| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.07.2015, 12:57
| #1 |
| |  FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Hallo zusammen, seit kurzem habe ich bei diversen Programmen und Games starke Lags bzw. Fps Probleme. Zusätzlich habe ich das Gefühl, dass mein Rechner langsamer geworden ist. Ich habe meinen Rechner bereits mit ADWcleaner und Malewarebytes untersucht und "bereinigen lassen". GatetoUnter hat mir empfolen mich zusätzlich an Euch zu wenden. Ich hoffe Ihr könnt mir etwas weiterhelfen  .Vielen Dank Reewer|Hannes AdwCleaner[S0] AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 20/07/2015 um 12:21:33
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Hannes Home - HANNES-PC
# Gestarted von : C:\Users\Hannes Home\Downloads\adwcleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : LPTSystemUpdater
Dienst Gelöscht : wStLibG64
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Program Files (x86)\LPT
Ordner Gelöscht : C:\Program Files (x86)\DriverToolkit
Ordner Gelöscht : C:\Users\Hannes Home\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Hannes Home\AppData\Local\DriverToolkit
Ordner Gelöscht : C:\Users\Hannes Home\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Hannes Home\Documents\Mobogenie
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\drivers\wStLibG64.sys
Datei Gelöscht : C:\Users\Hannes Home\daemonprocess.txt
Datei Gelöscht : C:\Users\Hannes Home\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\conduit-search.xml
Datei Gelöscht : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\Web Search.xml
Datei Gelöscht : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\user.js
***** [ Geplante Tasks ] *****
Task Gelöscht : APSnotifierPP1
Task Gelöscht : APSnotifierPP2
Task Gelöscht : APSnotifierPP3
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\DriverToolkit
Schlüssel Gelöscht : HKCU\Software\SearchProtectWS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\BlockAndSurf
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
Einstellung Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v39.0 (x86 de)
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.order.1", "Mysearchdial");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.BackPageActive", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.DockingPositionDown", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 23297010);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.Visibility", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.backPageCounter", 0);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.backPageDay", 17);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1397554789974");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.barcodeid", "134622");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.countryiso", "de");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.downloadprovider", "ry_7302_ch");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/www.superfish.com\\\\\\/ws\\\\\\/[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.installationid", "dec0f615-103d-85ac-ce65-c78303109d30");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.installdate", "17/04/2014");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1397727589");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1397864691189");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.helperbar.publisher", "shoppinghelper");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.aflt", "cmi_14_16_ff");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0Czyt[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.cr", "231645960");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_b");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.AL", 2);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.aflt", "cmi_14_16_ff");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0Cz[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.cntry", "DE");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.cr", "231645960");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dpk_blck", "true");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.dspFFXOld", "Conduit Search");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hdrMd5", "93C0511DB64094489FBB998CC73AE6BA");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEt[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.hpFFXOld", "hxxp://search.conduit.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MCA02283A-6DA0-497F-965F-2BD42A848CDE&SearchSource=55&CUI=&UM=5&UP=SPB6D4EA30-7[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.id", "448A5B2B63152C7E");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.instlDay", "16177");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_b");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.lastB", "hxxp://search.conduit.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MCA02283A-6DA0-497F-965F-2BD42A848CDE&SearchSource=55&CUI=&UM=5&UP=SPB6D4EA30-727A[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.011:55:50");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCy[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"95\",\"lastVrsn\":\"95\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.sg", "none");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1Czut[...]
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[ddvwj60f.default\prefs.js] - Zeile Gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.011:55:50");
*************************
AdwCleaner[R0].txt - [17144 Bytes] - [20/07/2015 12:20:11]
AdwCleaner[S0].txt - [13663 Bytes] - [20/07/2015 12:21:33]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [13723 Bytes] ##########
AdwCleaner[R0] AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 20/07/2015 um 12:20:11
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-15.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Hannes Home - HANNES-PC
# Gestarted von : C:\Users\Hannes Home\Downloads\adwcleaner_4.208.exe
# Option : Suchlauf
***** [ Dienste ] *****
Dienst Gefunden : LPTSystemUpdater
Dienst Gefunden : wStLibG64
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Hannes Home\AppData\Roaming\aps.uninstall.scan.results
Datei Gefunden : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\conduit-search.xml
Datei Gefunden : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\Mysearchdial.xml
Datei Gefunden : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\searchplugins\Web Search.xml
Datei Gefunden : C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\user.js
Datei Gefunden : C:\Users\Hannes Home\daemonprocess.txt
Datei Gefunden : C:\Windows\System32\drivers\wStLibG64.sys
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\DriverToolkit
Ordner Gefunden : C:\Program Files (x86)\LPT
Ordner Gefunden : C:\Users\Hannes Home\AppData\Local\DriverToolkit
Ordner Gefunden : C:\Users\Hannes Home\AppData\Local\Mobogenie
Ordner Gefunden : C:\Users\Hannes Home\AppData\Roaming\Systweak
Ordner Gefunden : C:\Users\Hannes Home\Documents\Mobogenie
***** [ Geplante Tasks ] *****
Task Gefunden : APSnotifierPP1
Task Gefunden : APSnotifierPP2
Task Gefunden : APSnotifierPP3
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AnyProtect
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\BlockAndSurf
Schlüssel Gefunden : HKCU\Software\DriverToolkit
Schlüssel Gefunden : HKCU\Software\InstallCore
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : HKCU\Software\mysearchdial.com
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\SearchProtectWS
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\AnyProtect
Schlüssel Gefunden : [x64] HKCU\Software\DriverToolkit
Schlüssel Gefunden : [x64] HKCU\Software\InstallCore
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : [x64] HKCU\Software\mysearchdial.com
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\SearchProtectWS
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
Einstellung Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8RXAddzpF5mG6o08jDpXxvIjXEi3uZ3FJpNKqXgS_hiIfXxdOu6CROmcWMZ7qwZE,
Einstellung Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9R4,&q={searchTerms}
Einstellung Gefunden : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9R4,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9Rk,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8RXAddzpF5mG6o08jDpXxvIjXEi3uZ3FJpNKqXgS_hiIfXxdOu6CROmcWMZ7qwZY,
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9Rk,&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0CzytG0A0AyEyBtGzztC0EyBtGyByDyC0BzyzyzzyEyB0C0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0BtB0Ezy0CtD0BtG0CzyzzyCtGyD0D0CtAtG0CtAyCtDtGtBtBzz0F0C0E0DtB0B0CtD0E2Q&cr=231645960&ir=
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9Rk,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9Rk,&q={searchTerms}
Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9Rk,&q={searchTerms}
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWE23Qik11mFwB7WTYnaVdQO2kd518yfX727wLXD6S0bDR2ZbYR0JgBCG8vCYO0oiobW0NwUxP9cw_zKL4-vjGO9qox8SYmSJafo3KK70nsZLhizCx3F9HgSu5_7HLiKEZm_FasMMgMBRk5JG7FMccfg9R4,&q={searchTerms}
Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0CzytG0A0AyEyBtGzztC0EyBtGyByDyC0BzyzyzzyEyB0C0D0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyC0BtB0Ezy0CtD0BtG0CzyzzyCtGyD0D0CtAtG0CtAyCtDtGtBtBzz0F0C0E0DtB0B0CtD0E2Q&cr=231645960&ir=
-\\ Mozilla Firefox v39.0 (x86 de)
[ddvwj60f.default] - Zeile Gefunden : user_pref("browser.search.order.1", "Mysearchdial");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.BackPageActive", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.DockingPositionDown", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.LastHiddenTime", 23297010);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.SmartbarDisabled", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.Visibility", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.backPageCapacity", 3);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.backPageCounter", 0);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.backPageDay", 17);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.backPageLastEvent", "1397554789974");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.backPageMinInterval", 15);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.barcodeid", "134622");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.countryiso", "de");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.downloadprovider", "ry_7302_ch");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/www.superfish.com\\\\\\/ws\\\\\\/[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.fromautoupdate", "false");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.installationid", "dec0f615-103d-85ac-ce65-c78303109d30");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.installdate", "17/04/2014");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.keepAliveLastevent", "1397727589");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.lastExternalJsUpdate", "1397864691189");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.helperbar.publisher", "shoppinghelper");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.irmysearch.aflt", "cmi_14_16_ff");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0Czyt[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.irmysearch.cr", "231645960");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.irmysearch.instlRef", "140305_b");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.AL", 2);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.aflt", "cmi_14_16_ff");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0D0D0FtCyDyC0EtGtDyB0Cz[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.cntry", "DE");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.cr", "231645960");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dfltLng", "");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dfltSrch", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dnsErr", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dpk_blck", "true");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.dspFFXOld", "Conduit Search");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.excTlbr", false);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.hdrMd5", "93C0511DB64094489FBB998CC73AE6BA");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.hmpg", true);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCyEt[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.hpFFXOld", "hxxp://search.conduit.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MCA02283A-6DA0-497F-965F-2BD42A848CDE&SearchSource=55&CUI=&UM=5&UP=SPB6D4EA30-7[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.id", "448A5B2B63152C7E");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.instlDay", "16177");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.instlRef", "140305_b");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.lastB", "hxxp://search.conduit.com/?gd=&ctid=CT3324764&octid=EB_ORIGINAL_CTID&ISID=MCA02283A-6DA0-497F-965F-2BD42A848CDE&SearchSource=55&CUI=&UM=5&UP=SPB6D4EA30-727A[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.lastVrsnTs", "1.8.29.011:55:50");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1CzutCy[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"95\",\"lastVrsn\":\"95\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.sg", "none");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.tlbrId", "base");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=cmi_14_16_ff&cd=2XzuyEtN2Y1L1QzuyEyEzz0AyD0BtB0ByCtAtCyDtB0CyB0EtN0D0Tzu0SzztAyBtN1L2XzutBtFtBtDtFtCtFtDtN1L1Czut[...]
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial_i.newTab", false);
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[ddvwj60f.default] - Zeile Gefunden : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.011:55:50");
*************************
AdwCleaner[R0].txt - [16936 Bytes] - [20/07/2015 12:20:11]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16996 Bytes] ##########
|
|
20.07.2015, 13:31
| #2 |
| /// TB-Ausbilder   | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Bitte alle Logdateien von MBAM mit Funden posten! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
20.07.2015, 15:17
| #3 |
| | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner TDSS-Killer
__________________Code:
ATTFilter 16:12:11.0584 0x07b0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:12:11.0584 0x07b0 UEFI system
16:12:15.0539 0x07b0 ============================================================
16:12:15.0539 0x07b0 Current date / time: 2015/07/20 16:12:15.0539
16:12:15.0539 0x07b0 SystemInfo:
16:12:15.0539 0x07b0
16:12:15.0539 0x07b0 OS Version: 6.3.9600 ServicePack: 0.0
16:12:15.0539 0x07b0 Product type: Workstation
16:12:15.0539 0x07b0 ComputerName: HANNES-PC
16:12:15.0539 0x07b0 UserName: Hannes Home
16:12:15.0539 0x07b0 Windows directory: C:\Windows
16:12:15.0539 0x07b0 System windows directory: C:\Windows
16:12:15.0539 0x07b0 Running under WOW64
16:12:15.0539 0x07b0 Processor architecture: Intel x64
16:12:15.0539 0x07b0 Number of processors: 4
16:12:15.0539 0x07b0 Page size: 0x1000
16:12:15.0539 0x07b0 Boot type: Normal boot
16:12:15.0539 0x07b0 ============================================================
16:12:15.0690 0x07b0 KLMD registered as C:\Windows\system32\drivers\96907937.sys
16:12:15.0994 0x07b0 System UUID: {6F8D9D39-4F8B-BDF6-6B83-7487BB5B6896}
16:12:16.0387 0x07b0 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:12:16.0400 0x07b0 ============================================================
16:12:16.0400 0x07b0 \Device\Harddisk0\DR0:
16:12:16.0400 0x07b0 GPT partitions:
16:12:16.0400 0x07b0 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {2D971650-AE62-4F0C-94DA-A9596F8AE8E4}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
16:12:16.0400 0x07b0 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {21613F94-61CA-461F-A586-B496A27F5AB7}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x31800
16:12:16.0400 0x07b0 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {D8FE01A9-000D-4036-8015-CAE7FA715C69}, Name: Microsoft reserved partition, StartLBA 0xC8000, BlocksNum 0x40000
16:12:16.0400 0x07b0 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {74811A93-F0B4-44FA-B851-549BD0D00095}, Name: Basic data partition, StartLBA 0x108000, BlocksNum 0x1D0BD800
16:12:16.0400 0x07b0 MBR partitions:
16:12:16.0400 0x07b0 ============================================================
16:12:16.0407 0x07b0 C: <-> \Device\Harddisk0\DR0\Partition4
16:12:16.0407 0x07b0 ============================================================
16:12:16.0407 0x07b0 Initialize success
16:12:16.0407 0x07b0 ============================================================
16:12:18.0927 0x06b8 ============================================================
16:12:18.0927 0x06b8 Scan started
16:12:18.0927 0x06b8 Mode: Manual;
16:12:18.0927 0x06b8 ============================================================
16:12:18.0927 0x06b8 KSN ping started
16:12:21.0385 0x06b8 KSN ping finished: true
16:12:21.0688 0x06b8 ================ Scan system memory ========================
16:12:21.0688 0x06b8 System memory - ok
16:12:21.0689 0x06b8 ================ Scan services =============================
16:12:21.0776 0x06b8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
16:12:21.0786 0x06b8 1394ohci - ok
16:12:21.0809 0x06b8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
16:12:21.0811 0x06b8 3ware - ok
16:12:21.0838 0x06b8 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:12:21.0855 0x06b8 ACPI - ok
16:12:21.0868 0x06b8 [ 2EA3EB3E69B6480AB112E876F3096312, 4A22343D8F261BE90F7287318EAC5B187F49D1C375174E4B526A0F3A27CD8346 ] AcpiCtlDrv C:\Windows\System32\drivers\AcpiCtlDrv.sys
16:12:21.0869 0x06b8 AcpiCtlDrv - ok
16:12:21.0876 0x06b8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
16:12:21.0877 0x06b8 acpiex - ok
16:12:21.0880 0x06b8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
16:12:21.0882 0x06b8 acpipagr - ok
16:12:21.0889 0x06b8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
16:12:21.0890 0x06b8 AcpiPmi - ok
16:12:21.0892 0x06b8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
16:12:21.0893 0x06b8 acpitime - ok
16:12:21.0945 0x06b8 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:12:21.0948 0x06b8 AdobeFlashPlayerUpdateSvc - ok
16:12:21.0971 0x06b8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
16:12:22.0001 0x06b8 ADP80XX - ok
16:12:22.0024 0x06b8 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:12:22.0028 0x06b8 AeLookupSvc - ok
16:12:22.0056 0x06b8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
16:12:22.0066 0x06b8 AFD - ok
16:12:22.0076 0x06b8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:12:22.0077 0x06b8 agp440 - ok
16:12:22.0096 0x06b8 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
16:12:22.0104 0x06b8 ahcache - ok
16:12:22.0125 0x06b8 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
16:12:22.0127 0x06b8 ALG - ok
16:12:22.0136 0x06b8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
16:12:22.0138 0x06b8 AmdK8 - ok
16:12:22.0147 0x06b8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
16:12:22.0149 0x06b8 AmdPPM - ok
16:12:22.0153 0x06b8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:12:22.0155 0x06b8 amdsata - ok
16:12:22.0163 0x06b8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:12:22.0166 0x06b8 amdsbs - ok
16:12:22.0169 0x06b8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:12:22.0170 0x06b8 amdxata - ok
16:12:22.0182 0x06b8 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
16:12:22.0184 0x06b8 AppID - ok
16:12:22.0199 0x06b8 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:12:22.0200 0x06b8 AppIDSvc - ok
16:12:22.0215 0x06b8 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
16:12:22.0217 0x06b8 Appinfo - ok
16:12:22.0237 0x06b8 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
16:12:22.0245 0x06b8 AppReadiness - ok
16:12:22.0283 0x06b8 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
16:12:22.0307 0x06b8 AppXSvc - ok
16:12:22.0313 0x06b8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:12:22.0314 0x06b8 arcsas - ok
16:12:22.0324 0x06b8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
16:12:22.0325 0x06b8 atapi - ok
16:12:22.0340 0x06b8 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:12:22.0343 0x06b8 AudioEndpointBuilder - ok
16:12:22.0362 0x06b8 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:12:22.0392 0x06b8 Audiosrv - ok
16:12:22.0414 0x06b8 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:12:22.0416 0x06b8 AxInstSV - ok
