Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Log-Analyse und Auswertung: Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 3 1 23
Alt 27.11.2016, 16:24   #1
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Hallo Gemeinschaft,

ich eröffnete ein Thema in "Alles rund um Windows" ( http://www.trojaner-board.de/183166-...orhnanden.html ) und wurde von Larusso hierher verwiesen.

Mein Problem wurde durch ihn gelöst, er bat mich aber darum, hier noch mal vorbei zu schauen und meine Logs zu posten um eventuelle Schädlinge zu beseitigen.

Vorab danke ich schon mal für eure Hilfe :-)
Ich möchte das Thema nicht mit lauter Logs vollklatschen, deswegen ist meine erste Frage, welche Logs werden zu Beginn benötigt?

Alt 27.11.2016, 16:44   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________
Alt 27.11.2016, 16:49   #3
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2016
durchgeführt von Unaton (Administrator) auf UNATON-PC (27-11-2016 16:45:28)
Gestartet von C:\Users\Unaton\Desktop
Geladene Profile: Unaton (Verfügbare Profile: Unaton)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices) C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() E:\Programme\Everything\Everything.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() E:\Programme\Lexmark\ErrorApp\lmab1err.exe
(Piriform Ltd) E:\Programme\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Elaborate Bytes AG) E:\Programme\VirtualCloneDrive\VCDDaemon.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() E:\Programme\Everything\Everything.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Unaton\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\rzcefrenderprocess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
() C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [596640 2016-10-31] (Razer Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-06-15] (Intel Corporation)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25673776 2016-11-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => E:\Programme\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [Everything] => E:\Programme\Everything\Everything.exe [1048576 2014-08-06] ()
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [51984 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc)
HKLM-x32\...\RunOnce: [CleanUp RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzInstallerDeletion.vbs
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1822984931-598836370-3667297496-1000\...\Run: [CCleaner Monitoring] => E:\Programme\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-1822984931-598836370-3667297496-1000\...\Run: [LMab1err] => E:\Programme\Lexmark\ErrorApp\LMab1err.exe [645296 2012-08-07] ()
HKU\S-1-5-21-1822984931-598836370-3667297496-1000\...\Run: [Steam] => E:\Programme\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
ShellExecuteHooks:  - {C971608C-A5AE-11E6-B1F9-64006A5CFC23} - C:\Users\Unaton\AppData\Roaming\Pluqusnemution\Vigering.dll Keine Datei [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-11-07] (Dropbox, Inc.)
Startup: C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2016-02-28] ()
GroupPolicyScripts: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.01 		register.waves.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D2946E84-A362-4029-AE8D-AF3246FAFB92}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1822984931-598836370-3667297496-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1822984931-598836370-3667297496-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1822984931-598836370-3667297496-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1822984931-598836370-3667297496-1000 -> {4C915CC5-2791-4BE2-A509-076A19124D2A} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Programme\Java\bin\ssv.dll [2016-01-14] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Programme\Java\bin\jp2ssv.dll [2016-01-14] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\3beWkU4I.default\Profiles\3beWkU4I.default [nicht gefunden]
FF ProfilePath: C:\Users\Unaton\AppData\Roaming\Firefox\Firefox\naweriweentcofise\Profiles\3beWkU4I.default\Profiles\3beWkU4I.default [nicht gefunden]
FF ProfilePath: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\3beWkU4I.default [2016-11-27]
FF Homepage: Mozilla\Firefox\Profiles\3beWkU4I.default -> hxxps://www.google.de/webhp?ie=utf-8&oe=utf-8&gws_rd=cr&ei=K32XVq7EEMWCO87MucgD
FF Extension: (Adblock Plus) - C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\3beWkU4I.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Mozilla\Firefox\Profiles\3beWkU4I.default\searchplugins\yahoo-ysp.xml [2016-01-14]
FF ProfilePath: C:\Users\Unaton\AppData\Roaming\Firefox\Firefox\Profiles\3beWkU4I.default [2016-11-25]
FF Homepage: Firefox\Firefox\Profiles\3beWkU4I.default -> hxxps://www.google.de/webhp?ie=utf-8&oe=utf-8&gws_rd=cr&ei=K32XVq7EEMWCO87MucgD
FF Extension: (Adblock Plus) - C:\Users\Unaton\AppData\Roaming\Firefox\Firefox\Profiles\3beWkU4I.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-23]
FF SearchPlugin: C:\Users\Unaton\AppData\Roaming\Firefox\Firefox\Profiles\3beWkU4I.default\searchplugins\yahoo-ysp.xml [2016-01-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_207.dll [2016-11-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_207.dll [2016-11-15] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> E:\Programme\Java\bin\dtplugin\npDeployJava1.dll [2016-01-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> E:\Programme\Java\bin\plugin2\npjp2.dll [2016-01-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.trotux.com/search/?q={searchTerms}&z=2eb6e53199e3e4ce0671e10gfzdm0t2z0gdcct2tbe&from=isr&uid=SamsungXSSDX850XEVOX250GB_S21PNXCG971302V&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> trotux
CHR Profile: C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-11-26] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-16]
CHR Extension: (Google Docs) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-16]
CHR Extension: (Google Drive) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-16]
CHR Extension: (YouTube) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-16]
CHR Extension: (SlitherPlus - Zoom, Skin Creator, Mod,  Bots) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cpbghpalffgmgocmnigfhalghmaemffo [2016-11-24]
CHR Extension: (Slither.io Skins, Mods, Hack & Guide) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dggomkijbihggjgcgdbnleolpleddaid [2016-07-16]
CHR Extension: (Google Tabellen) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-07-16]
CHR Extension: (Google Docs Offline) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-07-16]
CHR Extension: (Google Mail) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-16]
CHR Extension: (Chrome Media Router) - C:\Users\Unaton\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-11-15] (Advanced Micro Devices) [Datei ist nicht signiert]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-07-23] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-07-23] () [Datei ist nicht signiert]
R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-08-29] (Chip Digital GmbH) [Datei ist nicht signiert]
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-11] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-11] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [42096 2016-11-07] (Dropbox, Inc.)
R2 Everything; E:\Programme\Everything\Everything.exe [1048576 2014-08-06] () [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [55056 2016-11-18] (Copyright (c) 2016 Plays.tv, LLC)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [189264 2016-09-25] ()
S2 Reijiied; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S2 Reijiied; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 amdacpksd; C:\Windows\system32\drivers\amdacpksd.sys [305544 2016-11-15] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [471496 2015-05-19] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31144 2015-06-22] (Intel Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-27] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [178976 2015-07-07] (Intel Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [44144 2016-09-17] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [130880 2015-12-14] (Razer, Inc.)
S3 usbser; C:\Windows\SysWOW64\DRIVERS\USBSER.sys [25600 2014-05-13] (Microsoft Corporation) [Datei ist nicht signiert]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dbx; system32\DRIVERS\dbx.sys [X]
S3 DIRECTIO; \??\E:\PerformanceTest\DirectIo64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-26 21:29 - 2016-11-26 21:48 - 00000016 _____ C:\Users\Unaton\AppData\Roaming\msregsvv.dll
2016-11-26 21:19 - 2016-11-26 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2016-11-26 17:43 - 2016-11-27 16:08 - 00022337 _____ C:\Users\Unaton\Desktop\FRST.txt
2016-11-26 17:43 - 2016-11-27 16:07 - 00000000 ____D C:\FRST
2016-11-26 17:42 - 2016-11-26 17:42 - 02412032 _____ (Farbar) C:\Users\Unaton\Desktop\FRST64.exe
2016-11-26 16:22 - 2016-11-26 16:22 - 00048983 _____ C:\Users\Unaton\Desktop\bookmarks-2016-11-26.json
2016-11-26 14:41 - 2016-11-26 14:41 - 00302208 _____ C:\Users\Unaton\Desktop\AUFBAU - Religionsklausur.pdf
2016-11-26 11:11 - 2016-11-26 11:11 - 00899584 _____ (Farbar) C:\Users\Unaton\Desktop\FSS.exe
2016-11-25 23:49 - 2016-09-17 02:12 - 00044144 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2016-11-25 20:21 - 2016-11-25 22:00 - 00314184 _____ C:\Windows\ntbtlog.txt
2016-11-25 19:16 - 2016-11-25 19:16 - 00027735 _____ C:\ComboFix.txt
2016-11-25 19:08 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2016-11-25 19:08 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2016-11-25 19:08 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-11-25 19:08 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-11-25 19:08 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-11-25 19:08 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2016-11-25 19:08 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2016-11-25 19:08 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2016-11-25 19:03 - 2016-11-25 19:16 - 00000000 ____D C:\Qoobox
2016-11-25 19:02 - 2016-11-25 21:53 - 00000000 ____D C:\Windows\erdnt
2016-11-25 17:34 - 2016-11-26 13:06 - 00000000 ____D C:\Users\Unaton\Desktop\AUFRÄUMEN
2016-11-25 15:36 - 2016-11-27 15:23 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\Everything
2016-11-24 16:40 - 2016-11-24 16:40 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\Firefox
2016-11-24 16:40 - 2016-11-24 16:40 - 00000000 ____D C:\Users\Unaton\AppData\Local\Firefox
2016-11-24 16:39 - 2016-11-25 21:53 - 00000000 ____D C:\Windows\system32\log
2016-11-22 15:55 - 2016-11-22 15:55 - 00000000 ____D C:\Program Files (x86)\bu3xm9fo
2016-11-18 16:20 - 2016-11-18 16:20 - 00000000 ____D C:\Program Files\kdoaa
2016-11-18 16:20 - 2016-11-18 16:20 - 00000000 ____D C:\Program Files (x86)\rp5tz8dn
2016-11-17 21:34 - 2016-11-27 15:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-11-17 21:33 - 2016-11-25 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-11-17 21:33 - 2016-11-25 18:12 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-11-17 21:33 - 2016-11-17 21:33 - 00001102 _____ C:\Users\Unaton\Desktop\ Malwarebytes Anti-Malware .lnk
2016-11-17 21:33 - 2016-11-17 21:33 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-17 21:33 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-11-17 21:33 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-11-17 21:33 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-11-17 21:28 - 2016-11-25 18:12 - 00000000 ____D C:\AdwCleaner
2016-11-17 21:20 - 2016-11-25 18:12 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-17 21:20 - 2016-11-17 21:20 - 00000000 ____D C:\ProgramData\Avg
2016-11-17 21:19 - 2016-11-25 18:12 - 00000000 ____D C:\Windows\system32\SSL
2016-11-17 21:19 - 2016-11-25 18:12 - 00000000 ____D C:\Program Files (x86)\Girerght
2016-11-17 21:19 - 2016-11-17 21:19 - 00000000 ____D C:\Users\Unaton\AppData\Local\Anifesh
2016-11-17 21:04 - 2016-11-17 21:04 - 00000000 ____D C:\Users\Unaton\AppData\Local\PaceAP
2016-11-16 21:04 - 2016-11-27 15:28 - 00000000 ____D C:\Users\Unaton\AppData\LocalLow\Mozilla
2016-11-16 18:23 - 2016-11-16 18:23 - 00000651 _____ C:\Users\Unaton\Desktop\VASSAL 3.2.16.lnk
2016-11-16 15:11 - 2016-11-25 21:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-11-15 22:21 - 2016-11-15 22:21 - 10977392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2016-11-15 22:21 - 2016-11-15 22:21 - 09981352 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 08847888 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 07213248 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00151056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2016-11-15 22:20 - 2016-11-15 22:20 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2016-11-15 22:19 - 2016-11-15 22:19 - 00145400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2016-11-15 22:19 - 2016-11-15 22:19 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 10965056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 02481032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amfrt64.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00520072 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2016-11-15 22:18 - 2016-11-15 22:18 - 00286600 _____ (AMD) C:\Windows\system32\atitmm64.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00281992 _____ C:\Windows\system32\dgtrayicon.exe
2016-11-15 22:18 - 2016-11-15 22:18 - 00275336 _____ C:\Windows\system32\GameManager64.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00240008 _____ C:\Windows\SysWOW64\GameManager32.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00136584 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00117640 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00110472 _____ (AMD) C:\Windows\system32\atimuixx.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00059784 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00020360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\detoured.dll
2016-11-15 22:18 - 2016-11-15 22:18 - 00020360 _____ (Microsoft Corporation) C:\Windows\system32\detoured.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 15728008 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 14318984 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 09926536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdvlk64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 08065928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdvlk32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 02163592 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amfrt32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 01561632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00525704 _____ (AMD) C:\Windows\system32\atieclxx.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00458632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00402312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00349064 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00289160 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00230280 _____ C:\Windows\system32\atieah64.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00208264 _____ C:\Windows\SysWOW64\atieah32.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00201608 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00175496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00160136 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00155016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amduve64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00135048 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00134536 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amduve32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00129416 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00122760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00108936 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00107400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00082824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmcl64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00078728 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00072072 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00068488 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00067464 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2016-11-15 22:17 - 2016-11-15 22:17 - 00066952 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00066440 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmcl32.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00065416 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2016-11-15 22:17 - 2016-11-15 22:17 - 00054664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 48824712 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 38268808 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 27489672 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 21640584 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 09311624 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 07363976 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 01333128 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00998280 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00845192 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdlvr64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00679304 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdlvr32.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00305544 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2016-11-15 22:16 - 2016-11-15 22:16 - 00269192 _____ C:\Windows\system32\clinfo.exe
2016-11-15 22:16 - 2016-11-15 22:16 - 00267656 _____ C:\Windows\system32\hsa-thunk64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00248200 _____ C:\Windows\system32\amdgfxinfo64.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00233352 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00221064 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00112520 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2016-11-15 22:16 - 2016-11-15 22:16 - 00103304 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2016-11-15 22:15 - 2016-11-15 22:15 - 33248136 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2016-11-15 22:15 - 2016-11-15 22:15 - 27295624 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2016-11-15 22:13 - 2016-11-15 22:13 - 26560512 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2016-11-15 21:46 - 2016-11-15 21:46 - 00760312 _____ C:\Windows\SysWOW64\atiapfxx.blb
2016-11-15 21:46 - 2016-11-15 21:46 - 00760312 _____ C:\Windows\system32\atiapfxx.blb
2016-11-15 21:35 - 2016-11-15 21:35 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2016-11-15 21:31 - 2016-11-15 21:31 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2016-11-15 16:45 - 2016-11-02 16:36 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-15 16:45 - 2016-11-02 16:32 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-11-15 16:45 - 2016-11-02 16:32 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-15 16:45 - 2016-11-02 16:32 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-11-15 16:45 - 2016-11-02 16:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-11-15 16:45 - 2016-11-02 16:22 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-15 16:45 - 2016-11-02 16:16 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-11-15 16:45 - 2016-11-02 16:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-11-15 16:45 - 2016-11-02 16:16 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-11-15 16:45 - 2016-11-02 15:53 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-15 16:45 - 2016-10-28 04:59 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-11-15 16:45 - 2016-10-28 04:14 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-11-15 16:45 - 2016-10-27 20:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-11-15 16:45 - 2016-10-27 20:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-11-15 16:45 - 2016-10-27 19:55 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-11-15 16:45 - 2016-10-27 19:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-11-15 16:45 - 2016-10-27 19:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-11-15 16:45 - 2016-10-27 19:53 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-11-15 16:45 - 2016-10-27 19:53 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-11-15 16:45 - 2016-10-27 19:51 - 02896384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-15 16:45 - 2016-10-27 19:44 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-11-15 16:45 - 2016-10-27 19:43 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-11-15 16:45 - 2016-10-27 19:38 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-11-15 16:45 - 2016-10-27 19:37 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-11-15 16:45 - 2016-10-27 19:37 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-11-15 16:45 - 2016-10-27 19:37 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-11-15 16:45 - 2016-10-27 19:37 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-11-15 16:45 - 2016-10-27 19:28 - 25763328 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-15 16:45 - 2016-10-27 19:28 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-11-15 16:45 - 2016-10-27 19:24 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-11-15 16:45 - 2016-10-27 19:19 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-15 16:45 - 2016-10-27 19:15 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-11-15 16:45 - 2016-10-27 19:13 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-11-15 16:45 - 2016-10-27 19:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-11-15 16:45 - 2016-10-27 19:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-15 16:45 - 2016-10-27 19:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-15 16:45 - 2016-10-27 19:02 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-11-15 16:45 - 2016-10-27 18:49 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-11-15 16:45 - 2016-10-27 18:46 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-11-15 16:45 - 2016-10-27 18:46 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-11-15 16:45 - 2016-10-27 18:44 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-11-15 16:45 - 2016-10-27 18:44 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-11-15 16:45 - 2016-10-27 18:17 - 15257088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-15 16:45 - 2016-10-27 18:16 - 02920448 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-15 16:45 - 2016-10-27 18:03 - 01543680 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-15 16:45 - 2016-10-27 17:54 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-15 16:45 - 2016-10-27 16:05 - 20304896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-15 16:45 - 2016-10-25 16:02 - 03219456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-15 16:45 - 2016-10-22 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-11-15 16:45 - 2016-10-22 18:36 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-11-15 16:45 - 2016-10-22 18:36 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-11-15 16:45 - 2016-10-22 18:35 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-11-15 16:45 - 2016-10-22 18:35 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-11-15 16:45 - 2016-10-22 18:34 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-11-15 16:45 - 2016-10-22 18:27 - 02287616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-15 16:45 - 2016-10-22 18:27 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-11-15 16:45 - 2016-10-22 18:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-11-15 16:45 - 2016-10-22 18:22 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-11-15 16:45 - 2016-10-22 18:21 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-11-15 16:45 - 2016-10-22 18:21 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-11-15 16:45 - 2016-10-22 18:20 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-15 16:45 - 2016-10-22 18:09 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-11-15 16:45 - 2016-10-22 18:04 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-11-15 16:45 - 2016-10-22 18:03 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-11-15 16:45 - 2016-10-22 17:59 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-11-15 16:45 - 2016-10-22 17:58 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-15 16:45 - 2016-10-22 17:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-15 16:45 - 2016-10-22 17:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-11-15 16:45 - 2016-10-22 17:46 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-11-15 16:45 - 2016-10-22 17:45 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-11-15 16:45 - 2016-10-22 17:44 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-15 16:45 - 2016-10-22 17:43 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-11-15 16:45 - 2016-10-22 17:43 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-11-15 16:45 - 2016-10-22 17:30 - 13654016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-15 16:45 - 2016-10-22 17:12 - 02444800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-15 16:45 - 2016-10-22 17:09 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-15 16:45 - 2016-10-22 17:09 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-15 16:45 - 2016-10-15 16:31 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-15 16:45 - 2016-10-15 16:31 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-11-15 16:45 - 2016-10-15 16:13 - 00741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-15 16:45 - 2016-10-15 16:13 - 00084480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\INETRES.dll
2016-11-15 16:45 - 2016-10-11 16:37 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2016-11-15 16:45 - 2016-10-11 16:31 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10.IME
2016-11-15 16:45 - 2016-10-11 16:31 - 01068544 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-15 16:45 - 2016-10-11 16:31 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2016-11-15 16:45 - 2016-10-11 16:31 - 00457216 _____ (Microsoft Corporation) C:\Windows\system32\imkr80.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-15 16:45 - 2016-10-11 16:31 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\tintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\quick.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\qintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\phon.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\cintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00175104 _____ (Microsoft Corporation) C:\Windows\system32\chajei.ime
2016-11-15 16:45 - 2016-10-11 16:31 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\pintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 01027584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10.IME
2016-11-15 16:45 - 2016-10-11 16:18 - 00829952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-15 16:45 - 2016-10-11 16:18 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2016-11-15 16:45 - 2016-10-11 16:18 - 00430080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imkr80.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00202240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-15 16:45 - 2016-10-11 16:18 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quick.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\phon.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cintlgnt.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00125952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chajei.ime
2016-11-15 16:45 - 2016-10-11 16:18 - 00090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pintlgnt.ime
2016-11-15 16:45 - 2016-10-11 14:33 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-15 16:45 - 2016-10-11 14:06 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-15 16:45 - 2016-10-10 16:38 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-11-15 16:45 - 2016-10-10 16:38 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-11-15 16:45 - 2016-10-10 16:34 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-11-15 16:45 - 2016-10-10 16:34 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-11-15 16:45 - 2016-10-10 16:34 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-15 16:45 - 2016-10-10 16:34 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 01462272 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-11-15 16:45 - 2016-10-10 16:33 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-11-15 16:45 - 2016-10-10 16:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-11-15 16:45 - 2016-10-10 16:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-11-15 16:45 - 2016-10-10 15:56 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-11-15 16:45 - 2016-10-10 15:55 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-11-15 16:45 - 2016-10-10 15:55 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-11-15 16:45 - 2016-10-10 15:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-11-15 16:45 - 2016-10-10 15:54 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-11-15 16:45 - 2016-10-10 15:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-11-15 16:45 - 2016-10-07 16:40 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-15 16:45 - 2016-10-07 16:37 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-15 16:45 - 2016-10-07 16:37 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-15 16:45 - 2016-10-07 16:35 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 03649536 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00877056 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:32 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:18 - 04000488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-11-15 16:45 - 2016-10-07 16:18 - 03944680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-11-15 16:45 - 2016-10-07 16:15 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 02291712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00581632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 16:04 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-11-15 16:45 - 2016-10-07 16:04 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-11-15 16:45 - 2016-10-07 16:04 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-11-15 16:45 - 2016-10-07 16:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-11-15 16:45 - 2016-10-07 16:00 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-11-15 16:45 - 2016-10-07 15:56 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-11-15 16:45 - 2016-10-07 15:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-11-15 16:45 - 2016-10-07 15:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-11-15 16:45 - 2016-10-07 15:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-11-15 16:45 - 2016-10-07 15:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-11-15 16:45 - 2016-10-07 15:49 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 15:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 15:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-11-15 16:45 - 2016-10-07 15:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-11-15 16:45 - 2016-10-05 15:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-15 16:45 - 2016-09-15 15:56 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-11-15 16:45 - 2016-09-13 16:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-11-15 16:45 - 2016-09-13 16:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-11-15 16:45 - 2016-09-09 19:20 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2016-11-15 16:45 - 2016-09-09 19:00 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2016-11-15 16:45 - 2016-08-22 17:19 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-11-15 16:41 - 2016-11-25 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-15 15:54 - 2016-11-15 15:54 - 02420736 _____ C:\Windows\system32\amdacpusl.pdb
2016-11-15 15:48 - 2016-11-15 15:48 - 00364544 _____ (Advanced Micro Devices) C:\Windows\system32\amdacpusl.dll
2016-11-15 15:48 - 2016-11-15 15:48 - 00306176 _____ C:\Windows\system32\amdacpusl.pdb.pub
2016-11-15 15:48 - 2016-11-15 15:48 - 00248832 _____ (Advanced Micro Devices) C:\Windows\SysWOW64\amdacpusl.dll
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00075888 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2016-11-07 23:49 - 2016-11-07 23:49 - 00042096 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2016-11-07 09:16 - 2016-11-07 09:16 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2016-11-07 09:15 - 2016-11-17 21:19 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2016-11-05 21:38 - 2016-11-05 21:38 - 00000000 ____D C:\Users\Unaton\.QtWebEngineProcess
2016-11-05 21:38 - 2016-11-05 21:38 - 00000000 ____D C:\Users\Unaton\.Plays.tv
2016-11-05 21:37 - 2016-11-25 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-11-03 09:18 - 2016-11-25 21:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2016-11-03 09:18 - 2016-11-03 09:18 - 00002144 _____ C:\Users\Unaton\Desktop\Google Earth.lnk
2016-11-03 09:18 - 2016-11-03 09:18 - 00000000 ____D C:\Users\Unaton\AppData\LocalLow\Google

