudBus - ok
12:42:15.0937 0x0c68 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:42:16.0027 0x0c68 HidBatt - ok
12:42:16.0048 0x0c68 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:42:16.0143 0x0c68 HidBth - ok
12:42:16.0176 0x0c68 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:42:16.0253 0x0c68 HidIr - ok
12:42:16.0286 0x0c68 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:42:16.0864 0x0c68 hidserv - ok
12:42:16.0959 0x0c68 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:42:17.0050 0x0c68 HidUsb - ok
12:42:17.0096 0x0c68 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:42:17.0197 0x0c68 hkmsvc - ok
12:42:17.0233 0x0c68 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:42:17.0338 0x0c68 HomeGroupListener - ok
12:42:17.0385 0x0c68 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:42:17.0466 0x0c68 HomeGroupProvider - ok
12:42:17.0512 0x0c68 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:42:17.0555 0x0c68 HpSAMD - ok
12:42:17.0643 0x0c68 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:42:17.0811 0x0c68 HTTP - ok
12:42:17.0894 0x0c68 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:42:17.0959 0x0c68 hwpolicy - ok
12:42:17.0986 0x0c68 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:42:18.0069 0x0c68 i8042prt - ok
12:42:18.0151 0x0c68 [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor C:\Windows\system32\drivers\iaStor.sys
12:42:18.0207 0x0c68 iaStor - ok
12:42:18.0323 0x0c68 [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
12:42:18.0456 0x0c68 IAStorDataMgrSvc - ok
12:42:18.0536 0x0c68 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:42:18.0579 0x0c68 iaStorV - ok
12:42:18.0603 0x0c68 [ 9E3D44CE737388F6BBBB6DD4A1C1847C, 98FD10D07E5801870282D6D0226051193B7D12EF3C8B84DB8365B446E02499DB ] ibtfltcoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
12:42:18.0656 0x0c68 ibtfltcoex - ok
12:42:18.0767 0x0c68 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:42:18.0835 0x0c68 idsvc - ok
12:42:18.0889 0x0c68 IEEtwCollectorService - ok
12:42:19.0401 0x0c68 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:42:20.0060 0x0c68 igfx - ok
12:42:20.0108 0x0c68 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:42:20.0220 0x0c68 iirsp - ok
12:42:20.0307 0x0c68 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:42:20.0411 0x0c68 IKEEXT - ok
12:42:20.0555 0x0c68 [ CADDF0927DAC63EDAE48F5C35A61D87D, C46006461311B1563C1D149B9D60B202F30147265B9D93069B084D03A09D2BEC ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
12:42:20.0821 0x0c68 intaud_WaveExtensible - ok
12:42:21.0039 0x0c68 [ 059DDDEDBE5701DC3B779D32798108AC, 4735C52D5F7A7AC07985835C17955C96418BB3C3316264CF6A44F6150E10755B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:42:21.0267 0x0c68 IntcAzAudAddService - ok
12:42:21.0353 0x0c68 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:42:21.0449 0x0c68 IntcDAud - ok
12:42:21.0534 0x0c68 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:42:21.0624 0x0c68 Intel(R) Capability Licensing Service Interface - ok
12:42:21.0672 0x0c68 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:42:21.0733 0x0c68 intelide - ok
12:42:21.0774 0x0c68 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:42:21.0836 0x0c68 intelppm - ok
12:42:21.0881 0x0c68 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:42:21.0963 0x0c68 IPBusEnum - ok
12:42:21.0986 0x0c68 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:42:22.0062 0x0c68 IpFilterDriver - ok
12:42:22.0135 0x0c68 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:42:22.0272 0x0c68 iphlpsvc - ok
12:42:22.0300 0x0c68 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:42:22.0406 0x0c68 IPMIDRV - ok
12:42:22.0447 0x0c68 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:42:22.0523 0x0c68 IPNAT - ok
12:42:22.0558 0x0c68 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:42:22.0713 0x0c68 IRENUM - ok
12:42:22.0749 0x0c68 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:42:22.0809 0x0c68 isapnp - ok
12:42:22.0896 0x0c68 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:42:22.0937 0x0c68 iScsiPrt - ok
12:42:22.0976 0x0c68 [ 492F2DF02CD817CE8D544F96097BD77A, 6EF37BD62A49C9F55845A56498A93A26C109BEC2EBCB65A49908BECEC6FC6371 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
12:42:23.0135 0x0c68 IT9135BDA - ok
12:42:23.0230 0x0c68 [ 8E4577C6E0D3114170509159DE658907, 2FC7F96766537716503AB1BAD7EBDB2F16F3CE1584AF4261D57C6A4E00E1A417 ] iusb3hcs C:\Windows\system32\drivers\iusb3hcs.sys
12:42:23.0265 0x0c68 iusb3hcs - ok
12:42:23.0305 0x0c68 [ FE76346E9B57DA575BD1B3BD0CCAD7FF, 8961A08326F66E9FDF63912797C605FEEC23F9B0453D132AB6897DA98BC9AEAB ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
12:42:23.0346 0x0c68 iusb3hub - ok
12:42:23.0456 0x0c68 [ 1008CD90DA2198FFD250298DEB9DF160, 2CBA5FF2369861E8F8A55799AFFFC8E5B331A8BD17B559641E87A4C6C0D70206 ] iusb3xhc C:\Windows\system32\drivers\iusb3xhc.sys
12:42:23.0498 0x0c68 iusb3xhc - ok
12:42:23.0623 0x0c68 [ 716F66336F10885D935B08174DC54242, 1992708956A2A45A8870CFCB532F3ABF24B1143B75EF32AB1F59D5D86E65F493 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
12:42:23.0706 0x0c68 iwdbus - ok
12:42:23.0761 0x0c68 [ 3628933AF5305EAB8173949BFF912F04, 8609C196B8D5D941CE7181E849A7C44E658BD66995D1405B80D42F1C029B09EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
12:42:23.0782 0x0c68 jhi_service - ok
12:42:23.0860 0x0c68 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:42:23.0901 0x0c68 kbdclass - ok
12:42:23.0928 0x0c68 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:42:23.0970 0x0c68 kbdhid - ok
12:42:24.0050 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
12:42:24.0100 0x0c68 KeyIso - ok
12:42:24.0155 0x0c68 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:42:24.0186 0x0c68 KSecDD - ok
12:42:24.0224 0x0c68 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:42:24.0247 0x0c68 KSecPkg - ok
12:42:24.0287 0x0c68 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:42:24.0347 0x0c68 ksthunk - ok
12:42:24.0402 0x0c68 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:42:24.0476 0x0c68 KtmRm - ok
12:42:24.0530 0x0c68 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:42:24.0603 0x0c68 LanmanServer - ok
12:42:24.0633 0x0c68 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:42:24.0735 0x0c68 LanmanWorkstation - ok
12:42:24.0788 0x0c68 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:42:24.0855 0x0c68 lltdio - ok
12:42:24.0891 0x0c68 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:42:24.0972 0x0c68 lltdsvc - ok
12:42:24.0990 0x0c68 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:42:25.0050 0x0c68 lmhosts - ok
12:42:25.0161 0x0c68 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
12:42:25.0208 0x0c68 LMIGuardianSvc - ok
12:42:25.0283 0x0c68 [ BF22ACF4CF3734D61357E67F0521BC03, EDDFBDC4BE29BF26904B2DF7074F471711238469CDDBED1CA253A49B993F53DF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
12:42:25.0308 0x0c68 LMS - ok
12:42:25.0374 0x0c68 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:42:25.0422 0x0c68 LSI_FC - ok
12:42:25.0527 0x0c68 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:42:25.0607 0x0c68 LSI_SAS - ok
12:42:25.0633 0x0c68 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:42:25.0673 0x0c68 LSI_SAS2 - ok
12:42:25.0715 0x0c68 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:42:25.0736 0x0c68 LSI_SCSI - ok
12:42:25.0772 0x0c68 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:42:25.0822 0x0c68 luafv - ok
12:42:25.0865 0x0c68 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:42:25.0897 0x0c68 Mcx2Svc - ok
12:42:25.0912 0x0c68 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:42:25.0938 0x0c68 megasas - ok
12:42:25.0983 0x0c68 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:42:26.0022 0x0c68 MegaSR - ok
12:42:26.0057 0x0c68 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
12:42:26.0185 0x0c68 MEIx64 - ok
12:42:26.0222 0x0c68 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
12:42:26.0297 0x0c68 MemeoBackgroundService - ok
12:42:26.0373 0x0c68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:42:26.0462 0x0c68 MMCSS - ok
12:42:26.0497 0x0c68 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:42:26.0577 0x0c68 Modem - ok
12:42:26.0601 0x0c68 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:42:26.0686 0x0c68 monitor - ok
12:42:26.0785 0x0c68 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:42:26.0867 0x0c68 mouclass - ok
12:42:26.0891 0x0c68 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:42:26.0972 0x0c68 mouhid - ok
12:42:27.0072 0x0c68 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:42:27.0122 0x0c68 mountmgr - ok
12:42:27.0262 0x0c68 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:42:27.0301 0x0c68 MozillaMaintenance - ok
12:42:27.0342 0x0c68 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:42:27.0364 0x0c68 mpio - ok
12:42:27.0400 0x0c68 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:42:27.0473 0x0c68 mpsdrv - ok
12:42:27.0552 0x0c68 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:42:27.0716 0x0c68 MpsSvc - ok
12:42:27.0781 0x0c68 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:42:27.0905 0x0c68 MRxDAV - ok
12:42:27.0947 0x0c68 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:42:28.0026 0x0c68 mrxsmb - ok
12:42:28.0095 0x0c68 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:42:28.0184 0x0c68 mrxsmb10 - ok
12:42:28.0219 0x0c68 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:42:28.0291 0x0c68 mrxsmb20 - ok
12:42:28.0325 0x0c68 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:42:28.0356 0x0c68 msahci - ok
12:42:28.0413 0x0c68 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:42:28.0449 0x0c68 msdsm - ok
12:42:28.0497 0x0c68 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:42:28.0586 0x0c68 MSDTC - ok
12:42:28.0636 0x0c68 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:42:28.0752 0x0c68 Msfs - ok
12:42:28.0796 0x0c68 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:42:28.0921 0x0c68 mshidkmdf - ok
12:42:28.0941 0x0c68 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:42:28.0974 0x0c68 msisadrv - ok
12:42:29.0018 0x0c68 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:42:29.0100 0x0c68 MSiSCSI - ok
12:42:29.0104 0x0c68 msiserver - ok
12:42:29.0150 0x0c68 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:42:29.0223 0x0c68 MSKSSRV - ok
12:42:29.0236 0x0c68 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:42:29.0294 0x0c68 MSPCLOCK - ok
12:42:29.0309 0x0c68 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:42:29.0351 0x0c68 MSPQM - ok
12:42:29.0384 0x0c68 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:42:29.0431 0x0c68 MsRPC - ok
12:42:29.0469 0x0c68 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:42:29.0525 0x0c68 mssmbios - ok
12:42:29.0589 0x0c68 MSSQL$SQLEXPRESS - ok
12:42:29.0653 0x0c68 [ 7A2A8C975356858EB38466A6B1592E8D, 97C3DFCCBE1BA92EE7E4848993D6F369D543A53344A6512C84EF03E7D737A482 ] MSSQLServerADHelper100 c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
12:42:29.0737 0x0c68 MSSQLServerADHelper100 - ok
12:42:29.0764 0x0c68 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:42:29.0851 0x0c68 MSTEE - ok
12:42:29.0866 0x0c68 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:42:29.0944 0x0c68 MTConfig - ok
12:42:29.0975 0x0c68 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:42:30.0060 0x0c68 Mup - ok
12:42:30.0136 0x0c68 [ E3B58E3011B207C5289D11173B30E298, 68BDF7DE4FD5E38D33DBAD2A2E05E32BABA8BBD85DBC4364AF7CD62C54C6B539 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
12:42:30.0161 0x0c68 MyWiFiDHCPDNS - ok
12:42:30.0209 0x0c68 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:42:30.0323 0x0c68 napagent - ok