16:12:22.0433 0x06b8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:12:22.0441 0x06b8 b06bdrv - ok
16:12:22.0451 0x06b8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
16:12:22.0453 0x06b8 BasicDisplay - ok
16:12:22.0475 0x06b8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
16:12:22.0476 0x06b8 BasicRender - ok
16:12:22.0480 0x06b8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
16:12:22.0480 0x06b8 bcmfn2 - ok
16:12:22.0504 0x06b8 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
16:12:22.0510 0x06b8 BDESVC - ok
16:12:22.0519 0x06b8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
16:12:22.0519 0x06b8 Beep - ok
16:12:22.0542 0x06b8 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\Windows\System32\bfe.dll
16:12:22.0575 0x06b8 BFE - ok
16:12:22.0593 0x06b8 [ 17BCA402EF3E67277963374F01EE7B34, 03D93DBE984FA59E7FC22ED9FD93C4CD2365F36BFB32880041812EC6FDB8FB29 ] BfLwf C:\Windows\system32\DRIVERS\bwcW8x64.sys
16:12:22.0594 0x06b8 BfLwf - ok
16:12:22.0626 0x06b8 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
16:12:22.0657 0x06b8 BITS - ok
16:12:22.0668 0x06b8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:12:22.0670 0x06b8 bowser - ok
16:12:22.0691 0x06b8 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:12:22.0695 0x06b8 BrokerInfrastructure - ok
16:12:22.0709 0x06b8 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
16:12:22.0712 0x06b8 Browser - ok
16:12:22.0722 0x06b8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
16:12:22.0723 0x06b8 BthAvrcpTg - ok
16:12:22.0733 0x06b8 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
16:12:22.0734 0x06b8 BthHFEnum - ok
16:12:22.0737 0x06b8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
16:12:22.0738 0x06b8 bthhfhid - ok
16:12:22.0763 0x06b8 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
16:12:22.0769 0x06b8 BthHFSrv - ok
16:12:22.0775 0x06b8 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
16:12:22.0777 0x06b8 BTHMODEM - ok
16:12:22.0790 0x06b8 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
16:12:22.0792 0x06b8 bthserv - ok
16:12:22.0801 0x06b8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:12:22.0802 0x06b8 cdfs - ok
16:12:22.0806 0x06b8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
16:12:22.0809 0x06b8 cdrom - ok
16:12:22.0833 0x06b8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
16:12:22.0835 0x06b8 CertPropSvc - ok
16:12:22.0838 0x06b8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
16:12:22.0839 0x06b8 circlass - ok
16:12:22.0862 0x06b8 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
16:12:22.0867 0x06b8 CLFS - ok
16:12:22.0873 0x06b8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
16:12:22.0874 0x06b8 CmBatt - ok
16:12:22.0901 0x06b8 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
16:12:22.0908 0x06b8 CNG - ok
16:12:22.0918 0x06b8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
16:12:22.0919 0x06b8 CompositeBus - ok
16:12:22.0920 0x06b8 COMSysApp - ok
16:12:22.0923 0x06b8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
16:12:22.0924 0x06b8 condrv - ok
16:12:22.0942 0x06b8 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:12:22.0944 0x06b8 CryptSvc - ok
16:12:22.0954 0x06b8 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\Windows\system32\drivers\dam.sys
16:12:22.0955 0x06b8 dam - ok
16:12:22.0978 0x06b8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:12:22.0996 0x06b8 DcomLaunch - ok
16:12:23.0020 0x06b8 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
16:12:23.0027 0x06b8 defragsvc - ok
16:12:23.0054 0x06b8 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
16:12:23.0060 0x06b8 DeviceAssociationService - ok
16:12:23.0070 0x06b8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
16:12:23.0072 0x06b8 DeviceInstall - ok
16:12:23.0085 0x06b8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
16:12:23.0087 0x06b8 Dfsc - ok
16:12:23.0110 0x06b8 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
16:12:23.0115 0x06b8 Dhcp - ok
16:12:23.0187 0x06b8 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\Windows\system32\diagtrack.dll
16:12:23.0217 0x06b8 DiagTrack - ok
16:12:23.0222 0x06b8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
16:12:23.0224 0x06b8 disk - ok
16:12:23.0234 0x06b8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
16:12:23.0235 0x06b8 dmvsc - ok
16:12:23.0244 0x06b8 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:12:23.0248 0x06b8 Dnscache - ok
16:12:23.0265 0x06b8 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
16:12:23.0269 0x06b8 dot3svc - ok
16:12:23.0287 0x06b8 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
16:12:23.0289 0x06b8 DPS - ok
16:12:23.0307 0x06b8 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:12:23.0308 0x06b8 drmkaud - ok
16:12:23.0326 0x06b8 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
16:12:23.0329 0x06b8 DsmSvc - ok
16:12:23.0371 0x06b8 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:12:23.0409 0x06b8 DXGKrnl - ok
16:12:23.0428 0x06b8 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
16:12:23.0430 0x06b8 Eaphost - ok
16:12:23.0494 0x06b8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:12:23.0549 0x06b8 ebdrv - ok
16:12:23.0569 0x06b8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
16:12:23.0570 0x06b8 EFS - ok
16:12:23.0575 0x06b8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
16:12:23.0576 0x06b8 EhStorClass - ok
16:12:23.0587 0x06b8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:12:23.0589 0x06b8 EhStorTcgDrv - ok
16:12:23.0601 0x06b8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
16:12:23.0601 0x06b8 ErrDev - ok
16:12:23.0636 0x06b8 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
16:12:23.0641 0x06b8 EventSystem - ok
16:12:23.0652 0x06b8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
16:12:23.0656 0x06b8 exfat - ok
16:12:23.0661 0x06b8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:12:23.0664 0x06b8 fastfat - ok
16:12:23.0685 0x06b8 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
16:12:23.0694 0x06b8 Fax - ok
16:12:23.0700 0x06b8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
16:12:23.0701 0x06b8 fdc - ok
16:12:23.0707 0x06b8 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:12:23.0708 0x06b8 fdPHost - ok
16:12:23.0718 0x06b8 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
16:12:23.0719 0x06b8 FDResPub - ok
16:12:23.0736 0x06b8 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
16:12:23.0738 0x06b8 fhsvc - ok
16:12:23.0751 0x06b8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:12:23.0752 0x06b8 FileInfo - ok
16:12:23.0755 0x06b8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:12:23.0756 0x06b8 Filetrace - ok
16:12:23.0765 0x06b8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
16:12:23.0766 0x06b8 flpydisk - ok
16:12:23.0789 0x06b8 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:12:23.0793 0x06b8 FltMgr - ok
16:12:23.0832 0x06b8 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\Windows\system32\FntCache.dll
16:12:23.0861 0x06b8 FontCache - ok
16:12:23.0911 0x06b8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:12:23.0914 0x06b8 FontCache3.0.0.0 - ok
16:12:23.0926 0x06b8 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:12:23.0930 0x06b8 FsDepends - ok
16:12:23.0940 0x06b8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:12:23.0942 0x06b8 Fs_Rec - ok
16:12:23.0980 0x06b8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:12:24.0011 0x06b8 fvevol - ok
16:12:24.0017 0x06b8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
16:12:24.0019 0x06b8 FxPPM - ok
16:12:24.0023 0x06b8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:12:24.0024 0x06b8 gagp30kx - ok
16:12:24.0027 0x06b8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
16:12:24.0027 0x06b8 gencounter - ok
16:12:24.0112 0x06b8 [ EECE18D068A5DCE3D3EC468FC6921672, FD6D70269DFECD9A97BD97C1AFE9BAE28897489B2590F2B4BCF240376E740EBD ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:12:24.0143 0x06b8 GfExperienceService - ok
16:12:24.0159 0x06b8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
16:12:24.0161 0x06b8 GPIOClx0101 - ok
16:12:24.0199 0x06b8 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
16:12:24.0224 0x06b8 gpsvc - ok
16:12:24.0278 0x06b8 GPU-Z - ok
16:12:24.0300 0x06b8 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\Windows\system32\DRIVERS\Hamdrv.sys
16:12:24.0302 0x06b8 Hamachi - ok
16:12:24.0326 0x06b8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:12:24.0335 0x06b8 HdAudAddService - ok
16:12:24.0352 0x06b8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
16:12:24.0354 0x06b8 HDAudBus - ok
16:12:24.0361 0x06b8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
16:12:24.0362 0x06b8 HidBatt - ok
16:12:24.0377 0x06b8 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
16:12:24.0379 0x06b8 HidBth - ok
16:12:24.0387 0x06b8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
16:12:24.0388 0x06b8 hidi2c - ok
16:12:24.0391 0x06b8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
16:12:24.0392 0x06b8 HidIr - ok
16:12:24.0406 0x06b8 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
16:12:24.0407 0x06b8 hidserv - ok
16:12:24.0425 0x06b8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
16:12:24.0425 0x06b8 HidUsb - ok
16:12:24.0442 0x06b8 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
16:12:24.0444 0x06b8 hkmsvc - ok
16:12:24.0462 0x06b8 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:12:24.0467 0x06b8 HomeGroupListener - ok
16:12:24.0487 0x06b8 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:12:24.0494 0x06b8 HomeGroupProvider - ok
16:12:24.0497 0x06b8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:12:24.0498 0x06b8 HpSAMD - ok
16:12:24.0529 0x06b8 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:12:24.0549 0x06b8 HTTP - ok
16:12:24.0552 0x06b8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:12:24.0552 0x06b8 hwpolicy - ok
16:12:24.0555 0x06b8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
16:12:24.0555 0x06b8 hyperkbd - ok
16:12:24.0557 0x06b8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
16:12:24.0558 0x06b8 HyperVideo - ok
16:12:24.0575 0x06b8 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
16:12:24.0576 0x06b8 i8042prt - ok
16:12:24.0585 0x06b8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:12:24.0587 0x06b8 iaLPSSi_GPIO - ok
16:12:24.0590 0x06b8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:12:24.0591 0x06b8 iaLPSSi_I2C - ok
16:12:24.0609 0x06b8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
16:12:24.0617 0x06b8 iaStorAV - ok
16:12:24.0628 0x06b8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:12:24.0633 0x06b8 iaStorV - ok
16:12:24.0670 0x06b8 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
16:12:24.0672 0x06b8 ICCS - ok
16:12:24.0682 0x06b8 [ 55004F2386405B28471E09C2373ED0E0, 4B706A725EC17650CCFE0D0D944FC187B4C943D8241B847F2B8C65A3A1145885 ] ICCWDT C:\Windows\System32\drivers\ICCWDT.sys
16:12:24.0683 0x06b8 ICCWDT - ok
16:12:24.0684 0x06b8 IEEtwCollectorService - ok
16:12:24.0717 0x06b8 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\Windows\System32\ikeext.dll
16:12:24.0742 0x06b8 IKEEXT - ok
16:12:24.0807 0x06b8 [ 07E34A18AB9DAD1F680B1066D9782BFB, 62285189743CAA57B0108D8D4A197E5BB22143311026AD4AC5BA7BBEA7DC4299 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:12:24.0868 0x06b8 IntcAzAudAddService - ok
16:12:24.0874 0x06b8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
16:12:24.0874 0x06b8 intelide - ok
16:12:24.0882 0x06b8 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\Windows\system32\drivers\intelpep.sys
16:12:24.0882 0x06b8 intelpep - ok
16:12:24.0886 0x06b8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
16:12:24.0888 0x06b8 intelppm - ok
16:12:24.0898 0x06b8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:12:24.0900 0x06b8 IpFilterDriver - ok
16:12:24.0933 0x06b8 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:12:24.0951 0x06b8 iphlpsvc - ok
16:12:24.0965 0x06b8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
16:12:24.0966 0x06b8 IPMIDRV - ok
16:12:24.0975 0x06b8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:12:24.0977 0x06b8 IPNAT - ok
16:12:24.0980 0x06b8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:12:24.0980 0x06b8 IRENUM - ok
16:12:24.0984 0x06b8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:12:24.0985 0x06b8 isapnp - ok
16:12:25.0004 0x06b8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
16:12:25.0009 0x06b8 iScsiPrt - ok
16:12:25.0026 0x06b8 [ 60F5579B6B33F509C52200207F79B795, 1AB99528EF65799CBA7BCF43A654698ABE37A6DB8EB9BE2AC6ED7758AF795327 ] jyhc C:\Windows\system32\drivers\pjgrybj.sys
16:12:25.0028 0x06b8 jyhc - ok
16:12:25.0034 0x06b8 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
16:12:25.0035 0x06b8 kbdclass - ok
16:12:25.0046 0x06b8 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
16:12:25.0047 0x06b8 kbdhid - ok
16:12:25.0049 0x06b8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
16:12:25.0050 0x06b8 kdnic - ok
16:12:25.0066 0x06b8 [ EB62EE6D52F0D6B76256DBE71C07E26F, D92F2D9B1779DC52918CB5D9F212F62F62E40F7EBB81A865F090B071BE69DE77 ] Ke2200 C:\Windows\system32\DRIVERS\e22w8x64.sys
16:12:25.0068 0x06b8 Ke2200 - ok
16:12:25.0075 0x06b8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
16:12:25.0076 0x06b8 KeyIso - ok
16:12:25.0094 0x06b8 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:12:25.0096 0x06b8 KSecDD - ok
16:12:25.0119 0x06b8 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:12:25.0122 0x06b8 KSecPkg - ok
16:12:25.0124 0x06b8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:12:25.0125 0x06b8 ksthunk - ok
16:12:25.0140 0x06b8 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:12:25.0146 0x06b8 KtmRm - ok
16:12:25.0167 0x06b8 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:12:25.0172 0x06b8 LanmanServer - ok
16:12:25.0206 0x06b8 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:12:25.0211 0x06b8 LanmanWorkstation - ok
16:12:25.0229 0x06b8 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
16:12:25.0237 0x06b8 lfsvc - ok
16:12:25.0246 0x06b8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:12:25.0247 0x06b8 lltdio - ok
16:12:25.0270 0x06b8 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:12:25.0274 0x06b8 lltdsvc - ok
16:12:25.0281 0x06b8 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:12:25.0282 0x06b8 lmhosts - ok
16:12:25.0294 0x06b8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:12:25.0295 0x06b8 LSI_SAS - ok
16:12:25.0299 0x06b8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:12:25.0300 0x06b8 LSI_SAS2 - ok
16:12:25.0304 0x06b8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
16:12:25.0306 0x06b8 LSI_SAS3 - ok
16:12:25.0308 0x06b8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
16:12:25.0310 0x06b8 LSI_SSS - ok
16:12:25.0338 0x06b8 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
16:12:25.0370 0x06b8 LSM - ok
16:12:25.0397 0x06b8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
16:12:25.0403 0x06b8 luafv - ok
16:12:25.0415 0x06b8 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
16:12:25.0417 0x06b8 MBAMProtector - ok
16:12:25.0469 0x06b8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:12:25.0497 0x06b8 MBAMService - ok
16:12:25.0509 0x06b8 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
16:12:25.0510 0x06b8 MBAMWebAccessControl - ok
16:12:25.0519 0x06b8 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
16:12:25.0519 0x06b8 MBfilt - ok
16:12:25.0522 0x06b8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
16:12:25.0522 0x06b8 megasas - ok
16:12:25.0537 0x06b8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
16:12:25.0545 0x06b8 megasr - ok
16:12:25.0559 0x06b8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
16:12:25.0562 0x06b8 MMCSS - ok
16:12:25.0569 0x06b8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
16:12:25.0570 0x06b8 Modem - ok
16:12:25.0572 0x06b8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
16:12:25.0573 0x06b8 monitor - ok
16:12:25.0582 0x06b8 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
16:12:25.0583 0x06b8 mouclass - ok
16:12:25.0591 0x06b8 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
16:12:25.0592 0x06b8 mouhid - ok
16:12:25.0604 0x06b8 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:12:25.0606 0x06b8 mountmgr - ok
16:12:25.0631 0x06b8 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:12:25.0633 0x06b8 MozillaMaintenance - ok
16:12:25.0640 0x06b8 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:12:25.0642 0x06b8 mpsdrv - ok
16:12:25.0676 0x06b8 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:12:25.0693 0x06b8 MpsSvc - ok
16:12:25.0715 0x06b8 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:12:25.0717 0x06b8 MRxDAV - ok
16:12:25.0740 0x06b8 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:12:25.0746 0x06b8 mrxsmb - ok
16:12:25.0769 0x06b8 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:12:25.0773 0x06b8 mrxsmb10 - ok
16:12:25.0783 0x06b8 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:12:25.0787 0x06b8 mrxsmb20 - ok
16:12:25.0805 0x06b8 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
16:12:25.0806 0x06b8 MsBridge - ok
16:12:25.0814 0x06b8 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
16:12:25.0817 0x06b8 MSDTC - ok
16:12:25.0821 0x06b8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:12:25.0821 0x06b8 Msfs - ok
16:12:25.0826 0x06b8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
16:12:25.0827 0x06b8 msgpiowin32 - ok
16:12:25.0837 0x06b8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:12:25.0837 0x06b8 mshidkmdf - ok
16:12:25.0839 0x06b8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
16:12:25.0840 0x06b8 mshidumdf - ok
16:12:25.0841 0x06b8 MSICDSetup - ok
16:12:25.0843 0x06b8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:12:25.0844 0x06b8 msisadrv - ok
16:12:25.0854 0x06b8 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:12:25.0857 0x06b8 MSiSCSI - ok
16:12:25.0859 0x06b8 msiserver - ok
16:12:25.0865 0x06b8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:12:25.0865 0x06b8 MSKSSRV - ok
16:12:25.0884 0x06b8 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
16:12:25.0885 0x06b8 MsLldp - ok
16:12:25.0890 0x06b8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:12:25.0891 0x06b8 MSPCLOCK - ok
16:12:25.0899 0x06b8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:12:25.0899 0x06b8 MSPQM - ok
16:12:25.0905 0x06b8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:12:25.0910 0x06b8 MsRPC - ok
16:12:25.0914 0x06b8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
16:12:25.0915 0x06b8 mssmbios - ok
16:12:25.0920 0x06b8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:12:25.0920 0x06b8 MSTEE - ok
16:12:25.0929 0x06b8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
16:12:25.0929 0x06b8 MTConfig - ok
16:12:25.0932 0x06b8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
16:12:25.0934 0x06b8 Mup - ok
16:12:25.0937 0x06b8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
16:12:25.0939 0x06b8 mvumis - ok
16:12:25.0958 0x06b8 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
16:12:25.0964 0x06b8 napagent - ok
16:12:25.0976 0x06b8 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:12:25.0982 0x06b8 NativeWifiP - ok
16:12:25.0988 0x06b8 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
16:12:25.0990 0x06b8 NcaSvc - ok
16:12:26.0006 0x06b8 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
16:12:26.0009 0x06b8 NcbService - ok
16:12:26.0017 0x06b8 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
16:12:26.0019 0x06b8 NcdAutoSetup - ok
16:12:26.0052 0x06b8 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:12:26.0077 0x06b8 NDIS - ok
16:12:26.0090 0x06b8 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:12:26.0091 0x06b8 NdisCap - ok
16:12:26.0100 0x06b8 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:12:26.0109 0x06b8 NdisImPlatform - ok
16:12:26.0120 0x06b8 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:12:26.0121 0x06b8 NdisTapi - ok
16:12:26.0124 0x06b8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:12:26.0125 0x06b8 Ndisuio - ok
16:12:26.0127 0x06b8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
16:12:26.0128 0x06b8 NdisVirtualBus - ok
16:12:26.0138 0x06b8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:12:26.0141 0x06b8 NdisWan - ok
16:12:26.0145 0x06b8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
16:12:26.0148 0x06b8 NdisWanLegacy - ok
16:12:26.0161 0x06b8 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:12:26.0163 0x06b8 NDProxy - ok