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-27 15:49 - 2016-01-07 20:40 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-11-27 15:45 - 2016-01-11 14:27 - 00001214 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-11-27 15:40 - 2016-07-16 13:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-27 15:34 - 2009-07-14 05:45 - 00022352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-27 15:34 - 2009-07-14 05:45 - 00022352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-27 15:31 - 2011-04-12 08:43 - 00698688 _____ C:\Windows\system32\perfh007.dat
2016-11-27 15:31 - 2011-04-12 08:43 - 00148828 _____ C:\Windows\system32\perfc007.dat
2016-11-27 15:31 - 2009-07-14 06:13 - 01618320 _____ C:\Windows\system32\PerfStringBackup.INI
2016-11-27 15:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-11-27 15:28 - 2016-01-11 22:48 - 00000000 ___RD C:\Users\Unaton\Dropbox
2016-11-27 15:27 - 2016-09-25 14:04 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\Raptr
2016-11-27 15:27 - 2016-07-17 10:04 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\PlaysTV
2016-11-27 15:27 - 2016-02-28 21:07 - 00000000 ____D C:\Users\Unaton\AppData\Local\Deployment
2016-11-27 15:26 - 2016-07-16 13:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-27 15:26 - 2016-01-11 14:27 - 00001210 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-11-27 15:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-11-27 15:23 - 2016-01-07 12:09 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2016-11-27 15:19 - 2016-01-07 20:39 - 00000000 ____D C:\Users\Unaton\AppData\Local\Adobe
2016-11-26 21:48 - 2016-06-13 18:46 - 00000016 _____ C:\ProgramData\autobk.inc
2016-11-26 21:39 - 2016-01-07 21:59 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\vlc
2016-11-26 21:20 - 2016-01-07 18:58 - 00004230 _____ C:\Windows\System32\Tasks\AMD Updater
2016-11-26 21:20 - 2016-01-07 12:06 - 00000000 ____D C:\Program Files\AMD
2016-11-26 21:19 - 2016-01-07 12:08 - 00000000 ____D C:\Program Files (x86)\AMD
2016-11-26 17:52 - 2016-01-15 20:09 - 00001456 _____ C:\Users\Unaton\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-11-25 21:53 - 2016-10-10 14:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2016-11-25 21:53 - 2016-10-03 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2016-11-25 21:53 - 2016-09-26 22:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2016-11-25 21:53 - 2016-09-25 14:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-11-25 21:53 - 2016-07-30 17:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2016-11-25 21:53 - 2016-07-04 13:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Inkwell Ideas
2016-11-25 21:53 - 2016-06-20 20:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iZotope
2016-11-25 21:53 - 2016-06-13 18:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IK Multimedia
2016-11-25 21:53 - 2016-06-13 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Waves
2016-11-25 21:53 - 2016-04-30 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuxGuitar
2016-11-25 21:53 - 2016-04-25 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2016-11-25 21:53 - 2016-04-12 16:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Voxengo
2016-11-25 21:53 - 2016-03-07 22:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-11-25 21:53 - 2016-02-28 17:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2016-11-25 21:53 - 2016-02-28 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-11-25 21:53 - 2016-02-28 17:17 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\Battle.net
2016-11-25 21:53 - 2016-02-28 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REAPER (x64)
2016-11-25 21:53 - 2016-02-19 15:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2016-11-25 21:53 - 2016-02-13 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-11-25 21:53 - 2016-01-17 17:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark
2016-11-25 21:53 - 2016-01-14 11:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-11-25 21:53 - 2016-01-13 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 3 Wild Hunt
2016-11-25 21:53 - 2016-01-12 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassins Creed Unity
2016-11-25 21:53 - 2016-01-12 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2016-11-25 21:53 - 2016-01-11 01:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
2016-11-25 21:53 - 2016-01-09 21:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-11-25 21:53 - 2016-01-09 16:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-11-25 21:53 - 2016-01-07 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-11-25 21:53 - 2016-01-07 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-11-25 21:53 - 2016-01-07 13:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-11-25 21:53 - 2016-01-07 11:41 - 00000000 ____D C:\Users\Unaton
2016-11-25 21:53 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-11-25 20:56 - 2016-02-28 21:07 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2016-11-25 20:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2016-11-25 20:05 - 2016-01-07 12:16 - 00000000 ____D C:\ProgramData\Avira
2016-11-25 20:05 - 2016-01-07 11:45 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-25 19:35 - 2016-02-28 17:19 - 00000000 ____D C:\Users\Unaton\AppData\Local\Battle.net
2016-11-25 19:17 - 2016-01-19 21:32 - 00000000 ____D C:\Users\Unaton\AppData\Local\Apps\2.0
2016-11-25 19:15 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2016-11-25 18:12 - 2016-07-02 18:44 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\ssd_sampler
2016-11-25 18:12 - 2016-02-28 15:58 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\REAPER
2016-11-25 18:12 - 2016-01-07 12:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-25 18:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2016-11-25 18:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-11-25 18:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-11-25 17:58 - 2016-04-05 10:00 - 00000000 ____D C:\AMD
2016-11-25 17:58 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-11-25 16:09 - 2016-01-07 18:58 - 00000000 ____D C:\Users\Unaton\AppData\Local\AMD
2016-11-25 16:03 - 2016-04-12 10:22 - 00000000 ____D C:\Users\Unaton\AppData\Local\ElevatedDiagnostics
2016-11-25 15:34 - 2016-06-17 15:28 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\DarkSoulsII
2016-11-25 14:57 - 2016-04-25 20:26 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-11-25 00:06 - 2016-03-07 22:17 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\TS3Client
2016-11-24 16:39 - 2016-01-07 12:32 - 00001999 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-11-22 15:55 - 2009-07-14 05:45 - 07596256 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-21 20:51 - 2016-01-07 12:09 - 00181720 _____ C:\Users\Unaton\AppData\Local\GDIPFONTCACHEV1.DAT
2016-11-17 21:20 - 2016-01-09 16:13 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-17 21:20 - 2016-01-07 20:32 - 00000000 ____D C:\Program Files (x86)\Opera
2016-11-17 21:20 - 2016-01-07 11:45 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-11-17 21:19 - 2016-09-26 22:56 - 00000000 ____D C:\Program Files (x86)\Mp3tag
2016-11-17 21:19 - 2016-09-26 22:55 - 00000000 ____D C:\Program Files (x86)\Chip Digital GmbH
2016-11-17 21:19 - 2016-09-25 14:04 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-11-17 21:19 - 2016-09-25 13:18 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-11-17 21:19 - 2016-09-19 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-11-17 21:19 - 2016-07-30 17:45 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-11-17 21:19 - 2016-07-30 17:38 - 00000000 ____D C:\Program Files (x86)\Spirent Communications
2016-11-17 21:19 - 2016-07-30 17:38 - 00000000 ____D C:\Program Files (x86)\HTC
2016-11-17 21:19 - 2016-07-16 13:24 - 00000000 ____D C:\Program Files (x86)\Google
2016-11-17 21:19 - 2016-07-08 16:33 - 00000000 ____D C:\Program Files (x86)\Abdulon
2016-11-17 21:19 - 2016-07-02 18:34 - 00000000 ____D C:\Program Files (x86)\VstPlugins64
2016-11-17 21:19 - 2016-06-27 23:13 - 00000000 ____D C:\Program Files (x86)\SoundToys
2016-11-17 21:19 - 2016-06-20 21:03 - 00000000 ____D C:\Program Files (x86)\iLok License Manager
2016-11-17 21:19 - 2016-06-20 21:00 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-11-17 21:19 - 2016-06-20 20:57 - 00000000 ____D C:\Program Files (x86)\iZotope
2016-11-17 21:19 - 2016-06-13 18:44 - 00000000 ____D C:\Program Files (x86)\IK Multimedia
2016-11-17 21:19 - 2016-06-13 17:22 - 00000000 ____D C:\Program Files (x86)\Waves
2016-11-17 21:19 - 2016-06-10 22:51 - 00000000 ____D C:\Program Files (x86)\Toontrack
2016-11-17 21:19 - 2016-06-10 22:50 - 00000000 ____D C:\Program Files (x86)\VstPlugins
2016-11-17 21:19 - 2016-01-17 17:05 - 00000000 ____D C:\Program Files (x86)\Lexmark C740 Series
2016-11-17 21:19 - 2016-01-11 14:27 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-11-17 21:19 - 2016-01-09 21:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-11-17 21:19 - 2016-01-09 16:16 - 00000000 ____D C:\Program Files (x86)\Microsoft Works
2016-11-17 21:19 - 2016-01-09 16:14 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-11-17 21:19 - 2016-01-07 13:42 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2016-11-17 21:19 - 2016-01-07 13:02 - 00000000 ____D C:\Program Files (x86)\Razer
2016-11-17 21:19 - 2016-01-07 11:49 - 00000000 ____D C:\Program Files (x86)\Intel
2016-11-17 21:19 - 2016-01-07 11:45 - 00000000 ___HD C:\Program Files (x86)\Temp
2016-11-17 21:19 - 2016-01-07 11:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-11-17 21:19 - 2016-01-07 11:43 - 00000000 ____D C:\Program Files (x86)\ASUS
2016-11-17 21:19 - 2016-01-07 08:11 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-11-17 21:19 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-11-17 21:19 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-11-16 18:22 - 2016-03-31 23:54 - 00000000 ____D C:\Users\Unaton\AppData\Roaming\VASSAL
2016-11-16 00:49 - 2016-01-11 01:11 - 00000000 ____D C:\Windows\system32\MRT
2016-11-16 00:47 - 2016-01-11 01:11 - 141011376 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-11-15 22:20 - 2015-05-05 14:58 - 00139720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2016-11-15 22:18 - 2015-05-05 14:57 - 09114104 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2016-11-15 22:17 - 2015-05-05 14:57 - 01281448 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2016-11-15 22:16 - 2016-09-16 20:40 - 00892296 _____ (AMD) C:\Windows\system32\coinst_16.40.dll
2016-11-15 17:40 - 2016-01-11 14:27 - 00004210 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-11-15 17:40 - 2016-01-11 14:27 - 00003958 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-11-15 16:50 - 2016-01-09 16:13 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-15 16:49 - 2016-01-07 20:40 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-11-15 16:49 - 2016-01-07 20:40 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-11-15 16:49 - 2016-01-07 20:40 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-11-15 16:49 - 2016-01-07 20:40 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-11-15 16:49 - 2016-01-07 20:40 - 00000000 ____D C:\Windows\system32\Macromed
2016-11-15 16:41 - 2016-07-16 13:24 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-08 17:34 - 2016-01-14 11:46 - 00121988 _____ C:\Users\Unaton\.heldEinstellungen4_1.xml
2016-11-08 17:34 - 2016-01-14 11:46 - 00000000 ____D C:\Users\Unaton\helden
2016-11-08 17:12 - 2016-01-14 11:46 - 00000270 _____ C:\Users\Unaton\.dsa4.properties
2016-11-07 09:06 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-11-06 11:28 - 2016-01-09 16:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-04 09:08 - 2016-01-07 20:33 - 00000000 ____D C:\Users\Unaton\AppData\Local\JDownloader v2.0

