| |
| |||||||
Log-Analyse und Auswertung: Windows 10 Troyaner hat Festplatte gesperrtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
05.06.2016, 19:35
| #1 |
| |  Windows 10 Troyaner hat Festplatte gesperrt Hallo alle zusammen. Wie ich nun festgestellt habe hat (wahrscheinlich)der Trojaner Gen:Trojan.Heur.GM01C8002000 meine Festplatte gesperrt. Die Festplatte wird in der Datenträgerverwältung erkannt, bekommt aber keinen Laufwerksbuchstaben und kein Zugriff darauf. Als Besitzer ist ROOT eingetragen. FRST.txt mit Additions.txt habe ich erstellt. Ich habe auch die log.dll von Avast Internet Security aber die kann ich nicht als txt anhängen weils eine dll Datei ist. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:05-06-2016 02
durchgeführt von Stefan (Administrator) auf STEFAN-PC (05-06-2016 19:56:53)
Gestartet von C:\Users\Stefan\Desktop\Downloads
Geladene Profile: Stefan (Verfügbare Profile: Stefan)
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(© 2015 Microsoft Corporation) C:\Users\Stefan\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\upgrade.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400064 2016-06-03] (AVAST Software)
HKU\S-1-5-21-956596106-3120618628-615831838-1000\...\Run: [BingSvc] => C:\Users\Stefan\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (© 2015 Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-06-02] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{03f396a3-588b-4fb9-bc2d-3b003b9d6759}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-956596106-3120618628-615831838-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-06-02] (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
FireFox:
========
FF ProfilePath: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\tfhyx8ni.default
FF DefaultSearchEngine: Bing
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK216DF&PC=SK216&q=
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-03] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-03] (Google Inc.)
FF SearchPlugin: C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\tfhyx8ni.default\searchplugins\bing-.xml [2016-06-02]
FF Extension: Bing Search - C:\Users\Stefan\AppData\Roaming\Mozilla\Firefox\Profiles\tfhyx8ni.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-06-02]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-06-02]
Chrome:
=======
CHR Profile: C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-06-02]
CHR Extension: (Docs) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-06-02]
CHR Extension: (Google Drive) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-02]
CHR Extension: (YouTube) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-06-02]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-02]
CHR Extension: (Google Mail) - C:\Users\Stefan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-06-02]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2016-06-02]
CHR HKU\S-1-5-21-956596106-3120618628-615831838-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-06-02] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [370656 2016-06-02] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe [93184 2014-08-21] (Hewlett-Packard Company) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [32792 2016-06-02] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [35096 2016-06-02] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [91168 2016-06-02] (AVAST Software)
S3 aswNetNd6; C:\WINDOWS\system32\DRIVERS\aswNetNd6.sys [26776 2016-06-02] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [334776 2016-06-02] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [91232 2016-06-02] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [58776 2016-06-02] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [815792 2016-06-02] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [449640 2016-06-02] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [124808 2016-06-02] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [221368 2016-06-02] (AVAST Software)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-05 19:56 - 2016-06-05 19:56 - 00000000 ____D C:\FRST
2016-06-04 09:23 - 2016-06-04 09:23 - 00000000 ____D C:\Users\Stefan\Documents\dChanger_v1.2
2016-06-04 09:12 - 2016-06-04 09:12 - 00001041 _____ C:\Users\Public\Desktop\IrfanView.lnk
2016-06-04 09:12 - 2016-06-04 09:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2016-06-04 09:11 - 2016-06-04 09:11 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\IrfanView
2016-06-04 09:11 - 2016-06-04 09:11 - 00000000 ____D C:\Program Files\IrfanView
2016-06-04 08:57 - 2016-06-04 08:57 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Hewlett-Packard
2016-06-04 08:57 - 2016-06-04 08:57 - 00000000 ____D C:\Users\Stefan\AppData\Local\Hewlett-Packard
2016-06-04 08:57 - 2016-06-04 08:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2016-06-04 08:56 - 2016-06-04 08:57 - 00000000 ____D C:\Program Files\InstallShield Installation Information
2016-06-04 08:56 - 2016-06-04 08:56 - 00000000 ____D C:\System.sav
2016-06-04 08:55 - 2016-06-04 08:55 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2016-06-04 08:55 - 2016-06-04 08:55 - 00000000 ____D C:\Program Files\Hewlett-Packard
2016-06-04 08:54 - 2016-06-04 08:54 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\hpqLog
2016-06-04 08:54 - 2016-06-04 08:54 - 00000000 ____D C:\swsetup
2016-06-04 08:54 - 2016-06-04 08:54 - 00000000 ____D C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2016-06-03 22:55 - 2016-06-03 23:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-03 22:54 - 2016-06-03 22:54 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-03 22:01 - 2016-06-03 22:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ UNERASER
2016-06-03 22:01 - 2016-06-03 22:01 - 00000000 ____D C:\Program Files\LSoft Technologies
2016-06-03 21:34 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-03 21:34 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-03 21:34 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-03 21:34 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-03 21:34 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-03 21:34 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-03 21:34 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-06-03 21:34 - 2016-02-23 09:42 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-06-03 21:33 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-03 21:33 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-03 21:33 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-03 21:33 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-03 21:33 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-03 21:33 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-03 21:33 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-03 21:33 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-03 21:33 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-03 21:33 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-03 21:33 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-03 21:33 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-03 21:33 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-03 21:33 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-03 21:33 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-03 21:33 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-03 21:33 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-03 21:33 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-06-03 21:33 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-03 21:33 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-03 21:33 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-03 21:33 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-03 21:33 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-06-03 21:33 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-06-03 21:33 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-03 21:33 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-06-03 21:33 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-06-03 21:33 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-03 21:33 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-06-03 21:33 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-06-03 21:33 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-06-03 21:33 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-06-03 21:33 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-03 21:33 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-03 21:33 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-03 21:33 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-03 21:33 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-06-03 21:33 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-06-03 21:33 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-06-03 21:33 - 2016-02-24 10:50 - 02885680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-06-03 21:33 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-06-03 21:33 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-06-03 21:33 - 2016-02-23 11:37 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-06-03 21:33 - 2016-02-23 11:37 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-06-03 21:33 - 2016-02-23 09:43 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-06-03 21:33 - 2016-02-23 09:16 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-06-03 21:33 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-06-03 21:32 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-06-03 21:32 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-06-03 21:32 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-06-03 21:32 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-06-03 21:32 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-06-03 21:32 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-06-03 21:32 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-03 21:32 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-03 21:32 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-03 21:32 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-06-03 21:32 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-03 21:32 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-06-03 21:32 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-06-03 21:32 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-06-03 21:32 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-06-03 21:32 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-03 21:32 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-03 21:32 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-06-03 21:32 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-03 21:32 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-06-03 21:32 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-03 21:32 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-06-03 21:32 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-06-03 21:32 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-06-03 21:32 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-03 21:32 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-06-03 21:32 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-06-03 21:32 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-03 21:32 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-06-03 21:32 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-06-03 21:32 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-03 21:32 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-06-03 21:32 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-03 21:32 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-03 21:32 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-03 21:32 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-06-03 21:32 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-03 21:32 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-03 21:32 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-06-03 21:32 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-06-03 21:32 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-06-03 21:32 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-06-03 21:32 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-03 21:32 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-03 21:32 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-03 21:32 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-06-03 21:32 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-06-03 21:32 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-06-03 21:32 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-06-03 21:32 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-06-03 21:32 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-06-03 21:32 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-06-03 21:32 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-03 21:32 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-03 21:32 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-03 21:32 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-03 21:32 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-06-03 21:32 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-06-03 21:32 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-06-03 21:32 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-06-03 21:32 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-03 21:32 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-03 21:32 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-06-03 21:32 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-06-03 21:32 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-03 21:32 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-03 21:32 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-06-03 21:32 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-06-03 21:32 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-06-03 21:32 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-06-03 21:32 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-06-03 21:32 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-03 21:32 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-06-03 21:32 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-06-03 21:32 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-03 21:32 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-03 21:32 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-03 21:32 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-06-03 21:32 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-03 21:32 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-03 21:32 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-06-03 21:32 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-03 21:32 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-06-03 21:32 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-03 21:32 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-03 21:32 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-06-03 21:32 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-06-03 21:32 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-03 21:32 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-06-03 21:32 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-06-03 21:32 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-06-03 21:32 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-06-03 21:32 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-03 21:32 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-06-03 21:32 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-03 21:32 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-06-03 21:32 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-03 21:32 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-03 21:32 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-03 21:32 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-03 21:32 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-03 21:32 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-06-03 21:32 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-06-03 21:32 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-06-03 21:32 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-06-03 21:32 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-03 21:32 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-06-03 21:32 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-06-03 21:32 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-03 21:32 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-06-03 21:32 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-06-03 21:32 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-03 21:32 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-03 21:32 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-03 21:32 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-06-03 21:32 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-03 21:32 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-03 21:32 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-03 21:32 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-06-03 21:32 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-06-03 21:32 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-06-03 21:32 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-06-03 21:32 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-06-03 21:32 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-06-03 21:32 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-06-03 21:32 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-03 21:32 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-06-03 21:32 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-06-03 21:32 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-06-03 21:32 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-06-03 21:32 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-06-03 21:32 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-06-03 21:32 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-06-03 21:32 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-03 21:32 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-06-03 21:32 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-06-03 21:32 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-06-03 21:32 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-06-03 21:32 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-06-03 21:32 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-06-03 21:32 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-06-03 21:32 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-06-03 21:32 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-06-03 21:32 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-06-03 21:32 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-06-03 21:32 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-03 21:32 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-06-03 21:32 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-06-03 21:32 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-06-03 21:32 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-06-03 21:32 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-06-03 21:32 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-06-03 21:32 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-06-03 21:32 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-06-03 21:32 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-06-03 21:32 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-03 21:32 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-03 21:32 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-06-03 21:32 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-06-03 21:32 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-06-03 21:32 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-06-03 21:32 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-03 21:32 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-06-03 21:32 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-06-03 21:32 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-03 21:32 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-06-03 21:32 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-06-03 21:32 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-06-03 21:32 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-06-03 21:32 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-03 21:32 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-06-03 21:32 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-06-03 21:32 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-06-03 21:32 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-06-03 21:32 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-06-03 21:32 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-03 21:32 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-03 21:32 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-06-03 21:32 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-06-03 21:32 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-03 21:32 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-06-03 21:32 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-06-03 21:32 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-06-03 21:32 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-06-03 21:32 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-03 21:32 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-03 21:32 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-03 21:32 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-06-03 21:32 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-03 21:32 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-06-03 21:32 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-06-03 21:32 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-06-03 21:32 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-06-03 21:32 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-06-03 21:32 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-06-03 21:32 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-06-03 21:32 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-06-03 21:32 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-06-03 21:32 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-06-03 21:32 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-06-03 21:32 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-06-03 21:32 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-06-03 21:32 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-06-03 21:32 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-06-03 21:32 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-06-03 21:32 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-06-03 21:32 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-06-03 21:32 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-03 21:32 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-06-03 21:32 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-03 21:32 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-03 21:32 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-06-03 21:32 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-03 21:32 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-06-03 21:32 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-03 21:32 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-03 21:32 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-06-03 21:32 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-06-03 21:32 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-06-03 21:32 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-06-03 21:32 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-06-03 21:32 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-06-03 21:32 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-06-03 21:32 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-03 21:32 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-06-03 21:32 - 2016-02-24 10:57 - 01174368 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-06-03 21:32 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-06-03 21:32 - 2016-02-24 10:15 - 00107872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-06-03 21:32 - 2016-02-24 10:11 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-03 21:32 - 2016-02-24 10:11 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-03 21:32 - 2016-02-24 10:03 - 00510880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-06-03 21:32 - 2016-02-24 09:59 - 00118304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-06-03 21:32 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-06-03 21:32 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-06-03 21:32 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-06-03 21:32 - 2016-02-24 09:03 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2016-06-03 21:32 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-06-03 21:32 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-06-03 21:32 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-06-03 21:32 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-06-03 21:32 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-06-03 21:32 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-03 21:32 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-06-03 21:32 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-06-03 21:32 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-06-03 21:32 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-06-03 21:32 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-06-03 21:32 - 2016-02-24 08:37 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-06-03 21:32 - 2016-02-24 08:37 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-06-03 21:32 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-06-03 21:32 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-06-03 21:32 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-06-03 21:32 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-06-03 21:32 - 2016-02-24 08:29 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-06-03 21:32 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-06-03 21:32 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-06-03 21:32 - 2016-02-24 08:27 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-06-03 21:32 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-06-03 21:32 - 2016-02-24 08:23 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-06-03 21:32 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-06-03 21:32 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-06-03 21:32 - 2016-02-24 08:21 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-06-03 21:32 - 2016-02-24 08:21 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-06-03 21:32 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-06-03 21:32 - 2016-02-24 08:20 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-06-03 21:32 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-06-03 21:32 - 2016-02-24 08:18 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-06-03 21:32 - 2016-02-24 08:18 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-06-03 21:32 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-06-03 21:32 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-03 21:32 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-06-03 21:32 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-06-03 21:32 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-06-03 21:32 - 2016-02-24 08:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-06-03 21:32 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-06-03 21:32 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-06-03 21:32 - 2016-02-24 08:07 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-03 21:32 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-06-03 21:32 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-06-03 21:32 - 2016-02-24 07:55 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-06-03 21:32 - 2016-02-24 07:51 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-06-03 21:32 - 2016-02-24 07:34 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-03 21:32 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-06-03 21:32 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2016-06-03 21:32 - 2016-02-23 12:33 - 00354656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-03 21:32 - 2016-02-23 12:32 - 00462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-06-03 21:32 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-06-03 21:32 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-06-03 21:32 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-06-03 21:32 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-06-03 21:32 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-06-03 21:32 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-06-03 21:32 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-06-03 21:32 - 2016-02-23 11:23 - 00124256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-06-03 21:32 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-06-03 21:32 - 2016-02-23 10:51 - 00381280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-06-03 21:32 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-06-03 21:32 - 2016-02-23 10:25 - 00722432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-06-03 21:32 - 2016-02-23 10:25 - 00201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-06-03 21:32 - 2016-02-23 10:18 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-06-03 21:32 - 2016-02-23 10:16 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-06-03 21:32 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-06-03 21:32 - 2016-02-23 10:14 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-06-03 21:32 - 2016-02-23 10:13 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-06-03 21:32 - 2016-02-23 10:08 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-06-03 21:32 - 2016-02-23 10:07 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-06-03 21:32 - 2016-02-23 10:05 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-06-03 21:32 - 2016-02-23 10:03 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-06-03 21:32 - 2016-02-23 10:01 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-06-03 21:32 - 2016-02-23 10:01 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-06-03 21:32 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-06-03 21:32 - 2016-02-23 09:51 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-06-03 21:32 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-06-03 21:32 - 2016-02-23 09:50 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-06-03 21:32 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-06-03 21:32 - 2016-02-23 09:48 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-06-03 21:32 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-06-03 21:32 - 2016-02-23 09:46 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-06-03 21:32 - 2016-02-23 09:45 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-03 21:32 - 2016-02-23 09:44 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-06-03 21:32 - 2016-02-23 09:41 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-06-03 21:32 - 2016-02-23 09:40 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-06-03 21:32 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-06-03 21:32 - 2016-02-23 09:38 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-06-03 21:32 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-03 21:32 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-06-03 21:32 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-06-03 21:32 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-06-03 21:32 - 2016-02-23 09:28 - 00810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-06-03 21:32 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-06-03 21:32 - 2016-02-23 09:24 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-03 21:32 - 2016-02-23 09:24 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-06-03 21:32 - 2016-02-23 09:23 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-06-03 21:32 - 2016-02-23 09:20 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-06-03 21:32 - 2016-02-23 09:14 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-06-03 21:32 - 2016-02-23 09:05 - 00922624 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-06-03 21:32 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-06-03 21:32 - 2016-02-23 08:36 - 01931776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-06-03 21:32 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-06-03 21:32 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-06-03 21:32 - 2016-02-09 05:09 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-03 21:31 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-06-03 21:31 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-06-03 21:31 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-03 21:31 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-03 21:31 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
2016-06-03 20:23 - 2016-06-03 20:24 - 00000000 ____D C:\Program Files\GUM4A39.tmp
2016-06-03 20:21 - 2016-06-03 20:21 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-03 20:21 - 2016-06-03 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2016-06-03 20:21 - 2016-06-03 20:21 - 00000000 ____D C:\Program Files\Seagate
2016-06-02 22:51 - 2016-06-02 22:51 - 00000000 ____D C:\$SysReset
2016-06-02 22:20 - 2016-06-02 22:20 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-06-02 22:12 - 2016-06-02 22:17 - 00000000 ____D C:\Users\Stefan\AppData\Local\PackageStaging
2016-06-02 22:07 - 2016-06-02 22:07 - 00000000 ____D C:\Users\Stefan\AppData\Local\MicrosoftEdge
2016-06-02 22:05 - 2016-06-02 22:06 - 00000000 ____D C:\Users\Stefan\AppData\Local\Comms
2016-06-02 22:05 - 2016-06-02 21:32 - 00000000 ___DC C:\WINDOWS\Panther
2016-06-02 22:00 - 2016-06-02 22:01 - 00000000 ____D C:\Windows.old
2016-06-02 21:57 - 2016-06-02 21:57 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-06-02 21:56 - 2016-06-02 21:57 - 00002386 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-02 21:56 - 2016-06-02 21:57 - 00000000 ___RD C:\Users\Stefan\OneDrive
2016-06-02 21:56 - 2016-06-02 21:56 - 00000000 ____D C:\WINDOWS\system32\XPSViewer
2016-06-02 21:56 - 2016-06-02 21:56 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-06-02 21:56 - 2016-06-02 21:56 - 00000000 ____D C:\Program Files\MSBuild
2016-06-02 21:54 - 2015-10-23 18:47 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2016-06-02 21:54 - 2015-10-23 18:47 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2016-06-02 21:54 - 2015-10-23 18:47 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2016-06-02 21:53 - 2016-06-02 21:53 - 00942592 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-06-02 21:53 - 2016-06-02 21:53 - 00279376 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-06-02 21:47 - 2016-06-02 21:47 - 00001047 _____ C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-06-02 21:47 - 2015-10-29 19:42 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2016-06-02 21:47 - 2015-10-29 19:41 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2016-06-02 21:47 - 2015-10-29 19:24 - 04847616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2016-06-02 21:45 - 2016-06-02 21:45 - 00000000 ____D C:\Users\Stefan\AppData\Local\Publishers
2016-06-02 21:38 - 2016-06-04 09:21 - 00000000 ____D C:\Users\Stefan\AppData\Local\Packages
2016-06-02 21:38 - 2016-06-02 21:38 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Adobe
2016-06-02 21:38 - 2016-06-02 21:38 - 00000000 ____D C:\Users\Stefan\AppData\Local\TileDataLayer
2016-06-02 21:38 - 2016-06-02 21:38 - 00000000 ____D C:\Users\Stefan\AppData\Local\ActiveSync
2016-06-02 21:36 - 2016-06-02 21:36 - 00000020 ___SH C:\Users\Stefan\ntuser.ini
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Vorlagen
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Startmenü
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2016-06-02 21:25 - 2016-06-02 21:25 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2016-06-02 21:23 - 2016-06-04 20:55 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-02 21:22 - 2016-06-02 21:22 - 00021532 _____ C:\WINDOWS\system32\emptyregdb.dat
2016-06-02 21:15 - 2016-06-02 21:15 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-06-02 21:15 - 2016-06-02 21:15 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2016-06-02 21:15 - 2016-06-02 21:15 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2016-06-02 21:14 - 2016-06-02 21:14 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2016-06-02 21:13 - 2016-06-04 08:45 - 00000000 ____D C:\Users\Stefan
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Vorlagen
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Startmenü
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Netzwerkumgebung
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Lokale Einstellungen
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Eigene Dateien
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Druckumgebung
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Documents\Eigene Videos
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Documents\Eigene Musik
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Documents\Eigene Bilder
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\AppData\Local\Verlauf
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\AppData\Local\Anwendungsdaten
2016-06-02 21:13 - 2016-06-02 21:13 - 00000000 _SHDL C:\Users\Stefan\Anwendungsdaten
2016-06-02 21:08 - 2016-06-02 21:53 - 00000000 ____D C:\Program Files\Common Files\logishrd
2016-06-02 20:17 - 2015-10-30 07:45 - 00000001 ___SH C:\BOOTNXT
2016-06-02 20:00 - 2016-06-02 21:24 - 00010449 _____ C:\WINDOWS\diagerr.xml
2016-06-02 20:00 - 2016-06-02 21:24 - 00009528 _____ C:\WINDOWS\diagwrn.xml
2016-06-02 20:00 - 2016-06-02 20:13 - 00000000 ___HD C:\$WINDOWS.~BT
2016-06-02 19:55 - 2016-06-02 20:00 - 00000036 _____ C:\WINDOWS\progress.ini
2016-06-02 19:48 - 2016-06-02 21:33 - 00000000 ___HD C:\$GetCurrent
2016-06-02 19:41 - 2016-06-02 21:38 - 00000000 ____D C:\Windows10Upgrade
2016-06-02 19:41 - 2016-06-02 19:48 - 00000694 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10-Upgrade-Assistent.lnk
2016-06-02 19:31 - 2016-06-02 19:31 - 00000000 ____D C:\Users\Stefan\Tracing
2016-06-02 19:30 - 2016-06-03 20:16 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Skype
2016-06-02 19:29 - 2016-06-02 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-02 19:29 - 2016-06-02 19:30 - 00000000 ____D C:\ProgramData\Skype
2016-06-02 19:29 - 2016-06-02 19:29 - 00002687 _____ C:\Users\Public\Desktop\Skype.lnk
2016-06-02 19:29 - 2016-06-02 19:29 - 00000000 ___RD C:\Program Files\Skype
2016-06-02 19:29 - 2016-06-02 19:29 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-06-02 18:32 - 2016-06-02 18:32 - 00000000 ____D C:\Users\Stefan\AppData\Local\Google
2016-06-02 18:25 - 2016-06-02 18:25 - 06748160 _____ C:\Program Files\GUTDB44.tmp
2016-06-02 18:25 - 2016-06-02 18:25 - 00000000 ____D C:\Program Files\GUMDB43.tmp
2016-06-02 18:20 - 2016-06-02 18:20 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-06-02 18:19 - 2016-06-02 21:21 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-02 18:18 - 2016-06-05 19:51 - 00001122 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-02 18:18 - 2016-06-04 09:29 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-02 18:17 - 2016-06-02 18:18 - 00000000 ____D C:\Program Files\Google
2016-06-02 18:17 - 2016-06-02 18:16 - 00035096 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-06-02 18:15 - 2016-06-02 18:15 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\AVAST Software
2016-06-02 18:14 - 2016-06-02 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-02 18:13 - 2016-06-02 18:13 - 00000000 ____D C:\Program Files\Common Files\AV
2016-06-02 18:13 - 2016-06-02 18:11 - 00815792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00449640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00221368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00124808 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00091232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00091168 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00058776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-06-02 18:13 - 2016-06-02 18:11 - 00032792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-06-02 18:12 - 2016-06-02 18:12 - 00000000 ____D C:\Program Files\Intel
2016-06-02 18:12 - 2016-06-02 18:12 - 00000000 ____D C:\Intel
2016-06-02 18:12 - 2016-06-02 18:11 - 00334776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2016-06-02 18:12 - 2016-06-02 18:11 - 00334280 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-06-02 18:11 - 2016-06-02 18:11 - 00052184 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-06-02 18:11 - 2016-06-02 18:11 - 00026776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetNd6.sys
2016-06-02 18:09 - 2016-06-02 18:16 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-02 18:09 - 2016-06-02 18:16 - 00000000 ____D C:\Program Files\AVAST Software
2016-06-02 18:09 - 2016-06-02 18:09 - 00057560 _____ C:\Users\Stefan\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-02 18:08 - 2016-06-02 18:08 - 05052416 _____ (AVAST Software) C:\Users\Stefan\Downloads\avast_internet_security_setup_online.exe
2016-06-02 18:04 - 2016-06-02 18:12 - 00000000 ____D C:\Users\Stefan\AppData\Local\Mozilla
2016-06-02 18:04 - 2016-06-02 18:05 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Mozilla
2016-06-02 18:04 - 2016-06-02 18:04 - 00001117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-06-02 18:04 - 2016-06-02 18:04 - 00001105 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-06-02 18:04 - 2016-06-02 18:04 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-06-02 18:04 - 2016-06-02 18:04 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-06-02 17:59 - 2016-06-02 17:59 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-06-02 17:59 - 2016-05-18 21:40 - 00357432 _____ (Intel Corporation) C:\WINDOWS\system32\PROUnstl.exe
2016-06-02 17:35 - 2016-06-02 18:33 - 00000000 ____D C:\Users\Stefan\AppData\Local\VirtualStore
2016-06-02 17:35 - 2009-07-14 10:56 - 00000000 ____D C:\Users\Stefan\AppData\Roaming\Media Center Programs
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Programme
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Vorlagen
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Startmenü
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Favoriten
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Dokumente
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2016-06-02 17:34 - 2016-06-02 17:34 - 00000000 _SHDL C:\Dokumente und Einstellungen
2016-06-02 15:10 - 2016-06-02 15:10 - 00000000 ____D C:\Windows.old.000
2016-06-02 14:12 - 2016-06-02 20:17 - 00008192 __RSH C:\BOOTSECT.BAK
2016-06-02 14:12 - 2016-03-29 12:07 - 00400302 __RSH C:\bootmgr
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-06-05 19:56 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-04 20:55 - 2016-02-13 13:57 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-04 20:55 - 2016-02-13 13:57 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-04 20:55 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-06-04 20:48 - 2016-02-13 14:31 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-04 09:37 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-04 08:59 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-04 07:19 - 2016-02-13 14:35 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-04 07:15 - 2016-02-13 05:26 - 00192960 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-03 23:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-06-03 23:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-03 23:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-03 23:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-03 23:13 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-06-03 23:11 - 2016-02-13 14:15 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 __RSD C:\WINDOWS\Media
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-03 23:11 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-03 23:10 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-06-03 23:08 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-03 20:11 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppCompat
2016-06-02 22:05 - 2015-10-30 07:50 - 00000000 ____D C:\WINDOWS\Setup
2016-06-02 22:05 - 2015-10-30 07:48 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-06-02 21:56 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-06-02 21:48 - 2016-02-13 14:01 - 00000000 ____D C:\WINDOWS\OCR
2016-06-02 21:33 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Registration
2016-06-02 21:29 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-06-02 21:25 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-06-02 21:25 - 2015-10-30 07:48 - 00000000 ____D C:\Program Files\Windows NT
2016-06-02 21:22 - 2015-10-30 07:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-06-02 21:16 - 2015-10-30 07:13 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-06-02 21:15 - 2016-02-13 13:57 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-06-02 21:15 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-02 21:15 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\IME
2016-06-02 21:15 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\schemas
2016-06-02 21:15 - 2009-07-14 10:56 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-06-02 21:15 - 2009-07-14 04:37 - 00000000 ____D C:\Users\Default.migrated
2016-06-02 21:14 - 2015-10-30 07:48 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-06-02 21:14 - 2009-07-14 06:52 - 00000000 ____D C:\Program Files\DVD Maker
2016-06-02 21:13 - 2015-10-30 07:13 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-06-02 20:17 - 2009-07-14 06:34 - 00014624 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-02 20:17 - 2009-07-14 06:34 - 00014624 ____H C:\WINDOWS\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-02 14:36 - 2009-07-14 10:57 - 00000000 ____D C:\WINDOWS\CSC
2016-05-11 21:57 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-11 21:57 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-06-02 18:25 - 2016-06-02 18:25 - 6748160 _____ () C:\Program Files\GUTDB44.tmp
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-02 21:06
==================== Ende vom FRST.txt ============================
Nun die Additions.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:05-06-2016 02
durchgeführt von Stefan (2016-06-05 19:58:00)
Gestartet von C:\Users\Stefan\Desktop\Downloads
Microsoft Windows 10 Pro Version 1511 (X86) (2016-06-02 19:16:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-956596106-3120618628-615831838-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-956596106-3120618628-615831838-503 - Limited - Disabled)
Gast (S-1-5-21-956596106-3120618628-615831838-501 - Limited - Disabled)
Stefan (S-1-5-21-956596106-3120618628-615831838-1000 - Administrator - Enabled) => C:\Users\Stefan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active@ UNERASER 10 (HKLM\...\{CDA98861-3CF1-4CBB-B4A2-6FFB8711EBC1}_is1) (Version: 10 - LSoft Technologies Inc)
Avast Internet Security (HKLM\...\Avast) (Version: 11.2.2262 - AVAST Software)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.79 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Support Assistant (HKLM\...\{904822F1-6C7D-4B91-B936-6A1C0810544C}) (Version: 7.7.34.34 - Hewlett-Packard Company)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 21.0 - Intel)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 46.0.1 (x86 de) (HKLM\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1 - Mozilla)
SafeZone Stable 1.48.2066.101 (Version: 1.48.2066.101 - Avast Software) Hidden
SeaTools for Windows 1.4.0.4 (HKLM\...\SeaTools for Windows) (Version: 1.4.0.4 - Seagate Technology)
Skype™ 7.24 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
Windows 10-Upgrade-Assistent (HKLM\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17305 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0A469AB1-FD32-4967-8409-16709E358B3A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-03] (Google Inc.)