12:42:30.0375 0x0c68 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:42:30.0448 0x0c68 NativeWifiP - ok
12:42:30.0539 0x0c68 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:42:30.0654 0x0c68 NDIS - ok
12:42:30.0715 0x0c68 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:42:30.0799 0x0c68 NdisCap - ok
12:42:30.0829 0x0c68 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:42:30.0906 0x0c68 NdisTapi - ok
12:42:30.0937 0x0c68 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:42:31.0012 0x0c68 Ndisuio - ok
12:42:31.0033 0x0c68 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:42:31.0128 0x0c68 NdisWan - ok
12:42:31.0157 0x0c68 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:42:31.0214 0x0c68 NDProxy - ok
12:42:31.0241 0x0c68 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:42:31.0325 0x0c68 NetBIOS - ok
12:42:31.0371 0x0c68 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:42:31.0471 0x0c68 NetBT - ok
12:42:31.0538 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
12:42:31.0611 0x0c68 Netlogon - ok
12:42:31.0678 0x0c68 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:42:31.0806 0x0c68 Netman - ok
12:42:31.0900 0x0c68 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:42:31.0991 0x0c68 NetMsmqActivator - ok
12:42:32.0004 0x0c68 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:42:32.0032 0x0c68 NetPipeActivator - ok
12:42:32.0079 0x0c68 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:42:32.0150 0x0c68 netprofm - ok
12:42:32.0157 0x0c68 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:42:32.0176 0x0c68 NetTcpActivator - ok
12:42:32.0182 0x0c68 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:42:32.0201 0x0c68 NetTcpPortSharing - ok
12:42:32.0613 0x0c68 [ 47DC062656EA661FE9175DBACAD00E9D, 508CD435420C0EA2E5943BFE1B4687ECBFB9602209A539B213C5197A16BFF816 ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
12:42:33.0151 0x0c68 NETwNs64 - ok
12:42:33.0202 0x0c68 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:42:33.0239 0x0c68 nfrd960 - ok
12:42:33.0283 0x0c68 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
12:42:33.0372 0x0c68 NlaSvc - ok
12:42:33.0401 0x0c68 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:42:33.0478 0x0c68 Npfs - ok
12:42:33.0518 0x0c68 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:42:33.0618 0x0c68 nsi - ok
12:42:33.0635 0x0c68 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:42:33.0721 0x0c68 nsiproxy - ok
12:42:33.0847 0x0c68 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:42:33.0938 0x0c68 Ntfs - ok
12:42:33.0994 0x0c68 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:42:34.0106 0x0c68 Null - ok
12:42:34.0178 0x0c68 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:42:34.0210 0x0c68 nvraid - ok
12:42:34.0251 0x0c68 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:42:34.0276 0x0c68 nvstor - ok
12:42:34.0301 0x0c68 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:42:34.0318 0x0c68 nv_agp - ok
12:42:34.0356 0x0c68 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:42:34.0387 0x0c68 ohci1394 - ok
12:42:34.0489 0x0c68 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:42:34.0550 0x0c68 ose - ok
12:42:34.0892 0x0c68 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:42:35.0300 0x0c68 osppsvc - ok
12:42:35.0350 0x0c68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:42:35.0415 0x0c68 p2pimsvc - ok
12:42:35.0474 0x0c68 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:42:35.0597 0x0c68 p2psvc - ok
12:42:35.0624 0x0c68 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:42:35.0719 0x0c68 Parport - ok
12:42:35.0751 0x0c68 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:42:35.0773 0x0c68 partmgr - ok
12:42:35.0807 0x0c68 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:42:35.0901 0x0c68 PcaSvc - ok
12:42:35.0951 0x0c68 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:42:35.0974 0x0c68 pci - ok
12:42:36.0010 0x0c68 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:42:36.0039 0x0c68 pciide - ok
12:42:36.0068 0x0c68 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:42:36.0097 0x0c68 pcmcia - ok
12:42:36.0118 0x0c68 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:42:36.0172 0x0c68 pcw - ok
12:42:36.0272 0x0c68 [ 7CADB4ABAE72390951886CF259791F5F, 9A0F4113F4E09911A44843F31E8C7047EEA39611AB490A4CF16FAE9D95310076 ] PDFProFiltSrvPP C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
12:42:36.0376 0x0c68 PDFProFiltSrvPP - ok
12:42:36.0446 0x0c68 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:42:36.0532 0x0c68 PEAUTH - ok
12:42:36.0590 0x0c68 [ EE926C59CBD4DC4DC9FBB85014A2F1A5, 777459BD30A480E03EA5D0BBA431C2CD573403687FAA0B29F172086A0304E230 ] PEGAGFN C:\Program Files (x86)\PHotkey\PEGAGFN.sys
12:42:36.0644 0x0c68 PEGAGFN - ok
12:42:36.0753 0x0c68 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:42:36.0825 0x0c68 PerfHost - ok
12:42:36.0927 0x0c68 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:42:37.0090 0x0c68 pla - ok
12:42:37.0152 0x0c68 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:42:37.0274 0x0c68 PlugPlay - ok
12:42:37.0319 0x0c68 PnkBstrA - ok
12:42:37.0376 0x0c68 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:42:37.0503 0x0c68 PNRPAutoReg - ok
12:42:37.0553 0x0c68 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:42:37.0684 0x0c68 PNRPsvc - ok
12:42:37.0766 0x0c68 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:42:37.0853 0x0c68 PolicyAgent - ok
12:42:37.0883 0x0c68 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:42:37.0975 0x0c68 Power - ok
12:42:38.0028 0x0c68 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:42:38.0144 0x0c68 PptpMiniport - ok
12:42:38.0159 0x0c68 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:42:38.0609 0x0c68 Processor - ok
12:42:38.0684 0x0c68 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
12:42:38.0774 0x0c68 ProfSvc - ok
12:42:38.0804 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:42:38.0825 0x0c68 ProtectedStorage - ok
12:42:38.0872 0x0c68 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:42:38.0962 0x0c68 Psched - ok
12:42:39.0017 0x0c68 [ 543A4EF0923BF70D126625B034EF25AF, 9CC82C5221F11850419A796D48D5452B3DEE0C8E8E85A818F4AAA869673F9740 ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
12:42:39.0035 0x0c68 PSI_SVC_2 - ok
12:42:39.0154 0x0c68 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:42:39.0254 0x0c68 ql2300 - ok
12:42:39.0334 0x0c68 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:42:39.0384 0x0c68 ql40xx - ok
12:42:39.0426 0x0c68 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:42:39.0564 0x0c68 QWAVE - ok
12:42:39.0624 0x0c68 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:42:39.0701 0x0c68 QWAVEdrv - ok
12:42:39.0732 0x0c68 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:42:39.0822 0x0c68 RasAcd - ok
12:42:39.0899 0x0c68 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:42:40.0022 0x0c68 RasAgileVpn - ok
12:42:40.0056 0x0c68 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:42:40.0185 0x0c68 RasAuto - ok
12:42:40.0240 0x0c68 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:42:40.0377 0x0c68 Rasl2tp - ok
12:42:40.0438 0x0c68 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:42:40.0534 0x0c68 RasMan - ok
12:42:40.0561 0x0c68 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:42:40.0622 0x0c68 RasPppoe - ok
12:42:40.0710 0x0c68 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:42:40.0787 0x0c68 RasSstp - ok
12:42:40.0831 0x0c68 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:42:40.0910 0x0c68 rdbss - ok
12:42:40.0950 0x0c68 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
12:42:40.0998 0x0c68 rdpbus - ok
12:42:41.0031 0x0c68 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:42:41.0131 0x0c68 RDPCDD - ok
12:42:41.0169 0x0c68 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:42:41.0275 0x0c68 RDPENCDD - ok
12:42:41.0313 0x0c68 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:42:41.0386 0x0c68 RDPREFMP - ok
12:42:41.0529 0x0c68 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:42:41.0642 0x0c68 RdpVideoMiniport - ok
12:42:41.0695 0x0c68 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:42:41.0786 0x0c68 RDPWD - ok
12:42:41.0819 0x0c68 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:42:41.0858 0x0c68 rdyboost - ok
12:42:41.0977 0x0c68 [ F3AF2B43F35DBB3A0EB9FEEEC7D62217, 5BFB97BFE94F52CE02DFB2B7E8A9AD34AE489B77BA689F63D733EFB65548D734 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
12:42:42.0005 0x0c68 RegSrvc - ok
12:42:42.0042 0x0c68 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:42:42.0112 0x0c68 RemoteAccess - ok
12:42:42.0146 0x0c68 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:42:42.0235 0x0c68 RemoteRegistry - ok
12:42:42.0295 0x0c68 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
12:42:42.0374 0x0c68 RFCOMM - ok
12:42:42.0472 0x0c68 [ 0B169FE016039571ECC6DB70073F8979, B80663433919C3DE83A02E376E5B3020856C6E9E98B5773D316FD9C1C02C1417 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
12:42:42.0514 0x0c68 RichVideo64 - ok
12:42:42.0556 0x0c68 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:42:42.0692 0x0c68 RpcEptMapper - ok
12:42:42.0713 0x0c68 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:42:42.0756 0x0c68 RpcLocator - ok
12:42:42.0813 0x0c68 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:42:42.0901 0x0c68 RpcSs - ok
12:42:42.0974 0x0c68 [ CD553B8633466A6D1C115812F2619F1F, B39B38DE8B97209BEABDBF062832A1BDE2303450238B9A4723829958C5C81A6B ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
12:42:43.0007 0x0c68 RsFx0103 - ok
12:42:43.0043 0x0c68 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:42:43.0135 0x0c68 rspndr - ok
12:42:43.0182 0x0c68 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
12:42:43.0222 0x0c68 RSUSBSTOR - ok
12:42:43.0261 0x0c68 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:42:43.0298 0x0c68 RTL8167 - ok
12:42:43.0329 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
12:42:43.0905 0x0c68 SamSs - ok
12:42:43.0951 0x0c68 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:42:43.0994 0x0c68 sbp2port - ok
12:42:44.0025 0x0c68 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:42:44.0091 0x0c68 SCardSvr - ok
12:42:44.0115 0x0c68 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:42:44.0219 0x0c68 scfilter - ok
12:42:44.0289 0x0c68 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:42:44.0415 0x0c68 Schedule - ok
12:42:44.0478 0x0c68 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:42:44.0541 0x0c68 SCPolicySvc - ok
12:42:44.0595 0x0c68 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:42:44.0647 0x0c68 SDRSVC - ok
12:42:44.0680 0x0c68 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:42:44.0762 0x0c68 secdrv - ok
12:42:44.0791 0x0c68 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:42:44.0877 0x0c68 seclogon - ok
12:42:44.0910 0x0c68 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:42:45.0013 0x0c68 SENS - ok
12:42:45.0041 0x0c68 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:42:45.0079 0x0c68 SensrSvc - ok
12:42:45.0114 0x0c68 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
12:42:45.0187 0x0c68 Serenum - ok
12:42:45.0228 0x0c68 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
12:42:45.0356 0x0c68 Serial - ok
12:42:45.0383 0x0c68 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:42:45.0418 0x0c68 sermouse - ok
12:42:45.0459 0x0c68 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:42:45.0565 0x0c68 SessionEnv - ok
12:42:45.0585 0x0c68 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:42:45.0625 0x0c68 sffdisk - ok
12:42:45.0657 0x0c68 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:42:45.0677 0x0c68 sffp_mmc - ok