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-30 10:57 - 2016-10-23 16:33 - 0000132 _____ () C:\Users\Unaton\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2016-11-26 21:29 - 2016-11-26 21:48 - 0000016 _____ () C:\Users\Unaton\AppData\Roaming\msregsvv.dll
2016-01-15 20:09 - 2016-11-26 17:52 - 0001456 _____ () C:\Users\Unaton\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2016-04-25 22:11 - 2016-04-25 22:11 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{1B6CF040-AD9D-477F-8B37-1D7B15681142}
2016-05-06 15:35 - 2016-05-06 15:35 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{3CB1E604-596C-47A9-A240-9FE8A7AD1098}
2016-04-28 14:39 - 2016-04-28 14:39 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{44BDD6FE-6F3F-4AA2-A799-748B3D22FFA4}
2016-05-17 10:01 - 2016-05-17 10:01 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{5C133F81-4B34-4707-96DA-9B5B07AFF80F}
2016-04-26 06:18 - 2016-04-26 06:18 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{60BAEDB9-822D-4796-AEE6-FBA3E1B9430C}
2016-05-01 21:15 - 2016-05-01 21:15 - 0000000 _____ () C:\Users\Unaton\AppData\Local\{ECA74C51-50C6-44C0-AD05-E32EBB408E5C}
2016-06-13 18:46 - 2016-11-26 21:48 - 0000016 _____ () C:\ProgramData\autobk.inc

Einige Dateien in TEMP:
====================
C:\Users\Unaton\AppData\Local\Temp\tmpB56C.exe


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-11-24 18:21

==================== Ende von FRST.txt ============================
__________________
Alt 27.11.2016, 16:50   #4
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 23-11-2016
durchgeführt von Unaton (27-11-2016 16:47:11)
Gestartet von C:\Users\Unaton\Desktop
Windows 7 Professional Service Pack 1 (X64) (2016-01-07 10:41:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1822984931-598836370-3667297496-500 - Administrator - Disabled)
Gast (S-1-5-21-1822984931-598836370-3667297496-501 - Limited - Disabled)
Unaton (S-1-5-21-1822984931-598836370-3667297496-1000 - Administrator - Enabled) => C:\Users\Unaton

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1822984931-598836370-3667297496-1000\...\uTorrent) (Version: 3.4.6.42178 - BitTorrent Inc.)
Abdulon (HKLM-x32\...\Abdulon) (Version: 1.0.3.13 - Markus Bauer)
ACP Application (Version: 2016.1115.1548.22 - Advanced Micro Devices, Inc.) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.020.20042 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.207 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Application Profiles (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Asmedia USB Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.24.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1115.1552.28539 - Advanced Micro Devices, Inc.) Hidden
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-1822984931-598836370-3667297496-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
Dark Souls: Prepare to Die Edition (HKLM\...\Steam App 211420) (Version:  - FromSoftware)
DARK SOULS™ II: Scholar of the First Sin (HKLM\...\Steam App 335300) (Version:  - FromSoftware, Inc)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 14.4.19 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.57.1 - Dropbox, Inc.) Hidden
Everything 1.3.4.686 (x86) (HKLM-x32\...\Everything) (Version:  - )
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Hexographer (HKLM-x32\...\Hexographer_0) (Version:  - Inkwell Ideas)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)
Intel(R) C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Network Connections 20.2.3001.0 (HKLM\...\PROSetDX) (Version: 20.2.3001.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 4.0.0.36 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Lexmark C740 Series Deinstallationsprogamm (HKLM\...\Lexmark C740 Series) (Version:  - Lexmark International, Inc.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 50.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 50.0 (x86 de)) (Version: 50.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 50.0.0.6152 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
PACE License Support Win64 (HKLM-x32\...\InstallShield_{1CC8C2F8-5CA6-45ca-9186-CF77033125F0}) (Version: 3.0.2.1412 - PACE Anti-Piracy, Inc.)
PACE License Support Win64 (Version: 3.0.2.1412 - PACE Anti-Piracy, Inc.) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.16.8-r118433-release - Plays.tv, LLC)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 2.20.15.1031 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7543 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
SSD Sampler (HKLM-x32\...\SSD4) (Version: 1.1 - Yellow Matter Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.0.0 - Toontrack)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Toontrack solo (HKLM-x32\...\{5866520C-8857-4986-833A-039F4584C3F7}) (Version: 1.1.1 - Toontrack)
TuxGuitar (HKLM-x32\...\TuxGuitar 1.3.2) (Version: 1.3.2 - TuxGuitar)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VASSAL (3.2.16) (HKLM\...\VASSAL (3.2.16)) (Version: 3.2.16 - vassalengine.org)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.9.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0-3) (Version: 1.0.26.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.26.0 (Version: 1.0.26.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1822984931-598836370-3667297496-1000_Classes\CLSID\{ecbb3dad-bfe9-4f58-818c-8def07b59130}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1C1E6948-C6C6-4504-B9C3-7552AF2CAF94} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {1DA3B5EC-F4C9-4831-802F-470DFE2365FE} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-11] (Dropbox, Inc.)
Task: {63A54766-157F-4692-834B-31D9E69D577D} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {7C55FCC0-A9FC-48E7-99B9-9AEC41F58130} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)
Task: {9832E89C-1DCE-4246-97C2-4AE781594BFC} - System32\Tasks\AdobeAAMUpdater-1.0-Unaton-PC-Unaton => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {B38AD8D9-42D0-44F2-8D84-3CD3C21C12D2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-11-15] (Adobe Systems Incorporated)
Task: {C125A0BF-C423-4EB1-81E3-55402372F7CC} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-11] (Dropbox, Inc.)
Task: {DDB821EE-D509-419C-A3B1-DE33FFC1B9F9} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-11-15] (Advanced Micro Devices, Inc.)
Task: {E1B916E2-1237-4ACD-819A-F45CFE28EEF1} - System32\Tasks\{2E38E142-2B85-4980-8105-54B4300A9AEC} => pcalua.exe -a "E:\Programme\Toontrack\SD2\ToonTrack.Superior.Drummer.v2.0.VSTi.RTAS.AU.HYBRID.DVDR.D1-AiRISO\Install\PC\Superior2 Sound Installer.exe" -d E:\Programme\Toontrack\SD2\ToonTrack.Superior.Drummer.v2.0.VSTi.RTAS.AU.HYBRID.DVDR.D1-AiRISO\Install\PC
Task: {E317A7A6-E14B-4890-A53B-2D8A73BF1D0C} - System32\Tasks\CCleanerSkipUAC => E:\Programme\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {F7BD09E7-2773-4321-B0B1-C00051617324} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-07-16] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2014-07-23 02:59 - 2014-07-23 02:59 - 00936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-01-07 11:45 - 2014-07-23 02:59 - 01360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2016-05-07 17:12 - 2014-08-06 02:01 - 01048576 _____ () E:\Programme\Everything\Everything.exe
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2016-09-25 00:20 - 2016-09-25 00:21 - 00189264 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2016-09-14 20:01 - 2016-09-14 20:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 20:01 - 2016-09-14 20:01 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 20:01 - 2016-09-14 20:01 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 20:01 - 2016-09-14 20:01 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 20:00 - 2016-09-14 20:00 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 20:00 - 2016-09-14 20:00 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-01-17 17:05 - 2012-08-07 07:40 - 00645296 _____ () E:\Programme\Lexmark\ErrorApp\lmab1err.exe
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () E:\Programme\CCleaner\lang\lang-1031.dll
2016-08-19 09:12 - 2016-08-19 09:12 - 00298448 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2016-11-18 03:26 - 2016-11-18 03:26 - 00020240 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\QtWebEngineProcess.exe
2016-01-07 11:45 - 2016-11-27 15:26 - 00036136 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2016-01-07 11:45 - 2014-07-23 02:59 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2016-01-17 17:05 - 2011-08-24 05:01 - 00217088 _____ () E:\Programme\Lexmark\ErrorApp\lmab1err.dll
2016-01-11 14:28 - 2016-10-10 17:29 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-11-15 16:41 - 2016-10-10 17:29 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-11-15 16:41 - 2016-10-10 17:29 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-11-15 16:41 - 2016-10-10 17:29 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-11 14:28 - 2016-10-10 17:29 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-11 14:28 - 2016-10-10 17:29 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-11 14:28 - 2016-11-07 23:59 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-11 14:28 - 2016-10-10 17:29 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-11-15 16:41 - 2016-11-07 23:58 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-11 14:28 - 2016-10-10 17:30 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-11-15 16:41 - 2016-11-07 23:58 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-11-15 16:41 - 2016-11-07 23:58 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-06 12:20 - 2016-11-07 23:59 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-11-15 16:41 - 2016-10-10 17:29 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-11-15 16:41 - 2016-10-10 17:31 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-11 14:28 - 2016-11-07 23:59 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-06 12:20 - 2016-11-07 23:59 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-11-15 16:41 - 2016-11-07 23:58 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-06 12:20 - 2016-10-10 17:30 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-11-15 16:41 - 2016-11-07 23:58 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-01-11 14:28 - 2016-11-07 23:59 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-02-10 22:36 - 2016-11-07 23:59 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-10 22:36 - 2016-11-07 23:59 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-10 22:36 - 2016-11-07 23:59 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-10 22:36 - 2016-11-07 23:59 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-11-15 16:41 - 2016-10-10 17:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-11-15 16:41 - 2016-11-07 23:59 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-11-15 16:41 - 2016-11-07 23:59 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-11 14:28 - 2016-10-10 17:29 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 01972528 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00133424 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-06 12:20 - 2016-11-07 23:59 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-11-15 16:41 - 2016-10-10 17:33 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-11-15 16:41 - 2016-10-10 17:34 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-11-15 16:41 - 2016-11-07 23:59 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00168760 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-01-11 14:28 - 2016-10-10 17:31 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-06 12:20 - 2016-11-07 23:59 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-11-15 16:41 - 2016-11-07 23:59 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00324608 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-27 00:09 - 2015-06-27 00:09 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\amd_ags.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 18:08 - 2016-04-19 18:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2016-11-25 23:50 - 2016-09-07 21:42 - 50656768 _____ () C:\Users\Unaton\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2016-11-25 23:50 - 2016-09-07 21:42 - 01874944 _____ () C:\Users\Unaton\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll
2016-11-25 23:50 - 2016-09-07 21:42 - 00075264 _____ () C:\Users\Unaton\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00021504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32event.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlc.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libvlccore.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00124416 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32file.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00152064 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineWidgets.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00033792 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebEngineCore.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00032256 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWebChannel.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00372736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32com.shell.shell.pyd
2016-11-18 03:26 - 2016-11-18 03:26 - 00013824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libEGL.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 01983488 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\libGLESv2.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00271872 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\amd_ags.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00027667 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libdirectsound_plugin.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00031251 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\audio_output\libwaveout_plugin.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 00066579 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\plugins\video_output\libdirectdraw_plugin.dll
2016-11-18 03:26 - 2016-11-18 03:26 - 02620112 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\ltc_host_ex.DLL
2015-07-10 23:37 - 2015-07-10 23:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2016-06-13 17:33 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.01 		register.waves.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1822984931-598836370-3667297496-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Unaton\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{CFF97D69-713E-4A6E-B7C8-B1999F79E531}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6503C1FC-EC13-41DD-8B2C-BB8C6B517423}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{6D1B0E9F-E9BA-4CA9-9F3A-3438F10157D2}E:\spiele\grand theft auto v\grand theft auto v\gta5.exe] => (Allow) E:\spiele\grand theft auto v\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{35FE8AE9-C132-4B69-BD60-798297744DD3}E:\spiele\grand theft auto v\grand theft auto v\gta5.exe] => (Allow) E:\spiele\grand theft auto v\grand theft auto v\gta5.exe
FirewallRules: [{E5864C40-B79D-47B0-92B5-FC3B2FE45F31}] => (Allow) E:\Programme\Lexmark\Status Center\lmsmc.exe
FirewallRules: [{9B02619A-FBC2-4AD1-A16B-D9C239AC23F8}] => (Allow) E:\Programme\Lexmark\Status Center\lmsmc.exe
FirewallRules: [{F26C78D8-3AD6-4384-8101-1A12C1624169}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{BBA72B2A-C233-471C-AD92-CE241D28C8D3}] => (Allow) E:\Programme\Steam\Steam.exe
FirewallRules: [{829FE498-279F-4EF7-B082-E3BD634D0424}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{E72B82F2-686B-42AF-BA80-D4CA42E56F3C}] => (Allow) E:\Programme\Steam\bin\steamwebhelper.exe
FirewallRules: [{F21E9A71-45D9-4D4C-81E3-947291CF8356}] => (Allow) E:\Programme\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7B2897D7-BC59-4186-A32B-0BBC3703B192}] => (Allow) E:\Programme\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F4E12F37-D76E-4CA5-B08F-6A8B394D55F3}] => (Allow) E:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{56980068-A9F3-4609-BF20-3228718547F6}] => (Allow) E:\Programme\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F73E70BE-BC6B-445B-A7F9-AF475330144A}] => (Allow) E:\Programme\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{6EBD02D5-32E6-4B9A-B334-25A61A93D522}] => (Allow) E:\Programme\Steam\steamapps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [TCP Query User{575C01F6-57CD-418E-B1FC-ABD19901ECE5}E:\programme\utorrentportable\app\utorrent\utorrent.exe] => (Block) E:\programme\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D7D65ACD-C136-4631-BA27-98987BC397B9}E:\programme\utorrentportable\app\utorrent\utorrent.exe] => (Block) E:\programme\utorrentportable\app\utorrent\utorrent.exe
FirewallRules: [{93E1C2D4-80DA-4014-AEE9-7EE8342DFE6B}] => (Allow) E:\Programme\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{99433963-0BF2-4D2A-9C2A-2E4F015026BF}] => (Allow) E:\Programme\Steam\steamapps\common\Dark Souls II Scholar of the First Sin\Game\DarkSoulsII.exe
FirewallRules: [{D0EAB23C-E33C-4176-A284-4914C65199FE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{80088BDD-F722-40DC-945C-14B9497126CA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8B5EED38-7980-4360-ABFF-80653A50D960}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3AE44F2D-14D8-44FF-BE3D-3EDB0AA257D0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABC9AB94-A2E2-40AE-94C6-A51EED11550B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{436EC388-1000-4172-871F-F393DA6DD2B0}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{2461F4E6-D5AF-4DFA-9E2A-7441033DEF85}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{C5ED3463-5BE8-4D74-8549-066DD2C02905}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{2DA3410B-7243-49DF-AF3A-D3BC50B4C139}E:\spiele\diablo iii\diablo iii.exe] => (Allow) E:\spiele\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{1082A93F-B0A5-4B4F-8935-92FB3B8C85F0}E:\spiele\diablo iii\diablo iii.exe] => (Allow) E:\spiele\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8C65ABA9-FEF7-4541-8AE0-7D9865BFF559}E:\programme\battle.net\battle.net.8098\battle.net.exe] => (Allow) E:\programme\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [UDP Query User{E8B1C7AF-66B9-446A-9E79-40BF52DDCDFF}E:\programme\battle.net\battle.net.8098\battle.net.exe] => (Allow) E:\programme\battle.net\battle.net.8098\battle.net.exe
FirewallRules: [{FF6DB126-1BCC-4153-8F9E-9E2BA27C4F1D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{52646B86-0D1B-4495-8BDB-1614D3EDF677}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D80162E6-AFA7-4A96-A60B-F93E03CD14E7}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{857E6A55-4D47-4F23-8CDD-ACA6D2D71E35}] => (Allow) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{34168392-0CB9-403D-993D-D7F1231C0AAD}] => (Allow) C:\Program Files (x86)\Firefox\bin\FirefoxUpdate.exe
FirewallRules: [{CA331DC5-63D0-437A-85B5-3AE66E2B99EB}] => (Allow) C:\Program Files (x86)\Firefox\Firefox.exe