16:12:26.0183 0x06b8 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
16:12:26.0185 0x06b8 Ndu - ok
16:12:26.0203 0x06b8 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:12:26.0204 0x06b8 NetBIOS - ok
16:12:26.0215 0x06b8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:12:26.0219 0x06b8 NetBT - ok
16:12:26.0233 0x06b8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
16:12:26.0234 0x06b8 Netlogon - ok
16:12:26.0253 0x06b8 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
16:12:26.0258 0x06b8 Netman - ok
16:12:26.0285 0x06b8 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
16:12:26.0292 0x06b8 netprofm - ok
16:12:26.0327 0x06b8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:12:26.0329 0x06b8 NetTcpPortSharing - ok
16:12:26.0343 0x06b8 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
16:12:26.0345 0x06b8 netvsc - ok
16:12:26.0367 0x06b8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
16:12:26.0373 0x06b8 NlaSvc - ok
16:12:26.0376 0x06b8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:12:26.0377 0x06b8 Npfs - ok
16:12:26.0381 0x06b8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
16:12:26.0382 0x06b8 npsvctrig - ok
16:12:26.0399 0x06b8 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
16:12:26.0400 0x06b8 nsi - ok
16:12:26.0415 0x06b8 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:12:26.0416 0x06b8 nsiproxy - ok
16:12:26.0465 0x06b8 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:12:26.0501 0x06b8 Ntfs - ok
16:12:26.0505 0x06b8 NTIOLib_1_0_C - ok
16:12:26.0512 0x06b8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
16:12:26.0513 0x06b8 Null - ok
16:12:26.0531 0x06b8 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:12:26.0534 0x06b8 NVHDA - ok
16:12:26.0787 0x06b8 [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:12:26.0997 0x06b8 nvlddmkm - ok
16:12:27.0079 0x06b8 [ 0D8FD1F6DCD537D97D9072D04DFC56A7, DAB608E8AE3000B2B32DD9DCD621E44F9466D8CCAA15AAE31CC53CA747355C95 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:12:27.0135 0x06b8 NvNetworkService - ok
16:12:27.0145 0x06b8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:12:27.0147 0x06b8 nvraid - ok
16:12:27.0152 0x06b8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:12:27.0154 0x06b8 nvstor - ok
16:12:27.0186 0x06b8 [ B9B0A76E8AA23E7FF4645D64C0238CE2, F6D0AF1FA63285ADC984991ED989DB4EB0CED34520B3078CDD27F9C8CC02C737 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:12:27.0186 0x06b8 NvStreamKms - ok
16:12:27.0304 0x06b8 [ CFCEFB5EAB2B196A0E5E7F3D89FC13DE, FF7B031334A97F67546705B1385B6625D8BBA53E9FBB64E4A4C57DC363CDBDCF ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:12:27.0429 0x06b8 NvStreamSvc - ok
16:12:27.0462 0x06b8 [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\Windows\system32\nvvsvc.exe
16:12:27.0481 0x06b8 nvsvc - ok
16:12:27.0491 0x06b8 [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:12:27.0491 0x06b8 nvvad_WaveExtensible - ok
16:12:27.0495 0x06b8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:12:27.0497 0x06b8 nv_agp - ok
16:12:27.0517 0x06b8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:12:27.0523 0x06b8 p2pimsvc - ok
16:12:27.0549 0x06b8 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
16:12:27.0554 0x06b8 p2psvc - ok
16:12:27.0559 0x06b8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
16:12:27.0561 0x06b8 Parport - ok
16:12:27.0574 0x06b8 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:12:27.0576 0x06b8 partmgr - ok
16:12:27.0600 0x06b8 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:12:27.0608 0x06b8 PcaSvc - ok
16:12:27.0633 0x06b8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
16:12:27.0638 0x06b8 pci - ok
16:12:27.0646 0x06b8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
16:12:27.0647 0x06b8 pciide - ok
16:12:27.0655 0x06b8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:12:27.0657 0x06b8 pcmcia - ok
16:12:27.0660 0x06b8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
16:12:27.0661 0x06b8 pcw - ok
16:12:27.0672 0x06b8 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\Windows\system32\drivers\pdc.sys
16:12:27.0674 0x06b8 pdc - ok
16:12:27.0703 0x06b8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:12:27.0717 0x06b8 PEAUTH - ok
16:12:27.0756 0x06b8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:12:27.0757 0x06b8 PerfHost - ok
16:12:27.0802 0x06b8 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
16:12:27.0837 0x06b8 pla - ok
16:12:27.0852 0x06b8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:12:27.0854 0x06b8 PlugPlay - ok
16:12:27.0872 0x06b8 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:12:27.0873 0x06b8 PNRPAutoReg - ok
16:12:27.0880 0x06b8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:12:27.0885 0x06b8 PNRPsvc - ok
16:12:27.0911 0x06b8 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:12:27.0917 0x06b8 PolicyAgent - ok
16:12:27.0939 0x06b8 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
16:12:27.0941 0x06b8 Power - ok
16:12:28.0037 0x06b8 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:12:28.0111 0x06b8 PrintNotify - ok
16:12:28.0126 0x06b8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
16:12:28.0128 0x06b8 Processor - ok
16:12:28.0143 0x06b8 [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\Windows\system32\profsvc.dll
16:12:28.0147 0x06b8 ProfSvc - ok
16:12:28.0160 0x06b8 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:12:28.0162 0x06b8 Psched - ok
16:12:28.0185 0x06b8 [ 9EE192B83765E292DB5D3D0ACF712785, 7BFAAC8D746BC7FB89A4FE87A134F8F906806D727E64BD2E1CB39B1E6F4DF913 ] Qualcomm Atheros Killer Service V2 C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
16:12:28.0191 0x06b8 Qualcomm Atheros Killer Service V2 - ok
16:12:28.0214 0x06b8 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
16:12:28.0219 0x06b8 QWAVE - ok
16:12:28.0232 0x06b8 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:12:28.0232 0x06b8 QWAVEdrv - ok
16:12:28.0253 0x06b8 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:12:28.0253 0x06b8 RasAcd - ok
16:12:28.0268 0x06b8 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
16:12:28.0271 0x06b8 RasAuto - ok
16:12:28.0295 0x06b8 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
16:12:28.0303 0x06b8 RasMan - ok
16:12:28.0313 0x06b8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:12:28.0314 0x06b8 RasPppoe - ok
16:12:28.0333 0x06b8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:12:28.0338 0x06b8 rdbss - ok
16:12:28.0341 0x06b8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
16:12:28.0342 0x06b8 rdpbus - ok
16:12:28.0346 0x06b8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:12:28.0349 0x06b8 RDPDR - ok
16:12:28.0366 0x06b8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:12:28.0367 0x06b8 RdpVideoMiniport - ok
16:12:28.0385 0x06b8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:12:28.0389 0x06b8 rdyboost - ok
16:12:28.0410 0x06b8 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
16:12:28.0429 0x06b8 ReFS - ok
16:12:28.0446 0x06b8 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:12:28.0450 0x06b8 RemoteAccess - ok
16:12:28.0466 0x06b8 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:12:28.0470 0x06b8 RemoteRegistry - ok
16:12:28.0489 0x06b8 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:12:28.0492 0x06b8 RpcEptMapper - ok
16:12:28.0511 0x06b8 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
16:12:28.0512 0x06b8 RpcLocator - ok
16:12:28.0529 0x06b8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
16:12:28.0539 0x06b8 RpcSs - ok
16:12:28.0542 0x06b8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:12:28.0544 0x06b8 rspndr - ok
16:12:28.0584 0x06b8 [ 4D347E990D31F05E9E9E02E335C454EF, A680A6CEC906585C4ED299255A331F0BBA1CAD00ACE5700270221D95B1E45896 ] RtlWlanu C:\Windows\system32\DRIVERS\rtwlanu.sys
16:12:28.0620 0x06b8 RtlWlanu - ok
16:12:28.0636 0x06b8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
16:12:28.0636 0x06b8 s3cap - ok
16:12:28.0651 0x06b8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
16:12:28.0652 0x06b8 SamSs - ok
16:12:28.0658 0x06b8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:12:28.0661 0x06b8 sbp2port - ok
16:12:28.0683 0x06b8 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:12:28.0686 0x06b8 SCardSvr - ok
16:12:28.0703 0x06b8 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
16:12:28.0706 0x06b8 ScDeviceEnum - ok
16:12:28.0724 0x06b8 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:12:28.0725 0x06b8 scfilter - ok
16:12:28.0752 0x06b8 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
16:12:28.0771 0x06b8 Schedule - ok
16:12:28.0791 0x06b8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:12:28.0793 0x06b8 SCPolicySvc - ok
16:12:28.0808 0x06b8 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
16:12:28.0811 0x06b8 sdbus - ok
16:12:28.0827 0x06b8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
16:12:28.0828 0x06b8 sdstor - ok
16:12:28.0831 0x06b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:12:28.0831 0x06b8 secdrv - ok
16:12:28.0844 0x06b8 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
16:12:28.0845 0x06b8 seclogon - ok
16:12:28.0854 0x06b8 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
16:12:28.0856 0x06b8 SENS - ok
16:12:28.0875 0x06b8 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:12:28.0879 0x06b8 SensrSvc - ok
16:12:28.0889 0x06b8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
16:12:28.0890 0x06b8 SerCx - ok
16:12:28.0908 0x06b8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
16:12:28.0911 0x06b8 SerCx2 - ok
16:12:28.0913 0x06b8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
16:12:28.0914 0x06b8 Serenum - ok
16:12:28.0917 0x06b8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
16:12:28.0919 0x06b8 Serial - ok
16:12:28.0933 0x06b8 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
16:12:28.0934 0x06b8 sermouse - ok
16:12:28.0954 0x06b8 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
16:12:28.0959 0x06b8 SessionEnv - ok
16:12:28.0966 0x06b8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
16:12:28.0967 0x06b8 sfloppy - ok
16:12:28.0991 0x06b8 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:12:28.0997 0x06b8 SharedAccess - ok
16:12:29.0012 0x06b8 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:12:29.0021 0x06b8 ShellHWDetection - ok
16:12:29.0025 0x06b8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:12:29.0026 0x06b8 SiSRaid2 - ok
16:12:29.0034 0x06b8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:12:29.0036 0x06b8 SiSRaid4 - ok
16:12:29.0077 0x06b8 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:12:29.0081 0x06b8 SkypeUpdate - ok
16:12:29.0094 0x06b8 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
16:12:29.0095 0x06b8 smphost - ok
16:12:29.0113 0x06b8 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:12:29.0114 0x06b8 SNMPTRAP - ok
16:12:29.0129 0x06b8 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
16:12:29.0135 0x06b8 spaceport - ok
16:12:29.0140 0x06b8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
16:12:29.0141 0x06b8 SpbCx - ok
16:12:29.0163 0x06b8 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\Windows\System32\spoolsv.exe
16:12:29.0180 0x06b8 Spooler - ok
16:12:29.0304 0x06b8 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\Windows\system32\sppsvc.exe
16:12:29.0437 0x06b8 sppsvc - ok
16:12:29.0467 0x06b8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:12:29.0472 0x06b8 srv - ok
16:12:29.0501 0x06b8 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:12:29.0527 0x06b8 srv2 - ok
16:12:29.0552 0x06b8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:12:29.0558 0x06b8 srvnet - ok
16:12:29.0570 0x06b8 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:12:29.0575 0x06b8 SSDPSRV - ok
16:12:29.0596 0x06b8 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:12:29.0599 0x06b8 SstpSvc - ok
16:12:29.0628 0x06b8 [ 7A04FB623BE442450E716AA2A5476BE1, A24AD210F545460E0E0EE8F09991E665B34DCE2EF5EC6D495E314ADBB88B18D5 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:12:29.0648 0x06b8 Steam Client Service - ok
16:12:29.0699 0x06b8 [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:12:29.0722 0x06b8 Stereo Service - ok
16:12:29.0730 0x06b8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:12:29.0733 0x06b8 stexstor - ok
16:12:29.0779 0x06b8 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
16:12:29.0801 0x06b8 stisvc - ok
16:12:29.0806 0x06b8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
16:12:29.0808 0x06b8 storahci - ok
16:12:29.0826 0x06b8 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:12:29.0827 0x06b8 storflt - ok
16:12:29.0839 0x06b8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
16:12:29.0841 0x06b8 stornvme - ok
16:12:29.0852 0x06b8 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
16:12:29.0853 0x06b8 StorSvc - ok
16:12:29.0856 0x06b8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:12:29.0856 0x06b8 storvsc - ok
16:12:29.0873 0x06b8 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
16:12:29.0875 0x06b8 svsvc - ok
16:12:29.0889 0x06b8 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
16:12:29.0890 0x06b8 swenum - ok
16:12:29.0904 0x06b8 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
16:12:29.0919 0x06b8 swprv - ok
16:12:29.0953 0x06b8 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\Windows\system32\sysmain.dll
16:12:29.0978 0x06b8 SysMain - ok
16:12:29.0992 0x06b8 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:12:29.0997 0x06b8 SystemEventsBroker - ok
16:12:30.0014 0x06b8 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:12:30.0017 0x06b8 TabletInputService - ok
16:12:30.0042 0x06b8 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
16:12:30.0047 0x06b8 TapiSrv - ok
16:12:30.0098 0x06b8 [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:12:30.0140 0x06b8 Tcpip - ok
16:12:30.0177 0x06b8 [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:12:30.0204 0x06b8 TCPIP6 - ok
16:12:30.0222 0x06b8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:12:30.0223 0x06b8 tcpipreg - ok
16:12:30.0231 0x06b8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:12:30.0232 0x06b8 tdx - ok
16:12:30.0241 0x06b8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
16:12:30.0241 0x06b8 terminpt - ok
16:12:30.0265 0x06b8 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
16:12:30.0289 0x06b8 TermService - ok
16:12:30.0303 0x06b8 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
16:12:30.0304 0x06b8 Themes - ok
16:12:30.0324 0x06b8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
16:12:30.0325 0x06b8 THREADORDER - ok
16:12:30.0339 0x06b8 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
16:12:30.0344 0x06b8 TimeBroker - ok
16:12:30.0355 0x06b8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
16:12:30.0358 0x06b8 TPM - ok
16:12:30.0374 0x06b8 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
16:12:30.0376 0x06b8 TrkWks - ok
16:12:30.0399 0x06b8 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:12:30.0401 0x06b8 TrustedInstaller - ok
16:12:30.0407 0x06b8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:12:30.0408 0x06b8 TsUsbFlt - ok
16:12:30.0420 0x06b8 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
16:12:30.0421 0x06b8 TsUsbGD - ok
16:12:30.0440 0x06b8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:12:30.0442 0x06b8 tunnel - ok
16:12:30.0445 0x06b8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:12:30.0446 0x06b8 uagp35 - ok
16:12:30.0450 0x06b8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
16:12:30.0452 0x06b8 UASPStor - ok
16:12:30.0470 0x06b8 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
16:12:30.0473 0x06b8 UCX01000 - ok
16:12:30.0491 0x06b8 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:12:30.0495 0x06b8 udfs - ok
16:12:30.0498 0x06b8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
16:12:30.0499 0x06b8 UEFI - ok
16:12:30.0521 0x06b8 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:12:30.0522 0x06b8 UI0Detect - ok
16:12:30.0534 0x06b8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:12:30.0535 0x06b8 uliagpkx - ok
16:12:30.0538 0x06b8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
16:12:30.0539 0x06b8 umbus - ok
16:12:30.0548 0x06b8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
16:12:30.0549 0x06b8 UmPass - ok
16:12:30.0570 0x06b8 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
16:12:30.0575 0x06b8 UmRdpService - ok
16:12:30.0591 0x06b8 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
16:12:30.0598 0x06b8 upnphost - ok
16:12:30.0616 0x06b8 [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:12:30.0618 0x06b8 usbaudio - ok
16:12:30.0635 0x06b8 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
16:12:30.0637 0x06b8 usbccgp - ok
16:12:30.0645 0x06b8 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
16:12:30.0647 0x06b8 usbcir - ok
16:12:30.0664 0x06b8 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
16:12:30.0666 0x06b8 usbehci - ok
16:12:30.0688 0x06b8 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
16:12:30.0696 0x06b8 usbhub - ok
16:12:30.0723 0x06b8 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
16:12:30.0729 0x06b8 USBHUB3 - ok
16:12:30.0744 0x06b8 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
16:12:30.0745 0x06b8 usbohci - ok
16:12:30.0750 0x06b8 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
16:12:30.0751 0x06b8 usbprint - ok
16:12:30.0769 0x06b8 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
16:12:30.0772 0x06b8 USBSTOR - ok
16:12:30.0787 0x06b8 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
16:12:30.0788 0x06b8 usbuhci - ok
16:12:30.0805 0x06b8 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
16:12:30.0809 0x06b8 USBXHCI - ok
16:12:30.0816 0x06b8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
16:12:30.0818 0x06b8 VaultSvc - ok
16:12:30.0820 0x06b8 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:12:30.0821 0x06b8 vdrvroot - ok
16:12:30.0847 0x06b8 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
16:12:30.0871 0x06b8 vds - ok
16:12:30.0888 0x06b8 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
16:12:30.0891 0x06b8 VerifierExt - ok
16:12:30.0916 0x06b8 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
16:12:30.0934 0x06b8 vhdmp - ok
16:12:30.0942 0x06b8 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
16:12:30.0943 0x06b8 viaide - ok
16:12:30.0966 0x06b8 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:12:30.0968 0x06b8 vmbus - ok
16:12:30.0973 0x06b8 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
16:12:30.0974 0x06b8 VMBusHID - ok
16:12:30.0996 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:12:31.0004 0x06b8 vmicguestinterface - ok
16:12:31.0013 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
16:12:31.0019 0x06b8 vmicheartbeat - ok
16:12:31.0027 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:12:31.0033 0x06b8 vmickvpexchange - ok
16:12:31.0042 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
16:12:31.0048 0x06b8 vmicrdv - ok
16:12:31.0057 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
16:12:31.0063 0x06b8 vmicshutdown - ok
16:12:31.0072 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
16:12:31.0078 0x06b8 vmictimesync - ok
16:12:31.0086 0x06b8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
16:12:31.0092 0x06b8 vmicvss - ok
16:12:31.0096 0x06b8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:12:31.0097 0x06b8 volmgr - ok
16:12:31.0104 0x06b8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:12:31.0109 0x06b8 volmgrx - ok
16:12:31.0123 0x06b8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:12:31.0128 0x06b8 volsnap - ok
16:12:31.0139 0x06b8 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
16:12:31.0140 0x06b8 vpci - ok
16:12:31.0151 0x06b8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:12:31.0154 0x06b8 vsmraid - ok
16:12:31.0191 0x06b8 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\Windows\system32\vssvc.exe
16:12:31.0251 0x06b8 VSS - ok
16:12:31.0264 0x06b8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
16:12:31.0268 0x06b8 VSTXRAID - ok
16:12:31.0277 0x06b8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:12:31.0278 0x06b8 vwifibus - ok
16:12:31.0296 0x06b8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:12:31.0297 0x06b8 vwififlt - ok
16:12:31.0304 0x06b8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
16:12:31.0305 0x06b8 vwifimp - ok
16:12:31.0329 0x06b8 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
16:12:31.0336 0x06b8 W32Time - ok