Task: {19E0B39E-28F3-43FB-B17D-7DB8AD55EE7C} - System32\Tasks\SafeZone scheduled Autoupdate 1464884387 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {5130AC81-4C63-428C-9A41-B71D05CF4023} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5273934B-D02A-426F-BA6D-C56AC6C66CA9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {583B725F-5CC1-433A-A962-9729E648EE3C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) <==== ACHTUNG
Task: {58A001C2-C8DC-4015-8DBE-192E0DBFFA1C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {60E4ED1D-6ED7-4540-B094-3EC96C202A9E} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {61E4A71E-4D64-454A-907C-49EED7E098F4} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {63D914B3-41C1-4767-BC64-DF7D22F2FF59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-06-03] (Google Inc.)
Task: {79E184EE-8142-41A2-B3FA-335AB98F15FB} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7A23AB6F-51C1-4386-985E-B4BE749AD3ED} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {7A468FCD-3C2C-4462-996A-5BA3D368DC69} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {80EAD0EF-35DF-49FA-9A0B-DD820DE38AB8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2014-08-21] (Hewlett-Packard Company)
Task: {851AF885-C7A0-4AD7-855C-5EB68CE74129} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {89C19C48-838E-40F8-AF44-DC802D74B54A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {91A5A69B-43CD-419B-89CA-173ADA79FAF8} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9C7FC3A8-C4A4-4AE4-9C12-EA42BBF7F06F} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9FCAA695-EE7D-4350-ABB9-49FE1EEF6112} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-06-02] (AVAST Software)
Task: {AA259456-ACE7-4E14-9CF7-25CC514E26B1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {ABAA709F-9287-406A-B83F-5BED922E6133} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {ABCF8915-5F0C-4368-A7D8-27EE4EC963C3} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB269746-1CF1-479C-8816-231EC834DF78} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C483F50F-1EBB-469F-8668-987F7AB24363} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CE489436-3BC4-42D2-83D6-DE3D78C895DF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D53301E3-EF54-463C-A498-53CBD0EDE841} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DBEB5598-EE0F-4042-A81D-40FE1968B819} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-02] (AVAST Software)
Task: {DEBEEFBA-347C-4038-A790-DBFF399EF143} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E7A7585F-3009-4606-B360-2E5FB2F671B0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-08-21] (Hewlett-Packard Company)
Task: {E998F5B1-98AF-46BC-8522-2D58F8E7FE92} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E9CDF833-1D27-4456-A958-B58C323A7D51} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EC74D0F2-B509-4440-8492-CD3280E519D7} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE181369-6410-4E87-B964-74B230D41518} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 07:44 - 2015-10-30 07:44 - 00022528 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2016-06-02 18:11 - 2016-06-02 18:11 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-06-02 18:11 - 2016-06-02 18:11 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-03 20:08 - 2016-06-03 20:08 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060301\algo.dll
2016-06-04 20:50 - 2016-06-04 20:50 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060402\algo.dll
2016-06-02 18:11 - 2016-06-02 18:11 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-06-02 18:11 - 2016-06-02 18:11 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-05 19:53 - 2016-06-05 19:53 - 02923008 _____ () C:\Program Files\AVAST Software\Avast\defs\16060501\algo.dll
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-06-03 21:32 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-03 21:32 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-02 21:56 - 2016-06-02 21:56 - 00679624 _____ () C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-03 21:31 - 2016-04-23 05:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-02-13 13:59 - 2016-02-13 13:59 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-03 21:32 - 2016-04-23 06:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-03 21:31 - 2016-04-23 06:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-03 21:31 - 2016-04-23 05:59 - 00696320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2016-06-03 21:32 - 2016-04-23 05:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-03 21:33 - 2016-04-23 06:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-06-02 18:11 - 2016-06-02 18:11 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-11-26 23:54 - 2012-11-26 23:54 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2016-06-03 21:31 - 2016-04-23 05:58 - 00117248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2016-06-03 21:31 - 2016-04-23 05:57 - 00076800 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll
2016-06-03 21:31 - 2016-04-23 05:58 - 00414720 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll
2015-10-30 07:45 - 2016-02-13 14:14 - 00031232 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node
2015-10-30 07:45 - 2016-02-13 14:14 - 00528896 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node
2015-10-30 07:45 - 2016-02-13 14:14 - 00663552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node
2015-10-30 07:45 - 2016-02-13 14:15 - 00152064 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node
2015-10-30 07:45 - 2016-02-13 14:15 - 00383488 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node
2015-10-30 07:45 - 2016-02-13 14:14 - 00274432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node
2015-10-30 07:45 - 2016-02-13 14:15 - 00132608 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node
2015-10-30 07:45 - 2016-02-13 14:14 - 00072192 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node
2015-10-30 07:45 - 2016-02-13 14:14 - 00151040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node
2016-06-04 09:35 - 2016-06-04 09:35 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-06-04 09:35 - 2016-06-04 09:35 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-06-04 09:35 - 2016-06-04 09:35 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-02-13 13:59 - 2016-02-13 13:59 - 02411360 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentDeliveryManager.Background.dll
2016-02-13 13:59 - 2016-02-13 13:59 - 01910624 _____ () C:\Windows\SystemApps\Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy\ContentManagementSDK.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-956596106-3120618628-615831838-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stefan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0756903A-9DA5-4617-ABF7-A8AEE2A4847E}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{7552E3C0-4E1C-483B-8E64-0CAE648FB231}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{3A131757-A646-4581-83C4-6B9B3E4B55F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{5A3BEEFF-9628-4953-977E-10373530AA0C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (06/05/2016 07:52:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/04/2016 09:01:31 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4
Error: (06/04/2016 08:56:46 AM) (Source: MsiInstaller) (EventID: 11609) (User: STEFAN-PC)
Description: Product: HP Customer Experience Enhancements -- Error 1609.An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (06/04/2016 08:34:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d73f
Name des fehlerhaften Moduls: ESENT.dll, Version: 10.0.10586.212, Zeitstempel: 0x56fa1470
Ausnahmecode: 0xc0000602
Fehleroffset: 0x0025088c
ID des fehlerhaften Prozesses: 0x44
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3
Vollständiger Name des fehlerhaften Pakets: svchost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: svchost.exe5
Error: (06/04/2016 08:34:21 AM) (Source: ESENT) (EventID: 908) (User: )
Description: svchost (68) Der Prozess wird aufgrund eines nicht behebbaren Fehlers beendet: PV: 10.0.10586.0 SV: 10.0.10586.0 GLE: 0 ERR: -1603(fucb.cxx:359): dllentry.cxx(103) (ESENT[10.0.10586.0] RETAIL RTM MBCS)
Error: (06/04/2016 08:30:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147009280. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/04/2016 08:25:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/04/2016 08:25:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/04/2016 08:25:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (06/04/2016 07:54:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: STEFAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (06/04/2016 09:14:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_3833d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2016 09:14:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _3833d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2016 09:14:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_3833d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2016 09:14:36 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3833d" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2016 08:48:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 04.06.2016 um 09:40:39 unerwartet heruntergefahren.
Error: (06/04/2016 09:43:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_430b8 erreicht.
Error: (06/04/2016 09:43:37 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Benutzerdatenspeicher _430b8 erreicht.
Error: (06/04/2016 09:43:36 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Benutzerdatenspeicher _430b8" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (06/04/2016 09:43:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_430b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (06/04/2016 09:43:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _430b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-06-04 07:16:43.788
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-02 21:51:32.708
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-02 21:38:20.844
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-02 21:21:19.084
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-06-02 21:08:19.441
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G6950 @ 2.80GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 1911.29 MB
Verfügbarer physikalischer RAM: 687.78 MB
Summe virtueller Speicher: 3831.29 MB
Verfügbarer virtueller Speicher: 2464.37 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.65 GB) (Free:269.97 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 4032EB38)
Partition 1: (Active) - (Size=297.6 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== Ende vom Addition.txt ============================
|
|
05.06.2016, 20:59
| #2 |
| /// Malwareteam  | Windows 10 Troyaner hat Festplatte gesperrt Mein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Posten in CODE-Tags  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Los gehts! Schritt # 1: TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt # 2: Bitte Posten
Und häng mir bitte noch einen Screenshot an.
__________________ |
|
05.06.2016, 21:43
| #3 |
| | Windows 10 Troyaner hat Festplatte gesperrt Hallo Dennis, Danke für deine Hilfe.
__________________Du wolltest einen Screenshot haben, von was genau? Die betroffene Festplatte ist übrigens die Harddisk2. Anbei der Report : Code:
ATTFilter 22:34:38.0278 0x0784 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:34:40.0927 0x0784 ============================================================
22:34:40.0927 0x0784 Current date / time: 2016/06/05 22:34:40.0927
22:34:40.0927 0x0784 SystemInfo:
22:34:40.0927 0x0784
22:34:40.0927 0x0784 OS Version: 10.0.10586 ServicePack: 0.0
22:34:40.0927 0x0784 Product type: Workstation
22:34:40.0927 0x0784 ComputerName: STEFAN-PC
22:34:40.0927 0x0784 UserName: Stefan
22:34:40.0927 0x0784 Windows directory: C:\WINDOWS
22:34:40.0927 0x0784 System windows directory: C:\WINDOWS
22:34:40.0927 0x0784 Processor architecture: Intel x86
22:34:40.0927 0x0784 Number of processors: 2
22:34:40.0927 0x0784 Page size: 0x1000
22:34:40.0927 0x0784 Boot type: Normal boot
22:34:40.0927 0x0784 ============================================================
22:34:41.0538 0x0784 KLMD registered as C:\WINDOWS\system32\drivers\81510434.sys
22:34:41.0771 0x0784 System UUID: {5BD00D2D-C7FF-EDD4-A639-2B2CDBAC461F}
22:34:42.0851 0x0784 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:34:42.0900 0x0784 Drive \Device\Harddisk2\DR2 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
22:34:42.0901 0x0784 ============================================================
22:34:42.0901 0x0784 \Device\Harddisk0\DR0:
22:34:42.0929 0x0784 MBR partitions:
22:34:42.0929 0x0784 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2534C682
22:34:42.0929 0x0784 \Device\Harddisk2\DR2:
22:34:42.0929 0x0784 MBR partitions:
22:34:42.0930 0x0784 ============================================================
22:34:43.0071 0x0784 C: <-> \Device\Harddisk0\DR0\Partition1
22:34:43.0071 0x0784 ============================================================
22:34:43.0071 0x0784 Initialize success
22:34:43.0071 0x0784 ============================================================
22:34:51.0045 0x0ee0 ============================================================
22:34:51.0045 0x0ee0 Scan started
22:34:51.0045 0x0ee0 Mode: Manual; SigCheck; TDLFS;
22:34:51.0045 0x0ee0 ============================================================
22:34:51.0045 0x0ee0 KSN ping started
22:34:53.0486 0x0ee0 KSN ping finished: true
22:34:56.0171 0x0ee0 ================ Scan system memory ========================
22:34:56.0171 0x0ee0 System memory - ok
22:34:56.0172 0x0ee0 ================ Scan services =============================
22:34:56.0811 0x0ee0 [ FB8D2D4BFD7A88943DFE6F196309004D, E2EADF3EBEA8841ED34A52900FFEA45F842F0997D78BC6BAF764201F1970F2EB ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:34:56.0916 0x0ee0 1394ohci - ok
22:34:56.0928 0x0ee0 [ 533B10DEEAB26696E6E36EC731B7D529, EF64596CEE31B398D249F811DF9B72A910FB9B157D77C9795C1B43AFEE327C8F ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:34:56.0953 0x0ee0 3ware - ok
22:34:56.0993 0x0ee0 [ C52523875786AADA77E2A9FEE4412900, CF3A1784A8AD77040DAF780E63FC71A6C1DD9C5FDDD041E27995A4BA48D82AB2 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:34:57.0032 0x0ee0 ACPI - ok
22:34:57.0060 0x0ee0 [ EAC463769226F6B56A1631C860038B62, 7A3812128EDC16EEEFC5635979826B8D441A737F3E2F41746CDE4704F11EC04A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:34:57.0084 0x0ee0 acpiex - ok
22:34:57.0112 0x0ee0 [ 2F8584E995D918D65348B7B04766FD65, 32D40A01A36AB503B984E317D620FDF45C4A87C7E343190C3FF4BE03D58EBA6F ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:34:57.0135 0x0ee0 acpipagr - ok
22:34:57.0156 0x0ee0 [ 3850E00C80DE0D5CA81F2D80F54E8D1B, 7DE3C3ACE0146D10B0D88A95B8AC0D817EF74AFD36649851B2F25D4229C1BDC3 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:34:57.0180 0x0ee0 AcpiPmi - ok
22:34:57.0203 0x0ee0 [ 022D57B8524BAC85C74C40AD8A3CFF31, FA1C78C5CE05A4FF50BEAB17B95485026C5D28D6462A3815884169867FB72EE9 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:34:57.0228 0x0ee0 acpitime - ok
22:34:57.0335 0x0ee0 [ 90D2195E7357C8A1450223BAEDC6F856, AF69B2E5D58ED597B07679AC26BAFD4B03EED4B1FF80E0D9C07F9B335AE3E793 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:34:57.0399 0x0ee0 ADP80XX - ok
22:34:57.0417 0x0ee0 [ 0E423A5854E1265F3B6D27332601355F, B13FB6AD9757D838EDA216CDEC1FA6DE48F79C00FDDC7BB2B644D1ADE5A4217A ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:34:57.0458 0x0ee0 AFD - ok
22:34:57.0464 0x0ee0 [ E84A11EFFE15A551A3E67CCB6985108C, 357FA06089ED7E35589A937123F090FAA87D22AD948C50F1C797B348799266B2 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
22:34:57.0487 0x0ee0 agp440 - ok
22:34:57.0525 0x0ee0 [ 11BC9F8550B2DE51BE6910F56D413740, 84B161E3F69681D0CBCB3C8CECA1C61262B15C756EDAEA6E0F5F488BE059D18C ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:34:57.0559 0x0ee0 ahcache - ok
22:34:57.0594 0x0ee0 [ 8DA92DB9585C83775024C19ED5EFA3C4, 45708FCCE16C6DF63A3702F9311470FC4F7349958B64400C3E43F2F81A6DD3CC ] AJRouter C:\WINDOWS\System32\AJRouter.dll
22:34:57.0610 0x0ee0 AJRouter - ok
22:34:57.0640 0x0ee0 [ 2DF4759AE499CEB7A4A81A50BED5D056, 706A46789E77D345F991B6433AEA1D4FE26DBB45FC2FC034BAB559D5FEF9E5A8 ] ALG C:\WINDOWS\System32\alg.exe
22:34:57.0667 0x0ee0 ALG - ok
22:34:57.0699 0x0ee0 [ D6148B25A9C87FADE773FAA077DB57D0, 30BA3F8515222FFE003FD0DA7ADEF57493C8928B69D32F1754C1B64E3BFA3CD0 ] amdagp C:\WINDOWS\system32\drivers\amdagp.sys
22:34:57.0720 0x0ee0 amdagp - ok
22:34:57.0727 0x0ee0 [ 041F4910E2110ADAF6F2C58404F7DC57, 17C612DB9223D068B9CAE7E487938B6143115C457812D17F8AB4919EFE660F6F ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:34:57.0783 0x0ee0 AmdK8 - ok
22:34:57.0789 0x0ee0 [ 7F412975418E252CDB79D3BFCDAD1317, 1621DC37F9284CF18EDC5852581BE7B0059FC1619EBB1481432E105F6C1E7C91 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:34:57.0819 0x0ee0 AmdPPM - ok
22:34:57.0825 0x0ee0 [ FB115921FA9C6ACB3D99A1BB95822983, DC3C5A3AB8247409944858793795B5E4D231DE1F50955A8F5015D1C0F04FF581 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:34:57.0848 0x0ee0 amdsata - ok
22:34:57.0857 0x0ee0 [ 0B0037ADF21A4A199356CCF43D0DBAAF, 1033FC37ED7BF7F21D78DB896EBF17D3CC87828615DD0333CB50BBFD38B4BA80 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:34:57.0888 0x0ee0 amdsbs - ok
22:34:57.0892 0x0ee0 [ 22BA036FD3C92A6B44BEFB482D3C75D9, 1A165A9060BF368C2AB5BDE5D2939F425AB8C24FA6819B2B718507F5DB4FD864 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:34:57.0913 0x0ee0 amdxata - ok
22:34:57.0939 0x0ee0 [ BC689AD98B66EABDA483CCE6813EA7F9, 3F113BBD5C7B550F6270C905F3EC2C22C9B24829A68C7D34A5668B66C3D7E637 ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:34:57.0965 0x0ee0 AppID - ok
22:34:58.0001 0x0ee0 [ B29ED7940F18A2F7ECC21539A44412FD, 9FF9115710EDBC526A57BEF721D25DC324812030F6C65365F3EFAAE14EAEB0AF ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:34:58.0022 0x0ee0 AppIDSvc - ok