==================== Wiederherstellungspunkte =========================

25-11-2016 17:21:39 Wiederherstellungsvorgang
25-11-2016 20:05:42 Removed Avira Browser Safety
25-11-2016 20:06:23 Wiederherstellungsvorgang
26-11-2016 21:14:54 Gerätetreiber-Paketinstallation: Advanced Micro Devices, Inc. Grafikkarte

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/27/2016 03:26:39 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/27/2016 03:24:35 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/27/2016 03:09:51 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/26/2016 09:24:40 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/26/2016 09:22:03 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/26/2016 09:13:45 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: Unaton-PC)
Description: Die Anwendung oder der Dienst "ACP User Service" konnte nicht neu gestartet werden.

Error: (11/26/2016 05:58:31 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/26/2016 05:56:30 PM) (Source: DbxSvc) (EventID: 320) (User: )
Description: Failed to connect to the driver: (-2147024894) Das System kann die angegebene Datei nicht finden.

Error: (11/26/2016 05:52:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm FRST64.exe, Version 23.11.2016.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1860

Startzeit: 01d2480426f43b98

Endzeit: 60000

Anwendungspfad: C:\Users\Unaton\Desktop\FRST64.exe

Berichts-ID: 8616b439-b3f8-11e6-a885-2c56dc98040f

Error: (11/26/2016 03:20:32 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5008


Systemfehler:
=============
Error: (11/27/2016 03:26:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Reijiied" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/27/2016 03:26:39 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:26:39 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:24:38 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Reijiied" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/27/2016 03:24:35 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:24:35 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:09:59 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Reijiied" wurde mit folgendem Fehler beendet: 
Das System kann die angegebene Datei nicht finden.

Error: (11/27/2016 03:09:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:09:51 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip 1-click download service" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (11/27/2016 03:09:33 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Designs" ist von folgendem Dienst abhängig: iThemes5. Dieser Dienst ist eventuell nicht installiert.


CodeIntegrity:
===================================
  Date: 2016-11-25 19:14:35.401
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2016-11-25 19:14:35.372
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 18%
Installierter physikalischer RAM: 16298.85 MB
Verfügbarer physikalischer RAM: 13218.68 MB
Summe virtueller Speicher: 32597.7 MB
Verfügbarer virtueller Speicher: 27272.17 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:141.96 GB) NTFS
Drive d: (Daten) (Fixed) (Total:465.69 GB) (Free:333.01 GB) NTFS
Drive e: (Programme) (Fixed) (Total:465.82 GB) (Free:148.15 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 798EE413)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== Ende von Addition.txt ============================

Alt 27.11.2016, 17:11   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Zitat:
Hosts: 127.0.01 register.waves.com
Das hast du warum drin?

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 27.11.2016, 17:14   #6
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Waves ist ein Anbieter von Audio PlugIns, aber ich verwende keine Waves-Produkte (mehr).

EDIT: Total vergessen, die Frage zu beantworten. Ich hatte aus Testzwecken mal Waves-Produkte getestet, diese aber nicht mehr auf dem Rechner. Das ist ein Überrest davon.
Geändert von dtp904 (27.11.2016 um 17:22 Uhr)

Alt 27.11.2016, 17:28   #7
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


1. Schritt: Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers




2. Schritt: Kaspersky TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 28.11.2016, 00:31   #8
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Okay, bin vorhin nicht mehr ganz dazu gekommen.

Hier die beiden Logs, die du von mir gewünscht hast:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18524

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.192000 GHz
Memory total: 17090584576, free: 13395349504

Downloaded database version: v2016.11.27.04
Downloaded database version: v2016.11.20.01
Downloaded database version: v2016.09.21.01
Initializing...
=======================================
Driver version: 0.3.0.4
------------ Kernel report ------------
     11/27/2016 17:36:53
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStorA.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\DRIVERS\iaStorF.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\??\C:\Windows\system32\drivers\rzpnk.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\rzudd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\Drivers\exfat.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\lpk.dll
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shlwapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\psapi.dll
\Windows\System32\user32.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imm32.dll
\Windows\System32\sechost.dll
\Windows\System32\ole32.dll
\Windows\System32\urlmon.dll
\Windows\System32\wininet.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.11.27.04
  rootkit: v2016.11.20.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8010f79790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8010e22b50, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f79080, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8010f79530, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f79790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8010e21a10, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010e21c50, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa8010e1e980, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa800e9e9060, DeviceName: \Device\0000006e\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 798EE413

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 488187904
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8010f4d790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8010e24b00, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f4d080, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8010f4d530, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f4d790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8010e23950, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010e23c50, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa8010e22910, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa800eb8e060, DeviceName: \Device\00000070\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 235080199
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid 9e16ad86-10ee-4151-85a7-65dd1428c176
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 235080199
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid 9e16ad86-10ee-4151-85a7-65dd1428c176
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 3adf57a2-5f73-4bdc-9276-1c7e94be36e
    FirstLBA 2048  Last LBA 976631807
    Attributes 0
    Partition Name                 Basic data partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID a64fe144-daa9-4b17-b0e0-5aa39557fbf9
    FirstLBA 976631808  Last LBA 1953521663
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa8014d2c210, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8014b94040, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8014b532d0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800e0bd330, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8014d2c210, DeviceName: \Device\Harddisk2\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8014b4a420, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa800e019220, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa8012e72610, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8015267060, DeviceName: \Device\0000009e\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: C2AC2C31

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 1953520002
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Scan Interrupted
Scan was aborted.
Scan Interrupted
Scan Interrupted
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-63-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18524

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.192000 GHz
Memory total: 17090584576, free: 11748188160

=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18524

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.192000 GHz
Memory total: 17090584576, free: 14245748736

Initializing...
======================
Driver version: 0.3.0.4
------------ Kernel report ------------
     11/27/2016 19:29:07
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\iaStorA.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\system32\DRIVERS\iaStorF.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\e1d62x64.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdW76.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\amdacpksd.sys
\SystemRoot\system32\drivers\peauth.sys
\??\C:\Windows\system32\drivers\rzpmgrk.sys
\??\C:\Windows\system32\drivers\rzpnk.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\rzudd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\System32\Drivers\exfat.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\kernel32.dll
\Windows\System32\iertutil.dll
\Windows\System32\lpk.dll
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\normaliz.dll
\Windows\System32\shlwapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\psapi.dll
\Windows\System32\user32.dll
\Windows\System32\nsi.dll
\Windows\System32\shell32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\gdi32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imm32.dll
\Windows\System32\sechost.dll
\Windows\System32\ole32.dll
\Windows\System32\urlmon.dll
\Windows\System32\wininet.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.11.27.04
  rootkit: v2016.11.20.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8010f79790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8010e22b50, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f79080, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8010f79530, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f79790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8010e21a10, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010e21c50, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa8010e1e980, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa800e9e9060, DeviceName: \Device\0000006e\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 798EE413

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition is bootable
    Partition file system is NTFS

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 488187904
    Partition is not bootable
    Partition file system is NTFS

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8010f4d790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8010e24b00, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f4d080, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8010f4d530, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010f4d790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8010e23950, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa8010e23c50, DeviceName: Unknown, DriverName: \Driver\iaStorF\
DevicePointer: 0xfffffa8010e22910, DeviceName: Unknown, DriverName: \Driver\VERIFIER_FILTER\
DevicePointer: 0xfffffa800eb8e060, DeviceName: \Device\00000070\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 235080199
    GPT Header CurrentLba = 1 BackupLba 1953525167
    GPT Header FirstUsableLba 34  LastUsableLba 1953525134
    GPT Header Guid 9e16ad86-10ee-4151-85a7-65dd1428c176
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 235080199
    Backup GPT header CurrentLba = 1953525167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1953525134
    Backup GPT header Guid 9e16ad86-10ee-4151-85a7-65dd1428c176
    Backup GPT header Contains 128 partition entries starting at LBA 1953525135
    Backup GPT header Partition entry size = 128

    Partition 0 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 3adf57a2-5f73-4bdc-9276-1c7e94be36e
    FirstLBA 2048  Last LBA 976631807
    Attributes 0
    Partition Name                 Basic data partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID a64fe144-daa9-4b17-b0e0-5aa39557fbf9
    FirstLBA 976631808  Last LBA 1953521663
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
<<<2>>>
<<<3>>>
Volume: D:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scan finished