16:12:31.0338 0x06b8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
16:12:31.0339 0x06b8 WacomPen - ok
16:12:31.0379 0x06b8 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
16:12:31.0415 0x06b8 wbengine - ok
16:12:31.0427 0x06b8 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:12:31.0434 0x06b8 WbioSrvc - ok
16:12:31.0460 0x06b8 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
16:12:31.0466 0x06b8 Wcmsvc - ok
16:12:31.0490 0x06b8 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:12:31.0496 0x06b8 wcncsvc - ok
16:12:31.0504 0x06b8 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:12:31.0505 0x06b8 WcsPlugInService - ok
16:12:31.0515 0x06b8 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
16:12:31.0516 0x06b8 WdBoot - ok
16:12:31.0543 0x06b8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:12:31.0554 0x06b8 Wdf01000 - ok
16:12:31.0566 0x06b8 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
16:12:31.0570 0x06b8 WdFilter - ok
16:12:31.0586 0x06b8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:12:31.0589 0x06b8 WdiServiceHost - ok
16:12:31.0591 0x06b8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:12:31.0593 0x06b8 WdiSystemHost - ok
16:12:31.0599 0x06b8 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
16:12:31.0600 0x06b8 WdNisDrv - ok
16:12:31.0615 0x06b8 WdNisSvc - ok
16:12:31.0637 0x06b8 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\Windows\System32\webclnt.dll
16:12:31.0641 0x06b8 WebClient - ok
16:12:31.0662 0x06b8 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:12:31.0665 0x06b8 Wecsvc - ok
16:12:31.0679 0x06b8 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
16:12:31.0681 0x06b8 WEPHOSTSVC - ok
16:12:31.0688 0x06b8 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:12:31.0691 0x06b8 wercplsupport - ok
16:12:31.0712 0x06b8 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
16:12:31.0714 0x06b8 WerSvc - ok
16:12:31.0721 0x06b8 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
16:12:31.0723 0x06b8 WFPLWFS - ok
16:12:31.0729 0x06b8 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
16:12:31.0731 0x06b8 WiaRpc - ok
16:12:31.0750 0x06b8 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:12:31.0751 0x06b8 WIMMount - ok
16:12:31.0752 0x06b8 WinDefend - ok
16:12:31.0776 0x06b8 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:12:31.0793 0x06b8 WinHttpAutoProxySvc - ok
16:12:31.0824 0x06b8 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:12:31.0827 0x06b8 Winmgmt - ok
16:12:31.0883 0x06b8 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
16:12:31.0928 0x06b8 WinRM - ok
16:12:31.0942 0x06b8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
16:12:31.0943 0x06b8 WinUsb - ok
16:12:31.0982 0x06b8 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
16:12:32.0019 0x06b8 WlanSvc - ok
16:12:32.0070 0x06b8 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
16:12:32.0111 0x06b8 wlidsvc - ok
16:12:32.0122 0x06b8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
16:12:32.0122 0x06b8 WmiAcpi - ok
16:12:32.0147 0x06b8 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:12:32.0150 0x06b8 wmiApSrv - ok
16:12:32.0157 0x06b8 WMPNetworkSvc - ok
16:12:32.0174 0x06b8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
16:12:32.0177 0x06b8 Wof - ok
16:12:32.0210 0x06b8 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
16:12:32.0247 0x06b8 workfolderssvc - ok
16:12:32.0258 0x06b8 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
16:12:32.0259 0x06b8 wpcfltr - ok
16:12:32.0272 0x06b8 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:12:32.0273 0x06b8 WPCSvc - ok
16:12:32.0288 0x06b8 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:12:32.0290 0x06b8 WPDBusEnum - ok
16:12:32.0293 0x06b8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
16:12:32.0293 0x06b8 WpdUpFltr - ok
16:12:32.0297 0x06b8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:12:32.0298 0x06b8 ws2ifsl - ok
16:12:32.0313 0x06b8 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
16:12:32.0316 0x06b8 wscsvc - ok
16:12:32.0317 0x06b8 WSearch - ok
16:12:32.0400 0x06b8 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
16:12:32.0461 0x06b8 WSService - ok
16:12:32.0553 0x06b8 [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv C:\Windows\system32\wuaueng.dll
16:12:32.0616 0x06b8 wuauserv - ok
16:12:32.0633 0x06b8 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:12:32.0634 0x06b8 WudfPf - ok
16:12:32.0646 0x06b8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
16:12:32.0649 0x06b8 WUDFRd - ok
16:12:32.0667 0x06b8 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:12:32.0669 0x06b8 wudfsvc - ok
16:12:32.0680 0x06b8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
16:12:32.0683 0x06b8 WUDFWpdFs - ok
16:12:32.0687 0x06b8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
16:12:32.0690 0x06b8 WUDFWpdMtp - ok
16:12:32.0709 0x06b8 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:12:32.0716 0x06b8 WwanSvc - ok
16:12:32.0720 0x06b8 ================ Scan global ===============================
16:12:32.0743 0x06b8 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
16:12:32.0763 0x06b8 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
16:12:32.0783 0x06b8 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
16:12:32.0803 0x06b8 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
16:12:32.0810 0x06b8 [ Global ] - ok
16:12:32.0810 0x06b8 ================ Scan MBR ==================================
16:12:32.0816 0x06b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:12:32.0819 0x06b8 \Device\Harddisk0\DR0 - ok
16:12:32.0819 0x06b8 ================ Scan VBR ==================================
16:12:32.0820 0x06b8 [ 8F376A2D9F4FEB2CBDD17504E8912847 ] \Device\Harddisk0\DR0\Partition1
16:12:32.0828 0x06b8 \Device\Harddisk0\DR0\Partition1 - ok
16:12:32.0833 0x06b8 [ 2D5B0A7095844813C9C009ABB61D4904 ] \Device\Harddisk0\DR0\Partition2
16:12:32.0842 0x06b8 \Device\Harddisk0\DR0\Partition2 - ok
16:12:32.0848 0x06b8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
16:12:32.0848 0x06b8 \Device\Harddisk0\DR0\Partition3 - ok
16:12:32.0855 0x06b8 [ 17EEB713650D4D17F4DFDF8C87292BCB ] \Device\Harddisk0\DR0\Partition4
16:12:32.0864 0x06b8 \Device\Harddisk0\DR0\Partition4 - ok
16:12:32.0864 0x06b8 ================ Scan generic autorun ======================
16:12:33.0024 0x06b8 [ E16C98951AF108CB5178A7BD2DD13660, 9A85D0CD2339A89C06EE476CD1394A15198F167318280D80BF32AD3615D8660B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
16:12:33.0169 0x06b8 RTHDVCPL - ok
16:12:33.0224 0x06b8 [ 0FD818A72C3602A8FCFD5189F1FE094C, D3D74DD361E4728B0EDA3B49F746ED6D1D22BDDDEF4739DFA97AB61ECAA3727A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:12:33.0252 0x06b8 NvBackend - ok
16:12:33.0269 0x06b8 [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
16:12:33.0270 0x06b8 ShadowPlay - ok
16:12:33.0410 0x06b8 [ D656E7EABDEEF6AC88A316B934BF8983, 0133688275C5FCD6E2940B7D271A45A50D00E2460B6D9F9807681ADD312F5825 ] C:\Users\Hannes Home\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:12:33.0447 0x06b8 Spotify Web Helper - ok
16:12:33.0462 0x06b8 Skype - ok
16:12:33.0601 0x06b8 [ C4856A873ADAE8664BCDF4C5CE548182, CC864ED4D518B9D72AB9B9953499D76A008935DB8E3E8C52BB298E8979270C66 ] C:\Users\Hannes Home\AppData\Roaming\Spotify\Spotify.exe
16:12:33.0752 0x06b8 Spotify - ok
16:12:33.0757 0x06b8 Waiting for KSN requests completion. In queue: 329
16:12:34.0757 0x06b8 Waiting for KSN requests completion. In queue: 329
16:12:35.0757 0x06b8 Waiting for KSN requests completion. In queue: 20
16:12:36.0785 0x06b8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x61100 ( enabled : updated )
16:12:36.0797 0x06b8 Win FW state via NFP2: enabled
16:12:39.0185 0x06b8 ============================================================
16:12:39.0185 0x06b8 Scan finished
16:12:39.0185 0x06b8 ============================================================
16:12:39.0202 0x1184 Detected object count: 0
16:12:39.0202 0x1184 Actual detected object count: 0
16:13:42.0392 0x0dc0 Deinitialize success
|
|
20.07.2015, 15:19
| #4 | |
| /// TB-Ausbilder | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleanerZitat:
|
|
20.07.2015, 19:59
| #5 |
| | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Okay hat nun geklappt danke FRST Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Hannes Home (administrator) on HANNES-PC on 20-07-2015 20:56:45
Running from C:\Users\Hannes Home\Downloads
Loaded Profiles: Hannes Home (Available Profiles: Hannes Home)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Spotify Web Helper] => C:\Users\Hannes Home\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-17] (Spotify Ltd)
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31276160 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Spotify] => C:\Users\Hannes Home\AppData\Roaming\Spotify\Spotify.exe [7551544 2015-07-17] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-04-27]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Hannes Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-04-19] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-776971646-995409210-4114741199-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-09] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{61ADEA37-7F1C-40DA-ADE1-9D9C468BC90E}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{97A32CA6-04D8-4C74-995F-374C55DEA543}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default
FF NewTab: about:blank
FF Homepage: https://google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: Adblock Plus - C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-18]
FF Extension: BetterPrivacy - C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-04-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
U0 jyhc; C:\Windows\System32\drivers\pjgrybj.sys [79064 2015-07-20] (Malwarebytes Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1577104 2012-09-27] (Realtek Semiconductor Corporation )
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 GPU-Z; \??\C:\Users\HANNES~1\AppData\Local\Temp\GPU-Z.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 20:56 - 2015-07-20 20:56 - 00009778 _____ C:\Users\Hannes Home\Downloads\FRST.txt
2015-07-20 20:56 - 2015-07-20 20:56 - 00000000 ____D C:\FRST
2015-07-20 20:55 - 2015-07-20 20:55 - 02135552 _____ (Farbar) C:\Users\Hannes Home\Downloads\FRST64.exe
2015-07-20 16:12 - 2015-07-20 16:12 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Hannes Home\Downloads\tdsskiller.exe
2015-07-20 13:37 - 2015-07-20 13:37 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\pjgrybj.sys
2015-07-20 13:37 - 2015-07-20 13:37 - 00003573 _____ C:\Users\Hannes Home\Desktop\Male.txt
2015-07-20 13:25 - 2015-07-20 13:41 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-20 13:25 - 2015-07-20 13:25 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-20 13:25 - 2015-07-20 13:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-20 13:25 - 2015-07-20 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-20 13:25 - 2015-07-20 13:25 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-20 13:25 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-20 13:25 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-20 13:25 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-20 13:24 - 2015-07-20 13:24 - 01198368 _____ C:\Users\Hannes Home\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-07-20 12:24 - 2015-07-20 12:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-20 12:20 - 2015-07-20 12:21 - 00000000 ____D C:\AdwCleaner
2015-07-20 12:19 - 2015-07-20 12:19 - 02248704 _____ C:\Users\Hannes Home\Downloads\adwcleaner_4.208.exe
2015-07-20 11:58 - 2015-07-20 11:58 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z
2015-07-20 11:58 - 2015-07-20 11:58 - 00000000 ____D C:\Program Files (x86)\GPU-Z
2015-07-20 11:57 - 2015-07-20 11:57 - 01259808 _____ C:\Users\Hannes Home\Downloads\GPU Z - CHIP-Installer.exe
2015-07-19 21:56 - 2015-07-19 21:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 21:56 - 2015-07-19 21:56 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 21:56 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-07-19 21:56 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-07-19 21:56 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-07-19 21:56 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-07-19 21:56 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-07-19 21:56 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-07-19 21:55 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-19 21:55 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-19 21:55 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-19 21:55 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-19 21:55 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-19 21:55 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-19 21:55 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-19 21:55 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-19 21:55 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-19 21:55 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-19 21:55 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-19 21:55 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-19 21:55 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-19 21:55 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-19 21:55 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-19 21:55 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-19 21:55 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-19 21:55 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-07-19 21:55 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-07-19 21:55 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-07-19 21:55 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-07-19 21:55 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-07-19 21:55 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-07-19 21:55 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-07-19 21:54 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-19 21:54 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-19 21:54 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-19 21:54 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-19 21:54 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-19 21:54 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-19 21:54 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-19 21:54 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-19 21:54 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-19 21:54 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-07-19 21:54 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-07-19 21:54 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-07-19 21:54 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-19 21:54 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-07-19 21:54 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-19 21:54 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-19 21:54 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-07-19 21:54 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-07-19 21:54 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-07-19 21:54 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-07-19 21:54 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-07-19 21:54 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-19 21:54 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-07-19 21:54 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-07-19 21:54 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-07-19 21:54 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-19 21:54 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-19 21:54 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-19 21:53 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-19 21:53 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-19 21:53 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-19 21:53 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-19 21:53 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-19 21:53 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-19 21:53 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-19 21:53 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-19 21:53 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-19 21:53 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-19 21:53 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-19 21:53 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-19 21:53 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-07-19 21:53 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-07-19 21:53 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-07-19 21:53 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-07-19 21:53 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-07-19 21:53 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-19 21:53 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-07-19 21:53 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-07-19 21:53 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-07-19 21:53 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-07-19 21:53 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-07-19 21:53 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-07-19 21:53 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-07-19 21:53 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-07-19 21:53 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-07-19 21:53 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-07-19 21:53 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-07-19 21:53 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-07-19 21:53 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-19 21:53 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-19 21:53 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-19 21:53 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-19 21:53 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-07-19 21:53 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-07-19 21:53 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-07-19 21:53 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-07-19 21:53 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-07-19 21:53 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-07-19 21:53 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-07-19 21:53 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-19 21:53 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-19 21:53 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-19 21:53 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2015-07-19 21:53 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2015-07-19 21:53 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2015-07-19 21:53 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2015-07-19 21:52 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-19 21:52 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-19 21:52 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-19 21:52 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-19 21:52 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-19 21:52 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-19 21:52 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-19 21:52 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-07-19 21:52 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-19 21:52 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-19 21:52 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-19 21:52 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-19 21:52 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-19 21:52 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-19 21:52 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-19 21:52 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-19 21:52 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-19 21:52 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-19 21:52 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-19 21:52 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-19 21:52 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-19 21:52 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-07-19 21:52 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-07-19 21:52 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-07-19 21:52 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-07-19 21:52 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-07-19 