22:34:58.0059 0x0ee0 [ 8B90CF7BEA089F77766780F5970DA544, 63334631E7A146361A2389C3A4AF505383AC68F02DB1305B3D44BBEFEC72FDF2 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:34:58.0083 0x0ee0 Appinfo - ok
22:34:58.0150 0x0ee0 [ 27C54BCC50C711E288116CD8914B67AC, F46336BB184341EE8CC5C9FB6BC607630B89E8D56D83914F72D3114408E1EF44 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:34:58.0171 0x0ee0 AppMgmt - ok
22:34:58.0278 0x0ee0 [ 6AE7C3FD22F25792D67EC1648B46BF45, 4ED5237FE800F0CABFC0E767FCF0005AADC7E4364E651DF087400EE46FCD9EC0 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:34:58.0327 0x0ee0 AppReadiness - ok
22:34:58.0562 0x0ee0 [ 205ED8336FDBCE37486793AF813A7651, 222D1D443470FE20397BB36E10BDE0B90ABC0CF1F2BD53210DDFFF2B2F6C2652 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:34:58.0644 0x0ee0 AppXSvc - ok
22:34:58.0675 0x0ee0 [ 50964D19126E2154EAAC042E1475A420, 04D9750DE8DA7B7AB072EA887B47D52BAB71674C8518FCDCB69E8A395D576EC1 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:34:58.0699 0x0ee0 arcsas - ok
22:34:58.0736 0x0ee0 [ 6E41047DF3644FE7B472D80CD2494F53, 97C203C00E8486DEBA804CA9208F7627293775B884BF9B26DB467C53FC3D01E2 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
22:34:58.0750 0x0ee0 aswHwid - ok
22:34:58.0800 0x0ee0 [ A0370985E35E86F7C88CFB1AC896832E, E89D2AB6CAAB0DBA4FB796AFC48F10047C9D6AD41888F8FBCDDD048F28531AC8 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys
22:34:58.0818 0x0ee0 aswKbd - ok
22:34:58.0854 0x0ee0 [ 938A11801954BBB35D2CFD72E2219122, D02B8C8B36AFE9F52B97A813B38AA390701B141AAC180BD2CEFBE870692E78EB ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:34:58.0874 0x0ee0 aswMonFlt - ok
22:34:58.0917 0x0ee0 [ 83F1C93475CEE22B14A5052F03E9B4FC, D21CC3F6867AF27863B1BD65101D2939D5BA6491F11B8089156E723DDFFB45A7 ] aswNetNd6 C:\WINDOWS\system32\DRIVERS\aswNetNd6.sys
22:34:58.0934 0x0ee0 aswNetNd6 - ok
22:34:59.0011 0x0ee0 [ 07115FC29C236FDFB72F15DA84813867, 8393C9504F63BE98FDB27DF4C4159849A76D6B921D1EA7CBD47E0D5C334CF5A6 ] aswNetSec C:\WINDOWS\system32\drivers\aswNetSec.sys
22:34:59.0030 0x0ee0 aswNetSec - ok
22:34:59.0069 0x0ee0 [ C4E858A0B929F2DD052018A9C4D11B97, 0059CCBEAF9F5203280158F911945D4F30337A3D5EAFC9DB660BF0A4B739A657 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
22:34:59.0088 0x0ee0 aswRdr - ok
22:34:59.0129 0x0ee0 [ E72A61A4A75FBCABFFD7A9EA76544D89, 8FC94F3018EEADC8445125345FD9B998EA9778193BF2A8A8606AA958156EC63E ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
22:34:59.0138 0x0ee0 aswRvrt - ok
22:34:59.0191 0x0ee0 [ 3DFA2C8D9F798A193CD922B7155572AB, FEE9D218CC400C4344360F746F541A4FD0E53CF24D631F9D12C2EA7EA26849DB ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
22:34:59.0242 0x0ee0 aswSnx - ok
22:34:59.0271 0x0ee0 [ 837795B850F100A32C62FC38FC0BE301, D79BCCA3D0FF4CC5EDFE76B4651880CAF5B5E48A5B630208FA6567DD862498B8 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
22:34:59.0288 0x0ee0 aswSP - ok
22:34:59.0302 0x0ee0 [ 75D11EC520AABA1B9AECBB0AEB416B03, BED713F5B9963F62376FA1C00AFBD263CDB8E7BEB22990C530D8AA5960960B11 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
22:34:59.0313 0x0ee0 aswStm - ok
22:34:59.0322 0x0ee0 [ 388600AA4676D3AED8976F546A12238D, 176BBA5CA2704C4C99F7A2CFEC8E040AFA7C81A39EB22F304EBFB27C91C08CDF ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
22:34:59.0334 0x0ee0 aswVmm - ok
22:34:59.0363 0x0ee0 [ 90175BAF06E538A2DE23D511EB108ABE, E51EB42118AAF8A7782B35C320DE2982FF0BF3BACE1EFFAE4F6EEC54D045101B ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
22:34:59.0388 0x0ee0 AsyncMac - ok
22:34:59.0412 0x0ee0 [ 845E9A40B9B3CAD20B5EE45A2A58EE11, B5B60F509F4B2DF52E3E435E4B6673085562894D30080D43BAADC678EA22A051 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:34:59.0433 0x0ee0 atapi - ok
22:34:59.0457 0x0ee0 [ BB41A98A1D9F7771240A0F6C3E2E0CD6, BF48F1BDF1263E35CBFDA8BBDE7FD1B3C089E5789393C93B54853139EE480147 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:34:59.0480 0x0ee0 AudioEndpointBuilder - ok
22:34:59.0527 0x0ee0 [ E18B5F1FC336DD9FABF09D7F290FE5C7, 05099F73956AFEFAA21897E1092BB43C35636F8486B37FC27AAAB98D0F0B66CA ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:34:59.0570 0x0ee0 Audiosrv - ok
22:34:59.0773 0x0ee0 [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:34:59.0801 0x0ee0 avast! Antivirus - ok
22:34:59.0856 0x0ee0 [ 08B412FBCBFDE2901C84801C4F356E2A, E44F5C8078A17B211AD44F46DD633C43B366B6F500BBA75206F4E1E626B59BBF ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
22:34:59.0882 0x0ee0 avast! Firewall - ok
22:34:59.0922 0x0ee0 [ 51F1C18B1A04499A84CAE34D1B176423, 2A97C86BB2145C528C9CD339EDC61C7E13057BB16AB343725ECC1F2563352307 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:34:59.0943 0x0ee0 AxInstSV - ok
22:34:59.0977 0x0ee0 [ 2586B2D1AD9013859CFB684A2B85BE19, 145700908A7AFDD5CFFE52A4327F213CC218B39F4226C47D4F74FC00B79862BB ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:35:00.0031 0x0ee0 BasicDisplay - ok
22:35:00.0036 0x0ee0 [ 2ED165E5B159D7F1102F2645C0C8484C, E1F2B092AE1966D0B75F75DA2540B5735167637F34CBBECEBC71897AC2CEC8C7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:35:00.0060 0x0ee0 BasicRender - ok
22:35:00.0088 0x0ee0 [ 045ED769BF5396D346FA7493F47DF811, D0A57A040E3B18AC3A5ED56BF2D26E334DA0381AB686CC3F0517953EC3F7B46D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys
22:35:00.0114 0x0ee0 bcmfn - ok
22:35:00.0126 0x0ee0 [ E4D6B5E5E5CD2606391220B156235692, 4633C60BDA9FCB892054D4F338323A4C9E35915D1BF7571A38AC25D51C1BFBE5 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:35:00.0161 0x0ee0 bcmfn2 - ok
22:35:00.0253 0x0ee0 [ CBA88F103DC43FF8D993F6E016F73F64, D621EFBD18FBC2BB0E3DA947E5EC02858F7BEB9C963093CEB05D4AE4783505DA ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:35:00.0330 0x0ee0 BDESVC - ok
22:35:00.0361 0x0ee0 [ 4EE5D422C102493A29DE4D41A37A05B3, 8A1C4E67C0511DDEBB67D1E830356640433E7B99E666AE9E1E7644F6933DA7F9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:35:00.0426 0x0ee0 Beep - ok
22:35:00.0580 0x0ee0 [ 15298850351DDECB5836F26382D75CCE, 21CC0607E93AB90CE6FF4B888BC770D9EC4484702278C71B8887EB52BE0246A5 ] BFE C:\WINDOWS\System32\bfe.dll
22:35:00.0687 0x0ee0 BFE - ok
22:35:00.0888 0x0ee0 [ E2A7666D946B70B9CB4DFF2ADFEFFAC7, 9B929A6EF236BF37EDAE0B7A13CAAAC1F3A5CE4CCFD37E8FF4094F4BBF9D6DD4 ] BITS C:\WINDOWS\System32\qmgr.dll
22:35:01.0068 0x0ee0 BITS - ok
22:35:01.0135 0x0ee0 [ D2CD25ED5627D0E5996E715BAB0FD33E, AF08FDBB372A1D19397335FD3544B793D3859ED40BFD83B2D0763E27AA2CA174 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:35:01.0248 0x0ee0 bowser - ok
22:35:01.0433 0x0ee0 [ A9A9AE6735C416B2458D1D10791F7B55, 9FD498F428C29EAEA87D57BA0FFE1F610C9FB67943364560297BCBA2AFD82281 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:35:01.0556 0x0ee0 BrokerInfrastructure - ok
22:35:01.0606 0x0ee0 [ 8AD6E4D830E83344F3A86F1D5CE12220, C65AC3C5555E48F7F6ECFA5252552A13893E85C7827803A4C02393DA178A74C6 ] Browser C:\WINDOWS\System32\browser.dll
22:35:01.0665 0x0ee0 Browser - ok
22:35:01.0723 0x0ee0 [ 0CBEDEE41532934F2FBCF3051C74C32B, BAD117A3A679CDE7F13EE13B6C87910BE0B3F58D5B2B56B3C07834835D0E2C97 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:35:01.0798 0x0ee0 BthAvrcpTg - ok
22:35:01.0840 0x0ee0 [ 215A1078B116C35AD62899DEB86EDE4B, 752C649BD769A8BE50962E59B89FE19A56837ADB730A6F48EAA05DD475D27306 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:35:01.0900 0x0ee0 BthHFEnum - ok
22:35:01.0918 0x0ee0 [ 48CDC2E2AC676370D60A2BF1D2988E29, 8D5122DF2564495163F25E909F18D651D22D91D4E63B8F922B21DD9AAADE60FB ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:35:01.0958 0x0ee0 bthhfhid - ok
22:35:02.0078 0x0ee0 [ 88735782434A8F01F5B189A8B28EE5ED, 22175E8E63DD36D909A99D92843ED130F3CC039B76E41577DA89EF8BAD138075 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
22:35:02.0142 0x0ee0 BthHFSrv - ok
22:35:02.0182 0x0ee0 [ F0767FC04C52F8A153519E3188A8F53C, 9E7B83828D03F63F02A6BBEA4BB61A12EA57EC3C44B8C499CE41ECFEEDECA287 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:35:02.0253 0x0ee0 BTHMODEM - ok
22:35:02.0320 0x0ee0 [ EB6F8ED91137E6D590B5987D52ACDE45, 2390C79D6F780F375531CCDA79E45F9B93E0BEBA477C630BFBE0AA28A90C3662 ] bthserv C:\WINDOWS\system32\bthserv.dll
22:35:02.0363 0x0ee0 bthserv - ok
22:35:02.0392 0x0ee0 [ 5963AB18758E5CDFBAFC43E711768CB0, 8B93B90E0829FA62827B02526E210FBEE0A6D5E4245C6C0045B3EC888D1CA103 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
22:35:02.0455 0x0ee0 buttonconverter - ok
22:35:02.0519 0x0ee0 [ 53453E09F6A80A5019E93792F3E0BC04, 946F63821BC4E88A59A25B197F495A383A4B37958B122A3961BA1E8D843076F6 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
22:35:02.0582 0x0ee0 CapImg - ok
22:35:02.0606 0x0ee0 [ 40FF3DCC427730779DDF301A0F9FC0E1, D1E9464694D3761307BA579373319A8C206E76CB0A7E88B2220208C025CC46A8 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:35:02.0676 0x0ee0 cdfs - ok
22:35:02.0745 0x0ee0 [ 6898F88DC3FEBB85CFD1034A5BBBB4E9, C65DC212681D0208A4AF8A7755E667BAD06D5EE3C660DA4A741C5A8A228FA20B ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
22:35:02.0816 0x0ee0 CDPSvc - ok
22:35:02.0922 0x0ee0 [ 568DF0072AD005D29D6E987698C8225A, 304498CBFF4055711DBB51F3900FFAD8D89F2E42DA9BFCBE1835DC94530834CA ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:35:02.0985 0x0ee0 cdrom - ok
22:35:03.0053 0x0ee0 [ 79A68462E4512E766F0683F6AAC79E6E, F162489C0179BDCAD53C042C1519D0DD7F4E53ABC2DD1832FEA093B180BAB388 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:35:03.0092 0x0ee0 CertPropSvc - ok
22:35:03.0141 0x0ee0 [ 99BF5121E3CA714FE5E95899BCB5F029, 93669E1AEFDDF89AFD5E8F0B749C4580A21457C1F47745323049F55DD4606559 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:35:03.0169 0x0ee0 circlass - ok
22:35:03.0234 0x0ee0 [ 60DC4AA07EED9ADE1C20306E7516CEFD, 89A0131E7C4F202259117C94888685CF119A80F99F2473B5509DA26C749A3F14 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:35:03.0267 0x0ee0 CLFS - ok
22:35:03.0397 0x0ee0 [ 3E0D07A4A7C9177B6E7127D82987D5A0, 58350461AB76F446B8A2C0862518ADA4F235CE5E76E8A8C01762B1D10067AA46 ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
22:35:03.0438 0x0ee0 ClipSVC - ok
22:35:03.0492 0x0ee0 [ 09785DC4980820BF1C24B2806FA25DB2, 4628279268C3093AC6B90A7311FF190FC79C87349A104C1CD3DC2BB3BC34DF05 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:35:03.0564 0x0ee0 CmBatt - ok
22:35:04.0462 0x0ee0 [ 7D30C95B11EE389E962DD04C60C2D270, 41CC7CE8755EEF35A35CF7D2C67AD17C143014EA2DC644D0CA530426732571B7 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:35:04.0539 0x0ee0 CNG - ok
22:35:04.0575 0x0ee0 [ F35951B62F65F1EA254D4ACF8EA020CD, FAC86E10DF527334E5AD12FE1255CC48E9F0F7C7CED480D26DD9F3A274A16C55 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:35:04.0595 0x0ee0 cnghwassist - ok
22:35:04.0776 0x0ee0 [ 973C1A799DEEA49AAEA717420B32E7C9, 5B48CF1D805B19E079C5EF0F22D5CF5B405B5B6E0B3BF6B542810D5BE54211D5 ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_x86_dd1d60cd48926252\CompositeBus.sys
22:35:04.0800 0x0ee0 CompositeBus - ok
22:35:04.0804 0x0ee0 COMSysApp - ok
22:35:04.0835 0x0ee0 [ 4E74758815B5E551124F6D7F51423BFA, F7AD1DB2413231FBB3D7585FC75036B75EFA6ED3ED9E62343F9E7D6EBF3DF789 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:35:04.0856 0x0ee0 condrv - ok
22:35:04.0972 0x0ee0 [ FA9C9F9178138F5F9B795F230030E41B, EFDAB640B1ED0911E27077E4E8EB088F9C86FFB6330AA8D4D89CC6A771E12050 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
22:35:05.0001 0x0ee0 CoreMessagingRegistrar - ok
22:35:05.0055 0x0ee0 [ 80CFCA32F94E4246CA65253E3B3E2A67, D1BEC8C3E263852F09FF2D4BC6190E46147B7C82774841A04D4E4AFD0626C581 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:35:05.0077 0x0ee0 CryptSvc - ok
22:35:05.0123 0x0ee0 [ 0FD8B17051C07DA3AE0C18B56F877712, EBE9C9439A00BA2FC0D255357DBCF9779ADBCA1AB02928D46D71B218E65CEF60 ] CSC C:\WINDOWS\system32\drivers\csc.sys
22:35:05.0186 0x0ee0 CSC - ok
22:35:05.0233 0x0ee0 [ 07A9DD9F7A9B932352DD4C5DD3D78DF1, A78B34A7C6C5D4E0589FA4EF1A45315791F66415877546CF9B1438ECE34B270C ] CscService C:\WINDOWS\System32\cscsvc.dll
22:35:05.0271 0x0ee0 CscService - ok
22:35:05.0285 0x0ee0 [ FD288AF672CF286EA8717C307F5709CF, 3CDACF6119D8AB270EBE684BDA496CE5B0BAAD84A6907E7CE17ACBDD559F5A17 ] dam C:\WINDOWS\system32\drivers\dam.sys
22:35:05.0306 0x0ee0 dam - ok
22:35:05.0357 0x0ee0 [ 4C0499B1D34B8E097DAD8B26DC26BCB2, 8855D7ACF8DD445CBA3A929D0DA8E6BFF6F7B05D10422F5F2BF3C95E517035DB ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:35:05.0411 0x0ee0 DcomLaunch - ok
22:35:05.0445 0x0ee0 [ DFDA1AD0394C0B40A02F91B43B79B06A, BD252BCB3AEAC8111A920BEF41502EE9F4B7FBA7BC6CF0843D19C7C57962E8EC ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll
22:35:05.0470 0x0ee0 DcpSvc - ok
22:35:05.0511 0x0ee0 [ 4DD99CA12878C9E782EFA72DB47D4BF8, 822AEE2F419D8A977E7EB15914E717EE975D74317C863D183E4EFBDFAD3B8B2D ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:35:05.0546 0x0ee0 defragsvc - ok
22:35:05.0584 0x0ee0 [ F46B5B494AE3DE0D3120EEC9E166CB1E, 2D76C9E8209FCE09672084BDFB6EE7FF3E6453E75D4D78ECB2E3489848A61BC8 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:35:05.0617 0x0ee0 DeviceAssociationService - ok
22:35:05.0652 0x0ee0 [ F8CE95063897444AC54E83D8414EFEBE, 3A4174B4B474BAFDDF84511C83861D2B2620C5E049C9FAA3E3A6037F7F254C64 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:35:05.0678 0x0ee0 DeviceInstall - ok
22:35:05.0712 0x0ee0 [ 666C38366AABA2CB29F8EB2268A9682E, 79EB9766D9A0BD49C8C7E505B85A58FCBDC2938C464E0C46C15BDA3AD6E96217 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
22:35:05.0733 0x0ee0 DevQueryBroker - ok
22:35:05.0758 0x0ee0 [ BE1E27EBF119A4487BF6B510C8A4D258, 6796DB9BF3FC8FB182C4A37EE90F54A25971562E12D23E8B35B89B52DF371D30 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:35:05.0805 0x0ee0 Dfsc - ok
22:35:05.0865 0x0ee0 [ 3974582863F6720B9B6D843CA9BDA71E, E8F89665103A0EBEDD390D6981B06AF1C8F7E393AA4BEF3D225AADB665865040 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:35:05.0907 0x0ee0 Dhcp - ok
22:35:05.0954 0x0ee0 [ 77F94B8619CEC74EC031970396830F08, 9F098A5A416BAC6EE840775ADC69976B0FE85988785B1DD12E640413F4BD9336 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
22:35:05.0969 0x0ee0 diagnosticshub.standardcollector.service - ok
22:35:06.0044 0x0ee0 [ 851DFF609CBAC6C5D9ED6F118364B251, AD4DBAC28BE747E9484A03192CB3F81CC3A994CD43E8AAADFAE0C30AE5A9EB39 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
22:35:06.0092 0x0ee0 DiagTrack - ok
22:35:06.0120 0x0ee0 [ 0C63DDB97D5A7B8732BE3F5855908773, 2D701A20E84E4B71A53642FE5C73231ADC14931D8DDF01FFFBA7F24714711A25 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:35:06.0144 0x0ee0 disk - ok
22:35:06.0188 0x0ee0 [ A4C4B936A5EB65EAB9AE4D6A8FC18226, 19A5001427DCD3B8245DA2343C841ECEB9FF525D860700CBB2305BA9B18332D6 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
22:35:06.0217 0x0ee0 DmEnrollmentSvc - ok
22:35:06.0254 0x0ee0 [ 6895FB5AF4621853BC7701C185B3F4CC, DF54CC44AD8DC6DA2CD9D899A3F63F490C8CE44CE151D2F8A05B6739BA12885E ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:35:06.0278 0x0ee0 dmvsc - ok
22:35:06.0315 0x0ee0 [ 1B6AE2010A905B1B00BBFDACAD576A1F, F5BDD054E58DBCE0701608ABD10B41C0EA299BB9F8041E10BF2692B05FCA472A ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
22:35:06.0333 0x0ee0 dmwappushservice - ok
22:35:06.0373 0x0ee0 [ C0812763FB9ED4B7A9BE52466F83B8BB, 848475531D02493021FE330671A229E9E75E294A78CB9B15D563E187EDBB9217 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:35:06.0405 0x0ee0 Dnscache - ok
22:35:06.0438 0x0ee0 [ 7E940BB0B57EFCA2B2A6F9FB8E251713, 0527C35E1C6FD9B5FF1952727C7E38111024573518BFBB7267B87077CC1BAB41 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:35:06.0464 0x0ee0 dot3svc - ok
22:35:06.0471 0x0ee0 [ A1519D4DE96ED66DF5BEC61587F078EE, 324474AC5C4E9773242E75A6C36EA302984A6BECDB55DFC13C190D806577E0FF ] DPS C:\WINDOWS\system32\dps.dll
22:35:06.0502 0x0ee0 DPS - ok
22:35:06.0555 0x0ee0 [ F82FE91B43208CAA608839AC5092E755, 357AFB04A646D27D594DFD6BE37947360247EEB5D035D201AA8F8C993FDE4837 ] drmkaud C:\WINDOWS\System32\drivers\drmkaud.sys
22:35:06.0597 0x0ee0 drmkaud - ok
22:35:06.0622 0x0ee0 [ EBBCE5A8305C668A6270D50DE5B040B4, 1292A3DF0091BD4484E07AFF72B7C8B3B0F9D683D90684D8110723DB09B7631C ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:35:06.0650 0x0ee0 DsmSvc - ok
22:35:06.0685 0x0ee0 [ A9B97C6B2962E5552C7D377B58B536BF, CF286A7135311C0B217315FFC67BD6D44028CF2C2E5FF6634A36ED80492B1CA2 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
22:35:06.0713 0x0ee0 DsSvc - ok
22:35:06.0795 0x0ee0 [ EC1E8529AB2BDF3A5EF19103552930E6, D2CA986DF43C051B3ACA14C19C641FFAD4E56233501C1E811D22D3E35CB25A0F ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:35:06.0895 0x0ee0 DXGKrnl - ok
22:35:06.0941 0x0ee0 [ 5E9CBB436419A571837DB04979BA608C, 6F1DD939D8A94333169726948BB669A2A17F2CC292EA2587A912AA35B47F2966 ] e1iexpress C:\WINDOWS\System32\drivers\e1i6332.sys
22:35:07.0007 0x0ee0 e1iexpress - ok
22:35:07.0056 0x0ee0 [ 577EA366AD718B77750C05E22AE19843, 4905C3F08903C619C320B2BB9CE31AF46F28A3D95D961894571968273347BCA3 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:35:07.0077 0x0ee0 EapHost - ok
22:35:07.0111 0x0ee0 [ AC27D700DCEE3715249C9815A361B2BB, 81CD19D69A8A2D994EFB166A830C007317FD000262E3F0D7043CD9BB19BE6A5A ] EFS C:\WINDOWS\System32\lsass.exe
22:35:07.0126 0x0ee0 EFS - ok
22:35:07.0153 0x0ee0 [ D2EC767AFFA76FAC2DC9D9AE779E3CAC, 4B16081E8DBF279FAE2B04D92A0C4CDCA80B62B0CBF697C31745C52A32F9C967 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:35:07.0177 0x0ee0 EhStorClass - ok
22:35:07.0183 0x0ee0 [ 901E228F78A9FD9F4166954F7DEC4759, D8CC5E15B92B21AEEC4C60A377B3431A22EB5B0355CA20BECF5DE7EC2423D168 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:35:07.0208 0x0ee0 EhStorTcgDrv - ok
22:35:07.0252 0x0ee0 [ 39EB0DC8CA2BFCF5449E1012987C4BD1, 4141DBC88501FDF59E440B1AF2406AA3F401E04842FE0146514D0AB3FF3CBC55 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
22:35:07.0283 0x0ee0 embeddedmode - ok
22:35:07.0305 0x0ee0 [ 773E20E0091FE86875E83E391F963569, 0B6CC8A9ED9D44FF6500F9E96BFD164DA767305BFC84D0DE96B5FD8EEACA0824 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
22:35:07.0340 0x0ee0 EntAppSvc - ok