Alt 28.11.2016, 00:34   #9
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Code:
ATTFilter
00:25:50.0456 0x0ce0  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
00:26:21.0984 0x0ce0  ============================================================
00:26:21.0985 0x0ce0  Current date / time: 2016/11/28 00:26:21.0984
00:26:21.0986 0x0ce0  SystemInfo:
00:26:21.0986 0x0ce0  
00:26:21.0987 0x0ce0  OS Version: 6.1.7601 ServicePack: 1.0
00:26:21.0987 0x0ce0  Product type: Workstation
00:26:21.0987 0x0ce0  ComputerName: UNATON-PC
00:26:21.0988 0x0ce0  UserName: Unaton
00:26:21.0988 0x0ce0  Windows directory: C:\Windows
00:26:21.0988 0x0ce0  System windows directory: C:\Windows
00:26:21.0988 0x0ce0  Running under WOW64
00:26:21.0989 0x0ce0  Processor architecture: Intel x64
00:26:21.0989 0x0ce0  Number of processors: 4
00:26:21.0990 0x0ce0  Page size: 0x1000
00:26:21.0990 0x0ce0  Boot type: Normal boot
00:26:21.0990 0x0ce0  CodeIntegrityOptions = 0x00000001
00:26:21.0990 0x0ce0  ============================================================
00:26:22.0453 0x0ce0  KLMD registered as C:\Windows\system32\drivers\27575551.sys
00:26:22.0454 0x0ce0  KLMD ARK init status: drvProperties = 0xFFF01, osBuild = 7601.23569, osProperties = 0x1
00:26:22.0573 0x0ce0  System UUID: {6C0CF588-1A37-AB64-F340-F977F5DCE8C0}
00:26:22.0953 0x0ce0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:26:22.0959 0x0ce0  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:26:22.0968 0x0ce0  ============================================================
00:26:22.0968 0x0ce0  \Device\Harddisk0\DR0:
00:26:22.0969 0x0ce0  MBR partitions:
00:26:22.0969 0x0ce0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
00:26:22.0969 0x0ce0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
00:26:22.0969 0x0ce0  \Device\Harddisk1\DR1:
00:26:22.0970 0x0ce0  GPT partitions:
00:26:22.0970 0x0ce0  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3ADF57A2-5F73-4BDC-9276-1C7E940BE36E}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x3A363000
00:26:22.0971 0x0ce0  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A64FE144-DAA9-4B17-B0E0-5AA39557FBF9}, Name: Basic data partition, StartLBA 0x3A363800, BlocksNum 0x3A3A2800
00:26:22.0971 0x0ce0  MBR partitions:
00:26:22.0971 0x0ce0  ============================================================
00:26:22.0973 0x0ce0  C: <-> \Device\Harddisk0\DR0\Partition2
00:26:22.0991 0x0ce0  D: <-> \Device\Harddisk1\DR1\Partition1
00:26:23.0021 0x0ce0  E: <-> \Device\Harddisk1\DR1\Partition2
00:26:23.0021 0x0ce0  ============================================================
00:26:23.0022 0x0ce0  Initialize success
00:26:23.0022 0x0ce0  ============================================================
00:26:58.0909 0x0330  ============================================================
00:26:58.0909 0x0330  Scan started
00:26:58.0909 0x0330  Mode: Manual; SigCheck; TDLFS; 
00:26:58.0909 0x0330  ============================================================
00:26:58.0909 0x0330  KSN ping started
00:26:59.0202 0x0330  KSN ping finished: true
00:27:00.0195 0x0330  ================ Scan system memory ========================
00:27:00.0195 0x0330  System memory - ok
00:27:00.0196 0x0330  ================ Scan services =============================
00:27:00.0281 0x0330  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
00:27:00.0393 0x0330  1394ohci - ok
00:27:00.0429 0x0330  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
00:27:00.0461 0x0330  ACPI - ok
00:27:00.0473 0x0330  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
00:27:00.0530 0x0330  AcpiPmi - ok
00:27:00.0552 0x0330  [ C92B0A0957ACAD3CEEF502A2CA10ACB8, 78BF46318B69D9479ECDC83446DD8D454AA2A9A9D94B33C5FC68933DB18AFA3B ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:27:00.0585 0x0330  AdobeARMservice - ok
00:27:00.0647 0x0330  [ 9BAF21BA600EC4E5FD9A66AD3E4FF5A6, 5E02E5E80557F6EC870EB7CC2DE95169D4225B87A2FE7E796736205F51C15816 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
00:27:00.0693 0x0330  AdobeFlashPlayerUpdateSvc - ok
00:27:00.0726 0x0330  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
00:27:00.0774 0x0330  adp94xx - ok
00:27:00.0796 0x0330  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
00:27:00.0833 0x0330  adpahci - ok
00:27:00.0853 0x0330  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
00:27:00.0886 0x0330  adpu320 - ok
00:27:00.0918 0x0330  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
00:27:00.0959 0x0330  AeLookupSvc - ok
00:27:00.0984 0x0330  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
00:27:01.0031 0x0330  AFD - ok
00:27:01.0044 0x0330  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
00:27:01.0068 0x0330  agp440 - ok
00:27:01.0085 0x0330  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
00:27:01.0127 0x0330  ALG - ok
00:27:01.0139 0x0330  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
00:27:01.0162 0x0330  aliide - ok
00:27:01.0182 0x0330  [ F6F551ABBAFF6C1F5F1B6110D2B99DDC, 0259E8F62C8C43BE165B97D48FDE2424A170668EB7D096320C8CAEFECD085791 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
00:27:01.0235 0x0330  AMD External Events Utility - ok
00:27:01.0255 0x0330  [ AED2BC5545D505504A6D1DCABA1292B3, 4725FF20C0CCA1DB7C84C44D3AB7177D606558FF429B9251E787FBF1344CEDBF ] amdacpksd       C:\Windows\system32\drivers\amdacpksd.sys
00:27:01.0281 0x0330  amdacpksd - ok
00:27:01.0298 0x0330  [ 8D6A577F89F1F41619FE594781F81F7C, EC6403F5B13296A5DA2B9086B83EE58ADF51D81113EF70EA5B5CBA63A9317580 ] amdacpusrsvc    C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe
00:27:01.0322 0x0330  amdacpusrsvc - detected UnsignedFile.Multi.Generic ( 1 )
00:27:01.0528 0x0330  Detect skipped due to KSN trusted
00:27:01.0529 0x0330  amdacpusrsvc - ok
00:27:01.0556 0x0330  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
00:27:01.0585 0x0330  amdide - ok
00:27:01.0601 0x0330  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
00:27:01.0636 0x0330  AmdK8 - ok
00:27:01.0650 0x0330  amdkmdag - ok
00:27:01.0673 0x0330  [ 9F08B066FFE1B69DA7D590358115AB59, 177AB4CD3D138E342BDF8ED673F27AF266D93417465ED1F22474ABB0CB37724D ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
00:27:01.0711 0x0330  amdkmdap - ok
00:27:01.0725 0x0330  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
00:27:01.0762 0x0330  AmdPPM - ok
00:27:01.0776 0x0330  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
00:27:01.0801 0x0330  amdsata - ok
00:27:01.0817 0x0330  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
00:27:01.0844 0x0330  amdsbs - ok
00:27:01.0857 0x0330  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
00:27:01.0881 0x0330  amdxata - ok
00:27:01.0899 0x0330  [ 0CD7BFDE151223C6976C5D1B3D49EB84, A16FAB4F77D03C0664CCE8082E40A7673BC7FA4E89854F9027D478CD99EB2088 ] AppID           C:\Windows\system32\drivers\appid.sys
00:27:01.0946 0x0330  AppID - ok
00:27:01.0965 0x0330  [ F9842669B31F20B8B157D33CCC457820, AC8FA65F0A3C479D3CFE10EFE9B3EC5BAE48059F57A12D8C2D7963A22EB043B8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
00:27:01.0997 0x0330  AppIDSvc - ok
00:27:02.0015 0x0330  [ B46099A534B7989D80330EA82D9092D6, 0CAC09732FAFAE805E55428B6BE001DCC39EBC599539FADE7AA68571A8A554E5 ] Appinfo         C:\Windows\System32\appinfo.dll
00:27:02.0051 0x0330  Appinfo - ok
00:27:02.0071 0x0330  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
00:27:02.0111 0x0330  AppMgmt - ok
00:27:02.0124 0x0330  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
00:27:02.0150 0x0330  arc - ok
00:27:02.0164 0x0330  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
00:27:02.0193 0x0330  arcsas - ok
00:27:02.0226 0x0330  [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
00:27:02.0264 0x0330  asComSvc - ok
00:27:02.0279 0x0330  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
00:27:02.0299 0x0330  AsIO - ok
00:27:02.0314 0x0330  [ A1EB3F68EC05EFD41176819D3CCBE094, 5E2B158F203B5D5D8851068036A60C14E8A04B9EBE72A34589BF6A479ADB06DB ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
00:27:02.0338 0x0330  asmthub3 - ok
00:27:02.0360 0x0330  [ B49B4ED4756D336DA1939D399E851067, 2B7C0526E381EABAF5EDBE7FA2C6B0BCEBC444DECED9DBF0B4C586A65181319B ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
00:27:02.0388 0x0330  asmtxhci - ok
00:27:02.0423 0x0330  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
00:27:02.0450 0x0330  aspnet_state - ok
00:27:02.0491 0x0330  [ 37F7DD839A711B5706B1264F4D8D4BDC, C949A7BB236C6C03E197EF7F9A6DF53E34EC35D925034351B5FD5D7DB62A770E ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
00:27:02.0546 0x0330  AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 )
00:27:02.0749 0x0330  Detect skipped due to KSN trusted
00:27:02.0750 0x0330  AsSysCtrlService - ok
00:27:02.0783 0x0330  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
00:27:02.0883 0x0330  AsyncMac - ok
00:27:02.0897 0x0330  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
00:27:02.0918 0x0330  atapi - ok
00:27:02.0944 0x0330  [ F9DB31BC5CD3700D37DB136BA56E5E9D, 9AB7421975500EE7FE583CCF86914F94E697606A9199DC4F27D5609554C5D3F7 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
00:27:02.0977 0x0330  AtiHDAudioService - ok
00:27:03.0006 0x0330  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
00:27:03.0053 0x0330  AudioEndpointBuilder - ok
00:27:03.0082 0x0330  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
00:27:03.0125 0x0330  AudioSrv - ok
00:27:03.0143 0x0330  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
00:27:03.0193 0x0330  AxInstSV - ok
00:27:03.0213 0x0330  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
00:27:03.0256 0x0330  b06bdrv - ok
00:27:03.0274 0x0330  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
00:27:03.0310 0x0330  b57nd60a - ok
00:27:03.0339 0x0330  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
00:27:03.0380 0x0330  BDESVC - ok
00:27:03.0394 0x0330  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
00:27:03.0442 0x0330  Beep - ok
00:27:03.0476 0x0330  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
00:27:03.0528 0x0330  BFE - ok
00:27:03.0560 0x0330  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
00:27:03.0657 0x0330  BITS - ok
00:27:03.0673 0x0330  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
00:27:03.0725 0x0330  blbdrive - ok
00:27:03.0762 0x0330  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:27:03.0804 0x0330  Bonjour Service - ok
00:27:03.0827 0x0330  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
00:27:03.0897 0x0330  bowser - ok
00:27:03.0913 0x0330  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
00:27:03.0965 0x0330  BrFiltLo - ok
00:27:03.0981 0x0330  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
00:27:04.0026 0x0330  BrFiltUp - ok
00:27:04.0045 0x0330  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
00:27:04.0101 0x0330  BridgeMP - ok
00:27:04.0122 0x0330  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
00:27:04.0160 0x0330  Browser - ok
00:27:04.0177 0x0330  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
00:27:04.0227 0x0330  Brserid - ok
00:27:04.0240 0x0330  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
00:27:04.0275 0x0330  BrSerWdm - ok
00:27:04.0287 0x0330  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
00:27:04.0322 0x0330  BrUsbMdm - ok
00:27:04.0335 0x0330  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
00:27:04.0370 0x0330  BrUsbSer - ok
00:27:04.0384 0x0330  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
00:27:04.0422 0x0330  BTHMODEM - ok
00:27:04.0445 0x0330  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
00:27:04.0498 0x0330  bthserv - ok
00:27:04.0511 0x0330  catchme - ok
00:27:04.0531 0x0330  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
00:27:04.0582 0x0330  cdfs - ok
00:27:04.0596 0x0330  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
00:27:04.0630 0x0330  cdrom - ok
00:27:04.0648 0x0330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
00:27:04.0698 0x0330  CertPropSvc - ok
00:27:04.0714 0x0330  [ CF3FFDA7B06A62DC018AFF75B4749FF4, B9ECE0A37CA4A389114737EADF68334DBF6A77214E8794ADFC6F83AD42F90D56 ] chip1click      C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe
00:27:04.0738 0x0330  chip1click - detected UnsignedFile.Multi.Generic ( 1 )
00:27:05.0024 0x0330  chip1click ( UnsignedFile.Multi.Generic ) - warning
00:27:05.0226 0x0330  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
00:27:05.0269 0x0330  circlass - ok
00:27:05.0292 0x0330  [ 3891EA60B84EFE115CE070311FA83BBB, 2A30FB15C8D0C69289C087DFE1F822AB4F9C3F091DBB3FD2E99DC5B562E90DFB ] CLFS            C:\Windows\system32\CLFS.sys
00:27:05.0319 0x0330  CLFS - ok
00:27:05.0339 0x0330  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:27:05.0368 0x0330  clr_optimization_v2.0.50727_32 - ok
00:27:05.0390 0x0330  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
00:27:05.0418 0x0330  clr_optimization_v2.0.50727_64 - ok
00:27:05.0444 0x0330  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
00:27:05.0483 0x0330  clr_optimization_v4.0.30319_32 - ok
00:27:05.0500 0x0330  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
00:27:05.0533 0x0330  clr_optimization_v4.0.30319_64 - ok
00:27:05.0547 0x0330  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
00:27:05.0582 0x0330  CmBatt - ok
00:27:05.0595 0x0330  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
00:27:05.0620 0x0330  cmdide - ok
00:27:05.0641 0x0330  [ 3323F76352B0AF14B2CDC4DFBF3E980A, F8E3C3508C37E647497B6889F26819B1DB30275F48A994D1BBFBAA9454E5FD70 ] CNG             C:\Windows\system32\Drivers\cng.sys
00:27:05.0672 0x0330  CNG - ok
00:27:05.0685 0x0330  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
00:27:05.0714 0x0330  Compbatt - ok
00:27:05.0729 0x0330  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
00:27:05.0763 0x0330  CompositeBus - ok
00:27:05.0778 0x0330  COMSysApp - ok
00:27:05.0792 0x0330  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
00:27:05.0816 0x0330  crcdisk - ok
00:27:05.0843 0x0330  [ BB724567892383010B8436DCC0A84628, 2768F5FD7A096CB1CEA33F8818EF16F9F5E3E07BB8442949A49A9CF24B62C6E6 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
00:27:05.0884 0x0330  CryptSvc - ok
00:27:05.0911 0x0330  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
00:27:05.0953 0x0330  CSC - ok
00:27:05.0982 0x0330  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
00:27:06.0027 0x0330  CscService - ok
00:27:06.0046 0x0330  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
00:27:06.0068 0x0330  dbupdate - ok
00:27:06.0082 0x0330  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
00:27:06.0105 0x0330  dbupdatem - ok
00:27:06.0120 0x0330  dbx - ok
00:27:06.0135 0x0330  [ 62C2617E1927776851B108717166BBA4, 5ED905AD21D2BA4308561BDFD2868A15A1F2062DFE1D28689D4082700C85500A ] DbxSvc          C:\Windows\system32\DbxSvc.exe
00:27:06.0171 0x0330  DbxSvc - ok
00:27:06.0206 0x0330  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
00:27:06.0251 0x0330  DcomLaunch - ok
00:27:06.0273 0x0330  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
00:27:06.0329 0x0330  defragsvc - ok
00:27:06.0345 0x0330  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
00:27:06.0377 0x0330  DfsC - ok
00:27:06.0402 0x0330  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
00:27:06.0444 0x0330  Dhcp - ok
00:27:06.0484 0x0330  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
00:27:06.0544 0x0330  DiagTrack - ok
00:27:06.0558 0x0330  DIRECTIO - ok
00:27:06.0575 0x0330  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
00:27:06.0618 0x0330  discache - ok
00:27:06.0633 0x0330  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
00:27:06.0655 0x0330  Disk - ok
00:27:06.0674 0x0330  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
00:27:06.0713 0x0330  dmvsc - ok
00:27:06.0738 0x0330  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
00:27:06.0781 0x0330  Dnscache - ok
00:27:06.0802 0x0330  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
00:27:06.0854 0x0330  dot3svc - ok
00:27:06.0874 0x0330  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
00:27:06.0928 0x0330  DPS - ok
00:27:06.0941 0x0330  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
00:27:06.0976 0x0330  drmkaud - ok
00:27:07.0009 0x0330  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
00:27:07.0044 0x0330  DXGKrnl - ok
00:27:07.0066 0x0330  [ 47AF3C4D0D562B43EBB674801ECBBEEA, B36013CC475EA1B0BF1117D9B7B072E5387DB8937CA654292963D778835BA5C8 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
00:27:07.0096 0x0330  e1dexpress - ok
00:27:07.0115 0x0330  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
00:27:07.0163 0x0330  EapHost - ok
00:27:07.0228 0x0330  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
00:27:07.0321 0x0330  ebdrv - ok
00:27:07.0338 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] EFS             C:\Windows\System32\lsass.exe
00:27:07.0373 0x0330  EFS - ok
00:27:07.0402 0x0330  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
00:27:07.0452 0x0330  ehRecvr - ok
00:27:07.0468 0x0330  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
00:27:07.0502 0x0330  ehSched - ok
00:27:07.0517 0x0330  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
00:27:07.0539 0x0330  ElbyCDIO - ok
00:27:07.0559 0x0330  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
00:27:07.0590 0x0330  elxstor - ok
00:27:07.0603 0x0330  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
00:27:07.0648 0x0330  ErrDev - ok
00:27:07.0697 0x0330  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
00:27:07.0752 0x0330  EventSystem - ok
00:27:07.0877 0x0330  [ 9D54F3E5E4D102AB27E190CBEC14B355, AECF6C3634557937F8CE2D353A3C3B1FC31E33CB66C2926ADD2C99756EB09F88 ] Everything      E:\Programme\Everything\Everything.exe
00:27:07.0945 0x0330  Everything - detected UnsignedFile.Multi.Generic ( 1 )
00:27:08.0151 0x0330  Detect skipped due to KSN trusted
00:27:08.0153 0x0330  Everything - ok
00:27:08.0206 0x0330  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
00:27:08.0265 0x0330  exfat - ok
00:27:08.0283 0x0330  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
00:27:08.0333 0x0330  fastfat - ok
00:27:08.0359 0x0330  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
00:27:08.0405 0x0330  Fax - ok
00:27:08.0418 0x0330  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
00:27:08.0451 0x0330  fdc - ok
00:27:08.0470 0x0330  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
00:27:08.0519 0x0330  fdPHost - ok
00:27:08.0537 0x0330  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
00:27:08.0591 0x0330  FDResPub - ok
00:27:08.0608 0x0330  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
00:27:08.0631 0x0330  FileInfo - ok
00:27:08.0647 0x0330  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
00:27:08.0693 0x0330  Filetrace - ok
00:27:08.0707 0x0330  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
00:27:08.0741 0x0330  flpydisk - ok
00:27:08.0764 0x0330  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
00:27:08.0791 0x0330  FltMgr - ok
00:27:08.0830 0x0330  [ 700A5373FA66F1DAAECBD2CFB88C73ED, D6C1C4C846BC24EB6539ECC701A456FA53BB6679C79391F5B70580D47B6CE395 ] FontCache       C:\Windows\system32\FntCache.dll
00:27:08.0906 0x0330  FontCache - ok
00:27:08.0926 0x0330  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:27:08.0959 0x0330  FontCache3.0.0.0 - ok
00:27:08.0978 0x0330  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
00:27:09.0006 0x0330  FsDepends - ok
00:27:09.0020 0x0330  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
00:27:09.0042 0x0330  Fs_Rec - ok
00:27:09.0063 0x0330  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
00:27:09.0091 0x0330  fvevol - ok
00:27:09.0105 0x0330  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
00:27:09.0131 0x0330  gagp30kx - ok
00:27:09.0166 0x0330  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
00:27:09.0218 0x0330  gpsvc - ok
00:27:09.0236 0x0330  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:09.0261 0x0330  gupdate - ok
00:27:09.0278 0x0330  [ 750446ED76A5D13E902174DDDDA1A62B, F67355A6659E21D8D97E6982B28F22453F8C298E822E27FADDB440DA4A6DE7C0 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
00:27:09.0302 0x0330  gupdatem - ok
00:27:09.0316 0x0330  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
00:27:09.0357 0x0330  hcw85cir - ok
00:27:09.0376 0x0330  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
00:27:09.0424 0x0330  HdAudAddService - ok
00:27:09.0437 0x0330  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