21:52 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-07-19 21:52 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-07-19 21:52 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-07-19 21:52 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-07-19 21:52 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-07-19 21:52 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-19 21:52 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-19 21:52 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-07-19 21:52 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-07-19 21:52 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-19 21:52 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-19 21:52 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-19 21:52 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-07-19 21:52 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-07-19 21:52 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-07-19 21:52 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-19 21:52 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-07-19 21:52 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-07-19 21:52 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-07-19 21:52 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-07-19 21:52 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-07-19 21:52 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-07-19 21:52 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-07-19 21:52 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-07-19 21:52 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-07-19 21:52 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-07-19 21:52 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-07-19 21:52 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-07-19 21:52 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-07-19 21:52 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-07-19 21:52 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-07-19 21:52 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-07-19 21:52 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-07-19 21:52 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-07-19 21:52 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-07-19 21:52 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-07-19 21:52 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-07-19 21:52 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-07-19 21:52 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-07-19 21:52 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-07-19 21:52 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-07-19 21:52 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-07-19 21:52 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-07-19 21:52 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-19 21:52 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-19 21:52 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-07-19 21:52 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-07-19 21:52 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-07-19 21:52 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-07-19 21:52 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-07-19 21:52 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-19 21:52 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-07-19 21:52 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-07-19 21:52 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-07-19 21:52 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-07-19 21:52 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-07-19 21:52 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-07-19 21:52 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-19 21:52 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-19 21:52 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-19 21:52 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-19 21:52 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-07-19 21:52 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-07-19 21:52 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-07-19 21:52 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-07-19 21:52 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-07-19 21:52 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-07-19 21:52 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-07-19 21:52 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-07-19 21:52 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-07-19 21:52 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-07-19 21:52 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-07-19 21:52 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-07-19 21:51 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-19 21:51 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-19 21:51 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-19 21:51 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-19 21:51 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-07-19 21:51 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-07-19 21:51 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-19 21:51 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-07-19 21:50 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-19 21:50 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-19 21:50 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-19 21:50 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-19 21:50 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-19 20:23 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 20:23 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-14 19:52 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 19:52 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 19:52 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 19:52 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 19:52 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 19:52 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 19:52 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 19:52 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 19:52 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 19:52 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 19:52 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 19:52 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 19:52 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 19:52 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 19:52 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 19:52 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 19:52 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 19:52 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 19:52 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 19:52 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 19:52 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 19:52 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 19:52 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 19:52 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 19:52 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 19:52 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 19:52 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 19:52 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 19:52 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 19:52 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 19:52 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 19:52 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 19:52 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 19:47 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 19:47 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 19:47 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 19:47 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 19:47 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 19:47 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 19:47 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 19:47 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 19:47 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 19:47 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 19:47 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-07-14 19:46 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-14 19:46 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-14 19:46 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-14 19:46 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-14 19:46 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 19:46 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 19:46 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 19:46 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 19:46 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 19:46 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 19:46 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 19:46 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 19:46 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 19:46 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 19:46 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 19:46 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 19:46 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 19:46 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 19:46 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 19:46 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 19:46 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-14 19:46 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 19:46 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-14 19:46 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 19:46 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-14 19:46 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-14 19:46 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-14 19:41 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 19:41 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 19:41 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 19:41 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 19:41 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 19:41 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-14 19:41 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-14 11:44 - 2015-07-14 11:44 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-07 21:01 - 2015-07-16 08:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 09:04 - 2015-07-07 09:04 - 01275028 _____ C:\Users\Hannes Home\Downloads\Launcher_EN(1).jar
2015-07-07 08:38 - 2015-07-07 08:38 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\LogMeIn
2015-07-07 08:38 - 2015-07-07 08:38 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-07 08:37 - 2015-07-07 09:15 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\.minecraft
2015-07-07 08:37 - 2015-07-07 08:37 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\java
2015-06-28 13:33 - 2015-06-28 13:33 - 02157552 _____ C:\Users\Apps\glue-resources-pre-vis-2.spa
2015-06-24 19:40 - 2015-07-14 19:40 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-24 19:04 - 2015-06-24 19:04 - 00002149 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-24 19:03 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-24 19:02 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-24 19:02 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-24 19:02 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-20 20:55 - 2014-05-16 12:56 - 00000000 ___RD C:\Users\Hannes Home\OneDrive
2015-07-20 20:55 - 2014-04-19 12:05 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Deployment
2015-07-20 20:55 - 2014-04-17 01:05 - 01866267 _____ C:\Windows\WindowsUpdate.log
2015-07-20 20:54 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-20 14:10 - 2014-04-16 19:30 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Spotify
2015-07-20 13:58 - 2014-04-16 19:30 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\Spotify
2015-07-20 13:40 - 2015-01-29 22:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-20 13:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Vss
2015-07-20 13:35 - 2014-04-16 19:11 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-776971646-995409210-4114741199-1001
2015-07-20 13:17 - 2014-04-16 20:46 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\TS3Client
2015-07-20 12:56 - 2015-04-08 19:16 - 00000018 _____ C:\Users\Hannes Home\Desktop\Neues Textdokument.txt
2015-07-20 12:32 - 2014-04-17 01:08 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 12:32 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-07-20 12:32 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-07-20 12:27 - 2013-08-22 16:46 - 00023458 _____ C:\Windows\setupact.log
2015-07-20 12:25 - 2014-04-16 19:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-20 12:25 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 12:24 - 2015-04-27 17:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-20 12:24 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-20 12:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-20 12:21 - 2014-04-17 01:05 - 00000000 ____D C:\Users\Hannes Home
2015-07-20 11:58 - 2014-04-16 20:09 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\NVIDIA
2015-07-19 22:43 - 2014-05-02 13:32 - 00007609 _____ C:\Users\Hannes Home\AppData\Local\Resmon.ResmonCfg
2015-07-19 22:43 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-19 22:41 - 2014-04-16 20:09 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Battle.net
2015-07-19 20:24 - 2014-04-16 19:49 - 00001393 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 20:24 - 2014-04-16 19:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 19:07 - 2014-04-20 12:13 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\GameRanger
2015-07-17 13:22 - 2015-06-13 22:50 - 00599556 _____ C:\Users\Apps\local-files-desktop.spa
2015-07-17 13:22 - 2015-05-09 15:17 - 00158566 _____ C:\Users\Apps\hub.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 41287224 _____ C:\Users\libcef.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 10457856 _____ C:\Users\icudtl.dat
2015-07-17 13:22 - 2015-03-31 18:41 - 07551544 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-07-17 13:22 - 2015-03-31 18:41 - 04253463 _____ C:\Users\devtools_resources.pak
2015-07-17 13:22 - 2015-03-31 18:41 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 02157552 _____ C:\Users\Apps\glue-resources.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 02018406 _____ C:\Users\cef.pak
2015-07-17 13:22 - 2015-03-31 18:41 - 02017848 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-07-17 13:22 - 2015-03-31 18:41 - 01488440 _____ C:\Users\libGLESv2.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 00968248 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 00898756 _____ C:\Users\Apps\zlink.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00840248 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-07-17 13:22 - 2015-03-31 18:41 - 00721136 _____ C:\Users\Apps\browse.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00604300 _____ C:\Users\Apps\playlist-desktop.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00598403 _____ C:\Users\cef_200_percent.pak
2015-07-17 13:22 - 2015-03-31 18:41 - 00539802 _____ C:\Users\Apps\notification-center.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00529240 _____ C:\Users\Apps\settings.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00528578 _____ C:\Users\Apps\collection.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00512594 _____ C:\Users\Apps\genre.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00508698 _____ C:\Users\Apps\collection-artist.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00504301 _____ C:\Users\Apps\discover.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00466223 _____ C:\Users\Apps\collection-album.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00465746 _____ C:\Users\Apps\messages.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00448791 _____ C:\Users\Apps\social-feed.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00444515 _____ C:\Users\cef_100_percent.pak
2015-07-17 13:22 - 2015-03-31 18:41 - 00444041 _____ C:\Users\Apps\article.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00416475 _____ C:\Users\Apps\album.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00395528 _____ C:\Users\Apps\collection-songs.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00392090 _____ C:\Users\Apps\zlogin.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00382481 _____ C:\Users\Apps\social-chart.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00368227 _____ C:\Users\Apps\charts.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00363479 _____ C:\Users\Apps\artist.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00363018 _____ C:\Users\Apps\buddy-list.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00300863 _____ C:\Users\Apps\radio.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00274108 _____ C:\Users\Apps\share.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00273119 _____ C:\Users\Apps\folder.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00257348 _____ C:\Users\Apps\zlink-queue.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00246022 _____ C:\Users\Apps\profile.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00236396 _____ C:\Users\Apps\chart.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00216723 _____ C:\Users\Apps\search.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00216711 _____ C:\Users\Apps\findfriends.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00196416 _____ C:\Users\Apps\suggest.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00158229 _____ C:\Users\Apps\follow.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-07-17 13:22 - 2015-03-31 18:41 - 00096225 _____ C:\Users\Apps\about.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00079928 _____ C:\Users\libEGL.dll
2015-07-17 13:22 - 2015-03-31 18:41 - 00073272 _____ C:\Users\wow_helper.exe
2015-07-17 13:22 - 2015-03-31 18:41 - 00072616 _____ C:\Users\Apps\error.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00053462 _____ C:\Users\Apps\ad.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00013506 _____ C:\Users\locales\en-US.pak
2015-07-17 13:22 - 2015-03-31 18:41 - 00008009 _____ C:\Users\locales\el.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00007791 _____ C:\Users\locales\ru.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00007076 _____ C:\Users\locales\ja.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006969 _____ C:\Users\locales\hu.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006950 _____ C:\Users\locales\fr-CA.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006899 _____ C:\Users\locales\fr.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006876 _____ C:\Users\locales\fi.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006875 _____ C:\Users\locales\pl.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006808 _____ C:\Users\locales\es-419.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006793 _____ C:\Users\locales\nl.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006756 _____ C:\Users\locales\de.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006740 _____ C:\Users\locales\zsm.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006739 _____ C:\Users\locales\it.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006731 _____ C:\Users\locales\es.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006726 _____ C:\Users\locales\tr.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006719 _____ C:\Users\locales\zh-Hant.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006717 _____ C:\Users\locales\pt-BR.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006672 _____ C:\Users\locales\sv.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006540 _____ C:\Users\locales\arb.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00006469 _____ C:\Users\locales\en.mo
2015-07-17 13:22 - 2015-03-31 18:41 - 00000802 _____ C:\Users\Apps\licenses.spa
2015-07-17 13:22 - 2015-03-31 18:41 - 00000020 _____ C:\Users\inst_ver.dat
2015-07-17 13:22 - 2015-03-31 18:41 - 00000000 ____D C:\Users\locales
2015-07-17 13:22 - 2015-03-31 18:41 - 00000000 _____ C:\Users\Hannes.redir
2015-07-16 08:05 - 2013-08-22 16:44 - 00338016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 08:04 - 2014-04-17 01:02 - 00025762 _____ C:\Windows\PFRO.log