22:35:07.0376 0x0ee0 [ 63EE973821C43B935681F581BE8C5E25, 6AFC221B46582372FA91CF60CE0A036D798550858F3156AE6ED240892A6AD61A ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:35:07.0400 0x0ee0 ErrDev - ok
22:35:07.0689 0x0ee0 [ 468EF07E739F81FBBD367FA1714F8460, 1E79F3766ED857074952E25F3DE850E13790B33F3837A5F49E6035B5A0798572 ] EventSystem C:\WINDOWS\system32\es.dll
22:35:07.0730 0x0ee0 EventSystem - ok
22:35:07.0773 0x0ee0 [ D59E0F039B9E2A32CC570F086ACE5D8C, 69E815A0F53DFF3789A4D8C56E0422D459E2E9BC089FD4A3A4FD78E39D68CA99 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:35:07.0829 0x0ee0 exfat - ok
22:35:07.0862 0x0ee0 [ B00C56D908E5FD0F0013F839F6A2CAC0, DCA93B9952FA11F43FE3FDA79029832E8A282F4DE6974189FAE4FAD1A49DD14D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:35:07.0894 0x0ee0 fastfat - ok
22:35:07.0930 0x0ee0 [ 6B0FCD1624269C471B06E2B0588FA079, FDE5BDEC1363924BFE631F4461ED72A8C0AFFB36564ED033534058FB40EB5E08 ] Fax C:\WINDOWS\system32\fxssvc.exe
22:35:07.0991 0x0ee0 Fax - ok
22:35:08.0019 0x0ee0 [ 1A2342AAD334EB05901C285B0B8CCC3C, 49CE99F9092A4F84DAB2117F7B1F873374B4F952A550F2FE33923F2155CBE24E ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:35:08.0043 0x0ee0 fdc - ok
22:35:08.0076 0x0ee0 [ DCA7FB79DC57783C3C75B388F57BD39A, 777BA0E5DBA80583916E4238E925C17EC8BC08BF2DBD54CA3C19FEE910C86EAE ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:35:08.0097 0x0ee0 fdPHost - ok
22:35:08.0101 0x0ee0 [ 842E3DE3767353C8BE7209D784BBCD44, BC1E6D6343E6158D6D081B999DB752E646F6CB33A61C1F6ECFBB00C681C0A676 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:35:08.0123 0x0ee0 FDResPub - ok
22:35:08.0181 0x0ee0 [ A5AE4F313879B308BAE541D3D45C6F00, FB561169E1B73C11637C1868E41BFAC36C96C52E2A462489A8354E131B7F92EC ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:35:08.0204 0x0ee0 fhsvc - ok
22:35:08.0235 0x0ee0 [ D1DC9881C02C437CC174E59C8B9FFABC, A9853948750E2F61B28F85880970ADBF7E87022F731C05B03B78256A0E29FEB2 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
22:35:08.0286 0x0ee0 FileCrypt - ok
22:35:08.0333 0x0ee0 [ 8FE19EC177769B3A8FF13A4F92920DB3, 25BA3C2E3F5DD0E9B18F43897A739A2FC0601B31F8A68A8CCF0D0FDCEF6FDCAB ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:35:08.0357 0x0ee0 FileInfo - ok
22:35:08.0363 0x0ee0 [ E125E9C492589AF597A4B770057A3A12, 29345311BC0534362B7EDEB0D26B286B8B0A41DA46E196B195E8C7D0DE5CCA57 ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:35:08.0402 0x0ee0 Filetrace - ok
22:35:08.0407 0x0ee0 [ 756C635C598803DF1A6E506247F35BF0, B6465774C1BCD622329C5BB804497F9E9997092D125E003D0EAE33E55AE1D8DF ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:35:08.0432 0x0ee0 flpydisk - ok
22:35:08.0562 0x0ee0 [ 2308364B5ED19C2603AE3F21A166C959, 46EEF48D938BE0D3284159BE53ED2E2A0A45582039CC7784E4976B2989AAF482 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:35:08.0605 0x0ee0 FltMgr - ok
22:35:08.0916 0x0ee0 [ 58D1E83DDD1524B69E7D12D4662E2D16, B5D6348A95618FED99815EF2DC9C351744A3D9382C4A234833D6DF0AA08ACD43 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:35:09.0030 0x0ee0 FontCache - ok
22:35:09.0376 0x0ee0 [ FB71B03636A04D0EEEB8E9762CFD3782, AD76A6981147D89A68BF290D1AA47230864D6F603BA1D7FBEFE930BFDAAD0E53 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:35:09.0479 0x0ee0 FontCache3.0.0.0 - ok
22:35:09.0606 0x0ee0 [ E432D770EF3653E9E6FACFA3483A990A, 6A18357055713B4CB673DE6B69A7AC35495407117A9D106F46A896E4B477729B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:35:09.0693 0x0ee0 FsDepends - ok
22:35:09.0769 0x0ee0 [ D33F6D08ADFF6F80385E3960DB0D83A9, 61DFAE382AD2D4758B012471A12F0D44C2F37A7F06EC332CA4AE63A15364329C ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:35:09.0857 0x0ee0 Fs_Rec - ok
22:35:10.0210 0x0ee0 [ 516EEA8ED37DC8C59358CA3B6DDF8AB8, C65501E9546BC4247DFEE8BA6CCBEF37766910766EA2E95E867E0E9381C3018C ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:35:10.0491 0x0ee0 fvevol - ok
22:35:10.0586 0x0ee0 [ 60492E91A999D09669A4AB17091581AD, DD48D49EB5EB1B6161C34A76D6D3F4CAFCB3F0ECF9F6BE563A9B2068E63F848C ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
22:35:10.0630 0x0ee0 gagp30kx - ok
22:35:10.0731 0x0ee0 [ 26202FC5B0A82FD5F0106F976CD7A92D, 5DDA9560F9B98E7DC8F796FB6D754E17B9DE20BE68B4A6743714C81C67984129 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:35:10.0824 0x0ee0 gencounter - ok
22:35:10.0912 0x0ee0 [ D8F0CFCE925CCE536DE75E6F9811510D, 52344745C6414D72F1EC1F10F7CD06FECE44426498E9C595171D1287BC80A9DA ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
22:35:11.0034 0x0ee0 genericusbfn - ok
22:35:11.0119 0x0ee0 [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO C:\WINDOWS\System32\drivers\iaiogpio.sys
22:35:11.0250 0x0ee0 GPIO - ok
22:35:11.0322 0x0ee0 [ 59C3B230FBE68CCFECF38C07ABC16C98, FF0B1041AE07E07F54A618B3FEFE1A279751DC0B5DD94CBF5DA8C9C06053412A ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:35:11.0412 0x0ee0 GPIOClx0101 - ok
22:35:12.0054 0x0ee0 [ B8CBA89F042D40448959007CE9E50092, F844BCFE16DF84961B88209C3A1D23A120FA6DA1CDF16321D712F82D844251DA ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:35:12.0293 0x0ee0 gpsvc - ok
22:35:12.0345 0x0ee0 [ C27E32C315891FF4C87ADBC7590F8DA9, CCB27265EADBF196484B54AC643927CBE64610FAFD2FA734850D4CDA7F24691B ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
22:35:12.0448 0x0ee0 GpuEnergyDrv - ok
22:35:12.0609 0x0ee0 [ 50FCC5C822A6B4FC6F377EE9F9F37C7B, 57BD4032367D91EF19931E927127AA1D54DA6118B36C219B0FFD95326A2FFCA0 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:35:12.0630 0x0ee0 gupdate - ok
22:35:12.0725 0x0ee0 [ 50FCC5C822A6B4FC6F377EE9F9F37C7B, 57BD4032367D91EF19931E927127AA1D54DA6118B36C219B0FFD95326A2FFCA0 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:35:12.0744 0x0ee0 gupdatem - ok
22:35:12.0868 0x0ee0 [ 9BDB0CF3B27CB26542CEDEAC9B8792B4, 7439794181AB82A6E380BE0C277238866E2AF611AD750F32B7A94ABA23A4C190 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys
22:35:13.0061 0x0ee0 HdAudAddService - ok
22:35:13.0179 0x0ee0 [ 1CB5E8AA58EE45207109AD07D50BB7D2, D431EC189BD2C80D20BF7F321160E6524B1AC3285E02D377F9DEC2DD66B8ED43 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:35:13.0235 0x0ee0 HDAudBus - ok
22:35:13.0301 0x0ee0 [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI C:\WINDOWS\System32\drivers\HECI.sys
22:35:13.0360 0x0ee0 HECI - ok
22:35:13.0382 0x0ee0 [ 833941648D37C327BF38B8A2C5CB955B, A213EA83C03FD17D24770AB3D456F6DCDFD8E336EA711722C3DC818990548278 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:35:13.0413 0x0ee0 HidBatt - ok
22:35:13.0443 0x0ee0 [ 3611C7F77B30C90BDF5C66333EAC9253, 75AD48384D6040AE4B8C6E5D2A2AA15A9DA2060AF915E76008E227CE7F650E01 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:35:13.0513 0x0ee0 HidBth - ok
22:35:13.0560 0x0ee0 [ 2217CA086F9A6EA24D98E5EB06CE0F32, 3142E44EF04F1A646A1123899E17B8206B7508EBBB75599E12E15C4951C91248 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:35:13.0617 0x0ee0 hidi2c - ok
22:35:13.0650 0x0ee0 [ ED909E1BBF334A8A98F7F2B1A9FB7796, 55531604E058A1ABCB20134CCE5AFD9F3ACBEC055CA8D3EB36F77CC6FE5B95BC ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
22:35:13.0675 0x0ee0 hidinterrupt - ok
22:35:13.0711 0x0ee0 [ 0B166BC4B839032BC88A94042E6C5355, 5EE0217BCEE4D85BE2B3C3D53C07FA344DBF6A86A689AF9763826698BB53E5BE ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:35:13.0747 0x0ee0 HidIr - ok
22:35:13.0783 0x0ee0 [ CB8FDF512167635C405462929B869173, 2B09946125699BB6DD1B24C2DB64502C220941252822351D5F83A36E571A843F ] hidserv C:\WINDOWS\system32\hidserv.dll
22:35:13.0822 0x0ee0 hidserv - ok
22:35:13.0851 0x0ee0 [ F04A843EEE1CED85726678C00019CEE5, 1FEC747708A2931F905C1A4C9B6F5B8D053B3ED6AD69984FD5E2362F7B54D6C1 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:35:13.0892 0x0ee0 HidUsb - ok
22:35:13.0982 0x0ee0 [ 53BF04808BD667A4F74D1907A5E1CA85, 0B6C665D979F848450AF8D0F17B76D358F56021F43CFA464DB9D6ED0FDDEB568 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:35:14.0058 0x0ee0 HomeGroupListener - ok
22:35:14.0182 0x0ee0 [ 5C3B0AA4F5CB66261CB9C02F3086E870, 318E37B5DAD59EDAC35B60637629ED4A5BEED2E0BD48E58623A8994C0F73C781 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:35:14.0347 0x0ee0 HomeGroupProvider - ok
22:35:14.0577 0x0ee0 [ 5F8D5933392AA2EA6ECD5118428FFEB2, F208AE73F6A4689C265EDC5C801E7125ACB62CA2338D025ADDFC36A599ABD3DD ] HP Support Assistant Service C:\Program Files\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:35:14.0595 0x0ee0 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
22:35:17.0174 0x0ee0 Detect skipped due to KSN trusted
22:35:17.0174 0x0ee0 HP Support Assistant Service - ok
22:35:17.0370 0x0ee0 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
22:35:17.0409 0x0ee0 hpqwmiex - ok
22:35:17.0476 0x0ee0 [ 916D0E02CE190CEAB13859159B0AC4D3, 0635677B38513E1665E223F04FED1563922FE11D793360B6E0FF6CA6A26DD0BD ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:35:17.0527 0x0ee0 HpSAMD - ok
22:35:17.0633 0x0ee0 [ 6A598301C23E2EB0D76559243FE15B2E, DACF9D5052B5B1376B1925CFA7044DC050549EA09693980498F50BA9A499B94D ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:35:17.0692 0x0ee0 HTTP - ok
22:35:17.0759 0x0ee0 [ 77C4AEA23D5DA47FF163203D6558544D, BFC04A837BE6F36D4BDB8737E505ECD6022AD9CB2CA226A2D1491FAFDE9B9D37 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:35:17.0812 0x0ee0 hwpolicy - ok
22:35:17.0875 0x0ee0 [ C7F351B16A3DAF63F3C9D7710F1C7970, 781FDD8AFB123EBA169C6E2E0081DF41CF4195EC6AAFBD86CD50A128F0BD46D1 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:35:17.0904 0x0ee0 hyperkbd - ok
22:35:17.0920 0x0ee0 [ 0F1FD21DA9BD0B3369C4627EA1B09326, F278E950F5DF4EAE613B61AA45DAF139354A15DA0831680DA2AADC8948EE4EC4 ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:35:17.0951 0x0ee0 HyperVideo - ok
22:35:17.0996 0x0ee0 [ 14DDBB0CBE11A736C089A4F2813A5EDF, A5F5C6D69D99E99CB0CD7677614626F303AF66F874BCC68ADAA59607E7A0829B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:35:18.0095 0x0ee0 i8042prt - ok
22:35:18.0119 0x0ee0 [ 801117B7AA15AD1C341C3CF371AFF325, 54796FA01ED4C0D9792EAD413908ED39E7084D60BCC6FE053EE25CFA370EBB75 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
22:35:18.0173 0x0ee0 iai2c - ok
22:35:18.0198 0x0ee0 [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c C:\WINDOWS\System32\drivers\iaioi2c.sys
22:35:18.0276 0x0ee0 iaioi2c - ok
22:35:18.0376 0x0ee0 [ 8CFFB5797ADA7215993581A5FA51EF16, 4DB5F578C85A4A7B8BCFD399400366138D98A3FF5119135AB520C962B144BCFF ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:35:18.0450 0x0ee0 iaStorAV - ok
22:35:18.0550 0x0ee0 [ 26D396F60FDD0313CD97B4750F4FCC84, 0BB33FA1C1096558142A81CA327F669F44E089C1B96A5B1F5C7A78A1DD43F56F ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:35:18.0599 0x0ee0 iaStorV - ok
22:35:18.0687 0x0ee0 [ CBEBD6D9314AD2047BD23F16509D8E4A, 39BF9450C14FD51FC4DADB7EB7C6422191DC81DE1D653231465D1D5C98050D34 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
22:35:18.0733 0x0ee0 icssvc - ok
22:35:18.0740 0x0ee0 IEEtwCollectorService - ok
22:35:21.0152 0x0ee0 [ 7CFF934A2071E5EAD4C2103C4E397772, 89EF9682D4BA986A3FE35ABE52071DE34D32077E19F97C0A6E7F4B0DC1414F06 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd32.sys
22:35:21.0717 0x0ee0 igfx - ok
22:35:21.0996 0x0ee0 [ 993CC008F0A73F3731DD3920B65B3762, 083BBF0A677D062E53809139A71152D1F9996F5EBFA4B1145F9DFDB24C422BF1 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:35:22.0073 0x0ee0 IKEEXT - ok
22:35:22.0134 0x0ee0 [ A5DC79385A81C24A14904EFD96339121, B53B0A94228BA7DC93D61C2A557D0940FCD69759DDEDAA6D79F58119D08AE8DF ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:35:22.0175 0x0ee0 intelide - ok
22:35:22.0237 0x0ee0 [ 8C2C98E6A17CA85FC2D15E53696D65AB, CBF1E792F7C0E00A06F53EEAAD1A2136217640ADD6E1DCEFD7F562D5D87A25F1 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:35:22.0269 0x0ee0 intelpep - ok
22:35:22.0296 0x0ee0 [ 0710A97CE4ACBF8307231AB40015B474, B60363F47DD5CB97B4EAC07001988C764C1892F3E5BB55B07AF4EA59050F7934 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:35:22.0365 0x0ee0 intelppm - ok
22:35:22.0391 0x0ee0 [ C30E3C4A9ABA790D65005AC0D0BE6370, 964C0EB94D3E8D6B4264393A4AF066B3412217FE6EF815A13072E9DCE4FDA23D ] IoQos C:\WINDOWS\system32\drivers\ioqos.sys
22:35:22.0465 0x0ee0 IoQos - ok
22:35:22.0494 0x0ee0 [ 7A290DFB2FA6DC0F0A9FFBA746AE3DFB, A71174B2ED442FAF31112B1C8D587674EF359D115326140D289EBAD27C0D318D ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:35:22.0559 0x0ee0 IpFilterDriver - ok
22:35:22.0843 0x0ee0 [ AE14D1AF243846A255D56FB63C4942DD, BB38AD7BA29786437DEFAD9AB23D61EA722E2C9678843B78B4B8EAC6045023A9 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:35:22.0902 0x0ee0 iphlpsvc - ok
22:35:23.0030 0x0ee0 [ B7C0ED2BC3CF918B1A1DE3C1234AC40D, FFDF259F8E82400EAE9E2732F1B02AF47890300271F1A08CCCCC7066B72715F4 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:35:23.0283 0x0ee0 IPMIDRV - ok
22:35:23.0354 0x0ee0 [ F97C1D68DE39952F880F98CFCE0DAF1A, CC124B8639AF4181DCCA7F2CF1BA452B4788306E9D2BFC5516E50B0EF985A014 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:35:23.0405 0x0ee0 IPNAT - ok
22:35:23.0421 0x0ee0 [ F55E0DB077851C173E0005A2BD98C95D, 309CAAD2A7EEDADAF4AFEB119930018D53643664F2F390E623DEDCBCCA5C95E1 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:35:23.0454 0x0ee0 IRENUM - ok
22:35:23.0474 0x0ee0 [ BD75A64FE423170B06D81624CC16284C, D6B30A5998AC6E4BCB683F7180BFF16078D3734CB4D61005583D5C17E963CF64 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:35:23.0504 0x0ee0 isapnp - ok
22:35:23.0581 0x0ee0 [ 41E22053211B29FD4514D3D36EC986EF, 6C515784C95C1AFE988D2F0F8680F2F34F8536822B787BC7F6393AF15A723DD1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:35:23.0629 0x0ee0 iScsiPrt - ok
22:35:23.0647 0x0ee0 [ 93B1D122E8CCB431F82E73749ACA77C2, BF98422FB3C1E9CA9045370410E6117F3F9F3B07F9D1E9867B4F4D4265E5B259 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:35:23.0679 0x0ee0 kbdclass - ok
22:35:23.0704 0x0ee0 [ A906C71E1BF30A194FAE5EACDEFEEC21, 402B483F2F0B24E23E62514BA96D7303A0BA978D983F01D9EC9519E203F389E3 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:35:23.0747 0x0ee0 kbdhid - ok
22:35:23.0793 0x0ee0 [ 545E0110E125943EA66541A4D91290A6, 6F1FA994CEA4C959D9C81CED731D3082388DA155D703D0004FD380F17A439ACD ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
22:35:23.0876 0x0ee0 kdnic - ok
22:35:23.0889 0x0ee0 [ AC27D700DCEE3715249C9815A361B2BB, 81CD19D69A8A2D994EFB166A830C007317FD000262E3F0D7043CD9BB19BE6A5A ] KeyIso C:\WINDOWS\system32\lsass.exe
22:35:23.0907 0x0ee0 KeyIso - ok
22:35:23.0924 0x0ee0 [ FD83780B75CF973F81D4222225E6865A, 2B0F9D94339C860BC883B7861AED0631D7925182ADADCE156DE3B3D00CCC2EAA ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:35:23.0965 0x0ee0 KSecDD - ok
22:35:24.0006 0x0ee0 [ 6A813C491F74C68F518E7968CFE1D771, 8302F4D047F0C1D6243C32C5A2A939AC43190885901C3C49CFBFF476578AC8D1 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:35:24.0061 0x0ee0 KSecPkg - ok
22:35:24.0154 0x0ee0 [ 49F4696619533F4D87886A76C8DB1125, FF63439AAB3BA27840CAD266815295100F827E85C41545E12E371D3F98115C85 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:35:24.0210 0x0ee0 KtmRm - ok
22:35:24.0268 0x0ee0 [ CBDBC3EB8206910DE197EB4CA46A6F50, F1C331179EB727290C497A6C790CC03E280FB93184CFA14E2001983FA1B637B4 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:35:24.0344 0x0ee0 LanmanServer - ok
22:35:24.0433 0x0ee0 [ 664625E21EB8AD5ED60AA105504EDE3B, 1367EB5377B419BD6D047681A1BDB47F9A5EC41ED210EBFF50FEEB17A42A3FAE ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:35:24.0474 0x0ee0 LanmanWorkstation - ok
22:35:24.0561 0x0ee0 [ 5DB9E3823196DD092C74BB50FC28F9A8, 9C5DC10A7330C88DDA5ABFE297C78AF1F6834F127AC9FEBF6C6D4F63BDA49B87 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
22:35:24.0607 0x0ee0 lfsvc - ok
22:35:24.0628 0x0ee0 [ 5CEC504F98484A0BD6125E145206E06B, B999F445DE6C6F2455028A1546B0E8D7487EB8DD118F714CE780A0E31212F112 ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
22:35:24.0657 0x0ee0 LicenseManager - ok
22:35:24.0711 0x0ee0 [ 373B5D08F6C20C98FB2390BC87AE6CFB, 126686951F1FD23D01E7046939AC770C836647FF5BD18A25B21D65EECE42CC3B ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
22:35:24.0762 0x0ee0 lltdio - ok
22:35:24.0911 0x0ee0 [ 17316806A34415FC2A9EE91C31509E3B, 856E4D6E0B444C52BEDCB5346769D44F02E5A0EAAD99781AF091E2D1CCE86B93 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:35:25.0015 0x0ee0 lltdsvc - ok
22:35:25.0243 0x0ee0 [ E86CB99D42377C34F5E1C92CCF4DB2FC, 3ABC88F859CC08B7BF1A4D6800A489D9A6A4BEA00952D7E9943C4C01E1E359E6 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:35:25.0421 0x0ee0 lmhosts - ok
22:35:25.0466 0x0ee0 [ 611CCF74A32835BD737B37A46E60E98E, 05DAA1FE3004BA2399FDAC350ADCBCE79E2BDBCD48CA751D21A5E2C2E953D267 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:35:25.0493 0x0ee0 LSI_SAS - ok
22:35:25.0505 0x0ee0 [ 09B3B5C44F4E6C3B088622727559FBDC, 21F8BD13CE1183FE9FEE4E39310DBA74A866EDDEC19D974185DBA3683BDC63A9 ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
22:35:25.0529 0x0ee0 LSI_SAS2i - ok
22:35:25.0535 0x0ee0 [ 497BA2351A7748EAD8C5F78EAB02DF7B, 79F8678D7C3AF227A03B93A31EC4E75549AC7799C883E0E743616C7AC042B9D0 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
22:35:25.0568 0x0ee0 LSI_SAS3i - ok
22:35:25.0575 0x0ee0 [ E9395CB4168B9D2F3A8E3CF18F2E21C1, B1EAE07495F19B2AE5481111C58B86590B6200E3B022F218B25CF64D5E90DB86 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:35:25.0599 0x0ee0 LSI_SSS - ok
22:35:25.0659 0x0ee0 [ 6BABB74EC1998BBC32A626BA76B6217C, A91F2B5A13AB597DDCD723BB64CCC550A5F76C655017EF883760FBB500988130 ] LSM C:\WINDOWS\System32\lsm.dll
22:35:25.0730 0x0ee0 LSM - ok
22:35:25.0790 0x0ee0 [ 6F3CA54B215222C61CAE35F42048E9C9, 22046C1F728782238004E1C70A13F957B2507B6B452423F6D9437771772F9F1F ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:35:25.0854 0x0ee0 luafv - ok
22:35:25.0967 0x0ee0 [ 8B878D0F1F34F0C6E1990F949F6AEF64, 5878B544A23B42BC0B6FABBC0532B8A025503A8FD7F87146CC8B35736D9E382B ] LVRS C:\WINDOWS\system32\DRIVERS\lvrs.sys
22:35:26.0008 0x0ee0 LVRS - ok
22:35:26.0365 0x0ee0 [ DBCD0704466E479FF93C7F1F51345E80, A7BCD7B7D0BC2D060334E69B83F0B6DC9BDB49C35E8C79F0C0EF502579C11FD3 ] LVUVC C:\WINDOWS\system32\DRIVERS\lvuvc.sys
22:35:26.0863 0x0ee0 LVUVC - ok