00:27:09.0474 0x0330  HDAudBus - ok
00:27:09.0485 0x0330  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
00:27:09.0519 0x0330  HidBatt - ok
00:27:09.0533 0x0330  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
00:27:09.0583 0x0330  HidBth - ok
00:27:09.0595 0x0330  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
00:27:09.0630 0x0330  HidIr - ok
00:27:09.0647 0x0330  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
00:27:09.0695 0x0330  hidserv - ok
00:27:09.0712 0x0330  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
00:27:09.0747 0x0330  HidUsb - ok
00:27:09.0765 0x0330  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
00:27:09.0816 0x0330  hkmsvc - ok
00:27:09.0837 0x0330  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:27:09.0881 0x0330  HomeGroupListener - ok
00:27:09.0900 0x0330  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:27:09.0938 0x0330  HomeGroupProvider - ok
00:27:09.0952 0x0330  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
00:27:09.0980 0x0330  HpSAMD - ok
00:27:09.0996 0x0330  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
00:27:10.0027 0x0330  htcnprot - ok
00:27:10.0053 0x0330  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
00:27:10.0100 0x0330  HTTP - ok
00:27:10.0115 0x0330  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
00:27:10.0135 0x0330  hwpolicy - ok
00:27:10.0150 0x0330  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
00:27:10.0182 0x0330  i8042prt - ok
00:27:10.0225 0x0330  [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
00:27:10.0270 0x0330  iaStorA - ok
00:27:10.0285 0x0330  [ 91F97C1A0ABCD7FA487E8EF7A249C15C, 834D85B7833DD1EDE0938320A68237315F60263ABCB6714974E711EBA91178E9 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
00:27:10.0306 0x0330  iaStorF - ok
00:27:10.0326 0x0330  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
00:27:10.0369 0x0330  iaStorV - ok
00:27:10.0397 0x0330  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
00:27:10.0435 0x0330  idsvc - ok
00:27:10.0448 0x0330  IEEtwCollectorService - ok
00:27:10.0464 0x0330  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
00:27:10.0489 0x0330  iirsp - ok
00:27:10.0521 0x0330  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
00:27:10.0572 0x0330  IKEEXT - ok
00:27:10.0666 0x0330  [ 5911E1BD8E8E5912092BB922EFA68E91, 2DA61E6C6A9F2467784EF7050EB586574F60CADDD236C8F732233AFC4BEA085B ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:27:10.0753 0x0330  IntcAzAudAddService - ok
00:27:10.0785 0x0330  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
00:27:10.0821 0x0330  Intel(R) Capability Licensing Service TCP IP Interface - ok
00:27:10.0840 0x0330  [ 03CD3245E52C8A87E3B14832DC8A6A7D, C2AAB4E754479F0AA0AE86D51E721E5A11624681D5EC823E25E460EE146E70E9 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
00:27:10.0868 0x0330  Intel(R) PROSet Monitoring Service - ok
00:27:10.0885 0x0330  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
00:27:10.0910 0x0330  intelide - ok
00:27:10.0923 0x0330  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
00:27:10.0958 0x0330  intelppm - ok
00:27:10.0980 0x0330  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
00:27:11.0030 0x0330  IPBusEnum - ok
00:27:11.0045 0x0330  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:27:11.0091 0x0330  IpFilterDriver - ok
00:27:11.0118 0x0330  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
00:27:11.0165 0x0330  iphlpsvc - ok
00:27:11.0179 0x0330  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
00:27:11.0218 0x0330  IPMIDRV - ok
00:27:11.0235 0x0330  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
00:27:11.0284 0x0330  IPNAT - ok
00:27:11.0298 0x0330  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
00:27:11.0333 0x0330  IRENUM - ok
00:27:11.0346 0x0330  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
00:27:11.0371 0x0330  isapnp - ok
00:27:11.0389 0x0330  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
00:27:11.0419 0x0330  iScsiPrt - ok
00:27:11.0440 0x0330  [ A7A2E0D3932B1986990AC7077B1658CD, F8CC75A711E6C4E5299557F05C0C6B957E8508EA496BC74CCF4827385B046CB4 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
00:27:11.0471 0x0330  iusb3hub - ok
00:27:11.0504 0x0330  [ FD9C74D20E6F97EDC442091F9DBC1189, 01DD3D862FD7A429E9D79B3B1BC657594628747B0C4C124E976D733065498EDB ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
00:27:11.0542 0x0330  iusb3xhc - ok
00:27:11.0559 0x0330  [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
00:27:11.0586 0x0330  jhi_service - ok
00:27:11.0600 0x0330  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
00:27:11.0624 0x0330  kbdclass - ok
00:27:11.0638 0x0330  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
00:27:11.0667 0x0330  kbdhid - ok
00:27:11.0683 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] KeyIso          C:\Windows\system32\lsass.exe
00:27:11.0715 0x0330  KeyIso - ok
00:27:11.0732 0x0330  [ 1F4B52A496A43C65AB0F26169650FAF2, 6D6F3505997A7DDEE6F127B3FB537AFFDE687D4F34489679674DC12FB12B842C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
00:27:11.0756 0x0330  KSecDD - ok
00:27:11.0773 0x0330  [ E4A599EDFAAB66C2BC17FB1593DC129B, 13098694B649E9146214D320FB14C3D305FCA155438CB531A8BAA4A70231D1A7 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
00:27:11.0801 0x0330  KSecPkg - ok
00:27:11.0818 0x0330  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
00:27:11.0861 0x0330  ksthunk - ok
00:27:11.0886 0x0330  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
00:27:11.0943 0x0330  KtmRm - ok
00:27:11.0965 0x0330  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
00:27:12.0021 0x0330  LanmanServer - ok
00:27:12.0041 0x0330  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:27:12.0093 0x0330  LanmanWorkstation - ok
00:27:12.0120 0x0330  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
00:27:12.0187 0x0330  lltdio - ok
00:27:12.0220 0x0330  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
00:27:12.0316 0x0330  lltdsvc - ok
00:27:12.0341 0x0330  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
00:27:12.0418 0x0330  lmhosts - ok
00:27:12.0439 0x0330  [ 1CE3A27B6B0658F4242AB2DECE69704E, FB705D43554478FA438CE600DAD65C5885858ABF9FCB5D9CC6E5F7C87FD6A853 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
00:27:12.0468 0x0330  LMS - ok
00:27:12.0487 0x0330  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
00:27:12.0514 0x0330  LSI_FC - ok
00:27:12.0527 0x0330  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
00:27:12.0553 0x0330  LSI_SAS - ok
00:27:12.0566 0x0330  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
00:27:12.0591 0x0330  LSI_SAS2 - ok
00:27:12.0608 0x0330  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
00:27:12.0639 0x0330  LSI_SCSI - ok
00:27:12.0656 0x0330  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
00:27:12.0709 0x0330  luafv - ok
00:27:12.0724 0x0330  [ 47701ECA633574E122687693B5C5D35C, 1DB12767462347504956450FAD0D90B6E682E2E8959A6C5DF3792C3C3DA289B1 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
00:27:12.0752 0x0330  mbamchameleon - ok
00:27:12.0769 0x0330  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
00:27:12.0799 0x0330  MBAMSwissArmy - ok
00:27:12.0818 0x0330  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
00:27:12.0855 0x0330  Mcx2Svc - ok
00:27:12.0869 0x0330  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
00:27:12.0899 0x0330  megasas - ok
00:27:12.0915 0x0330  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
00:27:12.0946 0x0330  MegaSR - ok
00:27:12.0961 0x0330  [ E88F45EA2909C9E636A3CDC38EB2EDDD, D64F77A34077281CC53B6C843382F9D43F9DC423928377EC91DE955DD53C8EEC ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
00:27:12.0986 0x0330  MEIx64 - ok
00:27:13.0004 0x0330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
00:27:13.0054 0x0330  MMCSS - ok
00:27:13.0068 0x0330  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
00:27:13.0117 0x0330  Modem - ok
00:27:13.0130 0x0330  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
00:27:13.0164 0x0330  monitor - ok
00:27:13.0177 0x0330  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
00:27:13.0205 0x0330  mouclass - ok
00:27:13.0225 0x0330  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
00:27:13.0275 0x0330  mouhid - ok
00:27:13.0299 0x0330  [ 8ADB5445B29941CB41AF2846FD5C93C7, 689582430FE29EC0845B1DB841D3CC49D5D09DE264586E3999EEFE616986D12B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
00:27:13.0327 0x0330  mountmgr - ok
00:27:13.0349 0x0330  [ 86320BA9D6A972C79D467931518B165A, 4D7ABD7E5637B9AF98D7F3D4C4DAE595C27C8FEEBAAFF9E6443271C41598FCE1 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:27:13.0405 0x0330  MozillaMaintenance - ok
00:27:13.0426 0x0330  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
00:27:13.0459 0x0330  mpio - ok
00:27:13.0478 0x0330  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
00:27:13.0538 0x0330  mpsdrv - ok
00:27:13.0585 0x0330  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
00:27:13.0644 0x0330  MpsSvc - ok
00:27:13.0661 0x0330  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
00:27:13.0707 0x0330  MRxDAV - ok
00:27:13.0724 0x0330  [ 25F918BB5D57C99FFEB0255143D0DF9A, E4BB656C3AEE19094B0F87828828DC73F248B45B30B678AA759DBAB3087399A2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
00:27:13.0765 0x0330  mrxsmb - ok
00:27:13.0785 0x0330  [ 8DF2B80510F438CFEC479181BD29C794, ECA5BC17D1DB92B887D468B0FF1D6302518DBD7C3607B14FA291ECDA204D5E85 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:27:13.0826 0x0330  mrxsmb10 - ok
00:27:13.0843 0x0330  [ F7622CFE3402A9BF10227BB124901E54, 3EE6BA42E712505AED9D3920163814719FAC591FB5CFF589E230C7005CB598AF ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:27:13.0876 0x0330  mrxsmb20 - ok
00:27:13.0890 0x0330  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
00:27:13.0910 0x0330  msahci - ok
00:27:13.0926 0x0330  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
00:27:13.0962 0x0330  msdsm - ok
00:27:13.0978 0x0330  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
00:27:14.0021 0x0330  MSDTC - ok
00:27:14.0043 0x0330  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
00:27:14.0101 0x0330  Msfs - ok
00:27:14.0119 0x0330  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
00:27:14.0173 0x0330  mshidkmdf - ok
00:27:14.0186 0x0330  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
00:27:14.0207 0x0330  msisadrv - ok
00:27:14.0227 0x0330  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
00:27:14.0281 0x0330  MSiSCSI - ok
00:27:14.0298 0x0330  msiserver - ok
00:27:14.0316 0x0330  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
00:27:14.0368 0x0330  MSKSSRV - ok
00:27:14.0381 0x0330  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
00:27:14.0431 0x0330  MSPCLOCK - ok
00:27:14.0445 0x0330  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
00:27:14.0492 0x0330  MSPQM - ok
00:27:14.0513 0x0330  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
00:27:14.0545 0x0330  MsRPC - ok
00:27:14.0566 0x0330  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
00:27:14.0588 0x0330  mssmbios - ok
00:27:14.0604 0x0330  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
00:27:14.0651 0x0330  MSTEE - ok
00:27:14.0663 0x0330  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
00:27:14.0696 0x0330  MTConfig - ok
00:27:14.0712 0x0330  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
00:27:14.0735 0x0330  Mup - ok
00:27:14.0766 0x0330  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
00:27:14.0824 0x0330  napagent - ok
00:27:14.0842 0x0330  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
00:27:14.0884 0x0330  NativeWifiP - ok
00:27:14.0917 0x0330  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
00:27:14.0955 0x0330  NDIS - ok
00:27:14.0970 0x0330  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
00:27:15.0020 0x0330  NdisCap - ok
00:27:15.0034 0x0330  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
00:27:15.0084 0x0330  NdisTapi - ok
00:27:15.0097 0x0330  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
00:27:15.0145 0x0330  Ndisuio - ok
00:27:15.0160 0x0330  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
00:27:15.0207 0x0330  NdisWan - ok
00:27:15.0221 0x0330  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
00:27:15.0270 0x0330  NDProxy - ok
00:27:15.0282 0x0330  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
00:27:15.0326 0x0330  NetBIOS - ok
00:27:15.0346 0x0330  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
00:27:15.0390 0x0330  NetBT - ok
00:27:15.0407 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] Netlogon        C:\Windows\system32\lsass.exe
00:27:15.0441 0x0330  Netlogon - ok
00:27:15.0463 0x0330  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
00:27:15.0521 0x0330  Netman - ok
00:27:15.0536 0x0330  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:15.0565 0x0330  NetMsmqActivator - ok
00:27:15.0579 0x0330  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:15.0603 0x0330  NetPipeActivator - ok
00:27:15.0628 0x0330  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
00:27:15.0688 0x0330  netprofm - ok
00:27:15.0702 0x0330  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:15.0726 0x0330  NetTcpActivator - ok
00:27:15.0748 0x0330  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:27:15.0773 0x0330  NetTcpPortSharing - ok
00:27:15.0787 0x0330  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
00:27:15.0817 0x0330  nfrd960 - ok
00:27:15.0840 0x0330  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
00:27:15.0881 0x0330  NlaSvc - ok
00:27:15.0895 0x0330  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
00:27:15.0940 0x0330  Npfs - ok
00:27:15.0960 0x0330  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
00:27:16.0010 0x0330  nsi - ok
00:27:16.0024 0x0330  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
00:27:16.0070 0x0330  nsiproxy - ok
00:27:16.0122 0x0330  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
00:27:16.0174 0x0330  Ntfs - ok
00:27:16.0191 0x0330  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
00:27:16.0235 0x0330  Null - ok
00:27:16.0253 0x0330  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
00:27:16.0281 0x0330  nvraid - ok
00:27:16.0297 0x0330  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
00:27:16.0324 0x0330  nvstor - ok
00:27:16.0338 0x0330  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
00:27:16.0364 0x0330  nv_agp - ok
00:27:16.0387 0x0330  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
00:27:16.0418 0x0330  odserv - ok
00:27:16.0431 0x0330  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
00:27:16.0466 0x0330  ohci1394 - ok
00:27:16.0483 0x0330  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:27:16.0512 0x0330  ose - ok
00:27:16.0536 0x0330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
00:27:16.0578 0x0330  p2pimsvc - ok
00:27:16.0603 0x0330  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
00:27:16.0644 0x0330  p2psvc - ok
00:27:16.0659 0x0330  PaceLicenseDServices - ok
00:27:16.0675 0x0330  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
00:27:16.0712 0x0330  Parport - ok
00:27:16.0728 0x0330  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
00:27:16.0752 0x0330  partmgr - ok
00:27:16.0774 0x0330  [ 446462BBA744DA60379574926FD51EAB, 4A79E8EF28670333F4733FA0016508DC88E9BDC566B455DA5EDEDC514612180A ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
00:27:16.0806 0x0330  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
00:27:17.0003 0x0330  Detect skipped due to KSN trusted
00:27:17.0004 0x0330  PassThru Service - ok
00:27:17.0049 0x0330  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
00:27:17.0094 0x0330  PcaSvc - ok
00:27:17.0111 0x0330  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
00:27:17.0138 0x0330  pci - ok
00:27:17.0151 0x0330  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
00:27:17.0176 0x0330  pciide - ok
00:27:17.0193 0x0330  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
00:27:17.0218 0x0330  pcmcia - ok
00:27:17.0235 0x0330  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
00:27:17.0263 0x0330  pcw - ok
00:27:17.0291 0x0330  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
00:27:17.0331 0x0330  PEAUTH - ok
00:27:17.0371 0x0330  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
00:27:17.0431 0x0330  PeerDistSvc - ok
00:27:17.0477 0x0330  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
00:27:17.0516 0x0330  PerfHost - ok
00:27:17.0576 0x0330  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
00:27:17.0646 0x0330  pla - ok
00:27:17.0665 0x0330  [ 2FE509AD76E7C1566747AB95953B2466, B1D3E910D8AAE0F3F49547DD5253C5DA26F94F6348604FCD1DDA6B95C79BFF10 ] PlaysService    C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
00:27:17.0687 0x0330  PlaysService - ok
00:27:17.0714 0x0330  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
00:27:17.0762 0x0330  PlugPlay - ok
00:27:17.0780 0x0330  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
00:27:17.0822 0x0330  PNRPAutoReg - ok
00:27:17.0844 0x0330  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
00:27:17.0904 0x0330  PNRPsvc - ok
00:27:17.0929 0x0330  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
00:27:17.0975 0x0330  PolicyAgent - ok
00:27:18.0001 0x0330  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
00:27:18.0059 0x0330  Power - ok
00:27:18.0073 0x0330  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
00:27:18.0119 0x0330  PptpMiniport - ok
00:27:18.0132 0x0330  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
00:27:18.0165 0x0330  Processor - ok
00:27:18.0187 0x0330  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
00:27:18.0226 0x0330  ProfSvc - ok
00:27:18.0242 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] ProtectedStorage C:\Windows\system32\lsass.exe
00:27:18.0274 0x0330  ProtectedStorage - ok
00:27:18.0293 0x0330  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
00:27:18.0339 0x0330  Psched - ok
00:27:18.0377 0x0330  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
00:27:18.0424 0x0330  ql2300 - ok
00:27:18.0439 0x0330  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
00:27:18.0465 0x0330  ql40xx - ok
00:27:18.0488 0x0330  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
00:27:18.0531 0x0330  QWAVE - ok
00:27:18.0546 0x0330  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
00:27:18.0586 0x0330  QWAVEdrv - ok
00:27:18.0600 0x0330  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
00:27:18.0650 0x0330  RasAcd - ok
00:27:18.0668 0x0330  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
00:27:18.0732 0x0330  RasAgileVpn - ok
00:27:18.0762 0x0330  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
00:27:18.0833 0x0330  RasAuto - ok
00:27:18.0853 0x0330  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
00:27:18.0913 0x0330  Rasl2tp - ok
00:27:18.0941 0x0330  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
00:27:19.0014 0x0330  RasMan - ok
00:27:19.0033 0x0330  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
00:27:19.0087 0x0330  RasPppoe - ok
00:27:19.0100 0x0330  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
00:27:19.0147 0x0330  RasSstp - ok
00:27:19.0164 0x0330  [ 5753CD9159718444F6D9E1634B984BF5, A4D6FB6583724F3DDDBA768D7786EB7E3AB1C8074F66DA9462BBB159CDFA2868 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
00:27:19.0188 0x0330  Razer Game Scanner Service - ok
00:27:19.0209 0x0330  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
00:27:19.0258 0x0330  rdbss - ok
00:27:19.0275 0x0330  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
00:27:19.0316 0x0330  rdpbus - ok
00:27:19.0340 0x0330  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
00:27:19.0399 0x0330  RDPCDD - ok
00:27:19.0434 0x0330  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
00:27:19.0490 0x0330  RDPDR - ok
00:27:19.0516 0x0330  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
00:27:19.0578 0x0330  RDPENCDD - ok
00:27:19.0614 0x0330  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
00:27:19.0664 0x0330  RDPREFMP - ok
00:27:19.0681 0x0330  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
00:27:19.0722 0x0330  RDPWD - ok
00:27:19.0741 0x0330  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
00:27:19.0766 0x0330  rdyboost - ok
00:27:19.0798 0x0330  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