2015-07-16 08:04 - 2014-04-16 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 21:06 - 2014-06-02 17:03 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 21:06 - 2014-04-16 19:48 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-14 21:05 - 2014-06-02 17:03 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-14 21:05 - 2014-04-16 19:48 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-14 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-14 19:57 - 2014-04-16 19:30 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 19:40 - 2015-01-29 22:09 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 09:02 - 2014-04-20 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-05 12:08 - 2014-04-16 19:20 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2014-04-16 19:30 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 06:28 - 2014-04-16 19:46 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-02 18:27 - 2014-10-31 13:12 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Adobe
2015-06-26 11:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-24 19:04 - 2014-04-16 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-24 19:02 - 2015-06-01 17:39 - 00000000 ____D C:\ProgramData\boost_interprocess
==================== Files in the root of some directories =======
2014-04-17 01:09 - 2014-04-27 12:57 - 0000000 _____ () C:\Users\Hannes Home\AppData\Local\Driver_LOM_8161Present.flag
2014-05-02 13:32 - 2015-07-19 22:43 - 0007609 _____ () C:\Users\Hannes Home\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Hannes Home\AppData\Local\Temp\devcon64.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Hannes Home\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStInst.exe
C:\Users\Hannes Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Hannes Home\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Hannes Home\AppData\Local\Temp\sfextra.dll
C:\Users\Hannes Home\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hannes Home\AppData\Local\Temp\sqlite3.dll
C:\Users\Hannes Home\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Hannes Home\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Hannes Home\AppData\Local\Temp\_is9A88.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-20 13:21
==================== End of log ============================
|
|
21.07.2015, 10:32
| #6 |
| /// TB-Ausbilder | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
21.07.2015, 14:45
| #7 |
| | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Hallo Matthias, vielen Dank für deine schnellen Antworten .Habe alle Schritte ausgeführt. Im weiteren Verlauf findest du die benötigten Daten/Protokolle. MBAM Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 21.07.2015 Suchlaufzeit: 15:24 Protokolldatei: Log Mbye.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.21.03 Rootkit-Datenbank: v2015.07.17.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Hannes Home Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 361077 Abgelaufene Zeit: 7 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Windows 8.1 x64
Ran by Hannes Home on 21.07.2015 at 15:37:54,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
~~~ FireFox
Emptied folder: C:\Users\Hannes Home\AppData\Roaming\mozilla\firefox\profiles\ddvwj60f.default\minidumps [22 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.07.2015 at 15:39:45,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Hannes Home (administrator) on HANNES-PC on 21-07-2015 15:42:17
Running from C:\Users\Hannes Home\Downloads
Loaded Profiles: Hannes Home (Available Profiles: Hannes Home)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2631824 2015-07-14] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Spotify Web Helper] => C:\Users\Hannes Home\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-21] (Spotify Ltd)
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31276160 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Run: [Spotify] => C:\Users\Hannes Home\AppData\Roaming\Spotify\Spotify.exe [7533112 2015-07-21] (Spotify Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-04-27]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4E08CC97-912D-458B-8705-9A14C325532F}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Hannes Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-04-19] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\S-1-5-21-776971646-995409210-4114741199-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-09] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-09] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{61ADEA37-7F1C-40DA-ADE1-9D9C468BC90E}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{97A32CA6-04D8-4C74-995F-374C55DEA543}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default
FF NewTab: about:blank
FF Homepage: https://google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-09] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Extension: Adblock Plus - C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-18]
FF Extension: BetterPrivacy - C:\Users\Hannes Home\AppData\Roaming\Mozilla\Firefox\Profiles\ddvwj60f.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2014-04-19]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-14] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-14] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-14] (NVIDIA Corporation)
S2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [343040 2013-08-08] (Qualcomm Atheros) [File not signed]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AcpiCtlDrv; C:\Windows\System32\drivers\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [75056 2013-02-13] (Qualcomm Atheros, Inc.)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-07-14] (LogMeIn Inc.)
U0 jyhc; C:\Windows\System32\drivers\pjgrybj.sys [79064 2015-07-20] (Malwarebytes Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [163536 2013-03-20] (Qualcomm Atheros, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-14] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1577104 2012-09-27] (Realtek Semiconductor Corporation )
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-21 15:39 - 2015-07-21 15:39 - 00000928 _____ C:\Users\Hannes Home\Desktop\JRT.txt
2015-07-21 15:34 - 2015-07-21 15:34 - 01798288 _____ (Malwarebytes Corporation) C:\Users\Hannes Home\Downloads\JRT.exe
2015-07-21 15:23 - 2015-07-21 15:24 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 15:23 - 2015-07-21 15:23 - 00001114 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 15:23 - 2015-07-21 15:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-21 15:23 - 2015-07-21 15:23 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-21 15:23 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 15:23 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 15:23 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-20 21:07 - 2015-07-20 22:41 - 00002259 _____ C:\Windows\epplauncher.mif
2015-07-20 21:07 - 2015-07-20 21:07 - 00000000 ____D C:\c33d24a0b5d2c64182ac1376
2015-07-20 20:57 - 2015-07-20 20:57 - 00029235 _____ C:\Users\Hannes Home\Downloads\Addition.txt
2015-07-20 20:56 - 2015-07-21 15:42 - 00008672 _____ C:\Users\Hannes Home\Downloads\FRST.txt
2015-07-20 20:56 - 2015-07-21 15:42 - 00000000 ____D C:\FRST
2015-07-20 20:55 - 2015-07-20 20:55 - 02135552 _____ (Farbar) C:\Users\Hannes Home\Downloads\FRST64.exe
2015-07-20 16:12 - 2015-07-20 16:12 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Hannes Home\Downloads\tdsskiller.exe
2015-07-20 13:37 - 2015-07-20 13:37 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\pjgrybj.sys
2015-07-20 13:25 - 2015-07-20 13:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-20 13:24 - 2015-07-20 13:24 - 01198368 _____ C:\Users\Hannes Home\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe
2015-07-20 12:24 - 2015-07-20 12:24 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-20 12:20 - 2015-07-20 12:21 - 00000000 ____D C:\AdwCleaner
2015-07-20 12:19 - 2015-07-20 12:19 - 02248704 _____ C:\Users\Hannes Home\Downloads\adwcleaner_4.208.exe
2015-07-20 11:57 - 2015-07-20 11:57 - 01259808 _____ C:\Users\Hannes Home\Downloads\GPU Z - CHIP-Installer.exe
2015-07-19 21:56 - 2015-07-19 21:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-19 21:56 - 2015-07-19 21:56 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-19 21:56 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-07-19 21:56 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-07-19 21:56 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-07-19 21:56 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-07-19 21:56 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-07-19 21:56 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-07-19 21:55 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-19 21:55 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-19 21:55 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-19 21:55 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-19 21:55 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-19 21:55 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-19 21:55 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-19 21:55 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-19 21:55 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-19 21:55 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-19 21:55 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-19 21:55 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-19 21:55 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-19 21:55 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-19 21:55 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-19 21:55 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-19 21:55 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-19 21:55 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2015-07-19 21:55 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-07-19 21:55 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-07-19 21:55 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-07-19 21:55 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-07-19 21:55 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\DeviceSetupStatusProvider.dll
2015-07-19 21:55 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceSetupStatusProvider.dll
2015-07-19 21:54 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-19 21:54 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-19 21:54 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-19 21:54 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-19 21:54 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-19 21:54 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-19 21:54 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-19 21:54 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-07-19 21:54 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-07-19 21:54 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-07-19 21:54 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-07-19 21:54 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-07-19 21:54 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-07-19 21:54 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ahcache.sys
2015-07-19 21:54 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-07-19 21:54 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-07-19 21:54 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthhfenum.sys
2015-07-19 21:54 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2015-07-19 21:54 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2015-07-19 21:54 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
2015-07-19 21:54 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
2015-07-19 21:54 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-19 21:54 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2015-07-19 21:54 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-07-19 21:54 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-07-19 21:54 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-07-19 21:54 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-07-19 21:54 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-07-19 21:53 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-19 21:53 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-19 21:53 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-19 21:53 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-19 21:53 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-19 21:53 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-07-19 21:53 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-07-19 21:53 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-07-19 21:53 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-19 21:53 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-19 21:53 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-19 21:53 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-19 21:53 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-19 21:53 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
2015-07-19 21:53 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
2015-07-19 21:53 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2015-07-19 21:53 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2015-07-19 21:53 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
2015-07-19 21:53 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2015-07-19 21:53 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2015-07-19 21:53 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2015-07-19 21:53 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2015-07-19 21:53 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2015-07-19 21:53 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2015-07-19 21:53 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2015-07-19 21:53 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2015-07-19 21:53 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2015-07-19 21:53 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\Windows\system32\wevtsvc.dll
2015-07-19 21:53 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2015-07-19 21:53 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-07-19 21:53 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-07-19 21:53 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-07-19 21:53 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-07-19 21:53 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-07-19 21:53 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-07-19 21:53 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-07-19 21:53 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-07-19 21:53 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2015-07-19 21:53 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2015-07-19 21:53 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsDatabase.dll
2015-07-19 21:53 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2015-07-19 21:53 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2015-07-19 21:53 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-19 21:53 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-19 21:53 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-19 21:53 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-19 21:53 - 2014-04-09 00:46 - 00086688 _____ (Microsoft Corporation) C:\Windows\system32\mrt_map.dll
2015-07-19 21:53 - 2014-04-09 00:46 - 00028320 _____ (Microsoft Corporation) C:\Windows\system32\mrt100.dll
2015-07-19 21:53 - 2014-04-08 20:54 - 00080032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt_map.dll
2015-07-19 21:53 - 2014-04-08 20:54 - 00026784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mrt100.dll
2015-07-19 21:52 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-19 21:52 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-19 21:52 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-19 21:52 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-19 21:52 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-19 21:52 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-19 21:52 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-19 21:52 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2015-07-19 21:52 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-07-19 21:52 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-07-19 21:52 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-07-19 21:52 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-07-19 21:52 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-07-19 21:52 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-07-19 21:52 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-07-19 21:52 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-07-19 21:52 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-07-19 21:52 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-07-19 21:52 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-07-19 21:52 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-07-19 21:52 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-07-19 21:52 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2015-07-19 21:52 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2015-07-19 21:52 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-07-19 21:52 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-07-19 21:52 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-07-19 21:52 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-07-19 21:52 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-07-19 21:52 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-07-19 21:52 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-07-19 21:52 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-07-19 21:52 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-07-19 21:52 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-07-19 21:52 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2015-07-19 21:52 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2015-07-19 21:52 - 2014-11-10 20:06 - 02485056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-19 21:52 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-07-19 21:52 - 2014-11-10 20:06 - 00428864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-19 21:52 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2015-07-19 21:52 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2015-07-19 21:52 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-07-19 21:52 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-07-19 21:52 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-07-19 21:52 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2015-07-19 21:52 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-07-19 21:52 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2015-07-19 21:52 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-07-19 21:52 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2015-07-19 21:52 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-07-19 21:52 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2015-07-19 21:52 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2015-07-19 21:52 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2015-07-19 21:52 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2015-07-19 21:52 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2015-07-19 21:52 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2015-07-19 21:52 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2015-07-19 21:52 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2015-07-19 21:52 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2015-07-19 21:52 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2015-07-19 21:52 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2015-07-19 21:52 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2015-07-19 21:52 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2015-07-19 21:52 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2015-07-19 21:52 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2015-07-19 21:52 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2015-07-19 21:52 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2015-07-19 21:52 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2015-07-19 21:52 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2015-07-19 21:52 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2015-07-19 21:52 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2015-07-19 21:52 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-07-19 21:52 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\untfs.dll