22:35:26.0929 0x0ee0 [ 89F239FF74BBE7CCD2208B2D73B9229E, 3CCB17FB6C874A11F1EFC1C1EC93CF9DD025B69213C50F063E80E653DF6C2A97 ] MapsBroker C:\WINDOWS\System32\moshost.dll
22:35:27.0014 0x0ee0 MapsBroker - ok
22:35:27.0117 0x0ee0 [ A1D52DB330E18B5A7A718D31D950CA87, D3BE0C13EB0001841B0BA3B401783C0CDA247023BAF8351EBDDB48264AB2E20C ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
22:35:27.0147 0x0ee0 MBAMProtector - ok
22:35:27.0295 0x0ee0 [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:35:27.0343 0x0ee0 MBAMScheduler - ok
22:35:27.0392 0x0ee0 [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
22:35:27.0430 0x0ee0 MBAMService - ok
22:35:27.0463 0x0ee0 [ 5023F594D5448E16F920157174C61358, A8A188CA4E9995BBFCD419680A43EE8AD1E0C7EE529BEC8E0922581386982C4F ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
22:35:27.0492 0x0ee0 MBAMSwissArmy - ok
22:35:27.0522 0x0ee0 [ 1FED1E32DB671E5AEC052854BAA769A5, 4388E4F22C77E53AA6D60F0CED4FAE1C8260482A645579E6E3CA9E1DC1A54A48 ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
22:35:27.0540 0x0ee0 MBAMWebAccessControl - ok
22:35:27.0572 0x0ee0 [ 9996A2D4AA02E7EC365CB002623BEDD8, 4278FB6724E418896AA53B4A8899416A1D314DBE79BE54D6F4E3235DAD22B329 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:35:27.0594 0x0ee0 megasas - ok
22:35:27.0611 0x0ee0 [ EC4C9BD08D216E50C39BBEF14EE288EA, 443C225CDED8FE239BBC1BA43328F411124498B3B4EBB46B090E0177303A3594 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:35:27.0653 0x0ee0 megasr - ok
22:35:27.0696 0x0ee0 [ A0BA354F493A681EA3D1D24ADDBF9188, 3C4E716DF2BA24FE10C030D75BC16457CE7311B0DEA558ACDD72C55E4855E127 ] MessagingService C:\WINDOWS\System32\MessagingService.dll
22:35:27.0718 0x0ee0 MessagingService - ok
22:35:27.0745 0x0ee0 [ BC6A2EEA0C9C315F8506E9E52B6DFBA1, 296CAEE7AE96973F7A4679DC8B59D5B0B43CDFB6FFC71645FC6B0DF84EFAA302 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
22:35:27.0781 0x0ee0 MMCSS - ok
22:35:27.0816 0x0ee0 [ 8027E8E8C05DDE62E633D2776A58B37F, E3665265284309153AD098135F839A0C88AB4FBD1827D05F1A1E09CBF67CAA22 ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:35:27.0843 0x0ee0 Modem - ok
22:35:27.0848 0x0ee0 [ 4991C8029A6C540AE4B3943C36C1E81C, E1E5A50EE17755F1A103DA34ED974999003909C5B772F65A413F48D3519D6E6C ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:35:27.0882 0x0ee0 monitor - ok
22:35:27.0948 0x0ee0 [ AD4F6603C7B6CBFF0734F42137CB2D28, 47CD49BC8DB942AF2811F26F0854750827A20C81771BE59169D27EB23E5703FA ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:35:27.0986 0x0ee0 mouclass - ok
22:35:27.0991 0x0ee0 [ CBC561116A824A781DB5C53D5758E893, F87CDB3CB0E19A95F56A3E18A4C9452CC5C0E2BA121EBDCE527DDECBA1A3CC0A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:35:28.0030 0x0ee0 mouhid - ok
22:35:28.0051 0x0ee0 [ D3A190AD51B1187F5D408553A59FB587, 206612CEA87C6868A121560853ED85FB5327255B839EFED008D763A5722333FA ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:35:28.0075 0x0ee0 mountmgr - ok
22:35:28.0118 0x0ee0 [ FC9A9C09B35A93F76A03D5E355FA862C, B7ED57B9D39D547BA2927FC5F02C2475BF131FDB8AD40FFDE72C966506756B56 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:35:28.0131 0x0ee0 MozillaMaintenance - ok
22:35:28.0163 0x0ee0 [ 4037CA096170510A51982DE2E7DE416C, 9DA13D9976B2DF57E56F599D261ED95CFB5469CBA38922BEF45BAF5322F42C72 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:35:28.0212 0x0ee0 mpsdrv - ok
22:35:28.0375 0x0ee0 [ 594B367C2F895C531DFFDFA5E9C928F9, 89946EE056B7BB1A420C6D7B8C854EAF0AA2F34D97D19091A018C0D20A417111 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:35:28.0442 0x0ee0 MpsSvc - ok
22:35:28.0520 0x0ee0 [ 5865C9FCFB7A2175CD21270A785DFBB5, 4F9CDD6E1BD67B142FD160BFEEA4FBD4B8C93EE09CBB9648599EEB4E92F095A3 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:35:28.0577 0x0ee0 MRxDAV - ok
22:35:28.0614 0x0ee0 [ 89A56A86A03414C8ED5A96A52C3BA7B2, BFBC97F861D42D26DCFBFE72F62CF316022DD661290A40F191D03280BF9EE926 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:35:28.0655 0x0ee0 mrxsmb - ok
22:35:28.0702 0x0ee0 [ B2292997F9B42CF0BADE30F455358B29, 673E510E56C85277AAA121BD20EF046D61BE084CD0C4CD9B237C4C9632ADDBF0 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:35:28.0752 0x0ee0 mrxsmb10 - ok
22:35:28.0800 0x0ee0 [ 56DBA6170A515AA35B70ED15940BC7AF, 78897F8F661A2A4C014B187BC69F70BEE157A9359F56B9F161D42AF2F263D222 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:35:28.0839 0x0ee0 mrxsmb20 - ok
22:35:28.0904 0x0ee0 [ B19EB766868E8462DF6BC2EC41DA8C62, 0A2760775B90E44782499E2F34E720D65ED39718746114C8C15E55EBAE046D52 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
22:35:28.0979 0x0ee0 MsBridge - ok
22:35:29.0063 0x0ee0 [ 91FA34D09924BF87407C790CFBC3EEB5, 2FD543826A16D7BA9A3FBB290D9D61A813BD9BC702705E7FC509CC41B6FC0F12 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:35:29.0100 0x0ee0 MSDTC - ok
22:35:29.0108 0x0ee0 [ D7094E04F8F5F84F1C2D0651594EC47C, F6F9181963C665BABB6DF204963D820D51DDB3DCEEA7F54A61E90979104491E6 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:35:29.0153 0x0ee0 Msfs - ok
22:35:29.0173 0x0ee0 [ 2067E7F5063160AC11C1914FA7E8FDDD, 7CD22C6D9536D3B44DE7EBD1EAC73BA75876C6FB43726DFCBA2F163AA68FD722 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:35:29.0197 0x0ee0 msgpiowin32 - ok
22:35:29.0218 0x0ee0 [ 1E0CB295ABF08EB6DC9AA8CF6D33E001, 8C9DFBBA0FCBBFFD28475ED921C43AEA65B9BAB72BBF884D27E9348118A7E651 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:35:29.0253 0x0ee0 mshidkmdf - ok
22:35:29.0284 0x0ee0 [ C81FED291A9F425184CC72F1AED64F7E, 2D47B6DE5AA4F603F128D1DEC4CCD9F32752099A146D6C692F0CB58F94E84ED1 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:35:29.0308 0x0ee0 mshidumdf - ok
22:35:29.0330 0x0ee0 [ 5295CE68F72A22D12FC1505B84640C2F, FC307C1A4FABB5EE97BBD56F37AD88A362FB9F620B602C875ACDFDF3AE55F8CE ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:35:29.0351 0x0ee0 msisadrv - ok
22:35:29.0391 0x0ee0 [ F223080ED94DFBB6A4044A640F55157F, 672806C976C429B152F46A15F8D0888834EAE20A79C13D3BA20AC7D9C30D39B3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:35:29.0422 0x0ee0 MSiSCSI - ok
22:35:29.0426 0x0ee0 msiserver - ok
22:35:29.0440 0x0ee0 [ A4C341573EFA765B3A7874C7D3D92D46, 687779C51CCB4DCE44E88B021EC85BE5B54F1F956A4882D8D4389B63877C1304 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
22:35:29.0465 0x0ee0 MSKSSRV - ok
22:35:29.0470 0x0ee0 [ ACEB854E7D89E88EA94ED9F7FAB11FE0, 9309408E7FA52ED6F809032D651B2B7724AAA59548496684687306D073519D61 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
22:35:29.0502 0x0ee0 MsLldp - ok
22:35:29.0514 0x0ee0 [ A6D1472D89F3FA6A9E2C6EE43F020ED2, 5E39667A72759266A5E9A78E780D5B53432D55453CE5948A4E17B5E002D75656 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
22:35:29.0551 0x0ee0 MSPCLOCK - ok
22:35:29.0555 0x0ee0 [ 5BA5EBA2F1452E525267AB0F523EC7E2, 66D4767170DF7D1167F92B13956781622F96D44C48EAD50A6F62AC8BBF26D818 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
22:35:29.0579 0x0ee0 MSPQM - ok
22:35:29.0606 0x0ee0 [ 5A7335C9C55283F5FCF21053FB5A759B, D03BF0D2C520302CF5F89A97F139158572012DCA5ED01D852AAAF0650A06872C ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:35:29.0634 0x0ee0 MsRPC - ok
22:35:29.0641 0x0ee0 [ EF107B9BDA0C241EB45C970C840A6575, 12D557AB655B0190C290950009507430621701A566E257AB4E428A58B014FE03 ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:35:29.0663 0x0ee0 mssmbios - ok
22:35:29.0677 0x0ee0 [ 07CA316EE395669E5561EF81C0986B9F, BDA73D423F8EB70BD8B456220D9B92C49B8AE065E85B9D1C100DB96DC2958A89 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
22:35:29.0701 0x0ee0 MSTEE - ok
22:35:29.0729 0x0ee0 [ B810626D319D4B5E4BD9BF85FD813A88, F0FDBCA42B8860CE0F00BD594C1B519619C9B7F44B0C74F80C576382551AB78F ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:35:29.0755 0x0ee0 MTConfig - ok
22:35:29.0761 0x0ee0 [ C09931CF6195E58D726466AB40609DBD, ED0C8BDC5D7698E70803CB46A6334208998544157AD3C8075E4972192C028C3A ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:35:29.0788 0x0ee0 Mup - ok
22:35:29.0793 0x0ee0 [ 269D818745A242640355702646A74B99, 48F01F96C5AE295B032F1BE5DC8D21748CE020508CF0323F37FD2AD625097141 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:35:29.0818 0x0ee0 mvumis - ok
22:35:29.0859 0x0ee0 [ EDD2A57B751ED89810289B87001AA507, BEC5E1512CEE105D1B92CD4FE0B5F518FF24511F67965119ECB565425188EEAA ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:35:29.0905 0x0ee0 NativeWifiP - ok
22:35:29.0949 0x0ee0 [ A6807B464D7B36156E4DDFAAC92935D2, 01FFE1AFE1FA29C713EEC5C0251B8923F0851AF9C9333F89ECACF57ABF983702 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:35:29.0986 0x0ee0 NcaSvc - ok
22:35:30.0017 0x0ee0 [ CAFBFADE0C49650CEB17A509ACEA7AB8, 81AD6B55C2F5DC7512523395B1FFECD15E2C0EBA4CEF431B11559AE133615F52 ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:35:30.0056 0x0ee0 NcbService - ok
22:35:30.0075 0x0ee0 [ 470A1322F39A089FF4CE11E60C309EDA, EE7328F3179DC5306F66435B80D6B998C4DC370069CAB210C3715E45B78B2DA7 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:35:30.0120 0x0ee0 NcdAutoSetup - ok
22:35:30.0173 0x0ee0 [ 37256414284A0A85A3DDD3FB2A39874B, 95F89CB4B1AC1C5170CBE87291BAFF7BB111F35A35DC18E72227CC09E2EEA22F ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:35:30.0234 0x0ee0 NDIS - ok
22:35:30.0278 0x0ee0 [ 5E4E278F613D345E11DC961D2399FEA4, 87DBFCD994000AB7102113409AA7566C30988A4F1096B197DB60AA4BC46095DC ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
22:35:30.0379 0x0ee0 NdisCap - ok
22:35:30.0388 0x0ee0 [ 66EAF91097BC2A8B7EC8DFD4C75E0453, B642774346D8733BBCE50A1542643594745AD2503E34AB9AFCBDB52148F3F7FF ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
22:35:30.0425 0x0ee0 NdisImPlatform - ok
22:35:30.0459 0x0ee0 [ DD421C7B39693EF60C4793D535B50E41, 9196CFC949DD9A5C1568A6FA9D9E58171D6F3F03C13CD231CD6FC0037E71A47B ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:35:30.0486 0x0ee0 NdisTapi - ok
22:35:30.0536 0x0ee0 [ A8DDCFF13A50B872D04731AE369A72B7, 1C5B8CDFC8499B97CDB65D5EE9906B8F6865899521FF3BB96FBDBF7E07FBABF0 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
22:35:30.0563 0x0ee0 Ndisuio - ok
22:35:30.0567 0x0ee0 [ D3285C154415EA9C4B5FBCB7063E436C, 16B72073107C61E14FAA99444E19709CBCFE4F91CF1FDE43CE68FDD37FE29848 ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:35:30.0596 0x0ee0 NdisVirtualBus - ok
22:35:30.0604 0x0ee0 [ 0174FE40EA6219317FA6B5F846B7C29A, 56953C52FB20E366403D89EC7E0C6F1473969C217E32E1D723BD12DC8A2F676B ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
22:35:30.0639 0x0ee0 NdisWan - ok
22:35:30.0646 0x0ee0 [ 0174FE40EA6219317FA6B5F846B7C29A, 56953C52FB20E366403D89EC7E0C6F1473969C217E32E1D723BD12DC8A2F676B ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:35:30.0680 0x0ee0 ndiswanlegacy - ok
22:35:30.0686 0x0ee0 [ 9CCEA21891D79F180F00E07806CF93AB, 22C9A801845319C97924849C3C3C03C09D276C9D3C04FBFE2DEDB1CF92E9AECF ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
22:35:30.0714 0x0ee0 ndproxy - ok
22:35:30.0727 0x0ee0 [ B2BE5E04514EBFE842AD07A5B80327CD, E2485F8E0505F083734F0505B1F7540ED63DCC222228DCA9D6CA22698BB82E7D ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:35:30.0774 0x0ee0 Ndu - ok
22:35:30.0779 0x0ee0 [ 15F48CB9C97B69EB901A3E0EBB496167, 305D6C95ED0836E200EEC326A2A2D7915545F75A423394A7DFC93A0477C64D60 ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
22:35:30.0801 0x0ee0 NetBIOS - ok
22:35:30.0827 0x0ee0 [ 1CA44BC32773FCB9FE4ADAA077AB642E, C4F0F3D749C798C63EFC8AD2FCAE2B0FDD3E5FBB8B7C89710C390A9610869405 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:35:30.0869 0x0ee0 NetBT - ok
22:35:30.0878 0x0ee0 [ AC27D700DCEE3715249C9815A361B2BB, 81CD19D69A8A2D994EFB166A830C007317FD000262E3F0D7043CD9BB19BE6A5A ] Netlogon C:\WINDOWS\system32\lsass.exe
22:35:30.0892 0x0ee0 Netlogon - ok
22:35:30.0942 0x0ee0 [ B14E3E38986965A586998E8236785D6D, C3D5EFC08AB0BC5DF8628F3646F8F1F8D64535DE3581F95E4C9383985B50A7D0 ] Netman C:\WINDOWS\System32\netman.dll
22:35:30.0969 0x0ee0 Netman - ok
22:35:31.0011 0x0ee0 [ 59AD5BF8D86257472313941748164F94, 5F31A835953CB05A46086CAEFA9F8CA56A4596D87B794FF6F32F8D691ECD45F3 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:35:31.0048 0x0ee0 netprofm - ok
22:35:31.0079 0x0ee0 [ 0D73C7FFC8A36990271097E30566D939, 7F07CA20A6B0BF5D2E46EBA2494C292B249F603410C5EA17B95C6B356398F840 ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
22:35:31.0108 0x0ee0 NetSetupSvc - ok
22:35:31.0265 0x0ee0 [ 9E9BEB22644CE1DA521A1D7821BF891F, 5480D52AE1942205B513F916DBCBF5B5F2FFF92D927F4E598FBA618E75BBC2E9 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:35:31.0290 0x0ee0 NetTcpPortSharing - ok
22:35:31.0313 0x0ee0 [ 965143355168421FFCFA45558F191D5F, 4691900328AD20A0E5C13AC1E83A1B8854C0ABAFD22F4ACD978F39CB415B4399 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
22:35:31.0347 0x0ee0 netvsc - ok
22:35:31.0399 0x0ee0 [ 72DF09EB58F3D7675A1EB740A858BB92, CE697F839FCCEB488E2ACC04CA9185C998A6D4A3C0C140EA2D841CE71D665B0D ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
22:35:31.0453 0x0ee0 NgcCtnrSvc - ok
22:35:31.0513 0x0ee0 [ E49F71895EF40C0358C671562C023D2B, A4326BBB65EE670BEC43167EE1D186D585F03FD8559C3078E5CFD8D0DCDB5583 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
22:35:31.0551 0x0ee0 NgcSvc - ok
22:35:31.0586 0x0ee0 [ 1B755030521ABBC61672D762ED68595A, 8ACAF2FFC456D146148645224A34646C2C4325910DC5E2B6D94128FCBFB721EC ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:35:31.0619 0x0ee0 NlaSvc - ok
22:35:31.0635 0x0ee0 [ AE369CFADC557F15AAA45A96FC6F5DF6, FCCEF624B5B88AFD36DB93343EEBC60AEBD9B7215241D7E7DB43724EEA38021A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:35:31.0675 0x0ee0 Npfs - ok
22:35:31.0699 0x0ee0 [ 06368C63820FBCF1DD9E87757A6C92DD, C3915F69E12F73B2C9D727DE4C27E74828C7B3710C740A0A417EEBAB66D13D2B ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:35:31.0735 0x0ee0 npsvctrig - ok
22:35:31.0784 0x0ee0 [ 0EFE36BE7E0AE8E43972BCE5C037845F, E25157BF6D0FCED42E9A0C0EAA3CFFB2C45FBFF640C9EA8D03AD24F1903BA3C2 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:35:31.0824 0x0ee0 nsi - ok
22:35:31.0847 0x0ee0 [ 88D14F6047B6E276C55FA3F85F770D2A, CF8AAFED7F02AEBA48805465B6C0655B9811D30B791B774AD8C18F50A71F09A8 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:35:31.0872 0x0ee0 nsiproxy - ok
22:35:31.0987 0x0ee0 [ C195E7756F795F10338ECE0AD20B72D2, 64A02933640E652D3B28C984830DCB4F9B976778F0620C7B0FB938EB5F1D5E6B ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
22:35:32.0093 0x0ee0 NTFS - ok
22:35:32.0121 0x0ee0 [ DFD914F2033F8A69D3DA357DEF474C31, 26320A842FE8F6F0A2F8D17E225654A63D9FFA6DF28A143628D9A08F320CDC62 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:35:32.0151 0x0ee0 Null - ok
22:35:32.0171 0x0ee0 [ F3A3A757559C735001AC71A191577E8B, 7977C2439B9A53B0A71907B29BC3238F8D8E2974B4B9E0A65DE3AC1BB5772AA0 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:35:32.0199 0x0ee0 nvraid - ok
22:35:32.0206 0x0ee0 [ 4EACAB016B1239921387500173BFAE41, A1D2261B7501A1B0E169615A0F1F8EC50845EAD6E59BFD115E38C3D363892BA0 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:35:32.0233 0x0ee0 nvstor - ok
22:35:32.0241 0x0ee0 [ AB6FBB9E2ADEF7664479205C5A8B4549, 3E4B58631135B59C4C0A380B6B42C2DBC9480191B6FCB5D5E7377EF22D872AB7 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
22:35:32.0266 0x0ee0 nv_agp - ok
22:35:32.0299 0x0ee0 [ 50DAD4774843C2E1BD861D7A0A15AD44, 3A1B1C122AB6039A19E3712C949DD70032627FEF7E78747325F0284C93A2A8B8 ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
22:35:32.0333 0x0ee0 OneSyncSvc - ok
22:35:32.0394 0x0ee0 [ A4BEB92A407D0D8C019248AFBEEEF79D, CA87B21B14D5F6D3B8086FFC86E1C8E444EA45244C1EC59465C5BDBFADBC5709 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:35:32.0439 0x0ee0 p2pimsvc - ok
22:35:32.0472 0x0ee0 [ 4CD729415F7A6395604E1545A07241F1, BCB754DC841D00F41181D26F25417736E4479A62A4A26C208623251F17E3FBEC ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:35:32.0504 0x0ee0 p2psvc - ok
22:35:32.0520 0x0ee0 [ B69B323395ABC1303EB9F69E9B8460F8, 54497F3C37DC5E6BFAC34B87A3F53D5F76B7B734F290CB8831B35B8C0BBB24EA ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:35:32.0568 0x0ee0 Parport - ok
22:35:32.0575 0x0ee0 [ EE23562B266542D49DF7A8648A2794B1, 3358449601E8931184C677CEDF2D95F57568C46CE709E89A097F35BAAC83FE7E ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:35:32.0600 0x0ee0 partmgr - ok
22:35:32.0632 0x0ee0 [ B5F6CE391E5510F45F74061A9B5A5B06, A7B2481AFB30D3EBA1B2E4091D4DF27E3F28052A6B61EF93E38DEB07CAE8552A ] Parvdm C:\WINDOWS\System32\drivers\parvdm.sys
22:35:32.0673 0x0ee0 Parvdm - ok
22:35:32.0714 0x0ee0 [ 8D799FCBD568989BC2639F01FA05D312, 011F47B26D58BF4C3986E75B5651BB67213BE24D04AE0B0AF5ECFA925D5810CE ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:35:32.0743 0x0ee0 PcaSvc - ok
22:35:32.0780 0x0ee0 [ F80AC13F7CC60DBCAEE0EE9D4764FD62, B746B8BDA9E1C44A9771BAACD83FFB10CA541D5B7BD78BD907081993DD433BF1 ] pci C:\WINDOWS\system32\drivers\pci.sys
22:35:32.0814 0x0ee0 pci - ok
22:35:32.0858 0x0ee0 [ ECEC3D77767962C04D7F97B91455DDA0, A5FBB840B9910258A8ECDC88D118A9595D786C9C27F7E710528A78222C81C1BE ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:35:32.0879 0x0ee0 pciide - ok
22:35:32.0940 0x0ee0 [ BC67657EE279C7AA2335CC678770367C, 33A56E4FCF378D496730399C96FC717B32BFE8E3BD48EFEDE3B769E322DBE330 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:35:32.0966 0x0ee0 pcmcia - ok
22:35:32.0997 0x0ee0 [ 92E594462D997A2A9E3AAB6B21D9C580, 927242B06B2AB2D3C9E6FC5973CCD2EA6AE94364FFC867C8C446E305403188D0 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:35:33.0029 0x0ee0 pcw - ok
22:35:33.0056 0x0ee0 [ 5B7AEDE05625BCBCC07B14DCF8A51362, D1B02E7404043E2D8CDE5E9038FE48F993ADD672A01DE240E8FB2579C71AF62C ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:35:33.0081 0x0ee0 pdc - ok
22:35:33.0128 0x0ee0 [ E31B9C22C1B7F245ADA4CF9DB12FBCB7, 94A2C0EC2E3777818E6BF6354BD6104CB700CF29A844248342EBEC1B9903BD9C ] PEAuth C:\WINDOWS\system32\drivers\peauth.sys
22:35:33.0217 0x0ee0 PEAuth - ok
22:35:33.0452 0x0ee0 [ D3E28D33C0FE1494F87820E992B0A7B4, A974BE23C0E49B68211790EFC7EFB88E6F6E69930424AE977E7F65FD0BAF699E ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
22:35:33.0564 0x0ee0 PeerDistSvc - ok