00:27:19.0867 0x0330  RemoteAccess - ok
00:27:19.0902 0x0330  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
00:27:19.0992 0x0330  RemoteRegistry - ok
00:27:20.0021 0x0330  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
00:27:20.0099 0x0330  RpcEptMapper - ok
00:27:20.0118 0x0330  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
00:27:20.0163 0x0330  RpcLocator - ok
00:27:20.0192 0x0330  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
00:27:20.0232 0x0330  RpcSs - ok
00:27:20.0247 0x0330  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
00:27:20.0296 0x0330  rspndr - ok
00:27:20.0311 0x0330  [ 30A186D6A2A2853EEFAD7011E212E41B, 367B8FCCF29470C9237FC1F0EAEB59AE51E33778BC9914A2730AC7DDBC84942B ] rzpmgrk         C:\Windows\system32\drivers\rzpmgrk.sys
00:27:20.0335 0x0330  rzpmgrk - ok
00:27:20.0355 0x0330  [ F8A13D4413A93DD005FAD116CBD6B6F7, 8ED0C00920CE76E832701D45117ED00B12E20588CB6FE8039FBCCDFEF9841047 ] rzpnk           C:\Windows\system32\drivers\rzpnk.sys
00:27:20.0386 0x0330  rzpnk - ok
00:27:20.0420 0x0330  [ E7E36EA112048AC5AC8AA15B6EC35109, 75AC0FF6E939FFCA1DB3E12E1CA2725AF9527867A25B3938AC5DF20620352F22 ] rzudd           C:\Windows\system32\DRIVERS\rzudd.sys
00:27:20.0471 0x0330  rzudd - ok
00:27:20.0490 0x0330  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
00:27:20.0551 0x0330  s3cap - ok
00:27:20.0574 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] SamSs           C:\Windows\system32\lsass.exe
00:27:20.0623 0x0330  SamSs - ok
00:27:20.0643 0x0330  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
00:27:20.0684 0x0330  sbp2port - ok
00:27:20.0706 0x0330  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
00:27:20.0762 0x0330  SCardSvr - ok
00:27:20.0778 0x0330  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
00:27:20.0826 0x0330  scfilter - ok
00:27:20.0872 0x0330  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
00:27:20.0934 0x0330  Schedule - ok
00:27:20.0954 0x0330  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
00:27:21.0000 0x0330  SCPolicySvc - ok
00:27:21.0021 0x0330  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
00:27:21.0069 0x0330  SDRSVC - ok
00:27:21.0083 0x0330  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
00:27:21.0121 0x0330  secdrv - ok
00:27:21.0138 0x0330  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
00:27:21.0177 0x0330  seclogon - ok
00:27:21.0195 0x0330  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
00:27:21.0245 0x0330  SENS - ok
00:27:21.0262 0x0330  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
00:27:21.0304 0x0330  SensrSvc - ok
00:27:21.0317 0x0330  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
00:27:21.0347 0x0330  Serenum - ok
00:27:21.0365 0x0330  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
00:27:21.0398 0x0330  Serial - ok
00:27:21.0411 0x0330  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
00:27:21.0447 0x0330  sermouse - ok
00:27:21.0482 0x0330  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
00:27:21.0534 0x0330  SessionEnv - ok
00:27:21.0548 0x0330  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
00:27:21.0588 0x0330  sffdisk - ok
00:27:21.0604 0x0330  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
00:27:21.0649 0x0330  sffp_mmc - ok
00:27:21.0664 0x0330  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
00:27:21.0710 0x0330  sffp_sd - ok
00:27:21.0722 0x0330  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
00:27:21.0755 0x0330  sfloppy - ok
00:27:21.0785 0x0330  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
00:27:21.0836 0x0330  SharedAccess - ok
00:27:21.0865 0x0330  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:27:21.0920 0x0330  ShellHWDetection - ok
00:27:21.0934 0x0330  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
00:27:21.0968 0x0330  SiSRaid2 - ok
00:27:21.0981 0x0330  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
00:27:22.0006 0x0330  SiSRaid4 - ok
00:27:22.0021 0x0330  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
00:27:22.0075 0x0330  Smb - ok
00:27:22.0113 0x0330  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
00:27:22.0188 0x0330  SNMPTRAP - ok
00:27:22.0202 0x0330  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
00:27:22.0245 0x0330  spldr - ok
00:27:22.0270 0x0330  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
00:27:22.0343 0x0330  Spooler - ok
00:27:22.0432 0x0330  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
00:27:22.0577 0x0330  sppsvc - ok
00:27:22.0639 0x0330  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
00:27:22.0717 0x0330  sppuinotify - ok
00:27:22.0760 0x0330  [ EC666682FE8344CF7E6ED69E74FA9F4F, DCD2A1C046425630689E2C9A6A6E356FE5A2A6664D12C20CFE236FCB32240DF9 ] srv             C:\Windows\system32\DRIVERS\srv.sys
00:27:22.0821 0x0330  srv - ok
00:27:22.0849 0x0330  [ E450C0318DCE8ED28ED272C8806B8495, D2FD459F8C5E42103EF2F71421FA175A4F0821F8C2A3763093122D433D1C50FB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
00:27:22.0924 0x0330  srv2 - ok
00:27:22.0945 0x0330  [ 9C12C78AD36C23D925711A4640228225, FF72C23F2A08EDF0C41BAF1EB0245AB44FF91365C5466F09C47A8F0928D20994 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
00:27:23.0009 0x0330  srvnet - ok
00:27:23.0064 0x0330  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
00:27:23.0140 0x0330  SSDPSRV - ok
00:27:23.0166 0x0330  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
00:27:23.0249 0x0330  SstpSvc - ok
00:27:23.0294 0x0330  [ 90E22D7CDE08E07446D238A569BCAB7C, 3D4F413D0B0C9CF28D06E0476F24AC6441C8678DF786D9971B39C91C9F9B8020 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
00:27:23.0360 0x0330  Steam Client Service - ok
00:27:23.0396 0x0330  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
00:27:23.0443 0x0330  stexstor - ok
00:27:23.0472 0x0330  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
00:27:23.0566 0x0330  stisvc - ok
00:27:23.0603 0x0330  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
00:27:23.0643 0x0330  storflt - ok
00:27:23.0664 0x0330  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
00:27:23.0756 0x0330  StorSvc - ok
00:27:23.0771 0x0330  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
00:27:23.0830 0x0330  storvsc - ok
00:27:23.0846 0x0330  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
00:27:23.0920 0x0330  swenum - ok
00:27:23.0948 0x0330  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
00:27:24.0015 0x0330  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
00:27:24.0318 0x0330  Detect skipped due to KSN trusted
00:27:24.0319 0x0330  SwitchBoard - ok
00:27:24.0344 0x0330  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
00:27:24.0444 0x0330  swprv - ok
00:27:24.0499 0x0330  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
00:27:24.0628 0x0330  SysMain - ok
00:27:24.0652 0x0330  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:27:24.0736 0x0330  TabletInputService - ok
00:27:24.0760 0x0330  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
00:27:24.0851 0x0330  TapiSrv - ok
00:27:24.0920 0x0330  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
00:27:25.0007 0x0330  Tcpip - ok
00:27:25.0073 0x0330  [ B2875D7ABB82867DC3AA03D991940201, F954C33FBA912A517B59330F6438C1953F9F1D8F4D8FD25945EB836A1DB07ABB ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
00:27:25.0158 0x0330  TCPIP6 - ok
00:27:25.0189 0x0330  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
00:27:25.0249 0x0330  tcpipreg - ok
00:27:25.0276 0x0330  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
00:27:25.0352 0x0330  TDPIPE - ok
00:27:25.0375 0x0330  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
00:27:25.0442 0x0330  TDTCP - ok
00:27:25.0460 0x0330  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
00:27:25.0522 0x0330  tdx - ok
00:27:25.0539 0x0330  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
00:27:25.0577 0x0330  TermDD - ok
00:27:25.0610 0x0330  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
00:27:25.0709 0x0330  TermService - ok
00:27:25.0728 0x0330  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
00:27:25.0826 0x0330  Themes - ok
00:27:25.0849 0x0330  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
00:27:25.0926 0x0330  THREADORDER - ok
00:27:25.0961 0x0330  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
00:27:26.0059 0x0330  TrkWks - ok
00:27:26.0082 0x0330  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:27:26.0157 0x0330  TrustedInstaller - ok
00:27:26.0183 0x0330  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
00:27:26.0238 0x0330  tssecsrv - ok
00:27:26.0256 0x0330  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
00:27:26.0328 0x0330  TsUsbFlt - ok
00:27:26.0343 0x0330  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
00:27:26.0396 0x0330  TsUsbGD - ok
00:27:26.0415 0x0330  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
00:27:26.0487 0x0330  tunnel - ok
00:27:26.0506 0x0330  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
00:27:26.0555 0x0330  uagp35 - ok
00:27:26.0576 0x0330  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
00:27:26.0668 0x0330  udfs - ok
00:27:26.0706 0x0330  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
00:27:26.0807 0x0330  UI0Detect - ok
00:27:26.0824 0x0330  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
00:27:26.0873 0x0330  uliagpkx - ok
00:27:26.0898 0x0330  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
00:27:26.0956 0x0330  umbus - ok
00:27:26.0970 0x0330  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
00:27:27.0030 0x0330  UmPass - ok
00:27:27.0055 0x0330  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
00:27:27.0142 0x0330  UmRdpService - ok
00:27:27.0168 0x0330  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
00:27:27.0257 0x0330  upnphost - ok
00:27:27.0282 0x0330  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
00:27:27.0352 0x0330  usbaudio - ok
00:27:27.0368 0x0330  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
00:27:27.0438 0x0330  usbccgp - ok
00:27:27.0456 0x0330  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
00:27:27.0537 0x0330  usbcir - ok
00:27:27.0556 0x0330  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
00:27:27.0617 0x0330  usbehci - ok
00:27:27.0649 0x0330  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
00:27:27.0724 0x0330  usbhub - ok
00:27:27.0739 0x0330  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
00:27:27.0791 0x0330  usbohci - ok
00:27:27.0824 0x0330  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
00:27:27.0894 0x0330  usbprint - ok
00:27:27.0917 0x0330  [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser          C:\Windows\system32\DRIVERS\USBSER.sys
00:27:27.0991 0x0330  usbser - ok
00:27:28.0016 0x0330  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
00:27:28.0078 0x0330  USBSTOR - ok
00:27:28.0097 0x0330  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
00:27:28.0204 0x0330  usbuhci - ok
00:27:28.0230 0x0330  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
00:27:28.0333 0x0330  UxSms - ok
00:27:28.0349 0x0330  [ 92DAF7D21711117B007608CB50FBD2E2, 6C1FBCE3699C76BDACAC37C04002C85A6AF38BF610F579F6FFEC95302D449CDC ] VaultSvc        C:\Windows\system32\lsass.exe
00:27:28.0429 0x0330  VaultSvc - ok
00:27:28.0448 0x0330  [ 2CB7AEA800B614184238232FBA4430E1, 18F89E68241BE72A94AB3379141404BBE837FF5B303990DD44CF6238EE153566 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
00:27:28.0511 0x0330  VClone - ok
00:27:28.0528 0x0330  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
00:27:28.0567 0x0330  vdrvroot - ok
00:27:28.0594 0x0330  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
00:27:28.0704 0x0330  vds - ok
00:27:28.0731 0x0330  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
00:27:28.0822 0x0330  vga - ok
00:27:28.0870 0x0330  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
00:27:28.0981 0x0330  VgaSave - ok
00:27:29.0001 0x0330  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
00:27:29.0046 0x0330  vhdmp - ok
00:27:29.0062 0x0330  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
00:27:29.0103 0x0330  viaide - ok
00:27:29.0123 0x0330  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
00:27:29.0172 0x0330  vmbus - ok
00:27:29.0185 0x0330  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
00:27:29.0242 0x0330  VMBusHID - ok
00:27:29.0256 0x0330  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
00:27:29.0298 0x0330  volmgr - ok
00:27:29.0327 0x0330  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
00:27:29.0371 0x0330  volmgrx - ok
00:27:29.0392 0x0330  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
00:27:29.0435 0x0330  volsnap - ok
00:27:29.0452 0x0330  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
00:27:29.0494 0x0330  vsmraid - ok
00:27:29.0542 0x0330  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
00:27:29.0663 0x0330  VSS - ok
00:27:29.0680 0x0330  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
00:27:29.0741 0x0330  vwifibus - ok
00:27:29.0770 0x0330  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
00:27:29.0862 0x0330  W32Time - ok
00:27:29.0888 0x0330  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
00:27:29.0950 0x0330  WacomPen - ok
00:27:29.0969 0x0330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
00:27:30.0035 0x0330  WANARP - ok
00:27:30.0050 0x0330  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
00:27:30.0120 0x0330  Wanarpv6 - ok
00:27:30.0170 0x0330  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
00:27:30.0265 0x0330  wbengine - ok
00:27:30.0295 0x0330  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
00:27:30.0365 0x0330  WbioSrvc - ok
00:27:30.0390 0x0330  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
00:27:30.0465 0x0330  wcncsvc - ok
00:27:30.0490 0x0330  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
00:27:30.0560 0x0330  WcsPlugInService - ok
00:27:30.0575 0x0330  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
00:27:30.0615 0x0330  Wd - ok
00:27:30.0650 0x0330  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
00:27:30.0705 0x0330  Wdf01000 - ok
00:27:30.0725 0x0330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
00:27:30.0790 0x0330  WdiServiceHost - ok
00:27:30.0810 0x0330  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
00:27:30.0875 0x0330  WdiSystemHost - ok
00:27:30.0905 0x0330  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
00:27:30.0985 0x0330  WebClient - ok
00:27:31.0010 0x0330  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
00:27:31.0096 0x0330  Wecsvc - ok
00:27:31.0121 0x0330  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
00:27:31.0206 0x0330  wercplsupport - ok
00:27:31.0226 0x0330  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
00:27:31.0311 0x0330  WerSvc - ok
00:27:31.0326 0x0330  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
00:27:31.0396 0x0330  WfpLwf - ok
00:27:31.0416 0x0330  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
00:27:31.0461 0x0330  WIMMount - ok
00:27:31.0481 0x0330  WinDefend - ok
00:27:31.0521 0x0330  WinHttpAutoProxySvc - ok
00:27:31.0556 0x0330  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
00:27:31.0636 0x0330  Winmgmt - ok
00:27:31.0691 0x0330  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
00:27:31.0796 0x0330  WinRM - ok
00:27:31.0836 0x0330  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
00:27:31.0896 0x0330  WinUsb - ok
00:27:31.0936 0x0330  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
00:27:32.0021 0x0330  Wlansvc - ok
00:27:32.0036 0x0330  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
00:27:32.0081 0x0330  WmiAcpi - ok
00:27:32.0106 0x0330  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
00:27:32.0171 0x0330  wmiApSrv - ok
00:27:32.0191 0x0330  WMPNetworkSvc - ok
00:27:32.0211 0x0330  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
00:27:32.0261 0x0330  WPCSvc - ok
00:27:32.0281 0x0330  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
00:27:32.0331 0x0330  WPDBusEnum - ok
00:27:32.0346 0x0330  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
00:27:32.0396 0x0330  ws2ifsl - ok
00:27:32.0416 0x0330  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
00:27:32.0456 0x0330  wscsvc - ok
00:27:32.0471 0x0330  WSearch - ok
00:27:32.0541 0x0330  [ 31F32E0C1A8BA9A37EEC23DE5F27F847, 0180832BC6172C9A4C32B5B222BB3F91EA615A5EBDA98DB79ED4FED258C2D257 ] wuauserv        C:\Windows\system32\wuaueng.dll
00:27:32.0626 0x0330  wuauserv - ok
00:27:32.0641 0x0330  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
00:27:32.0681 0x0330  WudfPf - ok
00:27:32.0701 0x0330  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
00:27:32.0736 0x0330  WUDFRd - ok
00:27:32.0756 0x0330  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
00:27:32.0796 0x0330  wudfsvc - ok
00:27:32.0816 0x0330  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
00:27:32.0861 0x0330  WwanSvc - ok
00:27:32.0906 0x0330  [ 4A5CE13408945E525503B5F73D29B9C5, D58BB31AF17752508EA67931BF170CE46877DC204FC5DA7EED5A078AEB0CA0FD ] xnacc           C:\Windows\system32\DRIVERS\xnacc.sys
00:27:32.0956 0x0330  xnacc - ok
00:27:32.0966 0x0330  ================ Scan global ===============================
00:27:32.0981 0x0330  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
00:27:32.0996 0x0330  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
00:27:33.0011 0x0330  [ A5794B1E3ACEF48E716F0A89C83C1AEA, B904C861CBDAF00341F8697BD05C2E66C23CF4D6C94E19AF464D898436F34D73 ] C:\Windows\system32\winsrv.dll
00:27:33.0026 0x0330  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
00:27:33.0041 0x0330  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
00:27:33.0056 0x0330  [ Global ] - ok
00:27:33.0056 0x0330  ================ Scan MBR ==================================
00:27:33.0061 0x0330  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:27:33.0236 0x0330  \Device\Harddisk0\DR0 - ok
00:27:33.0256 0x0330  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
00:27:33.0371 0x0330  \Device\Harddisk1\DR1 - ok
00:27:33.0376 0x0330  ================ Scan VBR ==================================
00:27:33.0376 0x0330  [ A56A7434337BBED5E3E8171B1FC84384 ] \Device\Harddisk0\DR0\Partition1
00:27:33.0381 0x0330  \Device\Harddisk0\DR0\Partition1 - ok
00:27:33.0386 0x0330  [ D880F5C07DEB016976966E938BDB1546 ] \Device\Harddisk0\DR0\Partition2
00:27:33.0386 0x0330  \Device\Harddisk0\DR0\Partition2 - ok
00:27:33.0416 0x0330  [ E81E9BF4C10CDA1F41C7B0CCA6DF6910 ] \Device\Harddisk1\DR1\Partition1
00:27:33.0421 0x0330  \Device\Harddisk1\DR1\Partition1 - ok
00:27:33.0446 0x0330  [ AE7B0E61231BE23A0179620DC627E1C4 ] \Device\Harddisk1\DR1\Partition2
00:27:33.0456 0x0330  \Device\Harddisk1\DR1\Partition2 - ok
00:27:33.0456 0x0330  ================ Scan generic autorun ======================
00:27:33.0471 0x0330  [ 63B913AAB1244D8DED54CF0EFC8A56BD, 639830E9ECB004F09EA968EDF68C0037B5DFF7CCFF007DE5D11DEF2166707341 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
00:27:33.0496 0x0330  AdobeAAMUpdater-1.0 - ok
00:27:33.0631 0x0330  [ D31D111CA76076E77F540A0571AE82AA, 7B53140E062F0F2FCFFDC753EEF5D462D36982FD39C55F0C98EE372CCC998743 ] C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
00:27:33.0786 0x0330  StartCN - ok
00:27:33.0991 0x0330  [ CE1DEC053DA24927E89D9AA196D31281, 39DD431CFCD10AA4E176062E33A0262FEE5806E192B37037C97439B1CEF232C8 ] E:\Programme\CCleaner\CCleaner64.exe
00:27:34.0226 0x0330  CCleaner Monitoring - ok
00:27:34.0276 0x0330  [ 9252ABB792E89C8E0CFC5C3E92AB7F50, 036367BEDCFE3BA55BE915BF44D3001A3C3ADEBA997336F9275FDD753BDACF5E ] E:\Programme\Lexmark\ErrorApp\LMab1err.exe
00:27:34.0321 0x0330  LMab1err - ok
00:27:34.0431 0x0330  [ D2CE6EA0E9F641D7153462D40C6B4193, 3AAE5239F951E29497D759326BDC23E19644B763DC5661CA4E4980418195C37D ] E:\Programme\Steam\steam.exe
00:27:34.0491 0x0330  Steam - ok
00:27:34.0496 0x0330  Waiting for KSN requests completion. In queue: 118
00:27:35.0566 0x0330  Win FW state via NFP2: enabled ( trusted )
00:27:35.0721 0x0330  ============================================================
00:27:35.0721 0x0330  Scan finished
00:27:35.0721 0x0330  ============================================================
00:27:35.0756 0x0d60  Detected object count: 1
00:27:35.0756 0x0d60  Actual detected object count: 1
00:28:08.0289 0x0d60  chip1click ( UnsignedFile.Multi.Generic ) - skipped by user
00:28:08.0289 0x0d60  chip1click ( UnsignedFile.Multi.Generic ) - User select action: Skip