2015-07-19 21:52 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2015-07-19 21:52 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2015-07-19 21:52 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2015-07-19 21:52 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2015-07-19 21:52 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-07-19 21:52 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\untfs.dll
2015-07-19 21:52 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2015-07-19 21:52 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2015-07-19 21:52 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2015-07-19 21:52 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-07-19 21:52 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-07-19 21:52 - 2014-10-31 02:51 - 18823168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-19 21:52 - 2014-10-31 02:10 - 15158784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-19 21:52 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-19 21:52 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-19 21:52 - 2014-10-29 05:05 - 00551232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2015-07-19 21:52 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2015-07-19 21:52 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2015-07-19 21:52 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2015-07-19 21:52 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2015-07-19 21:52 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2015-07-19 21:52 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2015-07-19 21:52 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2015-07-19 21:52 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2015-07-19 21:52 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2015-07-19 21:52 - 2014-10-17 06:56 - 00039744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2015-07-19 21:52 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2015-07-19 21:51 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-19 21:51 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-19 21:51 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-07-19 21:51 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-07-19 21:51 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-07-19 21:51 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-07-19 21:51 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-07-19 21:51 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-07-19 21:50 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-19 21:50 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-19 21:50 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-19 21:50 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-19 21:50 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-07-19 20:23 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 20:23 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-14 19:52 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 19:52 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 19:52 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 19:52 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 19:52 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-14 19:52 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 19:52 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 19:52 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-14 19:52 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 19:52 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-14 19:52 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-14 19:52 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 19:52 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 19:52 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-14 19:52 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 19:52 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 19:52 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 19:52 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 19:52 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 19:52 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 19:52 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-14 19:52 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 19:52 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 19:52 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-14 19:52 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 19:52 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-14 19:52 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-14 19:52 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 19:52 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 19:52 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 19:52 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-14 19:52 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 19:52 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 19:47 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 19:47 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 19:47 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 19:47 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 19:47 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 19:47 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 19:47 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 19:47 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 19:47 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 19:47 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 19:47 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-07-14 19:46 - 2015-07-03 15:52 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-14 19:46 - 2015-07-03 15:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-14 19:46 - 2015-07-03 15:50 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-14 19:46 - 2015-07-03 15:50 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-14 19:46 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 19:46 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 19:46 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 19:46 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 19:46 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 19:46 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 19:46 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 19:46 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 19:46 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 19:46 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 19:46 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 19:46 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 19:46 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 19:46 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 19:46 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 19:46 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 19:46 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-14 19:46 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 19:46 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-14 19:46 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 19:46 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-14 19:46 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-14 19:46 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-14 19:41 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 19:41 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 19:41 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 19:41 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 19:41 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-14 19:41 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-07-14 19:41 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-07-14 11:44 - 2015-07-14 11:44 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-07-07 21:01 - 2015-07-16 08:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 09:04 - 2015-07-07 09:04 - 01275028 _____ C:\Users\Hannes Home\Downloads\Launcher_EN(1).jar
2015-07-07 08:38 - 2015-07-07 08:38 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\LogMeIn
2015-07-07 08:38 - 2015-07-07 08:38 - 00000000 ____D C:\ProgramData\LogMeIn
2015-07-07 08:37 - 2015-07-07 09:15 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\.minecraft
2015-07-07 08:37 - 2015-07-07 08:37 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\java
2015-06-28 13:33 - 2015-06-28 13:33 - 02157552 _____ C:\Users\Apps\glue-resources-pre-vis-2.spa
2015-06-24 19:40 - 2015-07-14 19:40 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-06-24 19:04 - 2015-06-24 19:04 - 00002149 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2015-06-24 19:03 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-24 19:02 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-24 19:02 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00408392 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-24 19:02 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-24 19:02 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-21 15:40 - 2015-01-29 22:09 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-21 15:27 - 2014-04-16 19:11 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-776971646-995409210-4114741199-1001
2015-07-21 15:18 - 2014-04-17 01:05 - 01938691 _____ C:\Windows\WindowsUpdate.log
2015-07-21 15:01 - 2014-04-16 19:30 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\Spotify
2015-07-21 15:01 - 2014-04-16 19:30 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Spotify
2015-07-21 15:00 - 2015-06-13 22:50 - 00599556 _____ C:\Users\Apps\local-files-desktop.spa
2015-07-21 15:00 - 2015-05-09 15:17 - 00158566 _____ C:\Users\Apps\hub.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 41287224 _____ C:\Users\libcef.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 10457856 _____ C:\Users\icudtl.dat
2015-07-21 15:00 - 2015-03-31 18:41 - 07533112 _____ (Spotify Ltd) C:\Users\Spotify.exe
2015-07-21 15:00 - 2015-03-31 18:41 - 04253463 _____ C:\Users\devtools_resources.pak
2015-07-21 15:00 - 2015-03-31 18:41 - 03457592 _____ (Microsoft Corporation) C:\Users\d3dcompiler_47.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 02332541 _____ C:\Users\Apps\musixmatch-lyrics.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 02157552 _____ C:\Users\Apps\glue-resources.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 02106424 _____ (Microsoft Corporation) C:\Users\d3dcompiler_43.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 02018406 _____ C:\Users\cef.pak
2015-07-21 15:00 - 2015-03-31 18:41 - 02017848 _____ (Spotify Ltd) C:\Users\SpotifyWebHelper.exe
2015-07-21 15:00 - 2015-03-31 18:41 - 01488440 _____ C:\Users\libGLESv2.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 00968248 _____ (The Chromium Authors) C:\Users\ffmpegsumo.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 00898756 _____ C:\Users\Apps\zlink.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00840248 _____ (Spotify Ltd) C:\Users\SpotifyCrashService.exe
2015-07-21 15:00 - 2015-03-31 18:41 - 00721136 _____ C:\Users\Apps\browse.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00604300 _____ C:\Users\Apps\playlist-desktop.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00598403 _____ C:\Users\cef_200_percent.pak
2015-07-21 15:00 - 2015-03-31 18:41 - 00539802 _____ C:\Users\Apps\notification-center.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00529240 _____ C:\Users\Apps\settings.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00528578 _____ C:\Users\Apps\collection.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00512594 _____ C:\Users\Apps\genre.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00508698 _____ C:\Users\Apps\collection-artist.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00504301 _____ C:\Users\Apps\discover.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00466223 _____ C:\Users\Apps\collection-album.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00465746 _____ C:\Users\Apps\messages.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00448791 _____ C:\Users\Apps\social-feed.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00444515 _____ C:\Users\cef_100_percent.pak
2015-07-21 15:00 - 2015-03-31 18:41 - 00444041 _____ C:\Users\Apps\article.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00416475 _____ C:\Users\Apps\album.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00395528 _____ C:\Users\Apps\collection-songs.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00392090 _____ C:\Users\Apps\zlogin.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00382481 _____ C:\Users\Apps\social-chart.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00368227 _____ C:\Users\Apps\charts.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00363479 _____ C:\Users\Apps\artist.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00363018 _____ C:\Users\Apps\buddy-list.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00300863 _____ C:\Users\Apps\radio.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00274108 _____ C:\Users\Apps\share.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00273119 _____ C:\Users\Apps\folder.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00257348 _____ C:\Users\Apps\zlink-queue.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00246022 _____ C:\Users\Apps\profile.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00236396 _____ C:\Users\Apps\chart.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00216723 _____ C:\Users\Apps\search.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00216711 _____ C:\Users\Apps\findfriends.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00196416 _____ C:\Users\Apps\suggest.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00158229 _____ C:\Users\Apps\follow.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00098360 _____ (Spotify Ltd) C:\Users\SpotifyLauncher.exe
2015-07-21 15:00 - 2015-03-31 18:41 - 00096225 _____ C:\Users\Apps\about.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00079928 _____ C:\Users\libEGL.dll
2015-07-21 15:00 - 2015-03-31 18:41 - 00073272 _____ C:\Users\wow_helper.exe
2015-07-21 15:00 - 2015-03-31 18:41 - 00072616 _____ C:\Users\Apps\error.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00053462 _____ C:\Users\Apps\ad.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00013506 _____ C:\Users\locales\en-US.pak
2015-07-21 15:00 - 2015-03-31 18:41 - 00008009 _____ C:\Users\locales\el.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00007791 _____ C:\Users\locales\ru.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00007076 _____ C:\Users\locales\ja.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006969 _____ C:\Users\locales\hu.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006950 _____ C:\Users\locales\fr-CA.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006899 _____ C:\Users\locales\fr.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006876 _____ C:\Users\locales\fi.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006875 _____ C:\Users\locales\pl.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006808 _____ C:\Users\locales\es-419.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006793 _____ C:\Users\locales\nl.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006756 _____ C:\Users\locales\de.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006740 _____ C:\Users\locales\zsm.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006739 _____ C:\Users\locales\it.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006731 _____ C:\Users\locales\es.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006726 _____ C:\Users\locales\tr.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006719 _____ C:\Users\locales\zh-Hant.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006717 _____ C:\Users\locales\pt-BR.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006672 _____ C:\Users\locales\sv.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006540 _____ C:\Users\locales\arb.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00006469 _____ C:\Users\locales\en.mo
2015-07-21 15:00 - 2015-03-31 18:41 - 00000802 _____ C:\Users\Apps\licenses.spa
2015-07-21 15:00 - 2015-03-31 18:41 - 00000020 _____ C:\Users\inst_ver.dat
2015-07-21 15:00 - 2015-03-31 18:41 - 00000000 ____D C:\Users\locales
2015-07-21 15:00 - 2015-03-31 18:41 - 00000000 _____ C:\Users\Hannes.redir
2015-07-21 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppCompat
2015-07-21 14:58 - 2014-05-16 12:56 - 00000000 ___RD C:\Users\Hannes Home\OneDrive
2015-07-21 14:58 - 2014-04-19 12:05 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Deployment
2015-07-21 14:58 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-21 14:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-20 13:37 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Vss
2015-07-20 13:17 - 2014-04-16 20:46 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\TS3Client
2015-07-20 12:56 - 2015-04-08 19:16 - 00000018 _____ C:\Users\Hannes Home\Desktop\Neues Textdokument.txt
2015-07-20 12:32 - 2014-04-17 01:08 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 12:32 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-07-20 12:32 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-07-20 12:27 - 2013-08-22 16:46 - 00023458 _____ C:\Windows\setupact.log
2015-07-20 12:25 - 2014-04-16 19:40 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-20 12:25 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-20 12:24 - 2015-04-27 17:55 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2015-07-20 12:24 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-07-20 12:24 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-07-20 12:24 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-20 12:21 - 2014-04-17 01:05 - 00000000 ____D C:\Users\Hannes Home
2015-07-20 11:58 - 2014-04-16 20:09 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\NVIDIA
2015-07-19 22:43 - 2014-05-02 13:32 - 00007609 _____ C:\Users\Hannes Home\AppData\Local\Resmon.ResmonCfg
2015-07-19 22:41 - 2014-04-16 20:09 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Battle.net
2015-07-19 20:24 - 2014-04-16 19:49 - 00001393 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 20:24 - 2014-04-16 19:39 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 19:07 - 2014-04-20 12:13 - 00000000 ____D C:\Users\Hannes Home\AppData\Roaming\GameRanger
2015-07-16 08:05 - 2013-08-22 16:44 - 00338016 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-16 08:04 - 2014-04-17 01:02 - 00025762 _____ C:\Windows\PFRO.log
2015-07-16 08:04 - 2014-04-16 19:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-14 21:06 - 2014-06-02 17:03 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-14 21:06 - 2014-04-16 19:48 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-14 21:05 - 2014-06-02 17:03 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-14 21:05 - 2014-04-16 19:48 - 01710056 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-14 19:58 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-14 19:57 - 2014-04-16 19:30 - 00000000 ____D C:\Windows\system32\MRT
2015-07-14 19:40 - 2015-01-29 22:09 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-07 09:02 - 2014-04-20 12:02 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-05 12:08 - 2014-04-16 19:20 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43 - 2014-04-16 19:30 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-03 06:28 - 2014-04-16 19:46 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-07-02 18:27 - 2014-10-31 13:12 - 00000000 ____D C:\Users\Hannes Home\AppData\Local\Adobe
2015-06-26 11:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-06-24 19:04 - 2014-04-16 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-24 19:02 - 2015-06-01 17:39 - 00000000 ____D C:\ProgramData\boost_interprocess
==================== Files in the root of some directories =======
2014-04-17 01:09 - 2014-04-27 12:57 - 0000000 _____ () C:\Users\Hannes Home\AppData\Local\Driver_LOM_8161Present.flag
2014-05-02 13:32 - 2015-07-19 22:43 - 0007609 _____ () C:\Users\Hannes Home\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
C:\Users\Hannes Home\AppData\Local\Temp\devcon64.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Hannes Home\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Hannes Home\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Hannes Home\AppData\Local\Temp\nvStInst.exe