22:35:33.0599 0x0ee0 [ 8763C09E1C0DC49D6C96E12364387B89, FCEFF945FEBB460357FBE4448FFE7BB839D89FE57BE92C42F56EF1CE71D9BDCD ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
22:35:33.0622 0x0ee0 percsas2i - ok
22:35:33.0690 0x0ee0 [ 70BE20D700E853153AAEF254B56B8EB3, 04B13FABECADFAE348DB7BE1ED3CD7330A8BCE0CD43AB84A3EA8B66F00DE798D ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
22:35:33.0728 0x0ee0 percsas3i - ok
22:35:33.0807 0x0ee0 [ 79061676C5B8CB6C8658D31367CBC548, 38392171D660EFFC49B535E1F7AFFB36773E4DACE796F8F507DB1F77B26A392D ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
22:35:33.0871 0x0ee0 PhoneSvc - ok
22:35:33.0910 0x0ee0 [ 7C9FD4578034548E927AC29F9B83AB14, 58E0DF7CF01E370FBCA0C522303B7E6BB9921D8AB6434DA821D427FF4929B291 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
22:35:33.0950 0x0ee0 PimIndexMaintenanceSvc - ok
22:35:34.0033 0x0ee0 [ E3CA6F4ADE51C84515E54914E65E4273, 6F3FF1CDF98A61548EBD06856AD0C4489C3F4186271C183E170B0C11F9364435 ] pla C:\WINDOWS\system32\pla.dll
22:35:34.0133 0x0ee0 pla - ok
22:35:34.0152 0x0ee0 [ F8CE95063897444AC54E83D8414EFEBE, 3A4174B4B474BAFDDF84511C83861D2B2620C5E049C9FAA3E3A6037F7F254C64 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:35:34.0179 0x0ee0 PlugPlay - ok
22:35:34.0204 0x0ee0 [ FAA70D79F0592A078F2D5F935D344A3A, 693C0C02A405A238924B493603924E2A1D5384D160E15E71FD12ABC9AED74F76 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:35:34.0239 0x0ee0 PNRPAutoReg - ok
22:35:34.0249 0x0ee0 [ A4BEB92A407D0D8C019248AFBEEEF79D, CA87B21B14D5F6D3B8086FFC86E1C8E444EA45244C1EC59465C5BDBFADBC5709 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:35:34.0277 0x0ee0 PNRPsvc - ok
22:35:34.0320 0x0ee0 [ 0AB5A24C47A6DAE3E51748BD91609856, E594C1860AB89B4EC8FC6FEC900CF161FD23A6E4835C84C598057024191500F8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:35:34.0361 0x0ee0 PolicyAgent - ok
22:35:34.0376 0x0ee0 [ ADE9728231FF3568D9D846E0AAA63AB9, 32B818B3A20ED106A1417FC1A09C67932CA368E46919B7568E52735D5FB9CBED ] Power C:\WINDOWS\system32\umpo.dll
22:35:34.0398 0x0ee0 Power - ok
22:35:34.0435 0x0ee0 [ 32F7EA4FED6D588CB95F3939EF93C47F, A5966CB8D53121BD9CCC28FCE457D8E8F19FA3939E2D139E27FC60F228061B6E ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
22:35:34.0465 0x0ee0 PptpMiniport - ok
22:35:34.0683 0x0ee0 [ 42DE22BB4E675AE8DADD9038B26F8EFE, 943B0D037544F2567F04F779549B82048B6885D791FADFAAF43DB2CA91804AA3 ] PrintNotify C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll
22:35:34.0901 0x0ee0 PrintNotify - ok
22:35:34.0939 0x0ee0 [ 6D595CD068691AFC59E7ED3B760CE12E, 8483F90212C4A7B0A3DD662D691347C8D8C0D10243CDD23CC4DC3724A9BD32E7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:35:34.0968 0x0ee0 Processor - ok
22:35:35.0018 0x0ee0 [ 6B0B5260CEB372E28FECFE58F13D32CF, 819EEFDD5397AF305BD9FD006E6E2DEED7CD49ADDA87FE092796ECCE8CF1E998 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:35:35.0074 0x0ee0 ProfSvc - ok
22:35:35.0095 0x0ee0 [ ED52651C95D36C639A88DC639AD46A8B, BF880F5568D67787A4C8D8A164D5B9545290BF3EF893B29045C23650AC51A05C ] Psched C:\WINDOWS\system32\drivers\pacer.sys
22:35:35.0126 0x0ee0 Psched - ok
22:35:35.0169 0x0ee0 [ 0CBE5AA15BAAEB6FF579868854744F22, 70481141E7D64A19417D2B08053D1B770711B3356582C46BBD3BD512264D9E22 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:35:35.0208 0x0ee0 QWAVE - ok
22:35:35.0239 0x0ee0 [ 07B60F91EDFA2519AF0701F1CD6EFE16, 1A8BC7D82A0B85DEA914FE23BC59C48101BC9CC0572CDD6A2F220B6915969DD4 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:35:35.0264 0x0ee0 QWAVEdrv - ok
22:35:35.0295 0x0ee0 [ 5C4EEC621C8ECFAA03EEEF93DE03C595, FDA1D4EE654F19DBD9811CE570FFE1478724AFD85A24EC0EBB3E52E396768975 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:35:35.0323 0x0ee0 RasAcd - ok
22:35:35.0362 0x0ee0 [ FB5AC6F46F4F7F877358442866A16D29, C5AE9A7102EEB4175DF6B48A4A9989AF7DECE61FB1F2AF69E2BCA273C35AFE7E ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
22:35:35.0408 0x0ee0 RasAgileVpn - ok
22:35:35.0439 0x0ee0 [ 9CBBFF383012199E612FE72877299882, 584298632B8E1B79E9D46B6EA2D6138885D31869ED36E9C071F3E599096C0182 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:35:35.0461 0x0ee0 RasAuto - ok
22:35:35.0476 0x0ee0 [ D49CBC052916F95D184713CA6FC37C5C, 99FEBB5575EF4739D34879218D85BC9A566F12A7C6AC21703544ADB034C1FA5C ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
22:35:35.0524 0x0ee0 Rasl2tp - ok
22:35:35.0589 0x0ee0 [ 9E020DCA50E63751779E21CA294D5F77, 482EB86DCA12617BE4EE294B7B0D9791BD4190AAEB69EBE5E625DA34613E8406 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:35:35.0633 0x0ee0 RasMan - ok
22:35:35.0655 0x0ee0 [ F20245B35228B55324DAEED158CCBA75, 2813D701A3444F679BB521DE8FB207C3668814B208A15885D7FEB555A13880AF ] RasPppoe C:\WINDOWS\System32\drivers\raspppoe.sys
22:35:35.0684 0x0ee0 RasPppoe - ok
22:35:35.0690 0x0ee0 [ 1C0DE9EFAD982DF7FA4216AC100AE48E, 814C7F103A1291EEC35D709091F63175CEEC6A399F41C5F7903E669CD9C23B61 ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
22:35:35.0720 0x0ee0 RasSstp - ok
22:35:35.0731 0x0ee0 [ EBA52E812B8888593ACDAA931238A171, 54FA8E3B52C9E54E73428B9544A85FAE436347005E656E7249534737E7F8467D ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:35:35.0768 0x0ee0 rdbss - ok
22:35:35.0784 0x0ee0 [ 81DCA0CDB005CA556A32AFB69C61BBA4, 3A804380DDC5FC6EEC897140295208E341996D4179A6F1F14B6E48FBDF01A88E ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:35:35.0819 0x0ee0 rdpbus - ok
22:35:35.0852 0x0ee0 [ 288DA2E52BFE6A90937FF9A994FA56ED, 8EB5FF580867D796EAA93B9A167A564653943429D8B849CEDBEF2FBF0ED026EA ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:35:35.0883 0x0ee0 RDPDR - ok
22:35:35.0893 0x0ee0 [ 1120A66FB9E6C41F2C5F817A27C3EA7C, BDE2E39CDAADCD7BEB5A8CF34F0CA852FE16C32D92D987B9028E8158DB7ACEF3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:35:35.0915 0x0ee0 RdpVideoMiniport - ok
22:35:35.0940 0x0ee0 [ 9E0CECE19D5435C92B4928CA5F4A7DBA, 26E6D0D0493F961418540F40A84355AFDBF2C7E81F7E03FAD791B7A7F8D40BA1 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:35:35.0977 0x0ee0 rdyboost - ok
22:35:36.0044 0x0ee0 [ 3298EBAA3AE46370FC3DFE475CB5CCFA, 5612BF352B3D2AC6FF4AA8C493B9A7A84C0461941387FC19B39D66CF3D1D6D33 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:35:36.0187 0x0ee0 RemoteAccess - ok
22:35:36.0222 0x0ee0 [ 313FB1A4E115664A9A710256856255D2, 416F8F4C55DB4A351DB4BE53402D6560985143F0FBFE01E84A33E84ADE7B41A8 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:35:36.0269 0x0ee0 RemoteRegistry - ok
22:35:36.0321 0x0ee0 [ 74378628B37D0E6A26E79E9F1AD6DAD9, 1966AC5E2964C06F725C3AC4E2E63A42A7E39D7D0EAF41848C3D98E24238D3A0 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
22:35:36.0391 0x0ee0 RetailDemo - ok
22:35:36.0430 0x0ee0 [ ED7DEA401C5AF2B14DBE76B95774D7CC, CE618E4AAE7C240806E97191F098ABA82B70F5D7B5661C501C516BEDCCA2E1B4 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:35:36.0458 0x0ee0 RpcEptMapper - ok
22:35:36.0482 0x0ee0 [ A8B0BC7906026B9132B2421F4536F813, CC6A8EB2F5D7088B952269672ADDB70661EFE066EE8478BAF313105637216BFA ] RpcLocator C:\WINDOWS\system32\locator.exe
22:35:36.0518 0x0ee0 RpcLocator - ok
22:35:36.0558 0x0ee0 [ 4C0499B1D34B8E097DAD8B26DC26BCB2, 8855D7ACF8DD445CBA3A929D0DA8E6BFF6F7B05D10422F5F2BF3C95E517035DB ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:35:36.0623 0x0ee0 RpcSs - ok
22:35:36.0647 0x0ee0 [ DC83F205844B3FB7E5E141E49EC999D9, 9FDE19CA36DE4DF4DAE2841CD1994C769FCBAD723ACE03198C4FC2FD4F14270F ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
22:35:36.0677 0x0ee0 rspndr - ok
22:35:36.0687 0x0ee0 [ 46A5689B7ED4A894EB2CBD7D42B32B4E, A9E7884E67EB4BC8540BACD97961B9960B54EC543BBB03A96F125A7CEBD26606 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:35:36.0712 0x0ee0 s3cap - ok
22:35:36.0733 0x0ee0 [ AC27D700DCEE3715249C9815A361B2BB, 81CD19D69A8A2D994EFB166A830C007317FD000262E3F0D7043CD9BB19BE6A5A ] SamSs C:\WINDOWS\system32\lsass.exe
22:35:36.0748 0x0ee0 SamSs - ok
22:35:36.0789 0x0ee0 [ 3474F4025781EEA401D709BE23CFC556, 9DF79045D29F104EEF9BABBE4606CEE2E4C0996F935FAFC6D06D5B97A07E9650 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:35:36.0813 0x0ee0 sbp2port - ok
22:35:36.0863 0x0ee0 [ 864413BB298EEF6F62FF22D3F0F613C9, 9FB714756130391F8AB0EBAD1558244384BA938CCACBC64CE2C68A04CDE5F254 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:35:36.0899 0x0ee0 SCardSvr - ok
22:35:36.0906 0x0ee0 [ F2B217FE8FC01854C45D89E563FD965A, 648E65AA4ECE9839E50002D1B805D3310A23E5F53F517F0ADF88761CCC54F886 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:35:36.0933 0x0ee0 ScDeviceEnum - ok
22:35:36.0960 0x0ee0 [ 0DE6E9DFFD1D252B351F48408593C325, 10F8D64772C8C68F34DB6F90EACFE8A634815F754CE14393909E034D07504B9E ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:35:36.0989 0x0ee0 scfilter - ok
22:35:37.0050 0x0ee0 [ EFAFAA2F86622F22ADBFEF583AB10F42, 4DA1CB525181A152399426A1D9D54E00C8ED5A26B18FB61324BC3EF771B5CD57 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:35:37.0122 0x0ee0 Schedule - ok
22:35:37.0166 0x0ee0 [ 79A68462E4512E766F0683F6AAC79E6E, F162489C0179BDCAD53C042C1519D0DD7F4E53ABC2DD1832FEA093B180BAB388 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:35:37.0207 0x0ee0 SCPolicySvc - ok
22:35:37.0241 0x0ee0 [ 8D537D808124F5D69D904DBB87167DAB, 08BC6745D6FCAC582272F1994838C4F9AB7172932296D7AA85CEDBE1BC6A5FC5 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:35:37.0272 0x0ee0 sdbus - ok
22:35:37.0314 0x0ee0 [ 02AAF5F0888DF6983F4FC2FDC8F82DAA, 969A3C3427C370AE5CCF25B2EE20EE8AFD79590B49DD0CAAB30BEF5C222196AE ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
22:35:37.0348 0x0ee0 SDRSVC - ok
22:35:37.0379 0x0ee0 [ 57A7585BB9952E90C4A791833EB31B99, 38CD4BA8D59CDF2F422DD5680B6472C72A65DAC18E105A30C036B69144AF5559 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:35:37.0404 0x0ee0 sdstor - ok
22:35:37.0435 0x0ee0 [ 1B2DDD12CDCA87A005F4C6AD084C1313, 008E01F64DB3C8DC5090E5446C538933E18F5002FC95A7569920ADE16D472737 ] seclogon C:\WINDOWS\system32\seclogon.dll
22:35:37.0490 0x0ee0 seclogon - ok
22:35:37.0525 0x0ee0 [ 8293D0B96298CA5AFE121C1855A72585, A658A204DD2D401925FBABA576BE256B0A593134510575F04D8497F44CB8EC27 ] SENS C:\WINDOWS\System32\sens.dll
22:35:37.0566 0x0ee0 SENS - ok
22:35:37.0645 0x0ee0 [ C45CA6D63BDBD4014C67745EC7608DB8, 896C82AFB1722E43AD580F104D3400D71297A24C8B1245AC52917E58BD893097 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
22:35:37.0713 0x0ee0 SensorDataService - ok
22:35:37.0761 0x0ee0 [ 9DFF58D3EF668FD8520F4E77DA8B1049, 9022F05A720560A030AD13CEFBF41C2F4E87F8EC3D7BC8F0617258D588F778AD ] SensorService C:\WINDOWS\system32\SensorService.dll
22:35:37.0798 0x0ee0 SensorService - ok
22:35:37.0841 0x0ee0 [ 41D9D380DBFFFA8F3ACCA77772F0D644, 340EA1B0D7464493662CD1545ADB9490AF9670A92889687E07128E1FAF567B5B ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:35:37.0878 0x0ee0 SensrSvc - ok
22:35:37.0951 0x0ee0 [ 717BE0184E6C4CA20C5733F4CE332383, 686CF4DAC254020130BEC88A1D3CD8535ABD4684265E2A6EBB18ED7180535966 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:35:37.0986 0x0ee0 SerCx - ok
22:35:38.0044 0x0ee0 [ 4C6C157F1EFA6C167357D8E3C44AAADE, B6D58C1D42AFCEE6615FAFC6964B15797C3B862AAE44F2A0532264753AA724B0 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:35:38.0084 0x0ee0 SerCx2 - ok
22:35:38.0104 0x0ee0 [ 425BB23B81184F186ED90D0C3DD4E3DE, 17BB8C7373DBEABB9D84000F575C5F00DBCFCB5442584BB5F6AE76B9BCD32B7F ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:35:38.0145 0x0ee0 Serenum - ok
22:35:38.0176 0x0ee0 [ A95DCF5D24562CF80CF407F76AC48D31, 1388E7B9FC84573F27433B66AA0D64709536D67FD0DC726C63D5EC33BDA2B590 ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:35:38.0223 0x0ee0 Serial - ok
22:35:38.0251 0x0ee0 [ 0BD8E3C2BCB05F0DE6FDC3BFEE708607, AD674C856A4545CCF38CCEEE9B4577FBCBFF5E3771F5FBC9DAB02A7EC2D86FD9 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:35:38.0301 0x0ee0 sermouse - ok
22:35:38.0354 0x0ee0 [ 4EE3F02AEEB6C68F05AFA012AD570D14, 1DCE0C4A0D661285F23A4B81676F2F244DBAF6B1FA6D1B9A370DF5E035769749 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:35:38.0407 0x0ee0 SessionEnv - ok
22:35:38.0440 0x0ee0 [ 7EF99E869A3DD3B027D79D6F4156593E, DE0A1A42CAA449D66AE100DF6C13F2E25E7ABF0F325B67AF67E7BB2773935CDF ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:35:38.0463 0x0ee0 sfloppy - ok
22:35:38.0506 0x0ee0 [ DD9D490165EF04D4150FAE621978A522, 1F8B1116AAC70EB1DDB24A27ABB5B118404803B5A6A62182B8253BDBC18919A2 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:35:38.0559 0x0ee0 SharedAccess - ok
22:35:38.0629 0x0ee0 [ C8F696223A6CBEAE88226F99608E9F2E, 833CAE3D62D25E2C5CEAE34B75DC25FE27BEE9041A214194F024592D45940BBA ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:35:38.0687 0x0ee0 ShellHWDetection - ok
22:35:38.0720 0x0ee0 [ 5DDA57A3E19147B47B99F08314AAE954, 33DD1A38F1185243ACEA536CDAF7462980CCEAC189CECCEC6A01BFAFFFB6B6C5 ] sisagp C:\WINDOWS\system32\drivers\sisagp.sys
22:35:38.0749 0x0ee0 sisagp - ok
22:35:38.0765 0x0ee0 [ CB00A2CA0B4B236D59837B9C43104E6B, 62D0AF3F0ECA81DED1AAD3DAC51AC0F4A583E148915122FEE8788AF176D8E9E2 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:35:38.0788 0x0ee0 SiSRaid2 - ok
22:35:38.0806 0x0ee0 [ 18706B3C33D8A5AE575BD7922846497E, 8E4BCFD2081E1933EB2A6F06BD6A7F625D50F890EDEE15D9DD209FE379F74690 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:35:38.0830 0x0ee0 SiSRaid4 - ok
22:35:38.0856 0x0ee0 [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
22:35:38.0875 0x0ee0 SkypeUpdate - ok
22:35:38.0926 0x0ee0 [ A5EFBACE0336F264A64B5E38F4FDCBC2, 98A0B1695171309EDA90F20919873986A334DB5CED5F45860EF2DAF26B8DBC37 ] smphost C:\WINDOWS\System32\smphost.dll
22:35:38.0966 0x0ee0 smphost - ok
22:35:39.0006 0x0ee0 [ F4FEA4F417B887D1A993972BE554DBD9, EB3DB6BF2E59B37C774D62D8AF79E288DED5139E54951BE4E957001DE951D19F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
22:35:39.0040 0x0ee0 SmsRouter - ok
22:35:39.0074 0x0ee0 [ 46155FAD8C56504BBCA8234363045082, E7185B6B59D3B6AE09D6B03BC640C128F9E1E4E9BBD7E74FF3541CBE8520CFF7 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:35:39.0105 0x0ee0 SNMPTRAP - ok
22:35:39.0167 0x0ee0 [ 9D3FB1E0BFBB8A3F888E55505695741A, 7F1DC6889E3615A7BA2AF859FD27C56669B793DF1AC9D3A474045E04993B98D4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:35:39.0216 0x0ee0 spaceport - ok
22:35:39.0222 0x0ee0 [ FA225A488BD443F8707103D1569260EE, 0326ECCF9E1D6B7CCF76B05F894492FFF65931F73B0C3963041838DFEBD86DCF ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:35:39.0246 0x0ee0 SpbCx - ok
22:35:39.0287 0x0ee0 [ DCB356E8C3561A4D6CF128FFD3B9BB83, 8FFB3E26F40378984BA37D64822363363032BD82EE8FDBC253780BB0D921D27F ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:35:39.0349 0x0ee0 Spooler - ok
22:35:39.0639 0x0ee0 [ EAF4567F7BD43762C959EBCBF1BE90E2, 6F7C56079D715A9DE6E2E1EA88A5ADD77D7D43C5134D595E911939982454A8ED ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:35:39.0917 0x0ee0 sppsvc - ok
22:35:39.0964 0x0ee0 [ 171F2EC32EE6812DC8BFA83C73EC54E5, C2F1E651286B01E575348F0A28B34C98AD06C24B5DB61B7001C8E332F26C3A27 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:35:40.0018 0x0ee0 srv - ok
22:35:40.0036 0x0ee0 [ CB8EA447496A34170421D2DADBD35085, 5F4F9CBD6C7CC292A4B4DC4168FF336AAC4F42390D6CFD5F56A7E0BBF2251D3A ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:35:40.0104 0x0ee0 srv2 - ok
22:35:40.0119 0x0ee0 [ CB9C58EE0B356BB166DFD19DDC4E7CAA, 7966C2B796FE7D622EA815361565FE89F985A113E974B69435EE338C5D97F1E6 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:35:40.0150 0x0ee0 srvnet - ok
22:35:40.0193 0x0ee0 [ 2A8BA202D56C370505C56F8872555B9B, 2D1972F6E1C95123673F1C16E582399358FC6880BCA0670C293544D36F3C2BC2 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:35:40.0239 0x0ee0 SSDPSRV - ok
22:35:40.0285 0x0ee0 [ 5A59427FA6FB6C5250A9D171F32D699A, B227F2FC4AC5158EB151726064BDAD8618209BFF1C528A6C8A041EEB52B65AD3 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:35:40.0327 0x0ee0 SstpSvc - ok
22:35:40.0428 0x0ee0 [ 2BD4CCE7F96C1538DA6AB581F6D9D0BC, C172AC8510C5E2BC3191BD573838893279AB98CEBB95413CD6E779CFE03A307F ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
22:35:40.0541 0x0ee0 StateRepository - ok
22:35:40.0561 0x0ee0 [ D4379D5350797ED7E8DB376BA2607242, 4072D8A6A8E5DD1AFCB64C8E26507F76765F59F3251424902D63A187187D40C3 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:35:40.0584 0x0ee0 stexstor - ok
22:35:40.0630 0x0ee0 [ 283F6F6740C9F5DC72547C84AAA35487, 519649F3089653B15EA577A691FEFBADEAE9E852B3F2100D6EC521C606F7292F ] StiSvc C:\WINDOWS\System32\wiaservc.dll
22:35:40.0683 0x0ee0 StiSvc - ok
22:35:40.0722 0x0ee0 [ 39773B37FE454AF48616DBF2E31BFC06, BB013F922DE53AA4156D8F2688A1A9E78FDBA3A8590D41B0D4C4E3BF6B6AD5F6 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:35:40.0745 0x0ee0 storahci - ok
22:35:40.0755 0x0ee0 [ 691B26EA5058B6A2F49F5A36B0152971, E5A6F80D562B9699158973BA6CC59AC7FC14E743763A2CB4957D0B2A1CD6648D ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
22:35:40.0778 0x0ee0 storflt - ok
22:35:40.0800 0x0ee0 [ E34791E4376136F4BDD5332CBE99F3B6, 18F278D371D0363455E429DA98EAC2A8F80FCDE195EB448C289658F19FFF94BC ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:35:40.0824 0x0ee0 stornvme - ok
22:35:40.0829 0x0ee0 [ 1CE8E8A4855665DF9308A561A4D559F3, 6A2DF9A8FE98AAE8FA1EAF152C1857DF304165192A9994942C278D252F603517 ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
22:35:40.0871 0x0ee0 storqosflt - ok
22:35:40.0928 0x0ee0 [ 4CD092A1C74FD62BDC76BF09BA38C2BA, CB652D244EC583574F7574FB24C43CDE759235C8F7F442172CC8915428447AEC ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:35:40.0988 0x0ee0 StorSvc - ok
22:35:41.0029 0x0ee0 [ 2A3381FA0C3C0D52B8404F41CFCDA01D, BED8F9AA2116E15E10195ACE08E6CD66D32F6157B3872B6B26F6EC55DA12D72E ] storufs C:\WINDOWS\system32\drivers\storufs.sys
22:35:41.0067 0x0ee0 storufs - ok
22:35:41.0072 0x0ee0 [ 260D5CA9F7962ADE3AA3751DE212A14F, C0190E11379DF406808C82E70CC546CED7766C60DCB2FFB57ACB991C8F9205CF ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:35:41.0094 0x0ee0 storvsc - ok
22:35:41.0128 0x0ee0 [ D7F5C377D02F452BB1791C4B3FF7E635, 28BE92EE75294C23578E8693A531836548AA522A87DAD75CDE2FDE1BA156E4D8 ] svsvc C:\WINDOWS\system32\svsvc.dll
22:35:41.0156 0x0ee0 svsvc - ok