12:42:45.0702 0x0c68 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:42:45.0729 0x0c68 sffp_sd - ok
12:42:45.0740 0x0c68 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:42:45.0782 0x0c68 sfloppy - ok
12:42:45.0819 0x0c68 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:42:45.0920 0x0c68 SharedAccess - ok
12:42:45.0983 0x0c68 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:42:46.0069 0x0c68 ShellHWDetection - ok
12:42:46.0103 0x0c68 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:42:46.0142 0x0c68 SiSRaid2 - ok
12:42:46.0182 0x0c68 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:42:46.0217 0x0c68 SiSRaid4 - ok
12:42:46.0257 0x0c68 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:42:46.0377 0x0c68 Smb - ok
12:42:46.0436 0x0c68 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:42:46.0500 0x0c68 SNMPTRAP - ok
12:42:46.0543 0x0c68 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:42:46.0638 0x0c68 spldr - ok
12:42:46.0730 0x0c68 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:42:46.0845 0x0c68 Spooler - ok
12:42:47.0062 0x0c68 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:42:47.0223 0x0c68 sppsvc - ok
12:42:47.0264 0x0c68 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:42:47.0342 0x0c68 sppuinotify - ok
12:42:47.0450 0x0c68 [ 12E6D95CDE974B131DEFAA44BAB8B056, 3FEF55D97915BDB222E3A60B50D53BBD8D9C0FDFF85EDC025B8EFD33E575E596 ] SQLAgent$SQLEXPRESS c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
12:42:47.0494 0x0c68 SQLAgent$SQLEXPRESS - ok
12:42:47.0551 0x0c68 [ B54B48F6D92423440C264E91225C5FF1, 7484D90CE309555E1FB54F011A2980D8491354223111B7AA16D1D2473570DC19 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:42:47.0575 0x0c68 SQLBrowser - ok
12:42:47.0660 0x0c68 [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:42:47.0710 0x0c68 SQLWriter - ok
12:42:47.0757 0x0c68 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:42:47.0872 0x0c68 srv - ok
12:42:47.0918 0x0c68 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:42:48.0000 0x0c68 srv2 - ok
12:42:48.0022 0x0c68 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:42:48.0092 0x0c68 srvnet - ok
12:42:48.0137 0x0c68 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:42:48.0295 0x0c68 SSDPSRV - ok
12:42:48.0317 0x0c68 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:42:48.0427 0x0c68 SstpSvc - ok
12:42:48.0474 0x0c68 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:42:48.0527 0x0c68 stexstor - ok
12:42:48.0563 0x0c68 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
12:42:48.0682 0x0c68 StillCam - ok
12:42:48.0752 0x0c68 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:42:48.0859 0x0c68 stisvc - ok
12:42:48.0915 0x0c68 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:42:48.0967 0x0c68 swenum - ok
12:42:49.0039 0x0c68 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:42:49.0150 0x0c68 swprv - ok
12:42:49.0209 0x0c68 [ E157A3A7A09BDBB74AFEAB352D5D76F1, 2CDB47B68A5DA7BDE02594CCA969B1FDD1444CC150A11D4F31B790B022B9CE86 ] SynTP C:\Windows\system32\drivers\SynTP.sys
12:42:49.0241 0x0c68 SynTP - ok
12:42:49.0356 0x0c68 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:42:49.0531 0x0c68 SysMain - ok
12:42:49.0590 0x0c68 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:42:49.0663 0x0c68 TabletInputService - ok
12:42:49.0692 0x0c68 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:42:49.0803 0x0c68 TapiSrv - ok
12:42:49.0853 0x0c68 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:42:49.0963 0x0c68 TBS - ok
12:42:50.0127 0x0c68 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:42:50.0220 0x0c68 Tcpip - ok
12:42:50.0373 0x0c68 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:42:50.0464 0x0c68 TCPIP6 - ok
12:42:50.0546 0x0c68 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:42:50.0681 0x0c68 tcpipreg - ok
12:42:50.0721 0x0c68 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:42:50.0791 0x0c68 TDPIPE - ok
12:42:50.0822 0x0c68 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:42:50.0907 0x0c68 TDTCP - ok
12:42:50.0951 0x0c68 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:42:51.0104 0x0c68 tdx - ok
12:42:51.0148 0x0c68 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:42:51.0225 0x0c68 TermDD - ok
12:42:51.0291 0x0c68 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
12:42:51.0381 0x0c68 TermService - ok
12:42:51.0451 0x0c68 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:42:51.0569 0x0c68 Themes - ok
12:42:51.0609 0x0c68 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:42:51.0676 0x0c68 THREADORDER - ok
12:42:51.0781 0x0c68 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:42:51.0892 0x0c68 TrkWks - ok
12:42:51.0959 0x0c68 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:42:52.0079 0x0c68 TrustedInstaller - ok
12:42:52.0122 0x0c68 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:42:52.0176 0x0c68 tssecsrv - ok
12:42:52.0224 0x0c68 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:42:52.0366 0x0c68 TsUsbFlt - ok
12:42:52.0399 0x0c68 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:42:52.0468 0x0c68 TsUsbGD - ok
12:42:52.0614 0x0c68 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:42:52.0814 0x0c68 tunnel - ok
12:42:52.0832 0x0c68 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:42:52.0901 0x0c68 uagp35 - ok
12:42:52.0958 0x0c68 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:42:53.0054 0x0c68 udfs - ok
12:42:53.0088 0x0c68 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:42:53.0145 0x0c68 UI0Detect - ok
12:42:53.0169 0x0c68 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:42:53.0202 0x0c68 uliagpkx - ok
12:42:53.0225 0x0c68 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:42:53.0284 0x0c68 umbus - ok
12:42:53.0321 0x0c68 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:42:53.0382 0x0c68 UmPass - ok
12:42:53.0514 0x0c68 [ B097EBA0E3FEB020BB65FE43AF5ECCFF, B8FE680EE49B633F3FAFD81E8CE5063397774F63636C9F3C280815114A0ABD0F ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
12:42:53.0552 0x0c68 UNS - ok
12:42:53.0668 0x0c68 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:42:53.0755 0x0c68 upnphost - ok
12:42:53.0790 0x0c68 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:42:53.0886 0x0c68 usbccgp - ok
12:42:53.0930 0x0c68 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:42:54.0020 0x0c68 usbcir - ok
12:42:54.0056 0x0c68 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:42:54.0119 0x0c68 usbehci - ok
12:42:54.0156 0x0c68 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:42:54.0225 0x0c68 usbhub - ok
12:42:54.0255 0x0c68 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:42:54.0317 0x0c68 usbohci - ok
12:42:54.0353 0x0c68 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:42:54.0409 0x0c68 usbprint - ok
12:42:54.0468 0x0c68 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:42:54.0504 0x0c68 usbscan - ok
12:42:54.0594 0x0c68 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
12:42:54.0753 0x0c68 usbser - ok
12:42:54.0776 0x0c68 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:42:54.0852 0x0c68 USBSTOR - ok
12:42:54.0891 0x0c68 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:42:54.0984 0x0c68 usbuhci - ok
12:42:55.0033 0x0c68 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:42:55.0088 0x0c68 usbvideo - ok
12:42:55.0120 0x0c68 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:42:55.0199 0x0c68 UxSms - ok
12:42:55.0221 0x0c68 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
12:42:55.0235 0x0c68 VaultSvc - ok
12:42:55.0272 0x0c68 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:42:55.0346 0x0c68 vdrvroot - ok
12:42:55.0403 0x0c68 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:42:55.0482 0x0c68 vds - ok
12:42:55.0537 0x0c68 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:42:55.0646 0x0c68 vga - ok
12:42:55.0672 0x0c68 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:42:55.0783 0x0c68 VgaSave - ok
12:42:55.0816 0x0c68 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:42:55.0869 0x0c68 vhdmp - ok
12:42:55.0905 0x0c68 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:42:55.0967 0x0c68 viaide - ok
12:42:56.0019 0x0c68 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:42:56.0050 0x0c68 volmgr - ok
12:42:56.0087 0x0c68 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:42:56.0129 0x0c68 volmgrx - ok
12:42:56.0166 0x0c68 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:42:56.0191 0x0c68 volsnap - ok
12:42:56.0216 0x0c68 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:42:56.0244 0x0c68 vsmraid - ok
12:42:56.0328 0x0c68 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:42:56.0517 0x0c68 VSS - ok
12:42:56.0574 0x0c68 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:42:56.0657 0x0c68 vwifibus - ok
12:42:56.0702 0x0c68 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:42:56.0775 0x0c68 vwififlt - ok
12:42:56.0797 0x0c68 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
12:42:56.0859 0x0c68 vwifimp - ok
12:42:56.0928 0x0c68 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:42:57.0025 0x0c68 W32Time - ok
12:42:57.0059 0x0c68 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:42:57.0134 0x0c68 WacomPen - ok
12:42:57.0185 0x0c68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:42:57.0274 0x0c68 WANARP - ok
12:42:57.0279 0x0c68 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:42:57.0313 0x0c68 Wanarpv6 - ok
12:42:57.0368 0x0c68 [ 63D7250ED2C2E3CD9B11139A608D6C39, 256CF5427706912090ABE67E7EAAB09FEE6692A610839BAEE233CFC403702B9C ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
12:42:57.0418 0x0c68 watchmi - detected UnsignedFile.Multi.Generic ( 1 )
12:43:00.0100 0x0c68 Detect skipped due to KSN trusted
12:43:00.0100 0x0c68 watchmi - ok
12:43:00.0248 0x0c68 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:43:00.0400 0x0c68 wbengine - ok
12:43:00.0441 0x0c68 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:43:00.0522 0x0c68 WbioSrvc - ok
12:43:00.0586 0x0c68 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:43:00.0655 0x0c68 wcncsvc - ok
12:43:00.0680 0x0c68 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:43:00.0736 0x0c68 WcsPlugInService - ok
12:43:00.0751 0x0c68 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:43:00.0818 0x0c68 Wd - ok
12:43:00.0924 0x0c68 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:43:00.0977 0x0c68 Wdf01000 - ok
12:43:01.0031 0x0c68 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:43:01.0185 0x0c68 WdiServiceHost - ok
12:43:01.0195 0x0c68 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:43:01.0245 0x0c68 WdiSystemHost - ok
12:43:01.0290 0x0c68 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:43:01.0350 0x0c68 WebClient - ok
12:43:01.0422 0x0c68 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:43:01.0521 0x0c68 Wecsvc - ok
12:43:01.0565 0x0c68 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:43:01.0688 0x0c68 wercplsupport - ok
12:43:01.0719 0x0c68 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:43:01.0809 0x0c68 WerSvc - ok
12:43:01.0843 0x0c68 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:43:01.0896 0x0c68 WfpLwf - ok
12:43:01.0914 0x0c68 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:43:01.0955 0x0c68 WIMMount - ok
12:43:01.0980 0x0c68 WinDefend - ok
12:43:02.0009 0x0c68 WinHttpAutoProxySvc - ok
12:43:02.0061 0x0c68 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:43:02.0295 0x0c68 Winmgmt - ok
12:43:02.0423 0x0c68 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
12:43:02.0704 0x0c68 WinRM - ok
12:43:02.0886 0x0c68 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
12:43:02.0979 0x0c68 WinUsb - ok
12:43:03.0085 0x0c68 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:43:03.0164 0x0c68 Wlansvc - ok