C:\Users\Hannes Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Hannes Home\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Hannes Home\AppData\Local\Temp\sfextra.dll
C:\Users\Hannes Home\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Hannes Home\AppData\Local\Temp\sqlite3.dll
C:\Users\Hannes Home\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Hannes Home\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Hannes Home\AppData\Local\Temp\_is9A88.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-20 13:21
==================== End of log ============================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Hannes Home at 2015-07-21 15:42:49
Running from C:\Users\Hannes Home\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-776971646-995409210-4114741199-500 - Administrator - Disabled)
Gast (S-1-5-21-776971646-995409210-4114741199-501 - Limited - Disabled)
Hannes Home (S-1-5-21-776971646-995409210-4114741199-1001 - Administrator - Enabled) => C:\Users\Hannes Home
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
ASUS USB-N13 WLAN Card Utilities & Driver (HKLM-x32\...\{9C049499-055C-4a0c-A916-1D12314F45EB}) (Version: 1.0.0.7 - ASUS)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.30 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.11.45 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.11.45 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{DD21E907-9A2A-44B8-A12E-13691E166664}) (Version: 1.0.30.1003 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.0.30.1003 - Qualcomm Atheros) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.11.45 - NVIDIA Corporation) Hidden
Simulationcraft(x64) version 6.0.3.23 (HKLM-x32\...\{AC025546-B7C5-45A7-B16A-80AE482CBB01}_is1) (Version: 6.0.3.23 - Simulationcraft)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\Spotify) (Version: 1.0.10.106.gccf469cc - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Tukui Client (HKLM-x32\...\{BAD6EBBD-A6A9-41C9-898A-8C868A552E4C}) (Version: 2.4.6 - Tukui)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-776971646-995409210-4114741199-1001_Classes\CLSID\{a55959fd-da9a-4a09-961a-b5ffd76cce48}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
10-06-2015 18:33:19 Windows Update
25-06-2015 22:47:18 Windows Update
07-07-2015 08:38:22 Installed LogMeIn Hamachi
11-07-2015 18:25:48 Windows Update
14-07-2015 19:55:04 Windows Update
19-07-2015 19:10:34 Removed LogMeIn Hamachi
21-07-2015 15:37:55 JRT Pre-Junkware Removal
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {8B90ACCF-EBA6-425A-ADAC-79325D8BAE56} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {A8D0E14D-AC88-4C1C-96BE-877246032849} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Hannes Home\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Hannes Home\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Hannes Home\SkyDrive.old:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-776971646-995409210-4114741199-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Hannes Home\Desktop\nasa-schwarzes-Loch.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-776971646-995409210-4114741199-1001\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [TCP Query User{CA3DB8B8-0D2F-4F00-B856-19C47C56F69F}C:\users\hannes home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hannes home\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{F7CF641B-1E45-4818-B1CC-0DAABB370494}C:\users\hannes home\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\hannes home\appdata\roaming\spotify\spotify.exe
FirewallRules: [{FC781FA5-C6FC-4193-A11E-D680134088CB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9A4D52F2-33CA-48EC-BC01-8BF690879D7F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{50AE3035-DC02-4093-B6A0-6392971808A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{C35E90B3-2FA7-4418-A200-6305A3ADFE3B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{605B4376-8699-405A-98E7-4B62CFCE9966}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{6C234401-5C70-4AC3-ACD0-6D8D1E0FE363}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{D66B282E-FC02-4857-9031-2B98DD0978D8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E65D9AA6-B0CB-49A5-AC17-88DB7F41384E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{AF4E2537-D07E-42AC-9CF6-DC8B99591DF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E7C09917-ADF6-484A-B86C-D520E2313C5D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{4A49B052-223B-465E-B76E-78C813D7058B}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{ED328CC5-2BA3-4470-8D6A-30B11C4FE21B}] => (Allow) C:\Program Files\Battle.net\Battle.net.exe
FirewallRules: [{BDF07899-EABB-4034-A098-5AB6D1651D12}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EFB17629-8944-4A56-ABA1-768F72A3E3D4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F518F434-3469-42A5-9DC3-B7DF44C8E789}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{8BBC69D3-4CBF-4C75-B4E8-D215274C994E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [TCP Query User{B6BC54A2-3E51-4799-A780-974B5640F6FA}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{27ACCFCB-65D3-4E0C-80EF-8EC3072E12F0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [{D6D74132-7E45-4208-AF26-A6059EE2CE8A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{00923454-84F7-416C-B421-016163B90A96}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{AE67BBDC-DF49-483E-B061-6F1C3DF7D5BA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{A6D7CC18-4806-445D-96E6-DBE948C8D8C1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{BC8D75E0-5D5D-4693-B1A0-9BAB1CFE82E5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{E762DF07-AA67-4670-8DF7-C89462631F72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{796C3210-2D89-4A6C-99A9-7DACB3F1FAAE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{FE857A4F-C288-4232-8C87-54FB0290A603}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{C1147A96-D6AD-40A5-94AD-A9090464B51B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{98AB8880-42E2-4F21-AD5F-07FD0731D5A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{5ADD22DA-DB26-4A45-88CA-402F8B1350A8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{7E6A17D3-E233-437B-B0D6-C123845C3CFA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{5965687D-D848-4027-A4E0-E218FB3AEFB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{EEC9E701-E04A-4694-AB52-55B46B7C5032}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{94C3E594-AEF7-484B-858F-A5693E8AEF7D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{8F02C07A-C772-4E70-8CAE-A45E5ED1CF87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{0DE34C0E-FF30-415B-AF3D-BB8D1DF51EB9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{01A79A55-B24C-4BBB-94D4-D78F6CA85006}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [TCP Query User{CCDD1FDC-CB30-4688-BDCD-FDC1726A405E}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [UDP Query User{5C697167-8223-44D4-A3AA-B14FF2CB8284}C:\programdata\battle.net\agent\agent.3346\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3346\agent.exe
FirewallRules: [{1E6BD89C-DF21-4B72-9EEA-B77D933374E8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{5D3D86DE-E8EC-43A8-9132-DF7235B015CB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{52EC51F7-7DB7-4A64-8141-420DC919C91A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{2605058E-64DB-4895-8E76-E9961FA41F39}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{EC871F99-E0DB-4DB4-B39D-0707609FB238}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{978FFFAB-1B8A-4717-87EB-2CA891F3DE57}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E70C7794-92B0-41FF-BC30-5B0ED0484711}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{88E078E1-2E4E-4C0C-B960-8842C69673C4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{2543BE7F-38F8-4CC1-B991-3B7FDE0D45A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{0B272975-C8CA-4BAB-A590-6B576C3F7304}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{0268035F-14D7-4476-97F5-45AE71D2F404}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{2210F448-CD2F-4482-882F-17ED27DF89F9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [TCP Query User{1B2A3381-933C-4A51-A648-42A382CCB60B}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [UDP Query User{7D3EDAB5-B72B-4094-93F8-2CAB1B0BE260}C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{A1416097-4AFD-49CF-9C64-E5245DDE1488}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{3C001D6C-C0B8-4F51-B113-082A13DC3E0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{B804D606-7E7E-4DE3-A0DF-25DA26E5FA17}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CF668168-0895-4A3E-A86D-63DB97343C3A}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{6ECD2872-D39C-4BE5-B5E0-91971EA80998}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{D8A5DFB0-637B-4431-ACFB-3100E178E286}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{C6DB6CAC-92BF-4128-AEED-F5C2F111223A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{235E2609-A790-4106-B9DC-17E8CBD935A9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{24A0E24F-2F97-40FC-A82F-4ECFF93A198C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{E8A791B2-15F9-4D0E-9DDF-1836506162AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{5AAE868A-8703-40EB-B3CA-37E82E40B066}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{185863AF-9095-4D3B-9030-9142D1628CAB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{E5CF1F6C-4FAD-4741-B6A1-EE4774205B73}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B626F95-8925-4695-BA93-FE947F962993}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{84D3C51B-8ACA-4BC6-992B-33AB77F5FB66}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{E600D09F-C798-4D6A-98B8-AB7873E232D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{F320DFBB-5070-44CA-9892-FA93C5EE47CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{8B46A329-4A21-437B-9DA7-9421815B1BF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{C7797A34-9D89-4749-9223-8C3577F6AAD1}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C6D91B57-B26C-42D1-A7F2-5BBD56DA0FF1}C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{7E04F7AB-D2B2-4A20-98C8-04037B12E415}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2E56CF9E-CFB2-48D7-A9D7-7131D9D0B069}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{F87F449D-ED6F-4101-BDB1-70C53F7DFBE4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{573A5134-597C-4A56-8219-24208111D558}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{A5164977-7AC4-493D-9E8D-2D3F18B11D6E}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{302717EC-04DC-48F9-8D08-8E1D1511D33F}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{2799C221-5B79-4733-94B6-AB50107110E7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2AB94578-1D9B-408B-906E-48FBD76929BB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0D30D1D8-A0B8-468A-93B9-E583FD7FCA76}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{8386E656-5438-4A46-947D-5676C861D9BC}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{97130FFD-3DDE-4552-B359-F7362C03F61E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{0BFB2346-E01D-4EC2-9F8B-2AD45BA60FC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{28372F97-60A4-4370-9D35-0B82E7F75BFB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{B9A624BD-FC62-4965-BCF2-ADF47C684E37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8EA05787-1334-4A8A-92BA-3F5CC84AD665}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
==================== Faulty Device Manager Devices =============
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/20/2015 10:41:10 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: HANNES-PC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (07/20/2015 09:07:18 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: HANNES-PC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (07/19/2015 02:54:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (07/19/2015 02:54:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (07/19/2015 02:54:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/18/2015 12:33:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (07/18/2015 12:33:08 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
System errors:
=============
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Qualcomm Atheros Killer Service V2" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/21/2015 03:38:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/20/2015 12:25:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Fehlercode: 126
Error: (07/20/2015 12:22:12 PM) (Source: DCOM) (EventID: 10010) (User: HANNES-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (07/20/2015 12:22:12 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (07/20/2015 12:22:00 PM) (Source: DCOM) (EventID: 10010) (User: HANNES-PC)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Microsoft Office:
=========================
Error: (07/20/2015 10:41:10 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: HANNES-PC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (07/20/2015 09:07:18 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: HANNES-PC)
Description: HRESULT:0x8004FF6F
Description:You don’t need to install Microsoft Security Essentials. Your version of Windows includes an updated version of Windows Defender that provides the same level of protection as Microsoft Security Essentials, along with other significant improvements. <a>For more information on the differences and improvements, see online Help</a>. Error code:0x8004FF6F.
Error: (07/19/2015 02:54:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (07/19/2015 02:54:40 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
Error: (07/19/2015 02:54:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: MSDTCC:\Windows\system32\msdtcuiu.DLL8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: LsaC:\Windows\System32\Secur32.dll8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: ESENTC:\Windows\system32\esentprf.dll8
Error: (07/19/2015 02:54:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8
Error: (07/18/2015 12:33:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: WmiApRplC:\Windows\system32\wbem\wmiaprpl.dll8
Error: (07/18/2015 12:33:08 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description:
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 8136.02 MB
Available physical RAM: 6286 MB
Total Virtual: 9416.02 MB
Available Virtual: 7440.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.37 GB) (Free:114.69 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End of log ============================
|
|
21.07.2015, 15:54
| #8 |
| /// TB-Ausbilder | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
21.07.2015, 19:10
| #9 |
| | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Fixlog Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Hannes Home at 2015-07-21 18:03:06 Run:1
Running from C:\Users\Hannes Home\Downloads
Loaded Profiles: Hannes Home (Available Profiles: Hannes Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
RemoveProxy:
EmptyTemp:
end
*****************
Processes closed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-776971646-995409210-4114741199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-776971646-995409210-4114741199-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
EmptyTemp: => 3 GB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 18:03:19 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# end=init
# utc_time=2015-07-21 04:13:20
# local_time=2015-07-21 06:13:20 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24908
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# end=updated
# utc_time=2015-07-21 04:19:45
# local_time=2015-07-21 06:19:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# engine=24908
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-21 05:07:08
# local_time=2015-07-21 07:07:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 14877 14580820 0 0
# scanned=217179
# found=12
# cleaned=12
# scan_time=2842
sh=55A920DDE8213071BDF2B3102576B779508D180A ft=1 fh=88d47ad422f07b87 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\sppsm.dll.vir"
sh=226323E500D641425C4209F52CD2722F2CE408A0 ft=1 fh=eaeb977324ab8858 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\spusm.dll.vir"
sh=37703B3CFC8731E02C802496A698EB572B31B702 ft=1 fh=d1edc0fb9743c5e0 vn="Variante von MSIL/Toolbar.Linkury.I evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbs.dll.vir"
sh=19CAD3930C1C2AC434A1BB7DE8167E9C733B0FD7 ft=1 fh=41463cf6dfa3ec6c vn="Variante von MSIL/Toolbar.Linkury.F evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srbu.dll.vir"
sh=7D02B85A048C85BFDDB26C061696E1838B3689EF ft=1 fh=3bb292d6033375a6 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\LPT\srpt.dll.vir"
sh=9E77E1D2FD7B77B0FD8A71A70C35DD5A16836CF3 ft=1 fh=b241df9fafd25e77 vn="Win32/Systweak.G evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Hannes Home\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=61897FE467FE567D4E93C0E87AF1899DB5416CA2 ft=1 fh=2b4e98822df8a714 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=5AC145AB6583BED3EE9BEF0B92B0D35374D460BF ft=1 fh=114ebcec119f0e20 vn="Variante von Win64/BrowseFox.BL evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\wStLibG64.sys.vir"
sh=4A732A6BBA0F81B9D3503C3DB4C47A6CC5C36191 ft=1 fh=a09e30fdef4af736 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Hannes Home\Downloads\GPU Z - CHIP-Installer.exe"
sh=BA0F5017743A55E20573FFC7B3D5DBDE9D802AD6 ft=1 fh=f53fa0bf1cb7d581 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\Hannes Home\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=55A920DDE8213071BDF2B3102576B779508D180A ft=1 fh=88d47ad422f07b87 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Installer\MSI6CFF.tmp-\sppsm.dll"
sh=226323E500D641425C4209F52CD2722F2CE408A0 ft=1 fh=eaeb977324ab8858 vn="Variante von MSIL/Toolbar.Linkury.G evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Windows\Installer\MSI6CFF.tmp-\spusm.dll"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# end=init
# utc_time=2015-07-21 05:08:12
# local_time=2015-07-21 07:08:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 24908
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# end=updated
# utc_time=2015-07-21 05:08:55
# local_time=2015-07-21 07:08:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=b1af1c46595662408285d09a4255b5d7
# engine=24908
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-21 06:01:26
# local_time=2015-07-21 08:01:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18135 14584078 0 0
# scanned=218549
# found=0
# cleaned=0
# scan_time=3150
Code:
ATTFilter Results of screen317's Security Check version 1.004
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 31
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.209
Mozilla Firefox (39.0)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
22.07.2015, 04:41
| #10 | |||||||||||
| /// TB-Ausbilder | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleanerZitat:
Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Windows\Installer\MSI6CFF.tmp-
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
22.07.2015, 20:06
| #11 |
| | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner Hallo Matthias, hier ist dre Fixlog Code:
ATTFilter Fix result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Hannes Home at 2015-07-22 20:58:20 Run:2
Running from C:\Users\Hannes Home\Downloads
Loaded Profiles: Hannes Home (Available Profiles: Hannes Home)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CloseProcesses:
C:\Windows\Installer\MSI6CFF.tmp-
EmptyTemp:
end
*****************
Processes closed successfully.
C:\Windows\Installer\MSI6CFF.tmp- => moved successfully.
EmptyTemp: => 21.9 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 20:58:21 ====
Wo kann ich denn Programme "sicher" laden, wenn Chip sowas macht, vorher hatte ich auch den ADP drauf gehabt? |
|
23.07.2015, 13:17
| #12 | |
| /// TB-Ausbilder | FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleanerZitat:
Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu FPS dropps - Windows 8.1 Maleware / Addware gefunden ADWcleaner |
| adw cleaner, adware, appdata, bericht, betriebssystem, browser, dateien, diverse, driver, explorer, firefox, fps einbrüche, gelöscht, home, internet, internet explorer, lag durch virus?, langsamer, male-ware, maleware, microsoft, mozilla, ordner, programme, rechner, roaming, server, software, system32, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