22:35:41.0276 0x0ee0 [ 4A3D2E2A4FDFA29F11034D1BB1996E77, 670B59F030F6342FAA396AC8F4E188002F58176022F64972748AB91F958E7468 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:35:41.0627 0x0ee0 swenum - ok
22:35:41.0843 0x0ee0 [ 40840B91147BAD0E949DDE3DCACF1B5E, ACE413F42BB47F2F196FF14EC9FD4559A761FA93E62D8A05B31087DDD5217184 ] swprv C:\WINDOWS\System32\swprv.dll
22:35:41.0951 0x0ee0 swprv - ok
22:35:41.0985 0x0ee0 [ 7859019D71C137D34FDC9A17608BE39A, 563030FEEB7035444392141BC289DCAEAAA3DFB98432D5DA6354B2B81BC41E87 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
22:35:42.0011 0x0ee0 Synth3dVsc - ok
22:35:42.0058 0x0ee0 [ B812100FF07F888B3CF0BADC01072004, 3407FB0A56F56E09F327EDE7994DBE51E3EC8C5284BB1FC2FF425883B1C4D8AE ] SysMain C:\WINDOWS\system32\sysmain.dll
22:35:42.0116 0x0ee0 SysMain - ok
22:35:42.0159 0x0ee0 [ 41F0148568EAF45C5765C51E3880C087, 04FD6C56EDD539875565136AEC7BEA49EDDA7BFA722885C95A9F1F629C213B1F ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:35:42.0188 0x0ee0 SystemEventsBroker - ok
22:35:42.0219 0x0ee0 [ FF785619E8F8C13A4D034C1C8B5D7573, A4D653C24C85F82255C0403F8A8AD75044328438D35C02831586C0E66F8CCD92 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:35:42.0242 0x0ee0 TabletInputService - ok
22:35:42.0253 0x0ee0 [ F9F665083E8658C49B9B28F11BE8C91D, 98BA6CA48117D241FD495CB17BBFC0CA2A0C012FC3E832D68CC5BCD62A12A0D5 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:35:42.0294 0x0ee0 TapiSrv - ok
22:35:42.0378 0x0ee0 [ 418BD058AAB6A6EF198325EE44522C65, EE8024971B16B8BDCBD1900C11F5811E398853611B0B600E14DB93F2BCE2DEF7 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:35:42.0485 0x0ee0 Tcpip - ok
22:35:42.0535 0x0ee0 [ 418BD058AAB6A6EF198325EE44522C65, EE8024971B16B8BDCBD1900C11F5811E398853611B0B600E14DB93F2BCE2DEF7 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
22:35:42.0634 0x0ee0 Tcpip6 - ok
22:35:42.0664 0x0ee0 [ 1F24546CD99E1860F567212ED3A9F29E, 78205A5737891F4CBAA5F9F002A921BE9011C9DDBAE6EDF2BC9F7077A117B194 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:35:42.0714 0x0ee0 tcpipreg - ok
22:35:42.0744 0x0ee0 [ 1683BCB69B9950CD8C97865F3EC6781E, 705818E09D34E0B3F06DFA7C5D9D14C6E8EE439E0DDB553D10789362CC728D19 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:35:42.0769 0x0ee0 tdx - ok
22:35:42.0783 0x0ee0 [ 8568FFB7D3932E6AA8A1465A00D4401E, 6FCB7EA0D191BF8BB84192D53F2849AA88F2F9DF882ABA6F1872C6CC40678DF8 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:35:42.0804 0x0ee0 terminpt - ok
22:35:42.0871 0x0ee0 [ 6717123F51A67EFCB9ADC38D2DE84F92, E1741DCB4A477CB8E479D2BA54D9036674164EA8660766478A2D547F4C5F2BC0 ] TermService C:\WINDOWS\System32\termsrv.dll
22:35:42.0922 0x0ee0 TermService - ok
22:35:42.0931 0x0ee0 [ 3115A1C9DC2FFDCA9BFDDA63198CB0D1, 9A35DD1E164055C6ABC0311729CEC4D7626101249CA06581C89F286B58DB4A9C ] Themes C:\WINDOWS\system32\themeservice.dll
22:35:42.0976 0x0ee0 Themes - ok
22:35:43.0053 0x0ee0 [ AA49272D3EB844FC2CB500BD9A6A2B77, 12981971395A91005FE0782687F06FB008D8E394E294E3930890FAA8018BEA95 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
22:35:43.0125 0x0ee0 TieringEngineService - ok
22:35:43.0163 0x0ee0 [ F121F916841F053FB3E0833EB1E04963, A92557D3C3534F355DAA71CAFD2770A44F3CA640CF628B83E527FB6BA60CBD09 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
22:35:43.0206 0x0ee0 tiledatamodelsvc - ok
22:35:43.0226 0x0ee0 [ 96048AFCC035AB28366D030495F84841, 90F6DDAB5B594E071119C7B4AB05E23DECD4ACA851A8CFA636153AF1A4722D13 ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
22:35:43.0250 0x0ee0 TimeBroker - ok
22:35:43.0274 0x0ee0 [ 87DD174258F870B575F085CEAFA5ED1F, 3980692ED0A1CCB3FDDAEE903B1A7FD427685F0DA9A1C1A88D6B9B4FE7C9A6B9 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
22:35:43.0303 0x0ee0 TPM - ok
22:35:43.0332 0x0ee0 [ 6707D96ECE7E447258AE713B4E18E93E, 0BBA089B227596F4032C09AB9C38DA164A60B0BF3C0A8329F4F648BD383D13BB ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:35:43.0362 0x0ee0 TrkWks - ok
22:35:43.0426 0x0ee0 [ 782FDC259016D0DF0925CBAD11FF3A96, 4332897BC39B517DBE7335AA6CB46298FCEFF1B264B68F2058579853C2A015F8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:35:43.0479 0x0ee0 TrustedInstaller - ok
22:35:43.0499 0x0ee0 [ 444DAD7C9DE8259CD33AA02E2DDF9F62, 7D1A1DAFF8B763160A804B3457CCCE1A2D35A1C8384C7E95C6945C9CF65916F8 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
22:35:43.0538 0x0ee0 TsUsbFlt - ok
22:35:43.0543 0x0ee0 [ 7A6A6B080CA2DC40EEF2C68F1D914B8B, E85B7884726CD08AAC88B9BA1CF2A03D50109AFE331EEB89D2524A7D580786C5 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:35:43.0559 0x0ee0 TsUsbGD - ok
22:35:43.0592 0x0ee0 [ E89451DADDC4AE9D85F4B1FE972BE74B, 1F5D85842CC54E94DD4BEB78E805EB182EF1D48230910573D7D879088149CA07 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
22:35:43.0625 0x0ee0 tunnel - ok
22:35:43.0667 0x0ee0 [ E2D88FB7452D9AD159B8C41122ACD94D, 6A89B5504A050A9FB7662D9121B5F4233851CDCD9B5763CAF933FA17AD1490BA ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
22:35:43.0702 0x0ee0 tzautoupdate - ok
22:35:43.0731 0x0ee0 [ 8B7CDE06707C9AF0C4934E4CC508695D, F2823A12015EDD8BBC7C89B8251AD13699BD5073EE8E352C73C9087A961A1F2C ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
22:35:43.0753 0x0ee0 uagp35 - ok
22:35:43.0758 0x0ee0 [ A8A7BDB2CB62FD7CE711CA16FB3451DF, B8CE0D15E7B1F59BDFB6CD6DF919438CCB086631B16A44F55E1D15B3FEFFC009 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:35:43.0782 0x0ee0 UASPStor - ok
22:35:43.0811 0x0ee0 [ 28972E6FEBC61ACFD4A83400D9A6058D, 4D230B8691AE1ED24BF30E1FA6334C2105C7708497E9D5C7EE14BB290793D877 ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
22:35:43.0850 0x0ee0 UcmCx0101 - ok
22:35:43.0865 0x0ee0 [ 93164F4C774847A6777ACE96C418E895, 74B4393538315F3E69CCCFE903502E6C1E27ACA4ECB6830A012C4CC987FE1C85 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
22:35:43.0893 0x0ee0 UcmUcsi - ok
22:35:43.0908 0x0ee0 [ 3DFFB0793F36A31165DAA464B09749BD, 4BDA0F505D2509ACD8666AF912A8B0C4C4F68854B3C0C8BB30F1642D174497FA ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
22:35:43.0940 0x0ee0 Ucx01000 - ok
22:35:43.0945 0x0ee0 [ F5944D42BB3E7C49762851A37475D24C, 5F06722348BAE079830E86545D70E20937BFD9520D54FE37E62C200BFCA8B83F ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
22:35:43.0982 0x0ee0 UdeCx - ok
22:35:44.0010 0x0ee0 [ DFAB94D2AA5BF219A603A94413F69D80, 67404C0E72EEE391AC7BF33B73AF3359816D4685A433E0606F9AE4C683EDE21F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:35:44.0067 0x0ee0 udfs - ok
22:35:44.0072 0x0ee0 [ B661E6B5B37135F597569CC2D379466B, 17C5A8504E816A8B4830EB215474F118715DB7E53B206E8FDD6AEA63AFFD5662 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:35:44.0093 0x0ee0 UEFI - ok
22:35:44.0115 0x0ee0 [ 929704A94D198C1C64A006238AABF8F5, 18EC90F83EE65547B47DE8714CEE40DB0AE053AD3F9D835B08A0D16A591BD7CC ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
22:35:44.0145 0x0ee0 Ufx01000 - ok
22:35:44.0175 0x0ee0 [ 75019BD006BEA3E4CB8619E58A834ED8, 55ECACB7B810528DADEB77AA30CAA8B97CBECDDC83EC3FDCD54E507CDBB0D922 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
22:35:44.0223 0x0ee0 UfxChipidea - ok
22:35:44.0243 0x0ee0 [ 76BD7CFECEB5C6217AA75D935EDB9BCB, A3262BABAE8A5ACACF8E474331DB8C00F5FF348A67EA9B001D0B4DA07A0EBF81 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
22:35:44.0270 0x0ee0 ufxsynopsys - ok
22:35:44.0297 0x0ee0 [ 04A986DB61D2E40A9AF177FA11990EBF, A7E220CD02D407C690A897727C52EBF6FA48F239D5FFB070C8DB1BC53A6BD9ED ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:35:44.0333 0x0ee0 UI0Detect - ok
22:35:44.0358 0x0ee0 [ 1F40A2F255499DB5A5949CD3F3BF4381, 9D586171ED2F6C3F02C0325279A487F78A4B43EA2B91656BA4A03F33B6D3646F ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
22:35:44.0382 0x0ee0 uliagpkx - ok
22:35:44.0387 0x0ee0 [ DBBCCAAA495D5FD25D75AC3535F89BD0, F905BD4330CE2FE68F5E6B8F3212A1C07C993AC72DC39F50FBE6260A005ACD0C ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:35:44.0414 0x0ee0 umbus - ok
22:35:44.0419 0x0ee0 [ 2C9342DB0106ECF032449E650E9616BD, B202690BE1DCC02F344625F65DFF53BD1B7B1001B405BB36DC44E331D034BEF9 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:35:44.0443 0x0ee0 UmPass - ok
22:35:44.0494 0x0ee0 [ 20634CBA169B149FB56F50F64E7891E7, 16261694DF7A7C06D620B9B5D1B51E5B35150AFE3946BD30E42508CDDC9950A4 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:35:44.0521 0x0ee0 UmRdpService - ok
22:35:44.0579 0x0ee0 [ 4B9DE8EAA2E16C34E018749F325BAEFF, DE576C7A397FC1A6388D38D7816244B72AE5FA2E35F819FBCBB5E7BAA24412DA ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
22:35:44.0635 0x0ee0 UnistoreSvc - ok
22:35:44.0687 0x0ee0 [ 39106986EB2AD2774DA8542C08304FF2, FAD137587AED00CD39A4CE1B2C603F42A26650E77B3C5A487034DECCA01B5BF2 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:35:44.0727 0x0ee0 upnphost - ok
22:35:44.0763 0x0ee0 [ BD0C12906FA5E5F87C6D0E253DB9F701, A556792DF50AAC472BF2903C9B887F43BC63C4B8BAE406F141B2CFB8E1FF1F70 ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
22:35:44.0785 0x0ee0 UrsChipidea - ok
22:35:44.0790 0x0ee0 [ CE109DD08D8F60EE1E126D5417F2CD58, F21D9123AAD6C75D155EFC643E07BF8F5AE059D7AD28959F77F79D097914100B ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
22:35:44.0814 0x0ee0 UrsCx01000 - ok
22:35:44.0819 0x0ee0 [ 443FC85BE4D5F257F46062FE58BB4E9D, 36CD1A71AC9928E58060D07D7C96A0F63139FBDB2E388B420AF5EDD7AD25E8C6 ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
22:35:44.0842 0x0ee0 UrsSynopsys - ok
22:35:44.0848 0x0ee0 [ 4FA616AA9336F4D59AD705FE2CD482B7, 4CBF7168EC7FB08885AC521EBDFC4072AE3655FBA0C3C4BBAC3AF7417EAE2E19 ] usbaudio C:\WINDOWS\system32\drivers\usbaudio.sys
22:35:44.0876 0x0ee0 usbaudio - ok
22:35:44.0908 0x0ee0 [ 0275FD8F5A518103E8DBF1EBE22DC0EF, 78315BC4091CB07D72B3729EE56ECE3670FAC5E19CE087F84FC88BEB848174CB ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:35:44.0934 0x0ee0 usbccgp - ok
22:35:44.0958 0x0ee0 [ 82FB879A28D64AC7177A6B8E06F27DD9, 1CA4C9FF5D086E5F26EA0630E3C23197D7C2F299EB72BADAE687563795BF5523 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:35:44.0987 0x0ee0 usbcir - ok
22:35:45.0024 0x0ee0 [ 82DDF3B4A7B321E3E27620CF68EE7C4F, 23E280E750F6024FB337EC71B30A553F4FCDDC8B2A6996C468CABE792B5404CB ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:35:45.0062 0x0ee0 usbehci - ok
22:35:45.0074 0x0ee0 [ 4BCA36149697A5BCBD27D462BDE88BFC, 1E1D3682B843DA18ECA991AFF135309044F205DB7BBF4F3304AD55FBFEB48367 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:35:45.0112 0x0ee0 usbhub - ok
22:35:45.0154 0x0ee0 [ 76E954267C5F2308BBECA6B3A3E604DC, 85F0A8F0B6AADE94F63EAB409A020E2490B1083A82628A2ECB5D4B8967EC570D ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:35:45.0193 0x0ee0 USBHUB3 - ok
22:35:45.0217 0x0ee0 [ 14683F2DD9ADD8CE06F2108F063455A6, 9CD0163EBBC19C7691C3D0B94F569CA58D0140FE865CB9A39849ED9341830E11 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:35:45.0249 0x0ee0 usbohci - ok
22:35:45.0269 0x0ee0 [ 05E3B01618985139A82EA0EC8719F977, 32E771E0819EE98D49B81C87A9E7AAD697B2F89B2348A6F3CFC491B047D474D3 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:35:45.0310 0x0ee0 usbprint - ok
22:35:45.0324 0x0ee0 [ B44E2C9B9C06B1DA0BAB833CBE191428, FADE110739D4AD7319BC981600F89A8C12843B9280B7ACB6994AF6990C4F28EC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
22:35:45.0354 0x0ee0 usbser - ok
22:35:45.0380 0x0ee0 [ F4CBC1587417F631BBDF941E19255478, D5F3290F9030AB4BC27B8863667247DDB2621195C1581D04D61ACC960D618EBF ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:35:45.0405 0x0ee0 USBSTOR - ok
22:35:45.0437 0x0ee0 [ C05F56A51DFB51CCA57AB586CF5463B8, 082863849F24D5B53343AE0E94C58EB75D7CA91D9886C4F6C9050ECFCA78B7DB ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:35:45.0471 0x0ee0 usbuhci - ok
22:35:45.0490 0x0ee0 [ 5895F92727C78EEB4DCC3B64C040A56C, B65B433C1AC2E0F6E7E45C0DB3CBC7402F6F1DEF386839686FCE6DE9864A49C6 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:35:45.0526 0x0ee0 USBXHCI - ok
22:35:45.0605 0x0ee0 [ F1109C488A877D56D53CA5EDB4CD5FCB, 4ACB418FF566351A3F7EE4F6FEF65CB76AD5F5A41C3FFF4B15736C34930AD3A0 ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
22:35:45.0670 0x0ee0 UserDataSvc - ok
22:35:45.0743 0x0ee0 [ 15CBF93FDCD9CA05C94FC83722E7F364, B207CC74AA213C4A93720A69872EA1F5A97253EEBCDAF218BDEEB57E9B8B7F7C ] UserManager C:\WINDOWS\System32\usermgr.dll
22:35:45.0800 0x0ee0 UserManager - ok
22:35:45.0840 0x0ee0 [ C58EE7F330BC2A99460F941133E26A42, B844D49BB81BB1F806A5F09FBB496D0B631F5968DC83C4D38E8CBA4D227DF7EB ] UsoSvc C:\WINDOWS\system32\usocore.dll
22:35:45.0879 0x0ee0 UsoSvc - ok
22:35:45.0888 0x0ee0 [ AC27D700DCEE3715249C9815A361B2BB, 81CD19D69A8A2D994EFB166A830C007317FD000262E3F0D7043CD9BB19BE6A5A ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:35:45.0904 0x0ee0 VaultSvc - ok
22:35:45.0924 0x0ee0 [ 50BB29EEAD014FE8D36E8B823C458A29, 174460BE8F26BF3890385E176991E599214BBC9B79C4C0B0C7E8AE5C260971D7 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:35:45.0948 0x0ee0 vdrvroot - ok
22:35:46.0011 0x0ee0 [ CF38EAD39528C9941A70B94E6F374111, 47569861C8D35765E235407DE573CACD811C5C0F432D923D51AF5ABCF9C59AD9 ] vds C:\WINDOWS\System32\vds.exe
22:35:46.0078 0x0ee0 vds - ok
22:35:46.0097 0x0ee0 [ 5E4D0F621C33316695E90F192DDD1104, 5E3A828A5ECEE3B582F6E1B2C48C7FFF82FDA7B22866BDFD504DF18E2F029294 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:35:46.0125 0x0ee0 VerifierExt - ok
22:35:46.0142 0x0ee0 [ 206348CFAA86E7D9AB34CA928E15F1C7, 5FEB1ED9C73CDF089AA24A0E2EB0A38F2E2A8E0E5C6577451333D06254D62A9D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:35:46.0187 0x0ee0 vhdmp - ok
22:35:46.0205 0x0ee0 [ 95DB34CBAAB29B81B47C317501EB7AAD, 9FDA121F2A8EAA94668604D8E640BD2DBF9F57B112BE07756569F23A041A67C3 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
22:35:46.0243 0x0ee0 vhf - ok
22:35:46.0259 0x0ee0 [ 878A9F6B1ECDBA9A8F1D56B0DDCDF456, E5E8E1BBF2E627E840432A59DFD14290D69711A47A49ED0F10A96500A22D3000 ] viaagp C:\WINDOWS\system32\drivers\viaagp.sys
22:35:46.0283 0x0ee0 viaagp - ok
22:35:46.0289 0x0ee0 [ 963E0592575BCCEAF1310BE36B3872B5, 2863EEDE974CA4C7F91363CBF09D58A4A7CD1A52FCF916F7660FC5434A586766 ] ViaC7 C:\WINDOWS\System32\drivers\viac7.sys
22:35:46.0319 0x0ee0 ViaC7 - ok
22:35:46.0326 0x0ee0 [ 990AD55A607CB947A15892C434212280, 2B43D26FFF6258A9FE98586ED3055BE6348822A2B2BC2286AB4C8D4D91BC3528 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:35:46.0351 0x0ee0 vmbus - ok
22:35:46.0356 0x0ee0 [ E3B6FCFB7896FC86702E76A03EE87F8F, 4E64E5FFC6BAFB2D4087AC2E69662AB904301DF84FA65780A25A08D211725E6B ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:35:46.0379 0x0ee0 VMBusHID - ok
22:35:46.0432 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:35:46.0463 0x0ee0 vmicguestinterface - ok
22:35:46.0475 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
22:35:46.0505 0x0ee0 vmicheartbeat - ok
22:35:46.0518 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:35:46.0549 0x0ee0 vmickvpexchange - ok
22:35:46.0560 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
22:35:46.0591 0x0ee0 vmicrdv - ok
22:35:46.0603 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
22:35:46.0632 0x0ee0 vmicshutdown - ok
22:35:46.0643 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
22:35:46.0672 0x0ee0 vmictimesync - ok
22:35:46.0691 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicvmsession C:\WINDOWS\System32\ICSvc.dll
22:35:46.0722 0x0ee0 vmicvmsession - ok
22:35:46.0734 0x0ee0 [ C53B8D3281D816C0CBD3A05113ED642B, 1B700653D1A42C9926747E406BFA2183DEE65B596533F12DD321FD6BB6212F88 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
22:35:46.0762 0x0ee0 vmicvss - ok
22:35:46.0824 0x0ee0 [ 69CC70090A6E765F539CC97765E55527, AFFE39096FF0AC0E783B670B07F524B979F6D25E7B1F09D0CFED26AF337CFCF9 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:35:46.0862 0x0ee0 volmgr - ok
22:35:46.0875 0x0ee0 [ D65C55174A16701AF39200A353AD2387, 30A5C8E4254A05034863234276B627A9CD41BEAF1861F708F95D58DAA0079897 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:35:46.0992 0x0ee0 volmgrx - ok
22:35:47.0004 0x0ee0 [ 2E5522E831E616B37F06908B7B56C3B3, 31D0A951695402FBB85BAA05106C8D242F57C9E8B87E759C4C40AA3CA44100CF ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:35:47.0042 0x0ee0 volsnap - ok
22:35:47.0050 0x0ee0 [ 72AECD924E0FC8E0241C1DEEA628F33A, D8A53B033AD5137DC3D40B4BB6B12E8E0273744E76EAFFBC4B73C2156A15AC92 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:35:47.0079 0x0ee0 vsmraid - ok
22:35:47.0455 0x0ee0 [ 3E838CC7A8F514B7E0885556CC0E8974, 613BEF322636EE3065B5C9768F3FC16C61747A5CC15F447F37651ACABE6E78F7 ] VSS C:\WINDOWS\system32\vssvc.exe
22:35:47.0600 0x0ee0 VSS - ok
22:35:47.0683 0x0ee0 [ 1F1AD54C55038FE642AAB73C94BC48EF, DE45B884F7B75EF8416019D0396667DE4EF363C19C64490A7357DB611D93027D ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:35:47.0765 0x0ee0 VSTXRAID - ok
22:35:47.0795 0x0ee0 [ 50F54817390D24C40FAEDA63358D4926, 20AAAB4E4A45320CB4D7FA47C3206A83DA77A3274A8CB110F0D59F137A3283EA ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:35:47.0841 0x0ee0 vwifibus - ok
22:35:47.0848 0x0ee0 [ 86040D1A0206B7776DC4984438288AF2, 9B847F327181CFC9E545EEC3D488B6C84D5078AC0CBDC79FF29F80393D13FD25 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
22:35:47.0877 0x0ee0 vwififlt - ok
22:35:47.0936 0x0ee0 [ 2001B4ADA5F1C36C6BFDED9CAA69AE0F, 5035C65F1A994A1B4E89BC077BCDC02B8C5234F9040B8E5F2C739835181FEF26 ] W32Time C:\WINDOWS\system32\w32time.dll
22:35:47.0988 0x0ee0 W32Time - ok
22:35:48.0007 0x0ee0 [ 4C10F9CAC332906B82B31313AA6C85B0, 5EA753A5B36081773AD44D2D5572D6B471EACD92381B6DDFEE5D3608E293DF95 ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:35:48.0033 0x0ee0 WacomPen - ok
22:35:48.0102 0x0ee0 [ 19E3EB287CEEF565A13071F20EA8FE9F, 847097772B099B7F7542991546E30B452E141BB96637A98267C1168010DC1411 ] WalletService C:\WINDOWS\system32\WalletService.dll
22:35:48.0157 0x0ee0 WalletService - ok
22:35:48.0164 0x0ee0 [ A6DC318DD7135250BCB7583E10F82E28, ECC2CD1FE8820567EFB8C74EE1086FD7AC05C185E7CD3B7A2BDF17DC90670298 ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:35:48.0194 0x0ee0 wanarp - ok
22:35:48.0202 0x0ee0 [ A6DC318DD7135250BCB7583E10F82E28, ECC2CD1FE8820567EFB8C74EE1086FD7AC05C185E7CD3B7A2BDF17DC90670298 ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:35:48.0232 0x0ee0 wanarpv6 - ok