12:43:03.0226 0x0c68 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
12:43:03.0287 0x0c68 wlcrasvc - ok
12:43:03.0474 0x0c68 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:43:03.0650 0x0c68 wlidsvc - ok
12:43:03.0710 0x0c68 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:43:03.0782 0x0c68 WmiAcpi - ok
12:43:03.0833 0x0c68 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:43:03.0886 0x0c68 wmiApSrv - ok
12:43:03.0944 0x0c68 WMPNetworkSvc - ok
12:43:03.0971 0x0c68 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:43:04.0016 0x0c68 WPCSvc - ok
12:43:04.0040 0x0c68 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:43:04.0083 0x0c68 WPDBusEnum - ok
12:43:04.0117 0x0c68 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:43:04.0196 0x0c68 ws2ifsl - ok
12:43:04.0216 0x0c68 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:43:04.0266 0x0c68 wscsvc - ok
12:43:04.0269 0x0c68 WSearch - ok
12:43:04.0418 0x0c68 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
12:43:04.0714 0x0c68 wuauserv - ok
12:43:04.0756 0x0c68 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:43:04.0823 0x0c68 WudfPf - ok
12:43:04.0889 0x0c68 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:43:04.0944 0x0c68 WUDFRd - ok
12:43:04.0982 0x0c68 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:43:05.0038 0x0c68 wudfsvc - ok
12:43:05.0078 0x0c68 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:43:05.0141 0x0c68 WwanSvc - ok
12:43:05.0291 0x0c68 [ 74713CB32792F9C7632DAA7DA22CA974, 1B1D907F8F18AE22E36F371EE6417D068C01FB4F9413571444AF3845A27F3C4D ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
12:43:05.0337 0x0c68 ZeroConfigService - ok
12:43:05.0398 0x0c68 ================ Scan global ===============================
12:43:05.0423 0x0c68 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:43:05.0462 0x0c68 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
12:43:05.0480 0x0c68 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
12:43:05.0512 0x0c68 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:43:05.0562 0x0c68 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:43:05.0574 0x0c68 [ Global ] - ok
12:43:05.0575 0x0c68 ================ Scan MBR ==================================
12:43:05.0618 0x0c68 [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
12:43:07.0978 0x0c68 \Device\Harddisk0\DR0 - ok
12:43:07.0979 0x0c68 ================ Scan VBR ==================================
12:43:07.0984 0x0c68 [ 0B639F45E1DE403025D48814554BBB1A ] \Device\Harddisk0\DR0\Partition1
12:43:07.0987 0x0c68 \Device\Harddisk0\DR0\Partition1 - ok
12:43:07.0996 0x0c68 [ 6C7E6710C885390F29B2C728EB23DDA4 ] \Device\Harddisk0\DR0\Partition2
12:43:07.0999 0x0c68 \Device\Harddisk0\DR0\Partition2 - ok
12:43:08.0003 0x0c68 [ 9CCB4B4199DD8BF40CF3A408755D31FC ] \Device\Harddisk0\DR0\Partition3
12:43:08.0004 0x0c68 \Device\Harddisk0\DR0\Partition3 - ok
12:43:08.0005 0x0c68 ================ Scan generic autorun ======================
12:43:08.0005 0x0c68 SynTPEnh - ok
12:43:08.0468 0x0c68 [ CCC2990D218899C9D4EA36CD520DD29A, C78FD6490778DBFA174DDAEEB60E1C610F4E8AA24C35752E9CAE331BD27B7058 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
12:43:08.0804 0x0c68 RtHDVCpl - ok
12:43:08.0868 0x0c68 [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
12:43:08.0925 0x0c68 RtHDVBg_Dolby - ok
12:43:08.0994 0x0c68 [ 0F02CCC1D746862F5684D26C96E3E1EA, 2FBF704C14C699FCF0AC20D7A775BAFB49F184AC9C26C5A6695965BAC5A9C375 ] C:\Windows\system32\igfxtray.exe
12:43:09.0042 0x0c68 IgfxTray - ok
12:43:09.0088 0x0c68 [ F10B83038ACC83CEEA4B3C6C6FE46E72, 947B374696957E317BAAA7D240FAE58DE613792347E6C1CEF287A3CCAC54227D ] C:\Windows\system32\hkcmd.exe
12:43:09.0138 0x0c68 HotKeysCmds - ok
12:43:09.0231 0x0c68 [ 143DA8EEAE483C00DEF75BA50B218C67, 170A8C4B9864E8A26F63E583BCD494895CD1BE253CD797318F8BA50A4092AF22 ] C:\Windows\system32\igfxpers.exe
12:43:09.0272 0x0c68 Persistence - ok
12:43:09.0276 0x0c68 BTMTrayAgent - ok
12:43:09.0318 0x0c68 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
12:43:09.0405 0x0c68 Logitech Download Assistant - ok
12:43:09.0470 0x0c68 [ 6364FA7D825B600251A4D1DE7D6FF695, 1BEDD2E9DCE4C50FE7FE644D5DDD447DF79975D666CE128F945DD776E46AFC60 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:43:09.0519 0x0c68 USB3MON - ok
12:43:09.0621 0x0c68 [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
12:43:09.0660 0x0c68 Dolby Advanced Audio v2 - ok
12:43:09.0752 0x0c68 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
12:43:09.0802 0x0c68 CLMLServer - ok
12:43:09.0848 0x0c68 [ 99ECAF298145F950B1326656167FBFDF, 77573FE19E2C16AB6D7DD3B689D5E926A86793491D6915E76999BA19A35265EA ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
12:43:09.0874 0x0c68 RemoteControl10 - ok
12:43:09.0986 0x0c68 [ 4F59C918782D978EF68E1FE35E5F38EF, D056BB986130EF524F9DD046ACBBA2FB4CE82F50C0067FE84EE85F19066A1A42 ] C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
12:43:10.0025 0x0c68 F-Secure Manager - ok
12:43:10.0142 0x0c68 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:43:10.0220 0x0c68 Adobe ARM - ok
12:43:10.0280 0x0c68 [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
12:43:10.0345 0x0c68 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
12:43:13.0025 0x0c68 Detect skipped due to KSN trusted
12:43:13.0025 0x0c68 ControlCenter4 - ok
12:43:13.0216 0x0c68 [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
12:43:13.0450 0x0c68 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
12:43:16.0115 0x0c68 Detect skipped due to KSN trusted
12:43:16.0115 0x0c68 BrStsMon00 - ok
12:43:16.0200 0x0c68 [ 32AC3889C598A7314954CF515E716BDE, DE843C6B523C60776401F799C01948DDC383442B2CEAC2002A867DC860949AFE ] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe
12:43:16.0304 0x0c68 IndexSearch - ok
12:43:16.0326 0x0c68 [ 7D46CE32283158EB7F1D0C8E02D8DDD1, DF68039E55E90EFAB90E5FC8DE79E66CEDECB99EB353C4F349375732AAEF1BE1 ] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
12:43:16.0370 0x0c68 PaperPort PTD - ok
12:43:16.0434 0x0c68 [ 9F0ACAA725CF5A391AF7E2067AE45746, CA7F3C2C9D4DCB135ECBFFEB3448D272552B5DB720E0A526B4AC07B1F5E8BC9E ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe
12:43:16.0479 0x0c68 PDFHook - ok
12:43:16.0540 0x0c68 [ 154420A93E4F676AA33A055A116255D9, DF76577C22EBB439DF2B72D1B6B7A465F067CCEC886FC7A7FB337865DA1DB914 ] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe
12:43:16.0646 0x0c68 PDF5 Registry Controller - ok
12:43:16.0683 0x0c68 [ A876BA917EBD9E629CFD344EEBE240AD, D0C748099F284A2404279C06ACDA8F2258E092964DF90269D7F9C69B2BAAE5BB ] C:\Program Files (x86)\Kabel BW\fshoster32.exe
12:43:16.0714 0x0c68 F-Secure Hoster (47731) - ok
12:43:16.0923 0x0c68 [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
12:43:17.0122 0x0c68 LogMeIn Hamachi Ui - ok
12:43:17.0283 0x0c68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:43:17.0478 0x0c68 Sidebar - ok
12:43:17.0514 0x0c68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:43:17.0571 0x0c68 mctadmin - ok
12:43:17.0685 0x0c68 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:43:17.0764 0x0c68 Sidebar - ok
12:43:17.0779 0x0c68 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:43:17.0802 0x0c68 mctadmin - ok
12:43:17.0885 0x0c68 [ 5D61BE7DB55B026A5D61A3EED09D0EAD, D32CC7B31A6F98C60ABC313ABC7D1143681F72DE2BB2604711A0BA20710CAAAE ] C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
12:43:17.0943 0x0c68 swg - ok
12:43:17.0972 0x0c68 EA Core - ok
12:43:18.0313 0x0c68 [ 2E8EAB89DB3F6C0A15C07627B6ED9BCC, D146DC20A37AC34A957B000B106164278C67BCCA2B717A5E317670556FCCE9C0 ] C:\Users\wolfgang\AppData\Local\Amazon Music\Amazon Music Helper.exe
12:43:18.0569 0x0c68 Amazon Music - ok
12:43:18.0579 0x0c68 Adobe Speed Launcher - ok
12:43:18.0656 0x0c68 [ 173D93AB55B6602C115E1E0BCDA3BDBC, 938C02C2C682B542788F0D94ABAB2FA7D80D00E1B8A55E19BEE49AF31AB10D9F ] C:\Windows\Speech\Common\sapisvr.exe
12:43:18.0781 0x0c68 Speech Recognition - ok
12:43:18.0998 0x0c68 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:43:19.0138 0x0c68 Sidebar - ok
12:43:19.0182 0x0c68 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
12:43:19.0259 0x0c68 Sidebar - ok
12:43:19.0414 0x0c68 [ 6BF7676296D5359AFC135A5397000053, D31B9BCB856D6EFDEA27E4D4D341FF939BCBF0E8C97786B447C2074B3C68298E ] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
12:43:19.0433 0x0c68 ISUSPM - ok
12:43:19.0436 0x0c68 Waiting for KSN requests completion. In queue: 15
12:43:20.0436 0x0c68 Waiting for KSN requests completion. In queue: 15
12:43:21.0436 0x0c68 Waiting for KSN requests completion. In queue: 15
12:43:22.0465 0x0c68 AV detected via SS2: Computer Schutz, C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsavwsch.exe ( 9.10.15260.0 ), 0x41000 ( enabled : updated )
12:43:22.0474 0x0c68 Win FW state via NFP2: enabled
12:43:25.0190 0x0c68 ============================================================
12:43:25.0190 0x0c68 Scan finished
12:43:25.0190 0x0c68 ============================================================
12:43:25.0208 0x1c20 Detected object count: 0
12:43:25.0208 0x1c20 Actual detected object count: 0
und nun der Emsisoft-Bericht: Code:
ATTFilter Emsisoft Emergency Kit - Version 9.0
Letztes Update: 31.05.2015 12:51:38
Benutzerkonto: wolfgang-PC\ADMIN
Scan-Einstellungen:
Scan Methode: Detail-Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
PUPs-Erkennung: An
Archiv-Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan-Beginn: 31.05.2015 12:53:21
C:\ProgramData\\apn gefunden: Application.AppInstall (A)
C:\Users\ADMIN\AppData\Local\Temp\apn gefunden: Application.Win32.WebToolbar (A)
C:\Users\ADMIN\AppData\Local\Temp\apn gefunden: Application.Win32.WebToolbar (A)
C:\Users\wolfgang\AppData\Roaming\OpenCandy gefunden: Application.AppInstall (A)
C:\ProgramData\\partner gefunden: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO gefunden: Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO.1 gefunden: Application.AdReg (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\ASKPARTNERNETWORK gefunden: Application.InstallAd (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\ASKPARTNERNETWORK gefunden: Application.InstallAd (A)
C:\Backup My Data\wolfgang\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe gefunden: Adware.DealPly.W (B)
C:\Backup My Data\wolfgang\AppData\Roaming\Yontoo\dat\Phoenix.dat gefunden: Trojan.Generic.14616976 (B)
C:\Users\wolfgang\AppData\Roaming\OpenCandy\EABDEF81E79E41FC8155C285ADCD78A4\sp-downloader.exe gefunden: Application.Win32.InstallTool (A)
Gescannt 358249
Gefunden 12
Scan-Ende: 31.05.2015 15:29:38
Scan-Zeit: 2:36:17
C:\Users\wolfgang\AppData\Roaming\OpenCandy\EABDEF81E79E41FC8155C285ADCD78A4\sp-downloader.exe Quarantäne Application.Win32.InstallTool (A)
C:\Backup My Data\wolfgang\AppData\Roaming\Yontoo\dat\Phoenix.dat Quarantäne Trojan.Generic.14616976 (B)
C:\Backup My Data\wolfgang\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe Quarantäne Adware.DealPly.W (B)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\ASKPARTNERNETWORK Quarantäne Application.InstallAd (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO.1 Quarantäne Application.AdReg (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\PROTECTOR_DLL.PROTECTORBHO Quarantäne Application.AdReg (A)
C:\Users\wolfgang\AppData\Roaming\OpenCandy Quarantäne Application.AppInstall (A)
C:\Users\ADMIN\AppData\Local\Temp\apn Quarantäne Application.Win32.WebToolbar (A)
Quarantäne 8
|
|
01.06.2015, 09:15
| #8 |
| /// the machine /// TB-Ausbilder | DHL-Mail Anhang geöffnet Ok, nur bissl Adware. Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.06.2015, 17:54
| #9 |
| | DHL-Mail Anhang geöffnetCode:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 01/06/2015 um 18:18:03
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : ADMIN - WOLFGANG-PC