Alt 29.11.2016, 10:50   #10
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Sry für Zwischenpost. Der PC ist inzwischen sehr langsam geworden und die CPU Auslastung liegt auch immer bei 50% bis 100%. Ohne geöffnete Programme liegt sie so bei 14% bis 34%.

Alt 29.11.2016, 11:00   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Anleitung bitte richtig lesen - richtiges Log von MBAR posten.
__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.11.2016, 11:26   #12
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Okay, danke für deinen Hinweis :-)

Hier der (hoffentlich) richtige Log:

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.11.27.04
  rootkit: v2016.11.20.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18524
Unaton :: UNATON-PC [administrator]

27.11.2016 19:29:34
mbar-log-2016-11-27 (19-29-34).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 302054
Time elapsed: 34 minute(s), 

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Alt 29.11.2016, 11:33   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
Logfiles bitte immer in CODE-Tags posten

Alt 29.11.2016, 14:25   #14
dtp904
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Code:
ATTFilter
# AdwCleaner v6.030 - Bericht erstellt am 29/11/2016 um 13:46:53
# Aktualisiert am 19/10/2016 von Malwarebytes
# Datenbank : 2016-11-28.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (X64)
# Benutzername : Unaton - UNATON-PC
# Gestartet von : C:\Users\Unaton\Desktop\Malwarebytes AdwCleaner.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4869 Bytes] - [17/11/2016 21:31:32]
C:\AdwCleaner\AdwCleaner[C2].txt - [1494 Bytes] - [18/11/2016 08:18:05]
C:\AdwCleaner\AdwCleaner[C3].txt - [2621 Bytes] - [25/11/2016 17:35:48]
C:\AdwCleaner\AdwCleaner[C4].txt - [2531 Bytes] - [28/11/2016 23:35:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [4546 Bytes] - [17/11/2016 21:29:27]
C:\AdwCleaner\AdwCleaner[S1].txt - [4619 Bytes] - [17/11/2016 21:31:13]
C:\AdwCleaner\AdwCleaner[S2].txt - [1695 Bytes] - [18/11/2016 08:16:53]
C:\AdwCleaner\AdwCleaner[S3].txt - [2606 Bytes] - [25/11/2016 17:35:32]
C:\AdwCleaner\AdwCleaner[S4].txt - [2549 Bytes] - [28/11/2016 23:30:09]
C:\AdwCleaner\AdwCleaner[S5].txt - [1875 Bytes] - [29/11/2016 13:46:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [1948 Bytes] ##########
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.9 (09.30.2016)
Operating System: Windows 7 Professional x64 
Ran by Unaton (Administrator) on 29.11.2016 at 13:47:50,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 32 

Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0X792YSB (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41BB5TKQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5C5VQ513 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77556GLM (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CEI9V48 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1ULV867 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQYZZ09W (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KD483PU2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZL09A2R (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVKPGUBQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHB7DJSE (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\Unaton\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4RBLSYL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0PS72R2M (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0X792YSB (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\41BB5TKQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\5C5VQ513 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\77556GLM (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9CEI9V48 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B1ULV867 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQYZZ09W (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KD483PU2 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZL09A2R (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SVKPGUBQ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XHB7DJSE (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z4RBLSYL (Temporary Internet Files Folder) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.11.2016 at 14:22:29,49
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Alt 29.11.2016, 16:53   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Standard

Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
Logfiles bitte immer in CODE-Tags posten

Antwort
Seite 1 von 3 1 23

Themen zu Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"
bat, benötigt, bereich, danke, dienst, frage, gelöst, gestartet, hilfe, konnte, larusso, lauter, malware, nicht, poste, posten, problem, schaf, schädlinge, thema, vermutlich, verseucht, weitergeleitet, windows


« update.exe, ausgelasteter Arbeitsspeicher | Win 7 Laptop: spyhunter 4 "trojan generic" - Fund »


Ähnliche Themen: Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Windows 8.1 : Vermutlich mit ZBOT infiziert. Meldung: "Ihr Computer wird in unter einer Minute heruntergefahren"
    Plagegeister aller Art und deren Bekämpfung - 12.12.2014 (7)
  3. Windows 7: vermutlich infizierte Mail "Luftfrachsendung AWB" Attachment geöffnet
    Plagegeister aller Art und deren Bekämpfung - 30.12.2013 (15)
  4. SPAM-Vorwurf durch Internet-Anbieter / "Malwarebytes Anti-Malware"-Abstürze / Nachfrage zu "Secunia PSI"
    Log-Analyse und Auswertung - 30.08.2013 (17)
  5. Malware-Code "online-alles.net" in HTML-Seiten - Trojaner? --- Teil 1: Bürorechner
    Plagegeister aller Art und deren Bekämpfung - 26.08.2012 (8)
  6. Malware-Code "online-alles.net" in HTML-Seiten - Trojaner? --- Teil 2: Laptop
    Plagegeister aller Art und deren Bekämpfung - 24.08.2012 (5)
  7. Malware-Code "online-alles.net" in HTML-Seiten - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 20.08.2012 (6)
  8. Google Suchergebnisse werden weitergeleitet zu "abnow.com"
    Plagegeister aller Art und deren Bekämpfung - 02.03.2012 (31)
  9. Google-Links werden auf "100ksearches.com" weitergeleitet!
    Plagegeister aller Art und deren Bekämpfung - 23.07.2011 (27)
  10. Browser extrem langsam, CPU auslastung hoch, werde auf "Bigpoint.de" seiten weitergeleitet
    Log-Analyse und Auswertung - 27.06.2011 (22)
  11. "Malware Protection" entfernt und nun "Windows Vista Restore" und diverse Festplattenwarnungen
    Plagegeister aller Art und deren Bekämpfung - 17.06.2011 (28)
  12. Suchergebnisse von Google werde immer von "goingonearth" weitergeleitet
    Plagegeister aller Art und deren Bekämpfung - 15.05.2011 (3)
  13. Ordner "Internet Explorer Updater" unter Programme, nicht löschbar, vermutlich Malware
    Log-Analyse und Auswertung - 13.07.2010 (23)
  14. "error cleaner" "privacy protector" "spyware&malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (7)
  15. "error cleaner" "privacy protector" "spyware und malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (2)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" - Hallo Gemeinschaft, ich eröffnete ein Thema in "Alles rund um Windows" ( http://www.trojaner-board.de/183166-...orhnanden.html ) und wurde von Larusso hierher verwiesen. Mein Problem wurde durch ihn gelöst, er bat mich aber - Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows"...
Archiv
Du betrachtest: Vermutlich mit Malware verseucht / Weitergeleitet aus dem Bereich "Alles rund um Windows" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130