22:35:48.0333 0x0ee0 [ FDEC36D4D8D4DF2D07323EC35222866A, 71D94DD5FFBFF125A1F49F942C317F55C16AA72025226A9E6FD9B44E1C149A3F ] wbengine C:\WINDOWS\system32\wbengine.exe
22:35:48.0425 0x0ee0 wbengine - ok
22:35:48.0491 0x0ee0 [ 9D0BD0FF21F86AE74245A50F657A9F77, 2969201990ED0B6F6FC02DAC3F50C4772FA092B9CB6A6BFF8E8B1E2E7BC0A2CC ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:35:48.0546 0x0ee0 WbioSrvc - ok
22:35:48.0580 0x0ee0 [ CC0126649EEB0D9751C01B1ADB661416, FBD0778239C7A6C065B3C999CF2BBBD18600ACF82E7CBC7AA6E697ACDE0BEFFC ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:35:48.0637 0x0ee0 Wcmsvc - ok
22:35:48.0712 0x0ee0 [ 5B669B6E60E6D5226B717AAB95DC54B3, 8963B111EEFAE689A1FF798E4EB192EF50F266172D06B27BE6A094A093FBC902 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:35:48.0763 0x0ee0 wcncsvc - ok
22:35:48.0769 0x0ee0 [ A29B811BCF499FDAE9200061351EAAE8, D4F6BF349E50CF5859A29AA9A8253099F863297C43BDE213ECB31FEB7DA19202 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:35:48.0797 0x0ee0 WcsPlugInService - ok
22:35:48.0819 0x0ee0 [ 9437CE842271C16F6CBF77BCF0EC189F, 1B9AEF233F711E2BCF05F2273EB07B2CC45AA6B4EE9141B760C45C447AEC8AB8 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:35:48.0842 0x0ee0 WdBoot - ok
22:35:48.0894 0x0ee0 [ 4DC928F02FA315F4B08A151F8F8A7CF8, E2750AB8DD43BB7D81C4B3FEFD234576A1B0C9139139BA922F284A645A1DD576 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:35:48.0941 0x0ee0 Wdf01000 - ok
22:35:48.0983 0x0ee0 [ 0CC824E96F998502830AC9AA6F5040BF, 793EF6E09230E04937A9B62DAF3101B4B23D8337959096C93F3EC47D084341F5 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:35:49.0016 0x0ee0 WdFilter - ok
22:35:49.0048 0x0ee0 [ ED90C144D3D69EFAA855FBD96EB9E1F4, 779D71FE3BE6CC30ED521930F213BF12A8BA5B06630EF6FA0737F01B104A0CF9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:35:49.0088 0x0ee0 WdiServiceHost - ok
22:35:49.0093 0x0ee0 [ ED90C144D3D69EFAA855FBD96EB9E1F4, 779D71FE3BE6CC30ED521930F213BF12A8BA5B06630EF6FA0737F01B104A0CF9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:35:49.0120 0x0ee0 WdiSystemHost - ok
22:35:49.0155 0x0ee0 [ 1DEB289EBBD469CB84C00DE95606B7B6, 81182478CBDB5512484EF546F1D0B3CBB752F82F391AC3FA0F517C909DC61D58 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
22:35:49.0209 0x0ee0 wdiwifi - ok
22:35:49.0232 0x0ee0 [ 9D2129AA0B3E8CAB551E80E729B5A059, DB09D5732BFDC91DAC612118BE8C76DCF266C84BC4E94DB20CE309966A3BDE84 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:35:49.0256 0x0ee0 WdNisDrv - ok
22:35:49.0329 0x0ee0 [ 9BC2396B659F78D4BC5DB3444E6DAE73, 7F739225FBBD7F03FF9A36E9BF6D6F5C5294B41DEECF8FD5B612DC261244CFBC ] WdNisSvc C:\Program Files\Windows Defender\NisSrv.exe
22:35:49.0355 0x0ee0 WdNisSvc - ok
22:35:49.0390 0x0ee0 [ 5E716E09E2886BDB7A8F7A3FFDE1DAF2, F11D85069702EBBC37A979022FAABA8A4BE132AF43836AAB5BAF3DA9301DCC4D ] WebClient C:\WINDOWS\System32\webclnt.dll
22:35:49.0421 0x0ee0 WebClient - ok
22:35:49.0434 0x0ee0 [ CC8EF23C16E2151550365D87DA7DE621, E6A102B5162CFD42E7CBA8DF0AE88334E08414F88A40D9A01AAE4C5ED56A9F1E ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:35:49.0461 0x0ee0 Wecsvc - ok
22:35:49.0467 0x0ee0 [ 2A6F65503E7B8A6799E55A685BC40843, AEB1436A79697558FF9B5678F6D44E975EB8CE1DA0FBA21B0DFEA971A8FEFA87 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:35:49.0500 0x0ee0 WEPHOSTSVC - ok
22:35:49.0527 0x0ee0 [ 04F92721FB7685E7A47DF87CFD4A4E75, 24907DB5415F35C7FDC4FED46B62A59EF6DB822265F38E59C3E2674F66F6E460 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:35:49.0568 0x0ee0 wercplsupport - ok
22:35:49.0588 0x0ee0 [ A99B2649CA876E74690A95D83C46FA71, 1C77C93D49E95009276E3A57490C19A467261BCB2D22648EE9B43E3BC2F7EE8D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:35:49.0616 0x0ee0 WerSvc - ok
22:35:49.0643 0x0ee0 [ 4908DA33D0EBE5868706F0205B241C3B, C6929F4E06F74C7EB8331FEB680A23D65E365A09E0B0A8926E4847F9DA17CC1B ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
22:35:49.0667 0x0ee0 WFPLWFS - ok
22:35:49.0693 0x0ee0 [ 0F5A70E6FF566CEC1AB05037D4597A4D, CEB563ACA31F06BC2EEFD7532C7C855836AE06DCAEF5D3A9D6AA6A0EC7BA1531 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:35:49.0728 0x0ee0 WiaRpc - ok
22:35:49.0744 0x0ee0 [ 9E649CA7603DFE8ABB69568524A616BF, 3A0583080445D5A109EABC3B32679FB4800A2D5DDED69AA8DD2978660FDC68DB ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:35:49.0767 0x0ee0 WIMMount - ok
22:35:49.0794 0x0ee0 [ FF29F4C0ADCC2B177C3CC6E4497D2259, 2D967E7DDFA41BF2189FC5C9D8A024D7BC01DC03CFDFD2A211293ACEEE8D97C2 ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
22:35:49.0806 0x0ee0 WinDefend - ok
22:35:49.0838 0x0ee0 [ D12B86DACE4F869F17DBFF9D7D6FB10F, 92F4B77FE89B605FB5A8D637A1B1E94E29E0380E678369B3A66843262A733B6D ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
22:35:49.0867 0x0ee0 WindowsTrustedRT - ok
22:35:49.0871 0x0ee0 [ E0AC5561C8DD901E34F0B58A509E6049, D3395E7A72FFAA1CD0E1A4DCF7C85824C03E4A964CDFB330B0966F8CBDCAD4B7 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
22:35:49.0894 0x0ee0 WindowsTrustedRTProxy - ok
22:35:49.0949 0x0ee0 [ 53F74B2F4AEA9C6A7BB9DABDCC3C7431, 7B2DEE3CCB01D6F289D6DDC19CFBCB9972B63C258CC118C7837B7476132D5A21 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:35:50.0009 0x0ee0 WinHttpAutoProxySvc - ok
22:35:50.0191 0x0ee0 [ A76997539BAA7A48F2AB39AC4831FA65, 193FCFF9209B6C2F1B466947D2C5A7E5ECB3D91988ADEED46608EDD8D3E7ED8E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:35:50.0249 0x0ee0 winmgmt - ok
22:35:50.0353 0x0ee0 [ B4C037FE2596070442F6433188A48987, E68A5AC58B21B3E0806389C5CE8FE005B569111736BF561455E8074D62FE2FED ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:35:50.0463 0x0ee0 WinRM - ok
22:35:50.0483 0x0ee0 [ 131719A42F88CD20E6341C65A918AD3B, AE1A6EA0BE00EEB9280737272B47D6A7F9420D0B25CC376541D6014DFE3781B9 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
22:35:50.0509 0x0ee0 WINUSB - ok
22:35:50.0622 0x0ee0 [ 0CDCD193CA336239F987E234DE8E574E, CE59161E5ECD32AAC9513328987F34343F21E018A2C0CB8C09490F821B78C700 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:35:50.0717 0x0ee0 WlanSvc - ok
22:35:50.0828 0x0ee0 [ 973E60E30EA0364525DC5F359CB061EA, C8D876B8B2C2ACE545FB71DEE3E61453249D917104315896962AB6E60F58B586 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:35:50.0934 0x0ee0 wlidsvc - ok
22:35:50.0993 0x0ee0 [ 013D1BA8ECA6EC3F07E261EA27F12C33, 88E78ED01E3F6969943E0753D93323C491635BA04DD2AF37247846FE11436F86 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:35:51.0032 0x0ee0 WmiAcpi - ok
22:35:51.0101 0x0ee0 [ 2D23F04B0F2CB5E801F1F8068DBAF846, A8684583F43B9C175DF67E815E316F26E381B5781633969D80A4F6B8BB4385F6 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:35:51.0161 0x0ee0 wmiApSrv - ok
22:35:51.0269 0x0ee0 [ 354D8059C416FB458B2067B8806B4411, 46C1626ACA7E7411E1C04DFEDCD263891E59FEB051447ED11B7F64D4F65F6873 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:35:51.0344 0x0ee0 WMPNetworkSvc - ok
22:35:51.0366 0x0ee0 [ FD5BC5B3215BABB14F58846659B8F3E9, 2FFDBF7D020288925C0BD2FF99D02F213A5496E8642A603FF30E292AD0A9DE93 ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:35:51.0394 0x0ee0 Wof - ok
22:35:51.0469 0x0ee0 [ 04D880EA0488B6FA7943D5B0652585BB, 707F21F691A0812D5CFCE22EAF29114DE445B3FF4B8D2BC236C73D075A0C8479 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:35:51.0553 0x0ee0 workfolderssvc - ok
22:35:51.0588 0x0ee0 [ 89A5B1F5BC56D9B2D4EFD930806D74EA, 49B011AF335FECDAA49C4E8C2020422764DF49475E0CB4DC9427D6CFFBB17E78 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:35:51.0610 0x0ee0 wpcfltr - ok
22:35:51.0635 0x0ee0 [ C523201E8C11F6A4F6C6A23B64F0A38D, D8A5DA3F5559FDBD7898DE12078855F2A412003C577C02EB190906963DE46218 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:35:51.0673 0x0ee0 WPDBusEnum - ok
22:35:51.0688 0x0ee0 [ E2CAC0E886E5DE934794E1BF9E241397, E64C7EC432168A2577F70F094DE5C199DFED899784E3062A8EC467FC1739C923 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:35:51.0710 0x0ee0 WpdUpFltr - ok
22:35:51.0744 0x0ee0 [ 290C9982E976C95CC05FA96F37781E9A, 17B6688AE0A02994F5EAF571019F3BD582A3D55DA0E40C44C348D913E3E0A413 ] WpnService C:\WINDOWS\system32\WpnService.dll
22:35:51.0786 0x0ee0 WpnService - ok
22:35:51.0819 0x0ee0 [ 9EA6A73D56202174FA6BB091770ADB6C, 57A599245BCA7A2D475AD2A4A09369C1E914EFC68C3B577FF41D87DFFB5680E9 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:35:51.0852 0x0ee0 ws2ifsl - ok
22:35:51.0970 0x0ee0 [ 38AE24B1BB6C1D67ED81E63951B781FC, 7F0A909858EF4DD6005F1A0B0ABA18AEE6616F9A59F3C131D7176E0F8E961F85 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:35:52.0064 0x0ee0 wscsvc - ok
22:35:52.0070 0x0ee0 WSearch - ok
22:35:52.0190 0x0ee0 [ B32BB2A3CCB0C2035C52141137838C1D, B58EE2945B638B9046C55671C0B97B2144A5B798FF7076F8E0570625DDAFE886 ] WSService C:\WINDOWS\System32\WSService.dll
22:35:52.0292 0x0ee0 WSService - ok
22:35:52.0412 0x0ee0 [ 82E93E910814350889F76D23AE07FA17, 975DAB3259807259F420D2387A4A6FEF38DADE4CDDAD989291DC7A11A8AD60D2 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:35:52.0514 0x0ee0 wuauserv - ok
22:35:52.0559 0x0ee0 [ CD8E310F1D88BD14F6D52664BBDD2367, C4E9BDCF5AA65342A17188B72F05D17B2AEBEF69D05CBF729EB271D3B458615B ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:35:52.0608 0x0ee0 WudfPf - ok
22:35:52.0615 0x0ee0 [ EB34555DC8E1A35054499D43C727B99F, AA3FA113FDFA1B359312953E8309643E0990FDAA385FEA14401A535D3DB426EB ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
22:35:52.0650 0x0ee0 WUDFRd - ok
22:35:52.0673 0x0ee0 [ 5F670944322733FAFCC5775D52F49CFF, 138F7ECB4FEAB7D4583B8E0618C995F9DC04EFDB97914059C7639FF31EA5617A ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:35:52.0697 0x0ee0 wudfsvc - ok
22:35:52.0716 0x0ee0 [ EB34555DC8E1A35054499D43C727B99F, AA3FA113FDFA1B359312953E8309643E0990FDAA385FEA14401A535D3DB426EB ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:35:52.0749 0x0ee0 WUDFWpdFs - ok
22:35:52.0796 0x0ee0 [ 0DB3E3B7675CA296243902626931C46A, 7270752D00A44CEF6C4C848A083C7CDE8228BBBBCDAECC4CD155EE8269F7F22D ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:35:52.0853 0x0ee0 WwanSvc - ok
22:35:52.0908 0x0ee0 [ 4D6EC171CBC82E0744F5D53BC2A7D33C, 52667F5766D14210F8BEFEBB8439E242252A21F2D65CC211337AA20EB06496AF ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
22:35:52.0963 0x0ee0 XblAuthManager - ok
22:35:53.0008 0x0ee0 [ 22BF976C2B9E74378AE5A0616ADCEB4B, 6545455A8FE3F04D1A3C63C8C70554900C72CE955DA9E8779064B3605E711EA2 ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
22:35:53.0084 0x0ee0 XblGameSave - ok
22:35:53.0148 0x0ee0 [ 2423043FACA29FD128F7E06FDF40DE93, 45EABDB752124BC4F8EF2D603814B54E81DD6B9DB190632A5D06714CC6BC1C89 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
22:35:53.0213 0x0ee0 xboxgip - ok
22:35:53.0276 0x0ee0 [ 0604004E6311491796A8586846B9B929, 65351AF4453A1CAF22E87594C273CF9C4A5AC063D2C90297145DD03882EDD3AF ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
22:35:53.0340 0x0ee0 XboxNetApiSvc - ok
22:35:53.0360 0x0ee0 [ A277AF18E4AB00E3E29F23D8EA2B1C63, 358120A6CBF8280D306A9B373EA66CEE99CDC648921B55B29C0E2F8DB2E47380 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
22:35:53.0386 0x0ee0 xinputhid - ok
22:35:53.0388 0x0ee0 ================ Scan global ===============================
22:35:53.0426 0x0ee0 [ 1AAB625120072DEFCF892910B8B9B70C, 6C4DD4C38D32228D0259EC4D2CFBB23759F3DDD662BE48AA03FF59FF2EBE5125 ] C:\WINDOWS\system32\basesrv.dll
22:35:53.0467 0x0ee0 [ 4A783017FE4004231BE3EC9737EBACF1, 708DA853397C2BFE3C957021E60CB8BFC6520A9FE68A83A55587A4696824A25E ] C:\WINDOWS\system32\winsrv.dll
22:35:53.0488 0x0ee0 [ C499C38DEB5FC8239B08531A7326E405, 4306E649F2E1C791D8FD78ADF8EDCC68D4D8D4F9DEFCF5EEB2C120BBF92B89EF ] C:\WINDOWS\system32\sxssrv.dll
22:35:53.0549 0x0ee0 [ 0B202554398DBFDEE5777CDC2E6C8254, 267EB2F51CD5F62B7E879ED68DC8855770057F02DF874D275560EEB9432CB1F9 ] C:\WINDOWS\system32\services.exe
22:35:53.0561 0x0ee0 [ Global ] - ok
22:35:53.0562 0x0ee0 ================ Scan MBR ==================================
22:35:53.0584 0x0ee0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:35:54.0215 0x0ee0 \Device\Harddisk0\DR0 - ok
22:35:54.0220 0x0ee0 [ 017E003AB27B155B3A606EB18257FC5D ] \Device\Harddisk2\DR2
22:35:54.0403 0x0ee0 \Device\Harddisk2\DR2 - ok
22:35:54.0404 0x0ee0 ================ Scan VBR ==================================
22:35:54.0408 0x0ee0 [ EE6D6B6CBCAB74201B9358A8807A99F5 ] \Device\Harddisk0\DR0\Partition1
22:35:54.0441 0x0ee0 \Device\Harddisk0\DR0\Partition1 - ok
22:35:54.0442 0x0ee0 ================ Scan generic autorun ======================
22:35:54.0808 0x0ee0 [ 1688A0B6B967A81364BDC3AFFA865C9C, D7EAC046BF37016050900AEAEB55D5FA68C314C40057D623503A041264876CC4 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:35:54.0979 0x0ee0 AvastUI.exe - ok
22:35:55.0053 0x0ee0 [ 60D66CEB34E0F631C206423CEFE35FDB, B29510DF9945E2BCCF1D9EA4004D0A848E4DEF78514CC67DC674829758ECF9E4 ] C:\WINDOWS\system32\igfxtray.exe
22:35:55.0075 0x0ee0 IgfxTray - ok
22:35:55.0082 0x0ee0 [ 2308A07BD53235EC6A0640DE5E58BAE7, F5AC244B276ABBE25B69F178F5CCB32ABCBCCAF358CCB0DD33D39074E84BBADF ] C:\WINDOWS\system32\hkcmd.exe
22:35:55.0095 0x0ee0 HotKeysCmds - ok
22:35:55.0102 0x0ee0 [ BD7D0E6082E90D3AE3676548F64A8251, 7DA6C08692953A0BCEA86E32F02A01A025E6996B7001D332CB543EE7E2E4B41C ] C:\WINDOWS\system32\igfxpers.exe
22:35:55.0114 0x0ee0 Persistence - ok
22:35:55.0423 0x0ee0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\System32\OneDriveSetup.exe
22:35:55.0603 0x0ee0 OneDriveSetup - ok
22:35:55.0939 0x0ee0 [ 88F8A731DEA7F49D92F84A0A77C5CC67, 030458922DA43AAF6C95EC430860A73032616851E03E58170F71E918720717CB ] C:\Windows\System32\OneDriveSetup.exe
22:35:56.0112 0x0ee0 OneDriveSetup - ok
22:35:56.0311 0x0ee0 [ CC436BB2A26391F3DEBE316F6FB0474F, 2DA63827AD1449CA5F2888ADFA9645F1EAF8B39D26EC214441EE80F3A56E6E72 ] C:\Users\Stefan\AppData\Local\Microsoft\BingSvc\BingSvc.exe
22:35:56.0347 0x0ee0 BingSvc - ok
22:35:56.0396 0x0ee0 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Stefan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:35:56.0427 0x0ee0 OneDrive - ok
22:35:56.0444 0x0ee0 Waiting for KSN requests completion. In queue: 46
22:35:57.0444 0x0ee0 Waiting for KSN requests completion. In queue: 46
22:35:58.0445 0x0ee0 Waiting for KSN requests completion. In queue: 46
22:35:59.0646 0x0ee0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
22:35:59.0647 0x0ee0 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
22:35:59.0648 0x0ee0 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41010 ( enabled )
22:36:02.0078 0x0ee0 ============================================================
22:36:02.0078 0x0ee0 Scan finished
22:36:02.0078 0x0ee0 ============================================================
22:36:02.0094 0x15b4 Detected object count: 0
22:36:02.0094 0x15b4 Actual detected object count: 0
|
|
05.06.2016, 21:45
| #4 |
| /// Malwareteam | Windows 10 Troyaner hat Festplatte gesperrt Hi, von der Datenträgerverwaltung, wo die Harddisk 2 angezeigt wird. |
|
05.06.2016, 22:06
| #5 |
| | Windows 10 Troyaner hat Festplatte gesperrt Bitteschön, bei rechtsklick auf Datenträger 2 ist alles Grau hinterlegt ausser "Volume löschen"  |
|
05.06.2016, 22:48
| #6 |
| /// Malwareteam | Windows 10 Troyaner hat Festplatte gesperrt Hi, ich seh da in den Logs eigentlich nichts auffälliges. Aber wir machen Sicherheitshalber noch einen MBAM-Scan. Lade dir, falls nicht schon vorhanden,  Malwarebytes Anti-Malware herunter, installiere und starte es.
__________________ --> Windows 10 Troyaner hat Festplatte gesperrt |
|
06.06.2016, 07:41
| #7 |
| | Windows 10 Troyaner hat Festplatte gesperrt Guten morgen Dennis, danke für deine Antwort. Ich habe den Scan mit Malwarebytes gemacht. Wie ist das da, untersucht Malwarebytes auch die externe Festplatte oder nur C: ? Ich habe da nichts gefunden dass man da was auswählen könnte. Weil ich ja die betroffene Platte gerade als externe angeschlossen habe. Hier nun das Logfile Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 06.06.2016 Suchlaufzeit: 08:01 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.06.05.06 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x86 Dateisystem: NTFS Benutzer: Stefan Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 273850 Abgelaufene Zeit: 34 Min., 42 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) |
|
06.06.2016, 10:31
| #8 |
| /// Malwareteam | Windows 10 Troyaner hat Festplatte gesperrt Hi, wenn Windows nicht auf die Festplatte zugreifen kann dann können das Tools auch nicht. Malware seh ich zumindest keine. Sind auf der Festplatte wichtige Daten drauf? |
|
06.06.2016, 21:35
| #9 |
| | Windows 10 Troyaner hat Festplatte gesperrt Hi Dennis, ja ich hätte gerne die Daten darauf wieder....wichtige Arbeiten usw. Meinste die Platte ist Tot? Liebe Grüße von Stefan |
|
06.06.2016, 21:48
| #10 |
| /// Malwareteam | Windows 10 Troyaner hat Festplatte gesperrt Hi, könnte sein, dass die nicht mehr will... Versuch mal die Daten mit Linux zu wiederherstellen: https://www.youtube.com/watch?v=Z1l-O72c51w |
|
08.06.2016, 21:08
| #11 |
| | Windows 10 Troyaner hat Festplatte gesperrt Hallo Dennis, also mit Linux kommt man an die Festplatte ran aber nicht an die Dateien die drauf sind. Schade Das einzige was in der Datenträgerverwaltung mit rechtsklick auf die Partition ging war "Volume löschen". Das habe ich gemacht und danach mit "neues einfaches Volume " neu gemacht. Das ging aber nur unter Linux. Jetzt ist die Platte nicht mehr gesperrt und Schreibgeschützt und hat auch wieder einen Laufwerksbuchstaben. Dafür ist sie gaaaaanz leeeeer. Danke für deine Hilfe und ein schönes bevorstehendes WE Gruß von Stefan Geändert von Stefan# (08.06.2016 um 21:18 Uhr) |
|
10.06.2016, 18:35
| #12 |
| /// Malwareteam | Windows 10 Troyaner hat Festplatte gesperrt Schade, dass die Daten weg sind. Dir auch ein schönes Wochenende! |
|
| Themen zu Windows 10 Troyaner hat Festplatte gesperrt |
| antivirus, besitzer, cpu, defender, desktop, error, festplatte, firefox, gesperrt, helper, homepage, hängen, installation, internet, mozilla, prozesse, registry, rundll, scan, security, services.exe, software, svchost.exe, system error, trojaner, windows, windowsapps |
Linear-Darstellung