# Gestarted von : C:\Users\ADMIN\Downloads\AdwCleaner_4.206.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Users\wolfgang\music\qtrax media library
Ordner Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Ordner Gelöscht : C:\Users\luisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
Ordner Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Ordner Gelöscht : C:\Users\luisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Ordner Gelöscht : C:\Users\roswitha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Ordner Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaahlfahldnilidgnlikdckbfehhca_0.localstorage
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaaahlfahldnilidgnlikdckbfehhca_0.localstorage-journal
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcncagkkhfoombgbihckkccmkjemhohl_0.localstorage
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gcncagkkhfoombgbihckkccmkjemhohl_0.localstorage-journal
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_allin1convert.dl.tb.ask.com_0.localstorage-journal
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_metrohotspot.dl.tb.ask.com_0.localstorage
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_metrohotspot.dl.tb.ask.com_0.localstorage-journal
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage
Datei Gelöscht : C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_zwinky.dl.tb.ask.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaahlfahldnilidgnlikdckbfehhca
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17801
-\\ Google Chrome v43.0.2357.81
[C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069365754180457","lastpingday":"13069324807680246","location":6,"manifest":{"background":{"scripts":["apnAPI.js","settings/assets.js","settings/redirect.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.search.ask.com/?gct=hp
[C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DF5D39A4-BBE4-4F69-8B8D-CB789E0BDC65&n=780bf806&ind=2014050310&p2=^AYY^xdm099^YYA^de&si=flvrunner
[C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=DF5D39A4-BBE4-4F69-8B8D-CB789E0BDC65&n=780bf806&ind=2014050310&p2=^AYY^xdm099^YYA^de&si=flvrunner
[C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://de.softonic.com/s/{searchTerms}
[C:\Users\elias\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13072044918723752","install_warning_on_enable":false,"lastpingday":"13077270003450998","location":6,"manifest":{"background":{"scripts":["apnAPI.js","settings/assets.js","settings/redirect.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.search.ask.com/?gct=hp
[C:\Users\luisa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : aaaaaiabcopkplhgaedhbloeejhhankf
[C:\Users\luisa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : aaaaahlfahldnilidgnlikdckbfehhca
[C:\Users\luisa\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.search.ask.com/?gct=hp
[C:\Users\roswitha\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069437481914455","lastpingday":"13077183602075209","location":6,"manifest":{"background":{"scripts":["apnAPI.js","settings/assets.js","settings/redirect.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.search.ask.com/?gct=hp
[C:\Users\wolfgang\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : management","nativeMessaging","searchProvider","startupPages","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["hxxp://*/*","hxxps://*/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":9,"events":[],"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069365816054284","lastpingday":"13069324805690814","location":6,"manifest":{"background":{"scripts":["apnAPI.js","settings/assets.js","settings/redirect.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.search.ask.com/?gct=hp
*************************
AdwCleaner[R0].txt - [7624 Bytes] - [01/06/2015 18:01:40]
AdwCleaner[S0].txt - [7540 Bytes] - [01/06/2015 18:18:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7599 Bytes] ##########
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by ADMIN (administrator) on WOLFGANG-PC on 01-06-2015 18:36:08
Running from C:\Users\ADMIN\Downloads
Loaded Profiles: ADMIN (Available Profiles: wolfgang & luisa & elias & roswitha & ADMIN)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() C:\Program Files (x86)\PHotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
() C:\Program Files (x86)\watchmi\TvdTray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files (x86)\watchmi\TvdService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSHDLL64.EXE
() C:\Program Files (x86)\PHotkey\POsd.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2884880 2012-02-23] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-01-05] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-31] (CyberLink Corp.)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2015-04-30] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [46952 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [30568 2011-08-02] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro5hook.exe [636192 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF5 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe [62752 2010-03-05] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM\...\RunOnce: [Lexmark 1200 Series Uninstall] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [222496 2009-05-05] (Acresso Corporation)
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\SysWOW64\MAHJON~1.SCR [5104049 2009-07-16] (ALDI SÜD)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\watchmi tray.lnk [2014-04-15]
ShortcutTarget: watchmi tray.lnk -> C:\Windows\Installer\{F0559C5E-7912-4391-B1A0-6B975F0E5064}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe (Acresso Software Inc.)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-2578260161-3009678811-3890924073-1004\User: Group Policy Restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-2578260161-3009678811-3890924073-1003\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2578260161-3009678811-3890924073-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-03-04] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2009-02-06] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-25] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-25] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2011-12-01] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-02-17] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-04-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-23]
CHR Extension: (Google Drive) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-23]
CHR Extension: (YouTube) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-23]
CHR Extension: (Google Search) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-23]
CHR Extension: (Bookmark Manager) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-23]
CHR Extension: (Gmail) - C:\Users\ADMIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-23]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-19] ()
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-14] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-14] (CyberLink)
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [60456 2015-03-09] (F-Secure Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [145256 2011-08-02] (Nuance Communications, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-05-25] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
R2 watchmi; C:\Program Files (x86)\watchmi\TvdService.exe [70144 2012-01-31] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2015-05-31] (Emsisoft GmbH)
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [208424 2015-02-24] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [71080 2015-04-15] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [55336 2015-05-26] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\bin\fsni64.sys [90152 2015-04-15] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IT9135BDA; C:\Windows\System32\Drivers\IT9135BDA.sys [165504 2012-05-04] (ITE )
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 18:36 - 2015-06-01 18:37 - 00022229 _____ () C:\Users\ADMIN\Downloads\FRST.txt
2015-06-01 18:36 - 2015-06-01 18:36 - 00000000 ____D () C:\FRST
2015-06-01 18:35 - 2015-06-01 18:35 - 02108928 _____ (Farbar) C:\Users\ADMIN\Downloads\FRST64.exe
2015-06-01 18:23 - 2015-06-01 18:23 - 00007683 _____ () C:\Users\ADMIN\Desktop\AdwCleaner[S0].txt
2015-06-01 18:00 - 2015-06-01 18:19 - 00000000 ____D () C:\AdwCleaner
2015-06-01 17:59 - 2015-06-01 18:00 - 02231296 _____ () C:\Users\ADMIN\Downloads\AdwCleaner_4.206.exe
2015-06-01 17:56 - 2015-06-01 17:56 - 00000000 ____D () C:\Users\ADMIN\AppData\Local\GWX
2015-05-31 19:51 - 2015-05-31 19:51 - 00000000 ____D () C:\Users\ADMIN\Documents\Meine empfangenen Dateien
2015-05-31 16:02 - 2015-05-31 16:19 - 00000000 ____D () C:\Users\ADMIN\AppData\Local\Microsoft Games
2015-05-31 15:43 - 2015-05-31 15:43 - 00004856 _____ () C:\Users\ADMIN\Desktop\a2scan_150531-125321.txt
2015-05-31 12:49 - 2015-05-31 12:50 - 00000000 ____D () C:\EEK
2015-05-31 12:49 - 2015-05-31 12:49 - 00000747 _____ () C:\Users\ADMIN\Desktop\Start Emsisoft Emergency Kit.lnk
2015-05-31 12:45 - 2015-05-31 12:48 - 155538368 _____ () C:\Users\ADMIN\Downloads\EmsisoftEmergencyKit.exe
2015-05-30 16:14 - 2015-05-30 16:13 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\ADMIN\Desktop\tdsskiller.exe
2015-05-30 16:13 - 2015-05-30 16:13 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\ADMIN\Downloads\tdsskiller.exe
2015-05-30 14:48 - 2015-05-30 16:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-30 14:48 - 2015-05-30 14:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-30 14:48 - 2015-05-30 14:48 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-30 14:46 - 2015-06-01 18:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-30 14:46 - 2015-05-30 16:11 - 00000000 ____D () C:\Users\ADMIN\Desktop\mbar
2015-05-30 14:44 - 2015-05-30 14:44 - 16502728 _____ (Malwarebytes Corp.) C:\Users\ADMIN\Downloads\mbar-1.09.1.1004.exe
2015-05-30 14:40 - 2015-05-30 14:40 - 00001272 _____ () C:\Users\ADMIN\Desktop\Revo Uninstaller.lnk
2015-05-30 14:40 - 2015-05-30 14:40 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-30 14:39 - 2015-05-30 14:39 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\ADMIN\Downloads\revosetup95.exe
2015-05-29 18:24 - 2015-05-29 18:24 - 00046831 _____ () C:\Users\wolfgang\Desktop\Addition.txt
2015-05-29 18:22 - 2015-05-29 18:24 - 00057124 _____ () C:\Users\wolfgang\Desktop\FRST.txt
2015-05-29 18:21 - 2015-05-29 18:20 - 02108928 _____ (Farbar) C:\Users\wolfgang\Desktop\FRST64.exe
2015-05-29 18:20 - 2015-05-29 18:20 - 02108928 _____ (Farbar) C:\Users\wolfgang\Downloads\FRST64.exe
2015-05-27 13:34 - 2015-05-27 13:34 - 18823983 _____ () C:\Users\elias\Downloads\craftbukkit_server.jar
2015-05-27 13:10 - 2015-05-27 13:10 - 00940275 _____ () C:\Users\elias\Downloads\OptiFine_1.8.0_HD_U_D3 (2).jar
2015-05-27 11:57 - 2015-05-27 11:57 - 00764725 _____ () C:\Users\elias\Downloads\Serinity HD [1.8.1].zip
2015-05-26 22:22 - 2015-05-26 22:22 - 03077905 _____ () C:\Users\elias\Downloads\_forge-1.7.10-10.13.2.1230-installer (1).jar
2015-05-26 20:07 - 2015-05-26 20:07 - 00956887 _____ () C:\Users\elias\Downloads\OptiFine_1.8.4_HD_U_D4 (1).jar
2015-05-26 19:56 - 2015-05-26 19:56 - 03401358 _____ () C:\Users\elias\Downloads\forge-1.8-11.14.1.1334-installer (1).jar
2015-05-26 19:53 - 2015-05-26 19:53 - 00030973 _____ () C:\Users\elias\Downloads\MrMeepz Shaders v05 Medium.zip
2015-05-26 19:52 - 2015-05-26 19:52 - 00369853 _____ () C:\Users\elias\Downloads\ShadersMod-v2.4.11mc1.8 (2).jar
2015-05-26 19:51 - 2015-05-26 19:51 - 00940275 _____ () C:\Users\elias\Downloads\OptiFine_1.8.0_HD_U_D3 (1).jar
2015-05-26 19:49 - 2015-05-26 19:49 - 03066417 _____ () C:\Users\elias\Downloads\forge-1.8-11.14.1.1334-universal.jar
2015-05-26 19:41 - 2015-05-26 19:41 - 00067728 _____ () C:\Users\elias\Downloads\SEUS-v10.1-Standard.zip
2015-05-26 19:15 - 2015-05-26 19:15 - 00940275 _____ () C:\Users\elias\Downloads\OptiFine_1.8.0_HD_U_D3.jar
2015-05-26 19:12 - 2015-05-26 19:12 - 00956887 _____ () C:\Users\elias\Downloads\OptiFine_1.8.4_HD_U_D4.jar
2015-05-26 19:05 - 2015-05-26 19:05 - 00369853 _____ () C:\Users\elias\Downloads\ShadersMod-v2.4.11mc1.8 (1).jar
2015-05-26 17:22 - 2015-05-26 17:22 - 03401358 _____ () C:\Users\elias\Downloads\forge-1.8-11.14.1.1334-installer.jar
2015-05-26 12:07 - 2015-05-26 19:08 - 00000000 ____D () C:\Users\elias\Desktop\Minecraft Forge
2015-05-26 12:07 - 2015-05-26 12:07 - 03568461 _____ () C:\Users\elias\Downloads\forge-1.8-11.14.1.1412-installer.jar
2015-05-26 11:57 - 2015-05-26 11:57 - 00041072 _____ () C:\Users\elias\Downloads\Sildurs Vibrant Shaders v1.07 Medium (beta).zip
2015-05-26 11:54 - 2015-05-26 11:54 - 00214961 _____ () C:\Users\elias\Downloads\ShadersModCore-v2.3.28-mc1.7.10-f.jar
2015-05-26 11:52 - 2015-05-26 11:52 - 00369853 _____ () C:\Users\elias\Downloads\ShadersMod-v2.4.11mc1.8.jar
2015-05-25 22:18 - 2015-05-25 22:19 - 03077905 _____ () C:\Users\elias\Downloads\_forge-1.7.10-10.13.2.1230-installer.jar
2015-05-25 22:10 - 2015-05-25 22:10 - 00893998 _____ () C:\Users\elias\Downloads\OptiFine_1.7.10_HD_U_B7.jar
2015-05-19 20:05 - 2015-05-26 11:35 - 00000000 ____D () C:\Users\elias\Documents\Meine empfangenen Dateien
2015-05-19 19:56 - 2015-05-19 19:56 - 00443420 _____ () C:\Users\elias\Downloads\Leavia.zip
2015-05-16 10:29 - 2015-05-16 10:30 - 07626918 _____ () C:\Users\wolfgang\Downloads\Heute.eml
2015-05-14 13:47 - 2015-05-14 13:51 - 217537940 _____ () C:\Users\elias\Downloads\ROBOProUpdate416.zip
2015-05-13 23:10 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:10 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:35 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 19:35 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 19:35 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 19:35 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 19:34 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 19:34 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 19:34 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 19:34 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 19:34 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 19:34 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 19:34 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 19:34 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 19:34 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 19:34 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 19:34 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 19:34 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 19:34 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 19:34 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 19:34 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 19:34 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 19:34 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 19:34 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 19:34 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 19:34 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 19:34 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 19:34 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 19:34 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 19:34 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 19:34 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 19:34 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 19:34 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 19:34 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 19:34 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 19:34 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 19:34 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 19:34 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 19:34 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 19:32 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 19:32 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 19:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 19:32 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 19:32 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 19:32 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 19:32 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 19:32 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 19:32 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 19:32 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 19:32 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 19:32 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 19:32 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 19:32 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 19:32 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 19:32 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 19:32 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 19:32 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 19:32 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 19:32 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 19:32 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 19:32 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 19:32 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 19:32 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 19:32 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 19:32 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 19:32 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 19:32 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 19:32 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 19:32 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 19:32 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 19:32 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 19:32 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 19:32 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 19:32 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 19:32 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 19:32 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 19:32 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 19:32 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 19:32 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 19:32 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 19:32 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 19:32 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 19:32 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 19:32 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 19:32 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 19:32 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 19:32 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 19:32 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 19:32 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 19:32 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 19:32 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 19:32 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 19:32 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 19:32 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 19:32 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 19:32 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 19:32 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 19:32 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 19:32 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 19:32 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 19:30 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 19:30 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 19:30 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 19:30 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 19:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 19:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 19:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 19:30 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 19:30 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 19:29 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 19:29 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 19:29 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 19:29 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 19:29 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 19:29 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 19:29 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 19:29 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 19:29 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-01 18:32 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 18:32 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 18:31 - 2014-08-21 18:47 - 00000000 ____D () C:\Users\ADMIN\AppData\Local\LogMeIn Hamachi
2015-06-01 18:28 - 2014-04-15 14:44 - 01418931 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 18:27 - 2015-03-18 22:36 - 00000000 ____D () C:\Users\ADMIN\Documents\Youcam
2015-06-01 18:22 - 2014-04-15 14:47 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 18:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 18:21 - 2009-07-14 06:51 - 00131348 _____ () C:\Windows\setupact.log
2015-06-01 17:54 - 2014-04-15 15:08 - 00000000 ____D () C:\Users\wolfgang\Documents\Youcam
2015-06-01 17:50 - 2014-07-28 19:59 - 00000000 ____D () C:\Users\wolfgang\AppData\Local\LogMeIn Hamachi
2015-05-31 22:46 - 2014-05-25 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-31 22:42 - 2014-04-15 14:47 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-31 12:39 - 2012-02-22 00:21 - 00000000 ____D () C:\Intel
2015-05-31 11:56 - 2012-02-21 20:50 - 00765612 _____ () C:\Windows\system32\perfh007.dat
2015-05-31 11:56 - 2012-02-21 20:50 - 00174810 _____ () C:\Windows\system32\perfc007.dat
2015-05-31 11:56 - 2009-07-14 07:13 - 01806426 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-31 11:46 - 2014-04-17 18:17 - 00000000 ____D () C:\Users\roswitha\Documents\Youcam
2015-05-31 11:40 - 2014-07-28 21:12 - 00000000 ____D () C:\Users\roswitha\AppData\Local\LogMeIn Hamachi
2015-05-30 14:37 - 2015-03-18 22:34 - 00000000 ____D () C:\Users\ADMIN\AppData\Roaming\ControlCenter4
2015-05-29 18:57 - 2014-04-17 19:20 - 00000000 ____D () C:\Users\elias\AppData\Roaming\.minecraft
2015-05-29 18:20 - 2014-04-15 17:20 - 00002023 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk
2015-05-29 18:20 - 2012-02-21 23:36 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-28 22:04 - 2014-04-18 15:01 - 00000000 ____D () C:\Users\elias\Documents\Youcam
2015-05-28 22:01 - 2014-07-28 17:36 - 00000000 ____D () C:\Users\elias\AppData\Local\LogMeIn Hamachi
2015-05-28 20:59 - 2014-05-25 17:21 - 00000000 ____D () C:\Program Files (x86)\EA Games
2015-05-27 16:10 - 2014-04-17 18:22 - 00000000 ____D () C:\Users\roswitha\Documents\KiBiWo
2015-05-27 16:07 - 2015-05-01 14:24 - 00000000 ____D () C:\Users\roswitha\Documents\KGR
2015-05-27 15:28 - 2014-04-17 18:23 - 00000000 ____D () C:\Users\roswitha\Documents\Schule
2015-05-27 13:35 - 2014-11-05 17:56 - 00000000 ____D () C:\Users\elias\Desktop\craftbukkit
2015-05-26 14:09 - 2014-11-05 21:05 - 00000000 ____D () C:\Users\wolfgang\Documents\Raetsel
2015-05-26 14:08 - 2014-08-24 11:40 - 00000000 ____D () C:\Users\Public\Documents\Elias
2015-05-26 11:06 - 2014-04-15 16:50 - 00055336 _____ () C:\Windows\system32\Drivers\fsbts.sys
2015-05-25 18:44 - 2014-04-15 14:47 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 16:10 - 2015-04-04 20:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 16:10 - 2015-04-04 20:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-20 11:37 - 2014-04-15 14:47 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 11:37 - 2014-04-15 14:47 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 10:42 - 2010-11-21 05:47 - 00214364 _____ () C:\Windows\PFRO.log
2015-05-19 19:19 - 2014-04-16 19:41 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2015-05-17 19:14 - 2015-01-09 14:03 - 00010425 _____ () C:\Users\Public\Documents\TV-Aufnahmen Festplatte.xlsx
2015-05-17 17:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-16 10:00 - 2012-12-27 12:30 - 00000000 ____D () C:\Users\wolfgang\Documents\DVDVideoSoft
2015-05-15 11:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-14 13:53 - 2014-04-17 18:23 - 00000000 ____D () C:\Users\elias\Documents\Robo TX
2015-05-14 11:15 - 2009-07-14 06:45 - 00535952 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-14 11:10 - 2011-04-12 10:28 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-14 11:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-14 11:07 - 2014-04-18 22:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 23:27 - 2014-04-15 19:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 23:13 - 2012-02-21 21:44 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 23:10 - 2014-04-18 22:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 23:09 - 2014-04-18 22:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-10 17:34 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-06 13:04 - 2015-04-23 20:24 - 00000000 ____D () C:\Users\roswitha\Documents\Fortbildung Globales Lernen
2015-05-02 19:02 - 2014-10-31 16:03 - 00000000 _____ () C:\Users\luisa\Documents\Nuance Image Printer Writer Port
2015-05-02 18:09 - 2014-04-17 18:30 - 00000000 ____D () C:\Users\luisa\Documents\Youcam
2015-05-02 18:05 - 2014-08-24 15:54 - 00000000 ____D () C:\Users\luisa\AppData\Roaming\ControlCenter4
2015-05-02 18:04 - 2014-08-24 15:53 - 00000000 ____D () C:\Users\luisa\AppData\Local\LogMeIn Hamachi
Some files in TEMP:
====================
C:\Users\ADMIN\AppData\Local\Temp\APNSetup.exe
C:\Users\ADMIN\AppData\Local\Temp\Del2D57.exe
C:\Users\ADMIN\AppData\Local\Temp\Quarantine.exe
C:\Users\ADMIN\AppData\Local\Temp\rtdrvmon.exe
C:\Users\ADMIN\AppData\Local\Temp\sqlite3.dll
C:\Users\ADMIN\AppData\Local\Temp\_is2897.exe
C:\Users\ADMIN\AppData\Local\Temp\_is2EDC.exe
C:\Users\ADMIN\AppData\Local\Temp\_is5C71.exe
C:\Users\ADMIN\AppData\Local\Temp\_isA2D3.exe
C:\Users\ADMIN\AppData\Local\Temp\_isB76D.exe
C:\Users\ADMIN\AppData\Local\Temp\_isEC9F.exe
C:\Users\elias\AppData\Local\Temp\COMAP.EXE
C:\Users\elias\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\elias\AppData\Local\Temp\jansi-32-git-Bukkit-0a645a2-6691396289723478852.dll
C:\Users\elias\AppData\Local\Temp\jansi-32-git-Bukkit-0a645a2-832628586541525425.dll
C:\Users\elias\AppData\Local\Temp\jansi-32-git-Spigot-1.7.9-R0.2-207-g03373bb.dll
C:\Users\elias\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\elias\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.1-10-g8688bd4-b3092jnks.dll
C:\Users\elias\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-16-g37c7969-b3105jnks.dll
C:\Users\elias\AppData\Local\Temp\rtdrvmon.exe
C:\Users\luisa\AppData\Local\Temp\rtdrvmon.exe
C:\Users\roswitha\AppData\Local\Temp\rtdrvmon.exe
C:\Users\wolfgang\AppData\Local\Temp\cnuif5bq.dll
C:\Users\wolfgang\AppData\Local\Temp\COMAP.EXE
C:\Users\wolfgang\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\wolfgang\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\wolfgang\AppData\Local\Temp\EAD3766.exe
C:\Users\wolfgang\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\wolfgang\AppData\Local\Temp\q5vbiw0o.dll
C:\Users\wolfgang\AppData\Local\Temp\qtpqpwlg.dll
C:\Users\wolfgang\AppData\Local\Temp\rtdrvmon.exe
C:\Users\wolfgang\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\wolfgang\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\wolfgang\AppData\Local\Temp\ujityyrn.dll
C:\Users\wolfgang\AppData\Local\Temp\UninstallEADM.dll
C:\Users\wolfgang\AppData\Local\Temp\_is22AD.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-26 14:55
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by ADMIN at 2015-06-01 18:38:07
Running from C:\Users\ADMIN\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
ADMIN (S-1-5-21-2578260161-3009678811-3890924073-1006 - Administrator - Enabled) => C:\Users\ADMIN
Administrator (S-1-5-21-2578260161-3009678811-3890924073-500 - Administrator - Disabled)
elias (S-1-5-21-2578260161-3009678811-3890924073-1004 - Limited - Enabled) => C:\Users\elias
Gast (S-1-5-21-2578260161-3009678811-3890924073-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2578260161-3009678811-3890924073-1002 - Limited - Enabled)
luisa (S-1-5-21-2578260161-3009678811-3890924073-1003 - Limited - Enabled) => C:\Users\luisa
roswitha (S-1-5-21-2578260161-3009678811-3890924073-1005 - Limited - Enabled) => C:\Users\roswitha
wolfgang (S-1-5-21-2578260161-3009678811-3890924073-1001 - Limited - Enabled) => C:\Users\wolfgang
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Brother MFL-Pro Suite DCP-J4110DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0 - F-Secure Corporation) Hidden
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.42.130 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.51.111.300 (release) (x32 Version: 1.51.111.300 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1 - F-Secure Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0083 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{F0932859-AA60-459E-B843-0BDECA34E2C7}) (Version: 2.0.0.0086 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.1.209 - Intel Corporation)
Intel(R) WiDi (HKLM-x32\...\{93F34C5C-ACAA-48F3-9B26-70359A117F12}) (Version: 3.0.12.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0708 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
IT9130 Driver v12.2.3.1 (HKLM-x32\...\IT9130 DriverInstaller_12.2.3.1) (Version: - )
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kabel BW Programme (HKLM-x32\...\F-Secure ServiceEnabler 47731) (Version: 1.83.315.0 - F-Secure Corporation)
Kabel BW Programme (x32 Version: 1.83.315.0 - F-Secure Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lexmark 1200 Series (HKLM-x32\...\Lexmark 1200 Series) (Version: - Lexmark International, Inc.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
myMugle (HKLM-x32\...\myMugle3.0.0.0) (Version: 3.0.0.0 - Computer Business Solutions)
Nuance PaperPort 12 (HKLM-x32\...\{88B5FBDC-967D-4B1F-B291-39284AE12201}) (Version: 12.1.0005 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
NVIDIA PhysX v8.05.26 (HKLM-x32\...\{11AE6807-50D2-4F59-82B3-2C3E695E94C2}) (Version: 8.05.26 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Online Safety 2.83.1346.10 (x32 Version: 2.83.1346.10 - F-Secure Corporation) Hidden
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version: - Markement GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0055 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Republic Heroes (HKLM-x32\...\{5612C844-55BC-4B77-82C2-A2E28962418E}) (Version: 1.00.0000 - LucasArts)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scansoft PDF Professional (x32 Version: - ) Hidden
Service Pack 1 für SQL Server 2008 (KB 968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skatpalast Version 1.0 (HKLM-x32\...\Skatpalast_is1) (Version: 1.0 - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.0.3 - Synaptics Incorporated)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Usb Driver (Windows X32/X64) v1.0.0.5 (HKLM-x32\...\Usb Driver (Windows X32/X64) v1.0.0.5) (Version: 1.0.0.5 - Knobloch GmbH - www.knobloch-gmbh.de)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
watchmi (HKLM-x32\...\{F0559C5E-7912-4391-B1A0-6B975F0E5064}) (Version: 3.0.0 - Axel Springer Digital TV Guide GmbH)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Speech Recognition Macros (HKLM-x32\...\{8DC197D6-F4AB-44E0-ACF7-210355E6F389}) (Version: 1.0.6862.19 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
20-05-2015 16:09:33 Windows Update
29-05-2015 20:48:23 Geplanter Prüfpunkt
30-05-2015 14:42:05 Revo Uninstaller's restore point - Search App by Ask
01-06-2015 18:30:56 Removed LogMeIn Hamachi
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {183F8C73-8574-4E3F-8D32-BDA5C03C02D1} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {44470EA2-3BAC-4A1E-9F8E-C1EC1ADF1250} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {4D8C51EE-0EA0-49E3-9FF8-448562360338} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {5A3DF2ED-3FEE-4EE3-9744-926EAF6211DB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {7BD54BA3-D6CB-4275-9604-1F5072BDD3D4} - System32\Tasks\{9EA7345B-52CB-4A24-B5B5-AA02BB14D008} => C:\Users\elias\Desktop\Minecraft server\minecraft_server.1.7.10.exe
Task: {8E3016AD-DCEB-4829-8298-81DBC445FDDC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {918CB70D-1A97-4CB5-BDB3-BFCFF2C5FF04} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {A18FF9C3-7A5C-4AAE-9CE9-ADE3F4CCFDDE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {A76687EB-F4FE-483F-9F72-E374BF10C75B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {CCE4DB42-9D6E-4FF5-BB8D-3F5E81A97F9A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {DF777AF6-FBA4-4C56-A738-52BFACD6B582} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {F00D4805-90E4-4D3E-9A56-7147E99E49E0} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F4877D55-26F0-4D32-B8EA-A5D2FE483E9C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-16] (Adobe Systems Incorporated)
Task: {F5CE52B3-58CD-4AFD-A20E-E9F9E65D48BD} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2012-02-22 18:36 - 2009-12-19 01:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-02-22 18:36 - 2011-10-14 00:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2014-04-16 19:41 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-02-22 18:36 - 2012-02-07 03:34 - 00823808 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-02-22 18:36 - 2010-01-13 03:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-02-22 18:36 - 2010-01-13 03:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-02-22 00:09 - 2012-01-06 03:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-01-31 11:24 - 2012-01-31 11:24 - 01070592 _____ () C:\Program Files (x86)\watchmi\TvdTray.exe
2012-01-31 11:24 - 2012-01-31 11:24 - 00004608 _____ () C:\Program Files (x86)\watchmi\de\TvdTray.resources.dll
2014-04-15 14:47 - 2014-04-15 14:47 - 00059904 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Remote\3.0.0.8__f722db7bec59a14b\Tvd.Remote.dll
2014-05-25 17:38 - 2014-05-25 17:49 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2012-02-22 20:09 - 2010-08-19 18:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-23 13:19 - 2005-04-22 06:36 - 00143360 ____R () C:\Windows\system32\BrSNMP64.dll
2012-01-31 11:24 - 2012-01-31 11:24 - 00070144 _____ () C:\Program Files (x86)\watchmi\TvdService.exe
2014-04-15 14:47 - 2014-04-15 14:47 - 00034304 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Tools\3.0.0.8__f722db7bec59a14b\Tvd.Tools.dll
2014-04-15 14:47 - 2014-04-15 14:47 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\FingerPrint\1.0.0.0__a62e68e935d72fa6\FingerPrint.dll
2014-04-15 14:47 - 2014-04-15 14:47 - 00079360 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Reporting\3.0.0.8__f722db7bec59a14b\Tvd.Reporting.dll
2014-04-15 14:47 - 2014-04-15 14:47 - 00153088 _____ () C:\Windows\assembly\GAC_MSIL\Tvd.Aprico\3.0.0.8__f722db7bec59a14b\Tvd.Aprico.dll
2012-02-22 18:36 - 2012-01-13 03:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-02-22 18:36 - 2012-01-13 03:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-02-22 18:36 - 2011-12-21 01:08 - 03454464 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2014-04-15 16:50 - 2013-08-14 14:22 - 00045504 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\FSAVHRES.eng
2013-05-15 16:05 - 2013-05-15 16:05 - 00220096 _____ () C:\Program Files (x86)\Kabel BW\daas2.dll
2012-02-22 18:36 - 2009-12-19 01:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-02-22 18:36 - 2009-12-19 01:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-08-04 01:39 - 2010-08-04 01:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-04 01:39 - 2010-08-04 01:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-04-15 16:50 - 2013-08-14 14:22 - 00056256 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\FSGUI\fsavures.eng
2014-04-15 16:50 - 2013-08-14 14:22 - 00154560 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\FSGUI\flyerres.eng
2014-12-22 13:46 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-04-15 16:14 - 2014-04-15 16:14 - 00593464 _____ () C:\Windows\WinSxS\x86_f-secure.qt_4_6_2_2e112a926211c0a3_4.6.482.65_none_b59e1e0911fd55ab\QtMultimediaKit1.dll
2015-05-25 18:44 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-25 18:44 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll
2014-04-15 16:54 - 2014-04-15 16:54 - 00030888 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\hashlib_x86.dll
2014-04-15 16:50 - 2015-04-15 10:41 - 00175144 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Gemini\fsgem.dll
2014-04-15 16:50 - 2014-04-15 16:54 - 00212008 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Spam Control\fsas.dll
2014-04-15 16:50 - 2015-02-24 17:32 - 00949288 _____ () C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fm4av.dll
2014-10-15 17:39 - 2014-10-15 17:39 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\38485cf51c91ff758c145158360bbb97\IsdiInterop.ni.dll
2012-02-22 00:36 - 2011-11-30 06:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-02-22 00:21 - 2011-12-16 11:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-05-25 18:44 - 2015-05-22 22:22 - 14982472 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\wolfgang\Downloads\Heute.eml:OECustomProperty
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2578260161-3009678811-3890924073-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\ADMIN\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7D1ED009-EBC5-4CE4-9B4A-FC4CC9FB021E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5B718866-74F4-43CC-82AD-A1DB96B36F38}] => (Allow) LPort=2869
FirewallRules: [{BD7082C9-D1F3-4421-AACA-478498387A34}] => (Allow) LPort=1900
FirewallRules: [{0E297A41-5A80-4457-AD6A-60F42FD242BD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{8B37044C-F7B4-47D7-88EB-3402B2AE9D4D}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{867C244C-C724-4791-AFA2-C41A4D59EB16}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR9.EXE
FirewallRules: [{842B21DC-1BF0-4EB7-B54A-4A5A83D0B921}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{6B026D0D-E126-439A-ABAB-9DD77A7B5151}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{1C548354-3F3A-422B-84BC-72F8921F0317}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
FirewallRules: [{9E110FF3-14CD-4457-8AEA-101F295342C9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
FirewallRules: [{5AA103C8-D255-4DDF-9502-0FC36EF18381}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{DDC38516-5C30-486D-8B05-1D59B4D5A733}] => (Allow) C:\Program Files (x86)\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{4645E695-90D8-4178-A1F9-999FDAD8E6FE}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe
FirewallRules: [{7E803E13-954D-4C95-B41F-7F894A8B7A6E}] => (Allow) C:\Windows\SysWOW64\lxczcoms.exe
FirewallRules: [{6118EF37-CFCD-49B4-890D-E5DF572A5D45}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{574B404B-3667-4313-B739-6A86E83BC194}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{ABAAF244-83BB-41CE-816E-F81DF8F65806}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{176F0FFF-D5F7-460B-AFB3-389B50F8942F}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{E85E0C4C-F3E7-494E-AE60-C9FECC1EC03D}] => (Allow) C:\Windows\System32\lxczcoms.exe
FirewallRules: [{9B8D1826-8519-4E57-84E5-5C6CE5357D80}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe
FirewallRules: [{62364E15-A293-4623-969C-CCC66FA6243B}] => (Allow) C:\Windows\System32\spool\drivers\x64\3\lxczpswx.exe
FirewallRules: [TCP Query User{FAC0326F-DEF1-4998-8514-25FF9FAE62C1}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{1963E666-239B-4B27-8463-9CAC6F2FE917}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{B62B3690-1685-41D1-8773-EC5D903281FE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{AF47C975-E44A-4BCA-BF4D-242017CB7736}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DC4FD68D-C2CD-409C-84EE-3DE5CB8AE7E4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A9604B01-8EA9-4705-8666-92E979169446}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{43A4439A-D671-41E2-B44C-2BD85BB0A911}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{F33EE8B8-8167-49A2-B72C-208E55C2300A}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{E31E271D-4E31-4B70-B666-CB3F4FA69DC4}] => (Allow) C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe
FirewallRules: [{17707694-C028-4972-861D-3804D414885C}] => (Allow) C:\Program Files (x86)\LucasArts\Republic Heroes\Republic Heroes.exe
FirewallRules: [TCP Query User{AC78D7F8-C925-440C-A5CC-CCA7B23183D8}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [UDP Query User{7950C39C-95E8-413E-B36E-8C47425075F9}C:\windows\system32\java.exe] => (Block) C:\windows\system32\java.exe
FirewallRules: [{0FF61B22-2FB2-4CBC-BF8F-EA78C715DA75}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{415993AF-CD4B-47E6-9451-5B5F8544F075}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{FE747F0F-A0B9-4886-8779-04FCA2DF4F98}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D95D9AF4-FF04-455B-A08E-C2B54D027C44}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{723D2419-8D5F-4A13-8260-31E50EBFD3E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FC00BC13-4CD2-4C19-88CE-BF62478249E1}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [UDP Query User{AD2C2846-1A85-4931-A4CF-3C52A68417F2}C:\program files (x86)\java\jre1.8.0_31\bin\java.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\java.exe
FirewallRules: [{B00445A0-4200-4199-B2E4-A0EA2AA3FCB1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{300205CB-C34F-4845-9FFD-869E5F4AD9A2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{21F203F0-AD60-4893-BEB3-137F5E4EB077}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2015 06:23:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2015 06:23:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/06/01 18:23:14.560]: [00003312]: Initialize TwdsMain Class failed!
Error: (06/01/2015 06:23:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/06/01 18:23:14.560]: [00003312]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (06/01/2015 05:56:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/06/01 17:56:20.602]: [00002492]: Initialize TwdsMain Class failed!
Error: (06/01/2015 05:56:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/06/01 17:56:20.602]: [00002492]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (06/01/2015 05:50:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 09:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17801 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2310
Startzeit: 01d09bd90b769009
Endzeit: 14
Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Berichts-ID:
Error: (05/31/2015 04:37:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error: (05/31/2015 01:04:54 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1 2015-05-31 13:04:51+02:00 WOLFGANG-PC wolfgang-PC\ADMIN F-Secure Anti-Virus
Spyware detected:
Type: riskware
Family:
Name: Application.Bundler.DomaIQ
Object: C:\Backup My Data\wolfgang\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000003
Error: (05/31/2015 00:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2015/05/31 12:35:04.383]: [00007504]: Initialize TwdsMain Class failed!
System errors:
=============
Error: (06/01/2015 06:22:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server (SQLEXPRESS)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/01/2015 06:22:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst SQL Server (SQLEXPRESS) erreicht.
Error: (06/01/2015 06:22:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MemeoBackgroundService" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/01/2015 06:22:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MemeoBackgroundService erreicht.
Error: (06/01/2015 06:20:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (06/01/2015 06:20:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (06/01/2015 06:20:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (06/01/2015 06:19:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Modules Installer" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/01/2015 06:19:57 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Error: (06/01/2015 06:19:55 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\System32\IWMSSvc.dll
Microsoft Office:
=========================
Error: (06/01/2015 06:23:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/01/2015 06:23:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/06/01 18:23:14.560]: [00003312]: Initialize TwdsMain Class failed!
Error: (06/01/2015 06:23:14 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/06/01 18:23:14.560]: [00003312]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (06/01/2015 05:56:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/06/01 17:56:20.602]: [00002492]: Initialize TwdsMain Class failed!
Error: (06/01/2015 05:56:20 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/06/01 17:56:20.602]: [00002492]: ##### Fatal ERROR!! Create STI-device failed! #####
Error: (06/01/2015 05:50:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/31/2015 09:36:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17801231001d09bd90b76900914C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Error: (05/31/2015 04:37:49 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"C:\Program Files\Microsoft Office 15\root\office15\lync.exe.ManifestC:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL1
Error: (05/31/2015 01:04:54 PM) (Source: FSecure-FSecure-F-Secure Anti-Virus) (EventID: 103) (User: )
Description: 1 2015-05-31 13:04:51+02:00 WOLFGANG-PC wolfgang-PC\ADMIN F-Secure Anti-Virus
Spyware detected:
Type: riskware
Family:
Name: Application.Bundler.DomaIQ
Object: C:\Backup My Data\wolfgang\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000003
Error: (05/31/2015 00:35:04 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWNBrtTWN: [2015/05/31 12:35:04.383]: [00007504]: Initialize TwdsMain Class failed!
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3990.47 MB
Available physical RAM: 1833.79 MB
Total Pagefile: 7979.14 MB
Available Pagefile: 5250.36 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:506.93 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:18.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 83488348)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=647.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End of log ============================
|
|
02.06.2015, 16:57
| #10 |
| /// the machine /// TB-Ausbilder | DHL-Mail Anhang geöffnetESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu DHL-Mail Anhang geöffnet |
| alarm, angeblich, anhang, anhang geöffnet, dhl-mail, f-secure, gefunde, gestern, infiziert., nichts, pdf, scan, scanner, tool, vermute, virenscan, virenscanner |
dann auf 
und dann auf 
. 
Linear-Darstellung
